fix: Stabilize Cyren V3 packaging inputs

Author: mazamizo21

Solutions/CyrenThreatIntelligence/Data/Solution_Cyren.json

@@ -14,7 +14,7 @@
   "Workbooks": [
     "Workbooks/CyrenThreatIntelligenceDashboard.json"
   ],
-  "WorkbookDescription": ["This workbook provides visualization and monitoring for Cyren threat intelligence indicators including IP reputation and malware URLs."],
+  "WorkbookDescription": "This workbook provides visualization and monitoring for Cyren threat intelligence indicators including IP reputation and malware URLs.",
   "Metadata": "SolutionMetadata.json",
   "BasePath": "C:\\GitHub\\Azure-Sentinel\\Solutions\\CyrenThreatIntelligence",
   "Version": "3.0.0",

Solutions/CyrenThreatIntelligence/Package/3.0.0.zip

@@ -104,13 +104,13 @@
           {
             "name": "workbook1",
             "type": "Microsoft.Common.Section",
-            "label": "Cyren Threat Intelligence Workbook",
+            "label": "CyrenThreatIntelligenceDashboardWorkbook",
             "elements": [
               {
                 "name": "workbook1-text",
                 "type": "Microsoft.Common.TextBlock",
                 "options": {
-                  "text": "This workbook provides visualization and monitoring for Cyren threat intelligence indicators."
+                  "text": "This workbook provides visualization and monitoring."
                 }
               }
             ]
@@ -195,3 +195,4 @@
     }
   }
 }
+

Solutions/CyrenThreatIntelligence/Package/createUiDefinition.json

@@ -44,7 +44,7 @@
     },
     "workbook1-name": {
       "type": "string",
-      "defaultValue": "Cyren Threat Intelligence Workbook",
+      "defaultValue": "CyrenThreatIntelligenceDashboardWorkbook",
       "minLength": 1,
       "metadata": {
         "description": "Name for the workbook"
@@ -779,10 +779,10 @@
                 "status": "Available",
                 "requiredDataConnectors": [
                   {
+                    "connectorId": "CyrenThreatIntel",
                     "dataTypes": [
                       "Cyren_Indicators_CL"
-                    ],
-                    "connectorId": "CyrenThreatIntel"
+                    ]
                   }
                 ],
                 "tactics": [
@@ -795,35 +795,35 @@
                 ],
                 "entityMappings": [
                   {
+                    "entityType": "IP",
                     "fieldMappings": [
                       {
                         "columnName": "IPAddress",
                         "identifier": "Address"
                       }
-                    ],
-                    "entityType": "IP"
+                    ]
                   }
                 ],
                 "eventGroupingSettings": {
                   "aggregationKind": "AlertPerResult"
                 },
                 "customDetails": {
-                  "DetectionCount": "DetectionCount",
                   "Source": "Source",
+                  "DetectionCount": "DetectionCount",
                   "Categories": "ThreatCategories",
                   "RiskScore": "MaxRisk"
                 },
                 "incidentConfiguration": {
-                  "createIncident": true,
                   "groupingConfiguration": {
+                    "enabled": true,
                     "groupByEntities": [
                       "IP"
                     ],
-                    "lookbackDuration": "1d",
+                    "reopenClosedIncident": false,
                     "matchingMethod": "Selected",
-                    "enabled": true,
-                    "reopenClosedIncident": false
-                  }
+                    "lookbackDuration": "1d"
+                  },
+                  "createIncident": true
                 }
               }
             },
@@ -906,10 +906,10 @@
                 "status": "Available",
                 "requiredDataConnectors": [
                   {
+                    "connectorId": "CyrenThreatIntel",
                     "dataTypes": [
                       "Cyren_Indicators_CL"
-                    ],
-                    "connectorId": "CyrenThreatIntel"
+                    ]
                   }
                 ],
                 "tactics": [
@@ -922,36 +922,36 @@
                 ],
                 "entityMappings": [
                   {
+                    "entityType": "URL",
                     "fieldMappings": [
                       {
                         "columnName": "MaliciousURL",
                         "identifier": "Url"
                       }
-                    ],
-                    "entityType": "URL"
+                    ]
                   }
                 ],
                 "eventGroupingSettings": {
                   "aggregationKind": "AlertPerResult"
                 },
                 "customDetails": {
-                  "DetectionCount": "DetectionCount",
                   "Source": "Source",
-                  "Categories": "ThreatCategories",
                   "Domain": "Domain",
+                  "DetectionCount": "DetectionCount",
+                  "Categories": "ThreatCategories",
                   "RiskScore": "MaxRisk"
                 },
                 "incidentConfiguration": {
-                  "createIncident": true,
                   "groupingConfiguration": {
+                    "enabled": true,
                     "groupByEntities": [
                       "URL"
                     ],
-                    "lookbackDuration": "1d",
+                    "reopenClosedIncident": false,
                     "matchingMethod": "Selected",
-                    "enabled": true,
-                    "reopenClosedIncident": false
-                  }
+                    "lookbackDuration": "1d"
+                  },
+                  "createIncident": true
                 }
               }
             },
@@ -1034,10 +1034,10 @@
                 "status": "Available",
                 "requiredDataConnectors": [
                   {
+                    "connectorId": "CyrenThreatIntel",
                     "dataTypes": [
                       "Cyren_Indicators_CL"
-                    ],
-                    "connectorId": "CyrenThreatIntel"
+                    ]
                   }
                 ],
                 "tactics": [
@@ -1050,18 +1050,18 @@
                   "aggregationKind": "SingleAlert"
                 },
                 "customDetails": {
+                  "HoursSinceLastEvent": "HoursSinceLastEvent",
                   "LatestEventTime": "LatestEventTime",
-                  "TotalEventsLast24h": "TotalEventsLast24h",
-                  "HoursSinceLastEvent": "HoursSinceLastEvent"
+                  "TotalEventsLast24h": "TotalEventsLast24h"
                 },
                 "incidentConfiguration": {
-                  "createIncident": true,
                   "groupingConfiguration": {
-                    "lookbackDuration": "1d",
-                    "matchingMethod": "Selected",
                     "enabled": false,
-                    "reopenClosedIncident": false
-                  }
+                    "reopenClosedIncident": false,
+                    "matchingMethod": "Selected",
+                    "lookbackDuration": "1d"
+                  },
+                  "createIncident": true
                 }
               }
             },

Solutions/CyrenThreatIntelligence/Package/mainTemplate.json

@@ -37,7 +37,7 @@
   },
   "workbook1-name": {
     "type": "string",
-    "defaultValue": "Cyren Threat Intelligence Workbook",
+    "defaultValue": "CyrenThreatIntelligenceDashboardWorkbook",
     "minLength": 1,
     "metadata": {
       "description": "Name for the workbook"