Skip to content

regnerated package files #13982

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
Shams-Z wants to merge 9 commits into
base: master
Choose a base branch
from
Open

regnerated package files #13982

Show file tree
Hide file tree
Changes from 4 commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
6374f40
regnerated package files
Shams-Z Apr 3, 2026
3261e0b
manual fix of mainTemplate 1
Shams-Z Apr 3, 2026
1d03ecb
manual fix of mainTemplate 2
Shams-Z Apr 3, 2026
c6871df
make the solution metadata consistent with maintemplate
Shams-Z Apr 3, 2026
e602bb0
updated zip file
Shams-Z Apr 4, 2026
8523286
Update Solutions/Visa Threat Intelligence (VTI)/Data/Solution_VTI.json
Shams-Z Apr 6, 2026
95e86b6
Update Solutions/Visa Threat Intelligence (VTI)/Data/Solution_VTI.json
Shams-Z Apr 6, 2026
2e2cf0a
Merge branch 'master' into pr/13982
v-maheshbh Apr 8, 2026
e3e786b
updated zip file
Shams-Z Apr 8, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
29 changes: 29 additions & 0 deletions Solutions/Visa Threat Intelligence (VTI)/Data/Solution_VTI.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
{
"Name": "Visa Threat Intelligence (VTI)",
Copy link

Copilot AI Apr 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The solution Name contains special characters ( and ) which violates the solution-data naming requirement (only alphanumeric characters and spaces). Update the display name to remove special characters (for example, “Visa Threat Intelligence VTI”) while keeping it aligned with the solution folder naming expectations.

