Merge pull request Azure#6575 from Azure/v-mchatla/Citrix-Analytics

Citrix Solution Changes

Solutions/Citrix Analytics for Security/Data Connectors/CitrixSecurityAnalytics.json

@@ -2,7 +2,7 @@
     "id": "Citrix",
     "title": "CITRIX SECURITY ANALYTICS",
     "publisher": "CITRIX",
-    "descriptionMarkdown": "Citrix Analytics (Security) integration with Azure Sentinel helps you to export data analyzed for risky events from Citrix Analytics (Security) into Azure Sentinel environment. You can create custom dashboards, analyze data from other sources along with that from Citrix Analytics (Security) and create custom workflows using Logic Apps to monitor and mitigate security events.",
+    "descriptionMarkdown": "Citrix Analytics (Security) integration with Microsoft Sentinel helps you to export data analyzed for risky events from Citrix Analytics (Security) into Microsoft Sentinel environment. You can create custom dashboards, analyze data from other sources along with that from Citrix Analytics (Security) and create custom workflows using Logic Apps to monitor and mitigate security events.",
     "graphQueries": [
         {
             "metricName": "Total Risk Indicator Summary Events received",

Solutions/Citrix Analytics for Security/Data/Solution_CitrixAnalytics.json

@@ -9,8 +9,8 @@
 	"Data Connectors": [
 		"Solutions/Citrix Analytics for Security/Data Connectors/CitrixSecurityAnalytics.json"
 	],
-	"BasePath": "C:\\Sentinel-Repos\\Azure-Sentinel",
-	"Version": "2.0.0",
+	"BasePath": "C:\\GitHub\\Azure-Sentinel",
+	"Version": "2.0.1",
 	"Metadata": "SolutionMetadata.json",
 	"TemplateSpec": true,
 	"Is1PConnector": false

