Azure
Cyberark Audit service integration
Required items, please complete
Change(s): Add new Data Connector for CyberArk Audit service.
Checked that the validations are passing and have addressed any issues that are present: arm-ttk validation passed
Hello @nitsan-tzur, Just to confirm. You used V3 tool to package the solution?
Python libraries mentioned in requirements.txt doesnt have specific version. Please mention version as well.
Hello @nitsan-tzur, Just to confirm. You used V3 tool to package the solution?
Python libraries mentioned in requirements.txt doesnt have specific version. Please mention version as well. Hi, I did use the V3 tool. Added concrete versions to requirements.txt
Please create a custom table named as CyberArk_AuditEvents_CL at location .script/tests/KqlvalidationsTests/CustomTables
Theres an extra folder for .python packages which includes python libraries mentioned in requirements.txt
Please create a custom table named as CyberArk_AuditEvents_CL at location .script/tests/KqlvalidationsTests/CustomTables
Theres an extra folder for .python packages which includes python libraries mentioned in requirements.txt
done
Hello @nitsan-tzur, I've packaged the solution. Can you provide me credentials to test the content of the solution. you can mail me them at [email protected]
Hello @nitsan-tzur, I've packaged the solution. Can you provide me credentials to test the content of the solution. you can mail me them at [email protected]
Sent details to specified email
Hello @nitsan-tzur, Can you share working images of function app. I tried deploying it in 3 different workspaces and subscriptions but every time I'm facing an error reasons being location and Dynamic VM's
Hello @nitsan-tzur, You attached a screenshot of deployment page which had credentials. Which may had lead to unwanted activities. I have deleted the screenshot.
Can you share working screenshot of function app. ( Output/Result )
Hello @nitsan-tzur, You attached a screenshot of deployment page which had credentials. Which may had lead to unwanted activities. I have deleted the screenshot.
Can you share working screenshot of function app. ( Output/Result )
Hi @v-prasadboke,
Thanks for that. Have you noticed the aka.ms link leads to 404: https://aka.ms/sentinel-CyberArkAudit-functionapp?
A screenshot from successful execution:
Reason being the hyperlink we have used in Shortlink leads to master branch. And this Solution is not in master branch yet. That is the reason.
Thanks for sharing the screenshots.
Hello @nitsan-tzur, any reasons behind changing the Data connector folder structure
Hello @nitsan-tzur, any reasons behind changing the Data connector folder structure
I realized there were deployment issues to Function App due to dependencies faulty build. I recreated the project with VSCode Azure extensions and rebuilt.
Hello @nitsan-tzur, Sorry for the late reply. I'll have to check once on the folder structure.
Hello @nitsan-tzur, Sorry for the late reply. I'll have to check once on the folder structure.
Hi @v-prasadboke Thanks for looking into it. Any update on this check?
Hello @nitsan-tzur, And sorry for the late reply.
Function app's Folder structure is incorrect. We are working on it and I'll push the changes by tomorrow 27 March, 2024
Hi @v-prasadboke , Thanks for the update. Will the PR be approved with this change?
Hello @nitsan-tzur, Folder structure corrected. But function.json is missing from the folder. Please add it. You can refer this one. Solutions/Box/Data Connectors/AzureFunctionBox/function.json It should be placed in Functionapp zip as well.
Hello @nitsan-tzur, Folder structure corrected. But function.json is missing from the folder. Please add it. You can refer this one. Solutions/Box/Data Connectors/AzureFunctionBox/function.json It should be placed in Functionapp zip as well.
Hi @v-prasadboke,
It seems like repackaging is breaking the deployment. Might be due to movement of requirements.json. Just tried to deploy the new zip and function is empty:
Yes. Same result with the function.json file
Get Outlook for iOShttps://aka.ms/o0ukef
From: v-prasadboke @.> Sent: Friday, March 29, 2024 4:51:22 AM To: Azure/Azure-Sentinel @.> Cc: Nitsan Tzur @.>; Mention @.> Subject: Re: [Azure/Azure-Sentinel] Cyberark Audit service integration (PR #10062)
CyberArk Security Warning: This is an external email!
Have you added function.json file
— Reply to this email directly, view it on GitHubhttps://urldefense.com/v3/__https://github.com/Azure/Azure-Sentinel/pull/10062*issuecomment-2026897043__;Iw!!Pe07N362zA!30l4XiLtr1YGAva-BdGch-DwUT-1eG8DvnrrALY2F3n9MBDv7OgtTM30Ec3BILiMNVATbo_EyrjyD-Sc5MdKN9PRsOdv$, or unsubscribehttps://urldefense.com/v3/__https://github.com/notifications/unsubscribe-auth/BEQBXFL4AQ7GSLUBTQTNOBDY2UTQVAVCNFSM6AAAAABD4TRB26VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDAMRWHA4TOMBUGM__;!!Pe07N362zA!30l4XiLtr1YGAva-BdGch-DwUT-1eG8DvnrrALY2F3n9MBDv7OgtTM30Ec3BILiMNVATbo_EyrjyD-Sc5MdKN-_vQda1$. You are receiving this because you were mentioned.Message ID: @.***>
Please replace website run from package link with this link https://github.com/Azure/Azure-Sentinel/raw/v-prasadboke-sampledata/Solutions/Alibaba%20Cloud/CyberArkAuditConnector.zip
Please replace website run from package link with this link https://github.com/Azure/Azure-Sentinel/raw/v-prasadboke-sampledata/Solutions/Alibaba%20Cloud/CyberArkAuditConnector.zip
Hi @v-prasadboke , I made a few updates fixing some bugs and removing redundant dependency. Can you please update the zip file link? Thanks
Hi @v-prasadboke , Thanks for your review. What should be the permeant aka.ms link to the zip package in the deployment template?