From 8a089f376b78f72611e1f1c35ae84753fde88dd6 Mon Sep 17 00:00:00 2001 From: moti-ba <131643892+moti-ba@users.noreply.github.com> Date: Thu, 8 Aug 2024 14:25:04 +0300 Subject: [PATCH 01/14] Global Secure Access --- .../EnrichedMicrosoft365AuditLogs.json | 197 ++ .../CustomTables/RemoteNetworkHealthLogs.json | 61 + Logos/gsa.svg | 5 + .../Identity - AfterHoursActivity.yaml | 40 + .../Identity - SharedSessions.yaml | 47 + ... to Team and immediately uploads file.yaml | 86 + ...365 - ExternalUserAddedRemovedInTeams.yaml | 71 + ... Mail_redirect_via_ExO_transport_rule.yaml | 55 + .../Office 365 - Malicious_Inbox_Rule.yaml | 56 + .../Office 365 - MultipleTeamsDeletes.yaml | 39 + .../Office 365 - Office_MailForwarding.yaml | 61 + ...ice 365 - Office_Uploaded_Executables.yaml | 80 + .../Office 365 - RareOfficeOperations.yaml | 45 + ...ce 365 - SharePoint_Downloads_byNewIP.yaml | 72 + ...- SharePoint_Downloads_byNewUserAgent.yaml | 85 + ...ffice 365 - exchange_auditlogdisabled.yaml | 49 + .../Office 365 - office_policytampering.yaml | 59 + ...repoint_file_transfer_above_threshold.yaml | 59 + ...file_transfer_folders_above_threshold.yaml | 61 + .../SWG - Abnormal Deny Rate.yaml | 58 + .../SWG - Abnormal Port to Protocol.yaml | 54 + .../SWG - Source IP Port Scan.yaml | 41 + .../Data/Solution_GlobalSecureAccess.json | 66 + ...omolousUserAccessingOtherUsersMailbox.yaml | 62 + ...alUserAddedRemovedInTeams_HuntVersion.yaml | 42 + .../ExternalUserFromNewOrgAddedToTeams.yaml | 48 + ...direct_via_ExO_transport_rule_hunting.yaml | 42 + .../Hunting Queries/MultiTeamBot.yaml | 39 + .../Hunting Queries/MultiTeamOwner.yaml | 44 + .../Hunting Queries/MultipleTeamsDeletes.yaml | 39 + ...eUsersEmailForwardedToSameDestination.yaml | 56 + .../Hunting Queries/NewBotAddedToTeams.yaml | 39 + ...ReservedFileNamesOnOfficeFileServices.yaml | 74 + .../OfficeMailForwarding_hunting.yaml | 83 + .../Hunting Queries/TeamsFilesUploaded.yaml | 47 + .../UserAddToTeamsAndUploadsFile.yaml | 37 + ...ReservedFileNamesOnOfficeFileServices.yaml | 57 + .../Hunting Queries/double_file_ext_exes.yaml | 52 + .../new_adminaccountactivity.yaml | 53 + .../new_sharepoint_downloads_by_IP.yaml | 50 + ...new_sharepoint_downloads_by_UserAgent.yaml | 61 + .../nonowner_MailboxLogin.yaml | 47 + ...powershell_or_nonbrowser_MailboxLogin.yaml | 46 + .../Hunting Queries/sharepoint_downloads.yaml | 40 + .../Global Secure Access/Package/3.0.0.zip | Bin 0 -> 22335 bytes .../Package/createUiDefinition.json | 435 ++++ .../Package/mainTemplate.json | 2277 +++++++++++++++++ .../Package/testParameters.json | 40 + .../SolutionMetadata.json | 15 + .../Workbooks/GSAM365EnrichedEvents.json | 418 +++ .../Workbooks/GSANetworkTraffic.json | 421 +++ Workbooks/GSAM365EnrichedEvents.json | 418 +++ Workbooks/GSANetworkTraffic.json | 421 +++ Workbooks/Images/Logos/gsa.svg | 5 + .../Images/Preview/GSAEnrichedLogsBlack.png | Bin 0 -> 192716 bytes .../Images/Preview/GSAEnrichedLogsWhite.png | Bin 0 -> 181008 bytes .../Images/Preview/GSATrafficLogsBlack.png | Bin 0 -> 153692 bytes .../Images/Preview/GSATrafficLogsWhite.png | Bin 0 -> 139622 bytes Workbooks/WorkbooksMetadata.json | 40 + 59 files changed, 6995 insertions(+) create mode 100644 .script/tests/KqlvalidationsTests/CustomTables/EnrichedMicrosoft365AuditLogs.json create mode 100644 .script/tests/KqlvalidationsTests/CustomTables/RemoteNetworkHealthLogs.json create mode 100644 Logos/gsa.svg create mode 100644 Solutions/Global Secure Access/Analytic Rules/Identity - AfterHoursActivity.yaml create mode 100644 Solutions/Global Secure Access/Analytic Rules/Identity - SharedSessions.yaml create mode 100644 Solutions/Global Secure Access/Analytic Rules/Office 365 - External User added to Team and immediately uploads file.yaml create mode 100644 Solutions/Global Secure Access/Analytic Rules/Office 365 - ExternalUserAddedRemovedInTeams.yaml create mode 100644 Solutions/Global Secure Access/Analytic Rules/Office 365 - Mail_redirect_via_ExO_transport_rule.yaml create mode 100644 Solutions/Global Secure Access/Analytic Rules/Office 365 - Malicious_Inbox_Rule.yaml create mode 100644 Solutions/Global Secure Access/Analytic Rules/Office 365 - MultipleTeamsDeletes.yaml create mode 100644 Solutions/Global Secure Access/Analytic Rules/Office 365 - Office_MailForwarding.yaml create mode 100644 Solutions/Global Secure Access/Analytic Rules/Office 365 - Office_Uploaded_Executables.yaml create mode 100644 Solutions/Global Secure Access/Analytic Rules/Office 365 - RareOfficeOperations.yaml create mode 100644 Solutions/Global Secure Access/Analytic Rules/Office 365 - SharePoint_Downloads_byNewIP.yaml create mode 100644 Solutions/Global Secure Access/Analytic Rules/Office 365 - SharePoint_Downloads_byNewUserAgent.yaml create mode 100644 Solutions/Global Secure Access/Analytic Rules/Office 365 - exchange_auditlogdisabled.yaml create mode 100644 Solutions/Global Secure Access/Analytic Rules/Office 365 - office_policytampering.yaml create mode 100644 Solutions/Global Secure Access/Analytic Rules/Office 365 - sharepoint_file_transfer_above_threshold.yaml create mode 100644 Solutions/Global Secure Access/Analytic Rules/Office 365 - sharepoint_file_transfer_folders_above_threshold.yaml create mode 100644 Solutions/Global Secure Access/Analytic Rules/SWG - Abnormal Deny Rate.yaml create mode 100644 Solutions/Global Secure Access/Analytic Rules/SWG - Abnormal Port to Protocol.yaml create mode 100644 Solutions/Global Secure Access/Analytic Rules/SWG - Source IP Port Scan.yaml create mode 100644 Solutions/Global Secure Access/Data/Solution_GlobalSecureAccess.json create mode 100644 Solutions/Global Secure Access/Hunting Queries/AnomolousUserAccessingOtherUsersMailbox.yaml create mode 100644 Solutions/Global Secure Access/Hunting Queries/ExternalUserAddedRemovedInTeams_HuntVersion.yaml create mode 100644 Solutions/Global Secure Access/Hunting Queries/ExternalUserFromNewOrgAddedToTeams.yaml create mode 100644 Solutions/Global Secure Access/Hunting Queries/Mail_redirect_via_ExO_transport_rule_hunting.yaml create mode 100644 Solutions/Global Secure Access/Hunting Queries/MultiTeamBot.yaml create mode 100644 