Updated Analytical Rule

Solutions/Vectra AI Detect/Analytic Rules/VectraDetect-Account-Detections.yaml

@@ -5,12 +5,6 @@ description: |
 severity: Informational
 status: Available
 requiredDataConnectors:
-  - connectorId: AIVectraDetect
-    dataTypes:
-      - CommonSecurityLog
-  - connectorId: AIVectraDetectAma
-    dataTypes:
-      - CommonSecurityLog
   - connectorId: CefAma
     dataTypes:
       - CommonSecurityLog
@@ -96,5 +90,5 @@ alertDetailsOverride:
 customDetails:
   AttackType: Activity
   AttackCategory: Category
-version: 1.0.4
+version: 1.0.5
 kind: Scheduled

Solutions/Vectra AI Detect/Analytic Rules/VectraDetect-Account-by-Severity.yaml

@@ -7,12 +7,6 @@ description: |
 severity: Informational
 status: Available
 requiredDataConnectors:
-  - connectorId: AIVectraDetect
-    dataTypes:
-      - CommonSecurityLog
-  - connectorId: AIVectraDetectAma
-    dataTypes:
-      - CommonSecurityLog
   - connectorId: CefAma
     dataTypes:
       - CommonSecurityLog
@@ -98,5 +92,5 @@ incidentConfiguration:
     matchingMethod: AllEntities
 customDetails:
   ScoreDecrease: score_decreases
-version: 1.0.8
+version: 1.0.9
 kind: Scheduled

Solutions/Vectra AI Detect/Analytic Rules/VectraDetect-HighSeverityDetection-by-Tactics.yaml

@@ -7,12 +7,6 @@ description: |
 severity: High
 status: Available
 requiredDataConnectors:
-  - connectorId: AIVectraDetect
-    dataTypes:
-      - CommonSecurityLog
-  - connectorId: AIVectraDetectAma
-    dataTypes:
-      - CommonSecurityLog
   - connectorId: CefAma
     dataTypes:
       - CommonSecurityLog
@@ -116,5 +110,5 @@ incidentConfiguration:
 customDetails:
   AttackType: Activity
   AttackCategory: Category  
-version: 1.0.9
+version: 1.1.0
 kind: Scheduled

Solutions/Vectra AI Detect/Analytic Rules/VectraDetect-Host-Detections.yaml

@@ -5,12 +5,6 @@ description: |
 severity: Informational
 status: Available
 requiredDataConnectors:
-  - connectorId: AIVectraDetect
-    dataTypes:
-      - CommonSecurityLog
-  - connectorId: AIVectraDetectAma
-    dataTypes:
-      - CommonSecurityLog
   - connectorId: CefAma
     dataTypes:
       - CommonSecurityLog
@@ -89,5 +83,5 @@ alertDetailsOverride:
 customDetails:
   AttackType: Activity
   AttackCategory: Category
-version: 1.0.4
+version: 1.0.5
 kind: Scheduled

Solutions/Vectra AI Detect/Analytic Rules/VectraDetect-Host-by-Severity.yaml

@@ -7,12 +7,6 @@ description: |
 severity: Informational
 status: Available
 requiredDataConnectors:
-  - connectorId: AIVectraDetect
-    dataTypes:
-      - CommonSecurityLog
-  - connectorId: AIVectraDetectAma
-    dataTypes:
-      - CommonSecurityLog
   - connectorId: CefAma
     dataTypes:
       - CommonSecurityLog
@@ -89,5 +83,5 @@ incidentConfiguration:
     matchingMethod: AllEntities
 customDetails:
   ScoreDecrease: score_decreases
-version: 1.0.8
+version: 1.0.9
 kind: Scheduled

Solutions/Vectra AI Detect/Analytic Rules/VectraDetect-NewCampaign.yaml

@@ -5,12 +5,6 @@ description: |
 severity: Medium
 status: Available
 requiredDataConnectors:
-  - connectorId: AIVectraDetect
-    dataTypes:
-      - CommonSecurityLog
-  - connectorId: AIVectraDetectAma
-    dataTypes:
-      - CommonSecurityLog
   - connectorId: CefAma
     dataTypes:
       - CommonSecurityLog
@@ -64,5 +58,5 @@ customDetails:
   CampaignName: Activity 
   CampaignReason: reason 
   CampaignSourceHost: SourceHostName
-version: 1.2.0
+version: 1.2.3
 kind: Scheduled

Solutions/Vectra AI Detect/Analytic Rules/VectraDetect-Suspected-Behavior-by-Tactics.yaml

@@ -6,12 +6,6 @@ description: |
 severity: Informational
 status: Available
 requiredDataConnectors:
-  - connectorId: AIVectraDetect
-    dataTypes:
-      - CommonSecurityLog
-  - connectorId: AIVectraDetectAma
-    dataTypes:
-      - CommonSecurityLog
   - connectorId: CefAma
     dataTypes:
       - CommonSecurityLog
@@ -102,5 +96,5 @@ alertDetailsOverride:
 customDetails:
   AttackType: Activity
   AttackCategory: Category
-version: 1.1.0
+version: 1.1.1
 kind: Scheduled

Solutions/Vectra AI Detect/Data/Solution_Vectra AI Detect.json

@@ -2,11 +2,7 @@
   "Name": "Vectra AI Detect",
   "Author": "Vectra AI",
   "Logo": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/AIVectraDetect.svg\" width=\"75px\" height=\"75px\">",
-  "Description": "The [Vectra AI Detect](https://www.vectra.ai/products/platform%22%20/t%20%22_blank) solution for Microsoft Sentinel enables you to ingest Vectra AI logs into Microsoft Sentinel, using the Common Event Format (CEF) for Security Monitoring.\n\r This solution is dependent on the Common Event Format solution containing the CEF via AMA connector to collect the logs. The CEF solution will be installed as part of this solution installation. \n\n**NOTE:** Microsoft recommends installation of CEF via AMA Connector. The existing connectors are about to be deprecated by **Aug 31, 2024**.",
-  "Data Connectors": [
-    "Data Connectors/AIVectraDetect.json",
-    "Data Connectors/template_AIVectraDetectAma.json"
-  ],
+  "Description": "The [Vectra AI Detect](https://www.vectra.ai/products/platform%22%20/t%20%22_blank) solution for Microsoft Sentinel enables you to ingest Vectra AI logs into Microsoft Sentinel, using the Common Event Format (CEF) for Security Monitoring.\n\r This solution is dependent on the Common Event Format solution containing the CEF via AMA connector to collect the logs. The CEF solution will be installed as part of this solution installation. \n\n**NOTE:** Microsoft recommends installation of CEF via AMA Connector. The existing connectors were deprecated on **Aug 31, 2024.**",
   "Workbooks": [
     "Workbooks/AIVectraDetectWorkbook.json"
   ], 
@@ -23,7 +19,7 @@
     "azuresentinel.azure-sentinel-solution-commoneventformat"
   ],
   "BasePath": "C:\\GitHub\\Azure-Sentinel\\Solutions\\Vectra AI Detect",
-  "Version": "3.0.1",
+  "Version": "3.0.2",
   "Metadata": "SolutionMetadata.json",
   "TemplateSpec": true,
   "Is1PConnector": false