Solutions/Citrix Analytics for Security/Package/mainTemplate.json

@@ -38,12 +38,12 @@
     }
   },
   "variables": {
-    "solutionId": "citrix.Citrix_Analytics_for_Security_MSS",
+    "solutionId": "citrix.citrix_analytics_for_security_mss",
     "_solutionId": "[variables('solutionId')]",
     "workbookVersion1": "2.1.0",
     "workbookContentId1": "CitrixWorkbook",
     "workbookId1": "[resourceId('Microsoft.Insights/workbooks', variables('workbookContentId1'))]",
-    "workbookTemplateSpecName1": "[concat(parameters('workspace'),'-Workbook-',variables('_workbookContentId1'))]",
+    "workbookTemplateSpecName1": "[concat(parameters('workspace'),'-wb-',uniquestring(variables('_workbookContentId1')))]",
     "_workbookContentId1": "[variables('workbookContentId1')]",
     "workspaceResourceId": "[resourceId('microsoft.OperationalInsights/Workspaces', parameters('workspace'))]",
     "uiConfigId1": "Citrix",
@@ -52,7 +52,7 @@
     "_dataConnectorContentId1": "[variables('dataConnectorContentId1')]",
     "dataConnectorId1": "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/dataConnectors', variables('_dataConnectorContentId1'))]",
     "_dataConnectorId1": "[variables('dataConnectorId1')]",
-    "dataConnectorTemplateSpecName1": "[concat(parameters('workspace'),'-DataConnector-',variables('_dataConnectorContentId1'))]",
+    "dataConnectorTemplateSpecName1": "[concat(parameters('workspace'),'-dc-',uniquestring(variables('_dataConnectorContentId1')))]",
     "dataConnectorVersion1": "2.0.0"
   },
   "resources": [
@@ -83,7 +83,7 @@
         "[resourceId('Microsoft.Resources/templateSpecs', variables('workbookTemplateSpecName1'))]"
       ],
       "properties": {
-        "description": "CitrixWorkbook Workbook with template version 2.0.0",
+        "description": "CitrixWorkbook Workbook with template version 2.0.1",
         "mainTemplate": {
           "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
           "contentVersion": "[variables('workbookVersion1')]",
@@ -97,7 +97,7 @@
               "kind": "shared",
               "apiVersion": "2021-08-01",
               "metadata": {
-                "description": "Citrix Analytics for Security aggregates and correlates information across network traffic, users, files and endpoints in Citrix environments. This generates actionable insights that enable Citrix administrators and security teams to remediate user security threats through automation while optimizing IT operations. Machine learning and artificial intelligence empowers Citrix Analytics for Security to identify and take automated action to prevent data exfiltration. While delivered as a cloud service, Citrix Analytics for Security can generate insights from resources located on-premises, in the cloud, or in hybrid architectures. The Citrix Analytics Workbook further enhances the value of both your Citrix Analytics for Security and Azure Sentinel. The Workbook enables you to integrate data sources together, helping you gain even richer insights. It also gives Security Operations (SOC) teams the ability to correlate data from disparate logs, helping you identify and proactively remediate security risk quickly. Additionally, valuable dashboards that were unique to the Citrix Analytics for Security can now be implemented in Sentinel. You can also create new custom Workbooks that were not previously available, helping extend the value of both investments."
+                "description": "Citrix Analytics for Security aggregates and correlates information across network traffic, users, files and endpoints in Citrix environments. This generates actionable insights that enable Citrix administrators and security teams to remediate user security threats through automation while optimizing IT operations. Machine learning and artificial intelligence empowers Citrix Analytics for Security to identify and take automated action to prevent data exfiltration. While delivered as a cloud service, Citrix Analytics for Security can generate insights from resources located on-premises, in the cloud, or in hybrid architectures. The Citrix Analytics Workbook further enhances the value of both your Citrix Analytics for Security and Microsoft Sentinel. The Workbook enables you to integrate data sources together, helping you gain even richer insights. It also gives Security Operations (SOC) teams the ability to correlate data from disparate logs, helping you identify and proactively remediate security risk quickly. Additionally, valuable dashboards that were unique to the Citrix Analytics for Security can now be implemented in Sentinel. You can also create new custom Workbooks that were not previously available, helping extend the value of both investments."
               },
               "properties": {
                 "displayName": "[parameters('workbook1-name')]",
@@ -112,7 +112,7 @@
               "apiVersion": "2022-01-01-preview",
               "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('Workbook-', last(split(variables('workbookId1'),'/'))))]",
               "properties": {
-                "description": "@{workbookKey=CitrixWorkbook; logoFileName=citrix_logo.svg; description=Citrix Analytics for Security aggregates and correlates information across network traffic, users, files and endpoints in Citrix environments. This generates actionable insights that enable Citrix administrators and security teams to remediate user security threats through automation while optimizing IT operations. Machine learning and artificial intelligence empowers Citrix Analytics for Security to identify and take automated action to prevent data exfiltration. While delivered as a cloud service, Citrix Analytics for Security can generate insights from resources located on-premises, in the cloud, or in hybrid architectures. The Citrix Analytics Workbook further enhances the value of both your Citrix Analytics for Security and Azure Sentinel. The Workbook enables you to integrate data sources together, helping you gain even richer insights. It also gives Security Operations (SOC) teams the ability to correlate data from disparate logs, helping you identify and proactively remediate security risk quickly. Additionally, valuable dashboards that were unique to the Citrix Analytics for Security can now be implemented in Sentinel. You can also create new custom Workbooks that were not previously available, helping extend the value of both investments.; dataTypesDependencies=System.Object[]; dataConnectorsDependencies=System.Object[]; previewImagesFileNames=System.Object[]; version=2.1.0; title=Citrix Analytics; templateRelativePath=Citrix.json; subtitle=; provider=Citrix Systems Inc.}.description",