Solutions/Global Secure Access/Hunting Queries/MultiTeamOwner.yaml create mode 100644 Solutions/Global Secure Access/Hunting Queries/MultipleTeamsDeletes.yaml create mode 100644 Solutions/Global Secure Access/Hunting Queries/MultipleUsersEmailForwardedToSameDestination.yaml create mode 100644 Solutions/Global Secure Access/Hunting Queries/NewBotAddedToTeams.yaml create mode 100644 Solutions/Global Secure Access/Hunting Queries/New_WindowsReservedFileNamesOnOfficeFileServices.yaml create mode 100644 Solutions/Global Secure Access/Hunting Queries/OfficeMailForwarding_hunting.yaml create mode 100644 Solutions/Global Secure Access/Hunting Queries/TeamsFilesUploaded.yaml create mode 100644 Solutions/Global Secure Access/Hunting Queries/UserAddToTeamsAndUploadsFile.yaml create mode 100644 Solutions/Global Secure Access/Hunting Queries/WindowsReservedFileNamesOnOfficeFileServices.yaml create mode 100644 Solutions/Global Secure Access/Hunting Queries/double_file_ext_exes.yaml create mode 100644 Solutions/Global Secure Access/Hunting Queries/new_adminaccountactivity.yaml create mode 100644 Solutions/Global Secure Access/Hunting Queries/new_sharepoint_downloads_by_IP.yaml create mode 100644 Solutions/Global Secure Access/Hunting Queries/new_sharepoint_downloads_by_UserAgent.yaml create mode 100644 Solutions/Global Secure Access/Hunting Queries/nonowner_MailboxLogin.yaml create mode 100644 Solutions/Global Secure Access/Hunting Queries/powershell_or_nonbrowser_MailboxLogin.yaml create mode 100644 Solutions/Global Secure Access/Hunting Queries/sharepoint_downloads.yaml create mode 100644 Solutions/Global Secure Access/Package/3.0.0.zip create mode 100644 Solutions/Global Secure Access/Package/createUiDefinition.json create mode 100644 Solutions/Global Secure Access/Package/mainTemplate.json create mode 100644 Solutions/Global Secure Access/Package/testParameters.json create mode 100644 Solutions/Global Secure Access/SolutionMetadata.json create mode 100644 Solutions/Global Secure Access/Workbooks/GSAM365EnrichedEvents.json create mode 100644 Solutions/Global Secure Access/Workbooks/GSANetworkTraffic.json create mode 100644 Workbooks/GSAM365EnrichedEvents.json create mode 100644 Workbooks/GSANetworkTraffic.json create mode 100644 Workbooks/Images/Logos/gsa.svg create mode 100644 Workbooks/Images/Preview/GSAEnrichedLogsBlack.png create mode 100644 Workbooks/Images/Preview/GSAEnrichedLogsWhite.png create mode 100644 Workbooks/Images/Preview/GSATrafficLogsBlack.png create mode 100644 Workbooks/Images/Preview/GSATrafficLogsWhite.png diff --git a/.script/tests/KqlvalidationsTests/CustomTables/EnrichedMicrosoft365AuditLogs.json b/.script/tests/KqlvalidationsTests/CustomTables/EnrichedMicrosoft365AuditLogs.json new file mode 100644 index 00000000000..c2105354e42 --- /dev/null +++ b/.script/tests/KqlvalidationsTests/CustomTables/EnrichedMicrosoft365AuditLogs.json @@ -0,0 +1,197 @@ +{ + "Name": "EnrichedMicrosoft365AuditLogs", + "Properties": [ + { + "Name": "TenantId", + "Type": "string" + }, + { + "Name": "TimeGenerated", + "Type": "datetime" + }, + { + "Name": "Id", + "Type": "string" + }, + { + "Name": "RecordType", + "Type": "int" + }, + { + "Name": "Operation", + "Type": "string" + }, + { + "Name": "OrganizationId", + "Type": "string" + }, + { + "Name": "UserType", + "Type": "string" + }, + { + "Name": "ActorUserType", + "Type": "string" + }, + { + "Name": "UserKey", + "Type": "string" + }, + { + "Name": "Workload", + "Type": "string" + }, + { + "Name": "ResultStatus", + "Type": "string" + }, + { + "Name": "ObjectId", + "Type": "string" + }, + { + "Name": "UserId", + "Type": "string" + }, + { + "Name": "ClientIp", + "Type": "string" + }, + { + "Name": "UniqueTokenId", + "Type": "string" + }, + { + "Name": "DeviceId", + "Type": "string" + }, + { + "Name": "DeviceOperatingSystem", + "Type": "string" + }, + { + "Name": "DeviceOperatingSystemVersion", + "Type": "string" + }, + { + "Name": "SourceIp", + "Type": "string" + }, + { + "Name": "AdditionalProperties", + "Type": "dynamic" + }, + { + "Name": "SourceSystem", + "Type": "string" + }, + { + "Name": "Type", + "Type": "string" + }, + { + "Name": "antId", + "Type": "string" + }, + { + "Name": "Action", + "Type": "string" + }, + { + "Name": "PolicyRuleId", + "Type": "string" + }, + { + "Name": "PolicyId", + "Type": "string" + }, + { + "Name": "SentBytes", + "Type": "long" + }, + { + "Name": "ReceivedBytes", + "Type": "long" + }, + { + "Name": "ReferrerHeader", + "Type": "string" + }, + { + "Name": "OriginHeader", + "Type": "string" + }, + { + "Name": "XForwardedFor", + "Type": "string" + }, + { + "Name": "DestinationWebCategories", + "Type": "string" + }, + { + "Name": "FilteringProfileId", + "Type": "string" + }, + { + "Name": "FilteringProfileName", + "Type": "string" + }, + { + "Name": "PolicyName", + "Type": "string" + }, + { + "Name": "RuleName", + "Type": "string" + }, + { + "Name": "InitiatingProcessName", + "Type": "string" + }, + { + "Name": "ResourceTenantId", + "Type": "string" + }, + { + "Name": "ThreatType", + "Type": "string" + }, + { + "Name": "DestinationUrl", + "Type": "string" + }, + { + "Name": "Description", + "Type": "string" + }, + { + "Name": "AppId", + "Type": "string" + }, + { + "Name": "ConnectorId", + "Type": "string" + }, + { + "Name": "ConnectorName", + "Type": "string" + }, + { + "Name": "ConnectorIp", + "Type": "string" + }, + { + "Name": "ConnectionStatus", + "Type": "string" + }, + { + "Name": "AccessType", + "Type": "string" + }, + { + "Name": "ProcessingRegion", + "Type": "string" + } + ] +} \ No newline at end of file diff --git a/.script/tests/KqlvalidationsTests/CustomTables/RemoteNetworkHealthLogs.json b/.script/tests/KqlvalidationsTests/CustomTables/RemoteNetworkHealthLogs.json new file mode 100644 index 00000000000..75fc398cad7 --- /dev/null +++ b/.script/tests/KqlvalidationsTests/CustomTables/RemoteNetworkHealthLogs.json @@ -0,0 +1,61 @@ +{ + "Name": "RemoteNetworkHealthLogs", + "Properties": [ + { + "Name": "TenantId", + "Type": "string" + }, + { + "Name": "TimeGenerated", + "Type": "datetime" + }, + { + "Name": "CreatedDateTime", + "Type": "datetime" + }, + { + "Name": "Id", + "Type": "string" + }, + { + "Name": "RemoteNetworkId", + "Type": "string" + }, + { + "Name": "SourceIp", + "Type": "string" + }, + { + "Name": "DestinationIp", + "Type": "string" + }, + { + "Name": "Description", + "Type": "string" + }, + { + "Name": "BgpRoutesAdvertisedCount", + "Type": "int" + }, + { + "Name": "SentBytes", + "Type": "long" + }, + { + "Name": "ReceivedBytes", + "Type": "long" + }, + { + "Name": "Status", + "Type": "string" + }, + { + "Name": "SourceSystem", + "Type": "string" + }, + { + "Name": "Type", + "Type": "string" + } + ] +} diff --git a/Logos/gsa.svg b/Logos/gsa.svg new file mode 100644 index 00000000000..407569607d0 --- /dev/null +++ b/Logos/gsa.svg @@ -0,0 +1,5 @@ + + + + + diff --git a/Solutions/Global Secure Access/Analytic Rules/Identity - AfterHoursActivity.yaml b/Solutions/Global Secure Access/Analytic Rules/Identity - AfterHoursActivity.yaml new file mode 100644 index 00000000000..7c4d1b07b26 --- /dev/null +++ b/Solutions/Global Secure Access/Analytic Rules/Identity - AfterHoursActivity.yaml @@ -0,0 +1,40 @@ +id: 4c9f0a9e-44d7-4c9b-b7f0-f6a6e0d8f8fa +name: Detect Connections Outside Operational Hours +description: This query identifies connections that occur outside of the defined operational hours. It helps in monitoring and flagging any unusual activity that may occur during non-business hours, indicating potential security concerns or policy violations. +severity: High +status: Available +requiredDataConnectors: + - connectorId: AzureActiveDirectory + dataTypes: + - EnrichedMicrosoft365AuditLogs +queryFrequency: 1h +queryPeriod: 24h +triggerOperator: gt +triggerThreshold: 0 +tactics: + - InitialAccess +relevantTechniques: + - T1078 + - T1133 +query: | + let starttime = todatetime('{{StartTimeISO}}'); + let endtime = todatetime('{{EndTimeISO}}'); + let operational_start_hour = 8; // Start of operational hours (8 AM) + let operational_end_hour = 18; // End of operational hours (6 PM) + NetworkAccessTraffic + | where TimeGenerated between(starttime .. endtime) + | extend HourOfDay = datetime_part('hour', TimeGenerated) + | where HourOfDay < operational_start_hour or HourOfDay >= operational_end_hour + | project TimeGenerated, UserPrincipalName, SourceIp, DestinationIp, DestinationPort, Action, DeviceId, DeviceOperatingSystem, ConnectionId + | extend IPCustomEntity = SourceIp, AccountCustomEntity = UserPrincipalName +entityMappings: + - entityType: Account + fieldMappings: + - identifier: Name + columnName: AccountCustomEntity + - entityType: IP + fieldMappings: + - identifier: Address + columnName: IPCustomEntity +version: 1.0.0 +kind: Scheduled diff --git a/Solutions/Global Secure Access/Analytic Rules/Identity - SharedSessions.yaml b/Solutions/Global Secure Access/Analytic Rules/Identity - SharedSessions.yaml new file mode 100644 index 00000000000..f9e25e2e0a8 --- /dev/null +++ b/Solutions/Global Secure Access/Analytic Rules/Identity - SharedSessions.yaml @@ -0,0 +1,47 @@ +id: 57abf863-1c1e-46c6-85b2-35370b712c1e +name: Detect IP Address Changes and Overlapping Sessions +description: | + This query identifies network sessions based on DeviceId and UserPrincipalName, then checks for changed IP addresses and overlapping session times. +severity: High +status: Available +requiredDataConnectors: + - connectorId: AzureActiveDirectory + dataTypes: + - EnrichedMicrosoft365AuditLogs +queryFrequency: 1h +queryPeriod: 24h +triggerOperator: gt +triggerThreshold: 0 +tactics: + - InitialAccess +relevantTechniques: + - T1078 + - T1133 +query: | + // Identify sessions + let sessions = + NetworkAccessTraffic + | summarize StartTime = min(TimeGenerated), EndTime = max(TimeGenerated), SourceIps = make_set(SourceIp) by DeviceId, UserPrincipalName, SessionId + | sort by StartTime asc; + // Check for changed IP addresses and overlapping session times + sessions + | extend PreviousSourceIps = prev(SourceIps, 1) + | extend PreviousEndTime = prev(EndTime, 1) + | extend PreviousDeviceId = prev(DeviceId, 1) + | extend PreviousUserPrincipalName = prev(UserPrincipalName, 1) + | where DeviceId == PreviousDeviceId and UserPrincipalName == PreviousUserPrincipalName + | where set_difference(SourceIps, PreviousSourceIps) != dynamic([]) // Check if the current and previous IP sets differ + | where PreviousEndTime > StartTime // Check for overlapping session times + | project DeviceId, UserPrincipalName, SourceIps, PreviousSourceIps, StartTime, EndTime, PreviousEndTime + | extend IPCustomEntity = tostring(array_slice(SourceIps, 0, 1)[0]), PreviousIPCustomEntity = tostring(array_slice(PreviousSourceIps, 0, 1)[0]), AccountCustomEntity = UserPrincipalName +entityMappings: + - entityType: Account + fieldMappings: + - identifier: Name + columnName: AccountCustomEntity + - entityType: IP + fieldMappings: + - identifier: Address + columnName: IPCustomEntity +version: 1.0.0 +kind: Scheduled diff --git a/Solutions/Global Secure Access/Analytic Rules/Office 365 - External User added to Team and immediately uploads file.yaml b/Solutions/Global Secure Access/Analytic Rules/Office 365 - External User added to Team and immediately uploads file.yaml new file mode 100644 index 00000000000..7a57a9cc563 --- /dev/null +++ b/Solutions/Global Secure Access/Analytic Rules/Office 365 - External User added to Team and immediately uploads file.yaml @@ -0,0 +1,86 @@ +id: bff058b2-500e-4ae5-bb49-a5b1423cbd5b +name: Accessed files shared by temporary external user +description: | + 'This detection identifies when an external user is added to a Team or Teams chat and shares a file which is accessed by many users (>10) and the users is removed within short period of time. This might be an indicator of suspicious activity.' +severity: Low +status: Available +requiredDataConnectors: + - connectorId: AzureActiveDirectory + dataTypes: + - EnrichedMicrosoft365AuditLogs +queryFrequency: 1h +queryPeriod: 1h +triggerOperator: gt +triggerThreshold: 0 +tactics: + - InitialAccess +relevantTechniques: + - T1566 +query: | + let fileAccessThreshold = 10; + EnrichedMicrosoft365AuditLogs + | where Workload =~ "MicrosoftTeams" + | where Operation =~ "MemberAdded" + | extend