Copilot generated this review using guidance from repository custom instructions.
"Author": "Visa Inc. - GDLVTIPSupport@visa.com",
"Logo": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/Visa_VTI_Logo.svg\" width=\"75px\" height=\"75px\">",
"Description": "Visa Threat Intelligence (VTI) is a Microsoft Sentinel solution that provides insights into global cyber threats, leveraging Visa's extensive threat intelligence data. This solution enables security teams to proactively identify and respond to emerging threats, enhancing their overall security posture. By integrating VTI with Microsoft Sentinel, organizations can benefit from real-time threat intelligence, advanced analytics, and automated response capabilities to protect their digital assets effectively.",
"WorkbookBladeDescription": "This Microsoft Sentinel Solution installs workbooks. Workbooks provide a flexible canvas for data monitoring, analysis, and the creation of rich visual reports within the Azure portal. They allow you to tap into one or many data sources from Microsoft Sentinel and combine them into unified interactive experiences.",
"AnalyticalRuleBladeDescription": "This solution installs the following analytic rule templates. After installing the solution, create and enable analytic rules in Manage solution view. ",
"HuntingQueryBladeDescription": "",
"PlaybooksBladeDescription": "",
"Data Connectors": [
"DataConnectors/Visa Threat Intelligence (VTI)/VisaThreatIntelligenceConnector.json"
],
"Parsers": [],
"Hunting Queries": [],
"Analytic Rules": [
"Solutions/Visa Threat Intelligence (VTI)/Analytic Rules/VTIP_high_severity_domain.yaml",
"Solutions/Visa Threat Intelligence (VTI)/Analytic Rules/VTIP_high_severity_sha1.yaml"
],
"SummaryRules": [],
"Workbooks": [
"Solutions/Visa Threat Intelligence (VTI)/Workbooks/VTI_IOC_Feed.json"
],
"Playbooks": [],
"BasePath": "/Users/szawoad/development/VTIP/VTIP-Sentinel",
"Version": "3.0.2",
"Metadata": "SolutionMetadata.json",
"TemplateSpec": true,
"StaticDataConnectorIds": []
}
Binary file added Solutions/Visa Threat Intelligence (VTI)/Package/3.0.2.zip
View file
Open in desktop
Binary file not shown.
159 changes: 159 additions & 0 deletions Solutions/Visa Threat Intelligence (VTI)/Package/createUiDefinition.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,159 @@
{
"$schema": "https://schema.management.azure.com/schemas/0.1.2-preview/CreateUIDefinition.MultiVm.json#",
"handler": "Microsoft.Azure.CreateUIDef",
"version": "0.1.2-preview",
"parameters": {
"config": {
"isWizard": false,
"basics": {
"description": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/Visa_VTI_Logo.svg\" width=\"75px\" height=\"75px\">\n\n**Note:** Please refer to the following before installing the solution: \n\n• Review the solution [Release Notes](https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/Visa%20Threat%20Intelligence%20%28VTI%29/ReleaseNotes.md)\n\n • There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing.\n\nVisa Threat Intelligence (VTI) is a Microsoft Sentinel solution that provides insights into global cyber threats, leveraging Visa's extensive threat intelligence data. This solution enables security teams to proactively identify and respond to emerging threats, enhancing their overall security posture. By integrating VTI with Microsoft Sentinel, organizations can benefit from real-time threat intelligence, advanced analytics, and automated response capabilities to protect their digital assets effectively.\n\n**Workbooks:** 1, **Analytic Rules:** 2\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)",
"subscription": {
"resourceProviders": [
"Microsoft.OperationsManagement/solutions",
"Microsoft.OperationalInsights/workspaces/providers/alertRules",
"Microsoft.Insights/workbooks",
"Microsoft.Logic/workflows"
]
},
"location": {
"metadata": {
"hidden": "Hiding location, we get it from the log analytics workspace"
},
"visible": false
},
"resourceGroup": {
"allowExisting": true
}
}
},
"basics": [
{
"name": "getLAWorkspace",
"type": "Microsoft.Solutions.ArmApiControl",
"toolTip": "This filters by workspaces that exist in the Resource Group selected",
"condition": "[greater(length(resourceGroup().name),0)]",
"request": {
"method": "GET",
"path": "[concat(subscription().id,'/providers/Microsoft.OperationalInsights/workspaces?api-version=2020-08-01')]"
}
},
{
"name": "workspace",
"type": "Microsoft.Common.DropDown",
"label": "Workspace",
"placeholder": "Select a workspace",
"toolTip": "This dropdown will list only workspace that exists in the Resource Group selected",
"constraints": {
"allowedValues": "[map(filter(basics('getLAWorkspace').value, (filter) => contains(toLower(filter.id), toLower(resourceGroup().name))), (item) => parse(concat('{\"label\":\"', item.name, '\",\"value\":\"', item.name, '\"}')))]",
"required": true
},
"visible": true
}
],
"steps": [
{
"name": "workbooks",
"label": "Workbooks",
"subLabel": {
"preValidation": "Configure the workbooks",
"postValidation": "Done"
},
"bladeTitle": "Workbooks",
"elements": [
{
"name": "workbooks-text",
"type": "Microsoft.Common.TextBlock",
"options": {
"text": "This Microsoft Sentinel Solution installs workbooks. Workbooks provide a flexible canvas for data monitoring, analysis, and the creation of rich visual reports within the Azure portal. They allow you to tap into one or many data sources from Microsoft Sentinel and combine them into unified interactive experiences."
}
},
{
"name": "workbooks-link",
"type": "Microsoft.Common.TextBlock",
"options": {
"link": {
"label": "Learn more",
"uri": "https://docs.microsoft.com/azure/sentinel/tutorial-monitor-your-data"
}
}
},
{
"name": "workbook1",
"type": "Microsoft.Common.Section",
"label": "Visa Threat Intelligence Feed Overview",
"elements": [
{
"name": "workbook1-text",
"type": "Microsoft.Common.TextBlock",
"options": {
"text": "Visa Threat Intelligence Feed Dashboard"
}
}
]
}
]
},
{
"name": "analytics",
"label": "Analytics",
"subLabel": {
"preValidation": "Configure the analytics",
"postValidation": "Done"
},
"bladeTitle": "Analytics",
"elements": [
{
"name": "analytics-text",
"type": "Microsoft.Common.TextBlock",
"options": {
"text": "This solution installs the following analytic rule templates. After installing the solution, create and enable analytic rules in Manage solution view. "
}
},
{
"name": "analytics-link",
"type": "Microsoft.Common.TextBlock",
"options": {
"link": {
"label": "Learn more",
"uri": "https://docs.microsoft.com/azure/sentinel/tutorial-detect-threats-custom?WT.mc_id=Portal-Microsoft_Azure_CreateUIDef"
}
}
},
{
"name": "analytic1",
"type": "Microsoft.Common.Section",
"label": "VTI - High Severity Domain Collision Detection",
"elements": [
{
"name": "analytic1-text",
"type": "Microsoft.Common.TextBlock",
"options": {
"text": "This will alert when a collision is detected for EmailUrlInfo events with VTI high severity domain IoCs"
}
}
]
},
{
"name": "analytic2",
"type": "Microsoft.Common.Section",
"label": "VTI - High Severity SHA1 Collision Detection",
"elements": [
{
"name": "analytic2-text",
"type": "Microsoft.Common.TextBlock",
"options": {
"text": "This will alert when a collision is detected for DeviceFileEvents events with VTI high severity SHA1 IoCs"
}
}
]
}
]
}
],
"outputs": {
"workspace-location": "[first(map(filter(basics('getLAWorkspace').value, (filter) => and(contains(toLower(filter.id), toLower(resourceGroup().name)),equals(filter.name,basics('workspace')))), (item) => item.location))]",
"location": "[location()]",
"workspace": "[basics('workspace')]"
}
}
}
Loading
Loading