+                "description": "@{workbookKey=CitrixWorkbook; logoFileName=citrix_logo.svg; description=Citrix Analytics for Security aggregates and correlates information across network traffic, users, files and endpoints in Citrix environments. This generates actionable insights that enable Citrix administrators and security teams to remediate user security threats through automation while optimizing IT operations. Machine learning and artificial intelligence empowers Citrix Analytics for Security to identify and take automated action to prevent data exfiltration. While delivered as a cloud service, Citrix Analytics for Security can generate insights from resources located on-premises, in the cloud, or in hybrid architectures. The Citrix Analytics Workbook further enhances the value of both your Citrix Analytics for Security and Microsoft Sentinel. The Workbook enables you to integrate data sources together, helping you gain even richer insights. It also gives Security Operations (SOC) teams the ability to correlate data from disparate logs, helping you identify and proactively remediate security risk quickly. Additionally, valuable dashboards that were unique to the Citrix Analytics for Security can now be implemented in Sentinel. You can also create new custom Workbooks that were not previously available, helping extend the value of both investments.; dataTypesDependencies=System.Object[]; dataConnectorsDependencies=System.Object[]; previewImagesFileNames=System.Object[]; version=2.1.0; title=Citrix Analytics; templateRelativePath=Citrix.json; subtitle=; provider=Citrix Systems Inc.}.description",
                 "parentId": "[variables('workbookId1')]",
                 "contentId": "[variables('_workbookContentId1')]",
                 "kind": "Workbook",
@@ -130,31 +130,6 @@
                   "name": "Citrix Systems",
                   "link": "https://www.citrix.com/support/",
                   "email": "CAS-PM-Ext@citrix.com"
-                },
-                "dependencies": {
-                  "operator": "AND",
-                  "criteria": [
-                    {
-                      "contentId": "CitrixAnalytics_userProfile_CL",
-                      "kind": "DataType"
-                    },
-                    {
-                      "contentId": "CitrixAnalytics_riskScoreChange_CL",
-                      "kind": "DataType"
-                    },
-                    {
-                      "contentId": "CitrixAnalytics_indicatorSummary_CL",
-                      "kind": "DataType"
-                    },
-                    {
-                      "contentId": "CitrixAnalytics_indicatorEventDetails_CL",
-                      "kind": "DataType"
-                    },
-                    {
-                      "contentId": "Citrix",
-                      "kind": "DataConnector"
-                    }
-                  ]
                 }
               }
             }
@@ -189,7 +164,7 @@
         "[resourceId('Microsoft.Resources/templateSpecs', variables('dataConnectorTemplateSpecName1'))]"
       ],
       "properties": {
-        "description": "Citrix Analytics for Security data connector with template version 2.0.0",
+        "description": "Citrix Analytics for Security data connector with template version 2.0.1",
         "mainTemplate": {
           "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
           "contentVersion": "[variables('dataConnectorVersion1')]",
@@ -207,7 +182,7 @@
                   "id": "[variables('_uiConfigId1')]",
                   "title": "CITRIX SECURITY ANALYTICS",
                   "publisher": "CITRIX",
-                  "descriptionMarkdown": "Citrix Analytics (Security) integration with Azure Sentinel helps you to export data analyzed for risky events from Citrix Analytics (Security) into Azure Sentinel environment. You can create custom dashboards, analyze data from other sources along with that from Citrix Analytics (Security) and create custom workflows using Logic Apps to monitor and mitigate security events.",
+                  "descriptionMarkdown": "Citrix Analytics (Security) integration with Microsoft Sentinel helps you to export data analyzed for risky events from Citrix Analytics (Security) into Microsoft Sentinel environment. You can create custom dashboards, analyze data from other sources along with that from Citrix Analytics (Security) and create custom workflows using Logic Apps to monitor and mitigate security events.",
                   "graphQueries": [
                     {
                       "metricName": "Total Risk Indicator Summary Events received",
@@ -385,6 +360,7 @@
       "dependsOn": [
         "[variables('_dataConnectorId1')]"
       ],
+      "location": "[parameters('workspace-location')]",
       "properties": {
         "parentId": "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/dataConnectors', variables('_dataConnectorContentId1'))]",
         "contentId": "[variables('_dataConnectorContentId1')]",
@@ -416,7 +392,7 @@
         "connectorUiConfig": {
           "title": "CITRIX SECURITY ANALYTICS",
           "publisher": "CITRIX",
-          "descriptionMarkdown": "Citrix Analytics (Security) integration with Azure Sentinel helps you to export data analyzed for risky events from Citrix Analytics (Security) into Azure Sentinel environment. You can create custom dashboards, analyze data from other sources along with that from Citrix Analytics (Security) and create custom workflows using Logic Apps to monitor and mitigate security events.",
+          "descriptionMarkdown": "Citrix Analytics (Security) integration with Microsoft Sentinel helps you to export data analyzed for risky events from Citrix Analytics (Security) into Microsoft Sentinel environment. You can create custom dashboards, analyze data from other sources along with that from Citrix Analytics (Security) and create custom workflows using Logic Apps to monitor and mitigate security events.",
           "graphQueries": [
             {
               "metricName": "Total Risk Indicator Summary Events received",
@@ -545,8 +521,9 @@
     {
       "type": "Microsoft.OperationalInsights/workspaces/providers/metadata",
       "apiVersion": "2022-01-01-preview",
+      "location": "[parameters('workspace-location')]",
       "properties": {
-        "version": "2.0.0",
+        "version": "2.0.1",
         "kind": "Solution",
         "contentSchemaVersion": "2.0.0",
         "contentId": "[variables('_solutionId')]",

Solutions/Citrix Analytics for Security/SolutionMetadata.json

@@ -1,6 +1,6 @@
 {
 	"publisherId": "citrix",
-	"offerId": "Citrix_Analytics_for_Security_MSS",
+	"offerId": "citrix_analytics_for_security_mss",
 	"firstPublishDate": "2022-05-06",
 	"providers": [ "Citrix" ],
 	"categories": {