MemberAdded = tostring(parse_json(tostring(AdditionalProperties)).Members[0].UPN) + | where MemberAdded contains "#EXT#" + | project TimeAdded = TimeGenerated, Operation, MemberAdded, UserWhoAdded = UserId, TeamName = tostring(parse_json(tostring(AdditionalProperties)).TeamName) + | join kind=inner ( + EnrichedMicrosoft365AuditLogs + | where Workload =~ "MicrosoftTeams" + | where Operation =~ "MemberRemoved" + | extend MemberAdded = tostring(parse_json(tostring(AdditionalProperties)).Members[0].UPN) + | where MemberAdded contains "#EXT#" + | project TimeDeleted = TimeGenerated, Operation, MemberAdded, UserWhoDeleted = UserId, TeamName = tostring(parse_json(tostring(AdditionalProperties)).TeamName) + ) on MemberAdded, TeamName + | where TimeDeleted > TimeAdded + | join kind=inner ( + EnrichedMicrosoft365AuditLogs + | where RecordType == "SharePointFileOperation" + | where Operation == "FileUploaded" + | extend MemberAdded = UserId, SourceRelativeUrl = tostring(parse_json(tostring(AdditionalProperties)).SourceRelativeUrl), TeamName = tostring(parse_json(tostring(AdditionalProperties)).TeamName) + | where SourceRelativeUrl has "Microsoft Teams Chat Files" + | join kind=inner ( + EnrichedMicrosoft365AuditLogs + | where RecordType == "SharePointFileOperation" + | where Operation == "FileAccessed" + | extend SourceRelativeUrl = tostring(parse_json(tostring(AdditionalProperties)).SourceRelativeUrl), TeamName = tostring(parse_json(tostring(AdditionalProperties)).TeamName) + | where SourceRelativeUrl has "Microsoft Teams Chat Files" + | summarize FileAccessCount = count() by ObjectId, TeamName + | where FileAccessCount > fileAccessThreshold + ) on ObjectId, TeamName + ) on MemberAdded, TeamName + | project-away MemberAdded1, MemberAdded2, ObjectId1, Operation1, Operation2 + | extend MemberAddedAccountName = tostring(split(MemberAdded, "@")[0]), MemberAddedAccountUPNSuffix = tostring(split(MemberAdded, "@")[1]) + | extend UserWhoAddedAccountName = tostring(split(UserWhoAdded, "@")[0]), UserWhoAddedAccountUPNSuffix = tostring(split(UserWhoAdded, "@")[1]) + | extend UserWhoDeletedAccountName = tostring(split(UserWhoDeleted, "@")[0]), UserWhoDeletedAccountUPNSuffix = tostring(split(UserWhoDeleted, "@")[1]) +entityMappings: + - entityType: Account + fieldMappings: + - identifier: FullName + columnName: MemberAdded + - identifier: Name + columnName: MemberAddedAccountName + - identifier: UPNSuffix + columnName: MemberAddedAccountUPNSuffix + - entityType: Account + fieldMappings: + - identifier: FullName + columnName: UserWhoAdded + - identifier: Name + columnName: UserWhoAddedAccountName + - identifier: UPNSuffix + columnName: UserWhoAddedAccountUPNSuffix + - entityType: Account + fieldMappings: + - identifier: FullName + columnName: UserWhoDeleted + - identifier: Name + columnName: UserWhoDeletedAccountName + - identifier: UPNSuffix + columnName: UserWhoDeletedAccountUPNSuffix + - entityType: IP + fieldMappings: + - identifier: Address + columnName: ClientIP +version: 2.1.1 +kind: Scheduled diff --git a/Solutions/Global Secure Access/Analytic Rules/Office 365 - ExternalUserAddedRemovedInTeams.yaml b/Solutions/Global Secure Access/Analytic Rules/Office 365 - ExternalUserAddedRemovedInTeams.yaml new file mode 100644 index 00000000000..c5abd2a5184 --- /dev/null +++ b/Solutions/Global Secure Access/Analytic Rules/Office 365 - ExternalUserAddedRemovedInTeams.yaml @@ -0,0 +1,71 @@ +id: bff093b2-500e-4ae5-bb49-a5b1423cbd5b +name: External User Added and Removed in Short Timeframe +description: | + This detection flags the occurrences of external user accounts that are added to a Team and then removed within one hour. +severity: Low +status: Available +requiredDataConnectors: + - connectorId: AzureActiveDirectory + dataTypes: + - EnrichedMicrosoft365AuditLogs +queryFrequency: 1h +queryPeriod: 1h +triggerOperator: gt +triggerThreshold: 0 +tactics: + - Persistence +relevantTechniques: + - T1136 +query: | + let TeamsAddDel = (Op:string){ + EnrichedMicrosoft365AuditLogs + | where Workload =~ "MicrosoftTeams" + | where Operation == Op + | where tostring(AdditionalProperties.Members) has ("#EXT#") + | mv-expand Members = parse_json(tostring(AdditionalProperties.Members)) + | extend UPN = tostring(Members.UPN) + | where UPN has ("#EXT#") + | project TimeGenerated, Operation, UPN, UserId, TeamName = tostring(AdditionalProperties.TeamName), ClientIP = SourceIp + }; + let TeamsAdd = TeamsAddDel("MemberAdded") + | project TimeAdded = TimeGenerated, Operation, MemberAdded = UPN, UserWhoAdded = UserId, TeamName, ClientIP; + let TeamsDel = TeamsAddDel("MemberRemoved") + | project TimeDeleted = TimeGenerated, Operation, MemberRemoved = UPN, UserWhoDeleted = UserId, TeamName, ClientIP; + TeamsAdd + | join kind = inner (TeamsDel) on $left.MemberAdded == $right.MemberRemoved + | where TimeDeleted > TimeAdded + | project TimeAdded, TimeDeleted, MemberAdded_Removed = MemberAdded, UserWhoAdded, UserWhoDeleted, TeamName + | extend MemberAdded_RemovedAccountName = tostring(split(MemberAdded_Removed, "@")[0]), MemberAddedAccountUPNSuffix = tostring(split(MemberAdded_Removed, "@")[1]) + | extend UserWhoAddedAccountName = tostring(split(UserWhoAdded, "@")[0]), UserWhoAddedAccountUPNSuffix = tostring(split(UserWhoAdded, "@")[1]) + | extend UserWhoDeletedAccountName = tostring(split(UserWhoDeleted, "@")[0]), UserWhoDeletedAccountUPNSuffix = tostring(split(UserWhoDeleted, "@")[1]) +entityMappings: + - entityType: Account + fieldMappings: + - identifier: FullName + columnName: MemberAdded_Removed + - identifier: Name + columnName: MemberAdded_RemovedAccountName + - identifier: UPNSuffix + columnName: MemberAddedAccountUPNSuffix + - entityType: Account + fieldMappings: + - identifier: FullName + columnName: UserWhoAdded + - identifier: Name + columnName: UserWhoAddedAccountName + - identifier: UPNSuffix + columnName: UserWhoAddedAccountUPNSuffix + - entityType: Account + fieldMappings: + - identifier: FullName + columnName: UserWhoDeleted + - identifier: Name + columnName: UserWhoDeletedAccountName + - identifier: UPNSuffix + columnName: UserWhoDeletedAccountUPNSuffix + - entityType: IP + fieldMappings: + - identifier: Address + columnName: ClientIp +version: 2.1.2 +kind: Scheduled \ No newline at end of file diff --git a/Solutions/Global Secure Access/Analytic Rules/Office 365 - Mail_redirect_via_ExO_transport_rule.yaml b/Solutions/Global Secure Access/Analytic Rules/Office 365 - Mail_redirect_via_ExO_transport_rule.yaml new file mode 100644 index 00000000000..e4de8b515ba --- /dev/null +++ b/Solutions/Global Secure Access/Analytic Rules/Office 365 - Mail_redirect_via_ExO_transport_rule.yaml @@ -0,0 +1,55 @@ +id: 500415fb-bba7-4227-a08a-9857fb61b6a7 +name: Mail redirect via ExO transport rule +description: | + 'Identifies when Exchange Online transport rule configured to forward emails. + This could be an adversary mailbox configured to collect mail from multiple user accounts.' +severity: Medium +status: Available +requiredDataConnectors: + - connectorId: AzureActiveDirectory + dataTypes: + - EnrichedMicrosoft365AuditLogs +queryFrequency: 1h +queryPeriod: 1h +triggerOperator: gt +triggerThreshold: 0 +tactics: + - Collection + - Exfiltration +relevantTechniques: + - T1114 + - T1020 +query: | + EnrichedMicrosoft365AuditLogs + | where Workload == "Exchange" + | where Operation in~ ("New-TransportRule", "Set-TransportRule") + | mv-apply DynamicParameters = todynamic(tostring(AdditionalProperties.Parameters)) on ( + summarize ParsedParameters = make_bag(pack(tostring(DynamicParameters.Name), DynamicParameters.Value)) + ) + | extend RuleName = case( + Operation =~ "Set-TransportRule", ObjectId, // Assuming ObjectId maps to what was previously OfficeObjectId + Operation =~ "New-TransportRule", ParsedParameters.Name, + "Unknown" + ) + | mv-expand ExpandedParameters = todynamic(tostring(AdditionalProperties.Parameters)) + | where ExpandedParameters.Name in~ ("BlindCopyTo", "RedirectMessageTo") and isnotempty(ExpandedParameters.Value) + | extend RedirectTo = ExpandedParameters.Value + | extend ClientIPValues = extract_all(@'\[?(::ffff:)?(?P(\d+\.\d+\.\d+\.\d+)|[^\]]+)\]?([-:](?P\d+))?', dynamic(["IPAddress", "Port"]), ClientIp)[0] + | extend From = ParsedParameters.From + | project TimeGenerated, RedirectTo, IPAddress = tostring(ClientIPValues[0]), Port = tostring(ClientIPValues[1]), UserId, From, Operation, RuleName, Parameters = tostring(AdditionalProperties.Parameters) + | extend AccountName = tostring(split(UserId, "@")[0]), AccountUPNSuffix = tostring(split(UserId, "@")[1]) +entityMappings: + - entityType: Account + fieldMappings: + - identifier: FullName + columnName: UserId + - identifier: Name + columnName: AccountName + - identifier: UPNSuffix + columnName: AccountUPNSuffix + - entityType: IP + fieldMappings: + - identifier: Address + columnName: IPAddress +version: 2.0.4 +kind: Scheduled diff --git a/Solutions/Global Secure Access/Analytic Rules/Office 365 - Malicious_Inbox_Rule.yaml b/Solutions/Global Secure Access/Analytic Rules/Office 365 - Malicious_Inbox_Rule.yaml new file mode 100644 index 00000000000..61c3566f5da --- /dev/null +++ b/Solutions/Global Secure Access/Analytic Rules/Office 365 - Malicious_Inbox_Rule.yaml @@ -0,0 +1,56 @@ +id: 7b907bf7-77d4-41d0-a208-5643ff75bf9a +name: Malicious Inbox Rule +description: | + 'Often times after the initial compromise the attackers create inbox rules to delete emails that contain certain keywords. + This is done so as to limit ability to warn compromised users that they've been compromised. Below is a sample query that tries to detect this. + Reference: https://www.reddit.com/r/sysadmin/comments/7kyp0a/recent_phishing_attempts_my_experience_and_what/' +severity: Medium +status: Available +requiredDataConnectors: + - connectorId: AzureActiveDirectory + dataTypes: + - EnrichedMicrosoft365AuditLogs +queryFrequency: 1d +queryPeriod: 1d +triggerOperator: gt +triggerThreshold: 0 +tactics: + - Persistence + - DefenseEvasion +relevantTechniques: + - T1098 + - T1078 +query: | + let Keywords = dynamic(["helpdesk", "alert", "suspicious", "fake", "malicious", "phishing", "spam", "do not click", "do not open", "hijacked", "Fatal"]); + EnrichedMicrosoft365AuditLogs + | where Workload =~ "Exchange" + | where Operation =~ "New-InboxRule" and (ResultStatus =~ "True" or ResultStatus =~ "Succeeded") + | where tostring(parse_json(tostring(AdditionalProperties)).Parameters) has "Deleted Items" or tostring(parse_json(tostring(AdditionalProperties)).Parameters) has "Junk Email" or tostring(parse_json(tostring(AdditionalProperties)).Parameters) has "DeleteMessage" + | extend Events = parse_json(tostring(AdditionalProperties)).Parameters + | extend SubjectContainsWords = tostring(Events.SubjectContainsWords), BodyContainsWords = tostring(Events.BodyContainsWords), SubjectOrBodyContainsWords = tostring(Events.SubjectOrBodyContainsWords) + | where SubjectContainsWords has_any (Keywords) or BodyContainsWords has_any (Keywords) or SubjectOrBodyContainsWords has_any (Keywords) + | extend ClientIPAddress = case(ClientIp has ".", tostring(split(ClientIp, ":")[0]), ClientIp has "[", tostring(trim_start(@'[[]',tostring(split(ClientIp, "]")[0]))), ClientIp) + | extend Keyword = iff(isnotempty(SubjectContainsWords), SubjectContainsWords, (iff(isnotempty(BodyContainsWords), BodyContainsWords, SubjectOrBodyContainsWords))) + | extend RuleDetail = case(ObjectId contains '/', tostring(split(ObjectId, '/')[-1]), tostring(split(ObjectId, '\\')[-1])) + | summarize count(), StartTimeUtc = min(TimeGenerated), EndTimeUtc = max(TimeGenerated) by Operation, UserId, ClientIPAddress, ResultStatus, Keyword, ObjectId, RuleDetail + | extend AccountName = tostring(split(UserId, "@")[0]), AccountUPNSuffix = tostring(split(UserId, "@")[1]) + +entityMappings: + - entityType: Account + fieldMappings: + - identifier: FullName + columnName: UserId + - identifier: Name + columnName: AccountName + - identifier: UPNSuffix + columnName: AccountUPNSuffix + - entityType: Host + fieldMappings: + - identifier: FullName + columnName: OriginatingServer + - entityType: IP + fieldMappings: + - identifier: Address + columnName: ClientIPAddress +version: 2.0.4 +kind: Scheduled diff --git a/Solutions/Global Secure Access/Analytic Rules/Office 365 - MultipleTeamsDeletes.yaml b/Solutions/Global Secure Access/Analytic Rules/Office 365 - MultipleTeamsDeletes.yaml new file mode 100644 index 00000000000..b4cbec0fe75 --- /dev/null +++ b/Solutions/Global Secure Access/Analytic Rules/Office 365 - MultipleTeamsDeletes.yaml @@ -0,0 +1,39 @@ +id: 173f8699-6af5-484a-8b06-8c47ba89b380 +name: Multiple Teams deleted by a single user +description: | + 'This detection flags the occurrences of deleting multiple teams within an hour. + This data is a part of Office 365 Connector in Microsoft Sentinel.' +severity: Low +status: Available +requiredDataConnectors: + - connectorId: AzureActiveDirectory + dataTypes: + - EnrichedMicrosoft365AuditLogs +queryFrequency: 1d +queryPeriod: 1d +triggerOperator: gt +triggerThreshold: 0 +tactics: + - Impact +relevantTechniques: + - T1485 + - T1489 +query: | + let max_delete_count = 3; + EnrichedMicrosoft365AuditLogs + | where Workload =~ "MicrosoftTeams" + | where Operation =~ "TeamDeleted" + | summarize StartTime = min(TimeGenerated), EndTime = max(TimeGenerated), DeletedTeams = make_set(tostring(AdditionalProperties.TeamName), 1000) by UserId + | where array_length(DeletedTeams) > max_delete_count + | extend AccountName = tostring(split(UserId, "@")[0]), AccountUPNSuffix = tostring(split(UserId, "@")[1]) +entityMappings: + - entityType: Account + fieldMappings: + - identifier: FullName + columnName: UserId + - identifier: Name + columnName: AccountName + - identifier: UPNSuffix + columnName: AccountUPNSuffix +version: 2.0.4 +kind: Scheduled \ No newline at end of file diff --git a/Solutions/Global Secure Access/Analytic Rules/Office 365 - Office_MailForwarding.yaml b/Solutions/Global Secure Access/Analytic Rules/Office 365 - Office_MailForwarding.yaml new file mode 100644 index 00000000000..30f77b434f4 --- /dev/null +++ b/Solutions/Global Secure Access/Analytic Rules/Office 365 - Office_MailForwarding.yaml @@ -0,0 +1,61 @@ +id: 871ba14c-88ef-48aa-ad38-810f26760ca3 +name: Multiple Users Email Forwarded to Same Destination +description: | + Identifies when multiple (more than one) users' mailboxes are configured to forward to the same destination. + This could be an attacker-controlled destination mailbox configured to collect mail from multiple compromised user accounts. +severity: Medium +status: Available +requiredDataConnectors: + - connectorId: AzureActiveDirectory + dataTypes: + - EnrichedMicrosoft365AuditLogs +queryFrequency: 1d +queryPeriod: 7d +triggerOperator: gt +triggerThreshold: 0 +tactics: + - Collection + - Exfiltration +relevantTechniques: + - T1114 + - T1020 +query: | + let queryfrequency = 1d; + let queryperiod = 7d; + EnrichedMicrosoft365AuditLogs + | where TimeGenerated > ago(queryperiod) + | where Workload =~ "Exchange" + //| where Operation in ("Set-Mailbox", "New-InboxRule", "Set-InboxRule") // Uncomment or adjust based on actual field usage + | where tostring(AdditionalProperties.Parameters) has_any ("ForwardTo", "RedirectTo", "ForwardingSmtpAddress") + | mv-apply DynamicParameters = todynamic(tostring(AdditionalProperties.Parameters)) on ( + summarize ParsedParameters = make_bag(bag_pack(tostring(DynamicParameters.Name), DynamicParameters.Value)) + ) + | evaluate bag_unpack(ParsedParameters, columnsConflict='replace_source') + | extend DestinationMailAddress = tolower(case( + isnotempty(column_ifexists("ForwardTo", "")), column_ifexists("ForwardTo", ""), + isnotempty(column_ifexists("RedirectTo", "")), column_ifexists("RedirectTo", ""), + isnotempty(column_ifexists("ForwardingSmtpAddress", "")), trim_start(@"smtp:", column_ifexists("ForwardingSmtpAddress", "")), + "")) + | where isnotempty(DestinationMailAddress) + | mv-expand split(DestinationMailAddress, ";") + | extend ClientIPValues = extract_all(@'\[?(::ffff:)?(?P(\d+\.\d+\.\d+\.\d+)|[^\]]+)\]?([-:](?P\d+))?', dynamic(["IPAddress", "Port"]), ClientIp)[0] + | extend ClientIP = tostring(ClientIPValues[0]), Port = tostring(ClientIPValues[1]) + | summarize StartTime = min(TimeGenerated), EndTime = max(TimeGenerated), DistinctUserCount = dcount(UserId), UserId = make_set(UserId, 250), Ports = make_set(Port, 250), EventCount = count() by tostring(DestinationMailAddress), ClientIP + | where DistinctUserCount > 1 and EndTime > ago(queryfrequency) + | mv-expand UserId to typeof(string) + | extend AccountName = tostring(split(UserId, "@")[0]), AccountUPNSuffix = tostring(split(UserId, "@")[1]) +entityMappings: + - entityType: Account + fieldMappings: + - identifier: FullName + columnName: UserId + - identifier: Name + columnName: AccountName + - identifier: UPNSuffix + columnName: AccountUPNSuffix + - entityType: IP + fieldMappings: + - identifier: Address + columnName: ClientIP +version: 2.0.3 +kind: Scheduled diff --git a/Solutions/Global Secure Access/Analytic Rules/Office 365 - Office_Uploaded_Executables.yaml b/Solutions/Global Secure Access/Analytic Rules/Office 365 - Office_Uploaded_Executables.yaml new file mode 100644 index 00000000000..0251d7c8d55 --- /dev/null +++ b/Solutions/Global Secure Access/Analytic Rules/Office 365 - Office_Uploaded_Executables.yaml @@ -0,0 +1,80 @@ +id: d722831e-88f5-4e25-b106-4ef6e29f8c13 +name: New Executable via Office FileUploaded Operation +description: | + Identifies when executable file types are uploaded to Office services such as SharePoint and OneDrive. + List currently includes exe, inf, gzip, cmd, bat file extensions. + Additionally, identifies when a given user is uploading these files to another user's workspace. + This may be an indication of a staging location for malware or other malicious activity. +severity: Low +status: Available +requiredDataConnectors: + - connectorId: AzureActiveDirectory + dataTypes: + - EnrichedMicrosoft365AuditLogs +queryFrequency: 1d +queryPeriod: 8d +triggerOperator: gt +triggerThreshold: 0 +tactics: + - CommandAndControl + - LateralMovement +relevantTechniques: + - T1105 + - T1570 +query: | + let threshold = 2; + let uploadOp = 'FileUploaded'; + let execExt = dynamic(['exe', 'inf', 'gzip', 'cmd', 'bat']); + let starttime = 8d; + let endtime = 1d; + EnrichedMicrosoft365AuditLogs + | where TimeGenerated >= ago(endtime) + | where Operation == uploadOp + | extend SourceFileExtension = extract(@"\.([^\./]+)$", 1, tostring(parse_json(tostring(AdditionalProperties)).SourceFileName)) // Extract file extension + | where SourceFileExtension in (execExt) + | extend Site_Url = tostring(parse_json(tostring(AdditionalProperties)).SiteUrl) + | extend SourceRelativeUrl = tostring(parse_json(tostring(AdditionalProperties)).SourceRelativeUrl) + | extend SourceFileName = tostring(parse_json(tostring(AdditionalProperties)).SourceFileName) + | project TimeGenerated, Id, Workload, RecordType, Operation, UserType, UserKey, UserId, ClientIp, UserAgent = tostring(parse_json(tostring(AdditionalProperties)).UserAgent), Site_Url, SourceRelativeUrl, SourceFileName + | join kind=leftanti ( + EnrichedMicrosoft365AuditLogs + | where TimeGenerated between (ago(starttime) .. ago(endtime)) + | where Operation == uploadOp + | extend SourceFileExtension = extract(@"\.([^\./]+)$", 1, tostring(parse_json(tostring(AdditionalProperties)).SourceFileName)) // Extract file extension + | where SourceFileExtension in (execExt) + | extend SourceRelativeUrl = tostring(parse_json(tostring(AdditionalProperties)).SourceRelativeUrl) + | summarize SourceRelativeUrl = make_set(SourceRelativeUrl, 100000), UserId = make_set(UserId, 100000), PrevSeenCount = count() by SourceFileName = tostring(parse_json(tostring(AdditionalProperties)).SourceFileName) + // Uncomment the line below to enforce the threshold + // | where PrevSeenCount > threshold + | mvexpand SourceRelativeUrl, UserId + | extend SourceRelativeUrl = tostring(SourceRelativeUrl), UserId = tostring(UserId) + ) on SourceFileName, SourceRelativeUrl, UserId + | extend SiteUrlUserFolder = tolower(split(Site_Url, '/')[-2]) + | extend UserIdUserFolderFormat = tolower(replace_regex(UserId, '@|\\.', '_')) + | extend UserIdDiffThanUserFolder = iff(Site_Url has '/personal/' and SiteUrlUserFolder != UserIdUserFolderFormat, true, false) + | summarize TimeGenerated = make_list(TimeGenerated, 100000), StartTime = min(TimeGenerated), EndTime = max(TimeGenerated), UserAgents = make_list(UserAgent, 100000), Ids = make_list(Id, 100000), SourceRelativeUrls = make_list(SourceRelativeUrl, 100000), FileNames = make_list(SourceFileName, 100000) + by Workload, RecordType, Operation, UserType, UserKey, UserId, ClientIp, Site_Url, SiteUrlUserFolder, UserIdUserFolderFormat, UserIdDiffThanUserFolder + | extend AccountName = tostring(split(UserId, "@")[0]), AccountUPNSuffix = tostring(split(UserId, "@")[1]) +entityMappings: + - entityType: Account + fieldMappings: + - identifier: FullName + columnName: UserId + - identifier: Name + columnName: AccountName + - identifier: UPNSuffix + columnName: AccountUPNSuffix + - entityType: IP + fieldMappings: + - identifier: Address + columnName: ClientIp + - entityType: URL + fieldMappings: + - identifier: Url + columnName: Site_Url + - entityType: File + fieldMappings: + - identifier: Name + columnName: FileNames +version: 2.0.5 +kind: Scheduled diff --git a/Solutions/Global Secure Access/Analytic Rules/Office 365 - RareOfficeOperations.yaml b/Solutions/Global Secure Access/Analytic Rules/Office 365 - RareOfficeOperations.yaml new file mode 100644 index 00000000000..d3a1629fa52 --- /dev/null +++ b/Solutions/Global Secure Access/Analytic Rules/Office 365 - RareOfficeOperations.yaml @@ -0,0 +1,45 @@ +id: 957cb240-f45d-4491-9ba5-93430a3c08be +name: Rare and Potentially High-Risk Office Operations +description: | + Identifies Office operations that are typically rare and can provide capabilities useful to attackers. +severity: Low +status: Available +requiredDataConnectors: + - connectorId: AzureActiveDirectory + dataTypes: + - EnrichedMicrosoft365AuditLogs +queryFrequency: 1d +queryPeriod: 1d +triggerOperator: gt +triggerThreshold: 0 +tactics: + - Persistence + - Collection +relevantTechniques: + - T1098 + - T1114 +query: | + EnrichedMicrosoft365AuditLogs + | where Operation in~ ( "Add-MailboxPermission", "Add-MailboxFolderPermission", "Set-Mailbox", "New-ManagementRoleAssignment", "New-InboxRule", "Set-InboxRule", "Set-TransportRule") + and not(UserId has_any ('NT AUTHORITY\\SYSTEM (Microsoft.Exchange.ServiceHost)', 'NT AUTHORITY\\SYSTEM (Microsoft.Exchange.AdminApi.NetCore)', 'NT AUTHORITY\\SYSTEM (w3wp)', 'devilfish-applicationaccount') and Operation in~ ( "Add-MailboxPermission", "Set-Mailbox")) + | extend ClientIPOnly = tostring(extract_all(@'\[?(::ffff:)?(?P(\d+\.\d+\.\d+\.\d+)|[^\]]+)\]?', dynamic(["IPAddress"]), ClientIp)[0]) + | extend AccountName = tostring(split(UserId, "@")[0]), AccountUPNSuffix = tostring(split(UserId, "@")[1]) +entityMappings: + - entityType: Account + fieldMappings: + - identifier: FullName + columnName: UserId + - identifier: Name + columnName: AccountName + - identifier: UPNSuffix + columnName: AccountUPNSuffix + - entityType: IP + fieldMappings: + - identifier: Address + columnName: ClientIPOnly + - entityType: CloudApplication + fieldMappings: + - identifier: AppId + columnName: AppId +version: 2.0.5 +kind: Scheduled diff --git a/Solutions/Global Secure Access/Analytic Rules/Office 365 - SharePoint_Downloads_byNewIP.yaml b/Solutions/Global Secure Access/Analytic Rules/Office 365 - SharePoint_Downloads_byNewIP.yaml new file mode 100644 index 00000000000..69506a34f3b --- /dev/null +++ b/Solutions/Global Secure Access/Analytic Rules/Office 365 - SharePoint_Downloads_byNewIP.yaml @@ -0,0 +1,72 @@ +id: 4b11568b-3f5f-4ba1-80c8-7f1dc8390eb7 +name: SharePoint File Operation via Previously Unseen IPs +description: | + Identifies anomalies using user behavior by setting a threshold for significant changes in file upload/download activities from new IP addresses. It establishes a baseline of typical behavior, compares it to recent activity, and flags deviations exceeding a default threshold of 25. +severity: Medium +status: Available +requiredDataConnectors: + - connectorId: AzureActiveDirectory + dataTypes: + - EnrichedMicrosoft365AuditLogs +queryFrequency: 1d +queryPeriod: 14d +triggerOperator: gt +triggerThreshold: 0 +tactics: + - Exfiltration +relevantTechniques: + - T1030 +query: | + let threshold = 0.25; + let szSharePointFileOperation = "SharePointFileOperation"; + let szOperations = dynamic(["FileDownloaded", "FileUploaded"]); + let starttime = 14d; + let endtime = 1d; + // Define a baseline of normal user behavior + let userBaseline = EnrichedMicrosoft365AuditLogs + | where TimeGenerated between(ago(starttime)..ago(endtime)) + | where RecordType == szSharePointFileOperation + | where Operation in (szOperations) + | extend UserAgent = tostring(parse_json(tostring(AdditionalProperties)).UserAgent) + | extend Site_Url = tostring(parse_json(tostring(AdditionalProperties)).SiteUrl) + | where isnotempty(UserAgent) + | summarize Count = count() by UserId, Operation, Site_Url, ClientIp + | summarize AvgCount = avg(Count) by UserId, Operation, Site_Url, ClientIp; + // Get recent user activity + let recentUserActivity = EnrichedMicrosoft365AuditLogs + | where TimeGenerated > ago(endtime) + | where RecordType == szSharePointFileOperation + | where Operation in (szOperations) + | extend UserAgent = tostring(parse_json(tostring(AdditionalProperties)).UserAgent) + | extend Site_Url = tostring(parse_json(tostring(AdditionalProperties)).SiteUrl) + | where isnotempty(UserAgent) + | summarize StartTimeUtc = min(TimeGenerated), EndTimeUtc = max(TimeGenerated), RecentCount = count() by UserId, UserType, Operation, Site_Url, ClientIp, ObjectId, Workload, UserAgent; + // Join the baseline and recent activity, and calculate the deviation + let UserBehaviorAnalysis = userBaseline + | join kind=inner (recentUserActivity) on UserId, Operation, Site_Url, ClientIp + | extend Deviation = abs(RecentCount - AvgCount) / AvgCount; + // Filter for significant deviations + UserBehaviorAnalysis + | where Deviation > threshold + | project StartTimeUtc, EndTimeUtc, UserId, UserType, Operation, ClientIp, Site_Url, ObjectId, Workload, UserAgent, Deviation, Count=RecentCount + | order by Count desc, ClientIp asc, Operation asc, UserId asc + | extend AccountName = tostring(split(UserId, "@")[0]), AccountUPNSuffix = tostring(split(UserId, "@")[1]) +entityMappings: + - entityType: Account + fieldMappings: + - identifier: FullName + columnName: UserId + - identifier: Name + columnName: AccountName + - identifier: UPNSuffix + columnName: AccountUPNSuffix + - entityType: IP + fieldMappings: + - identifier: Address + columnName: ClientIp + - entityType: URL + fieldMappings: + - identifier: Url + columnName: Site_Url +version: 2.0.4 +kind: Scheduled diff --git a/Solutions/Global Secure Access/Analytic Rules/Office 365 - SharePoint_Downloads_byNewUserAgent.yaml b/Solutions/Global Secure Access/Analytic Rules/Office 365 - SharePoint_Downloads_byNewUserAgent.yaml new file mode 100644 index 00000000000..aaa2bee9ac7 --- /dev/null +++ b/Solutions/Global Secure Access/Analytic Rules/Office 365 - SharePoint_Downloads_byNewUserAgent.yaml @@ -0,0 +1,85 @@ +id: 5dd76a87-9f87-4576-bab3-268b0e2b338b +name: SharePointFileOperation via devices with previously unseen user agents +description: | + Identifies anomalies if the number of documents uploaded or downloaded from device(s) associated with a previously unseen user agent exceeds a threshold (default is 5) and deviation (default is 25%). +severity: Medium +status: Available +requiredDataConnectors: + - connectorId: AzureActiveDirectory + dataTypes: + - EnrichedMicrosoft365AuditLogs +queryFrequency: 1d +queryPeriod: 14d +triggerOperator: gt +triggerThreshold: 0 +tactics: + - Exfiltration +relevantTechniques: + - T1030 +query: | + // Set threshold for the number of downloads/uploads from a new user agent + let threshold = 5; + // Define constants for SharePoint file operations + let szSharePointFileOperation = "SharePointFileOperation"; + let szOperations = dynamic(["FileDownloaded", "FileUploaded"]); + // Define the historical activity for analysis + let starttime = 14d; // Define the start time for historical data (14 days ago) + let endtime = 1d; // Define the end time for historical data (1 day ago) + // Extract the base events for analysis + let Baseevents = + EnrichedMicrosoft365AuditLogs + | where TimeGenerated between (ago(starttime) .. ago(endtime)) + | where RecordType == szSharePointFileOperation + | where Operation in (szOperations) + | extend UserAgent = tostring(parse_json(tostring(AdditionalProperties)).UserAgent) + | extend Site_Url = tostring(parse_json(tostring(AdditionalProperties)).SiteUrl) + | where isnotempty(UserAgent); + // Identify frequently occurring user agents + let FrequentUA = Baseevents + | summarize FUACount = count() by UserAgent, RecordType, Operation + | where FUACount >= threshold + | distinct UserAgent; + // Calculate a user baseline for further analysis + let UserBaseLine = Baseevents + | summarize Count = count() by UserId, Operation, Site_Url + | summarize AvgCount = avg(Count) by UserId, Operation, Site_Url; + // Extract recent activity for analysis + let RecentActivity = EnrichedMicrosoft365AuditLogs + | where TimeGenerated > ago(endtime) + | where RecordType == szSharePointFileOperation + | where Operation in (szOperations) + | extend UserAgent = tostring(parse_json(tostring(AdditionalProperties)).UserAgent) + | extend Site_Url = tostring(parse_json(tostring(AdditionalProperties)).SiteUrl) + | where isnotempty(UserAgent) + | where UserAgent in (FrequentUA) + | summarize StartTime = min(TimeGenerated), EndTime = max(TimeGenerated), ObjectIdCount = dcount(ObjectId), ObjectIdList = make_set(ObjectId), UserAgentSeenCount = count() + by RecordType, Operation, UserAgent, UserId, ClientIp, Site_Url; + // Analyze user behavior based on baseline and recent activity + let UserBehaviorAnalysis = UserBaseLine + | join kind=inner (RecentActivity) on UserId, Operation, Site_Url + | extend Deviation = abs(UserAgentSeenCount - AvgCount) / AvgCount; + // Filter and format results for specific user behavior analysis + UserBehaviorAnalysis + | where Deviation > 0.25 + | extend UserIdName = tostring(split(UserId, '@')[0]), UserIdUPNSuffix = tostring(split(UserId, '@')[1]) + | project-reorder StartTime, EndTime, UserAgent, UserAgentSeenCount, UserId, ClientIp, Site_Url + | order by UserAgentSeenCount desc, UserAgent asc, UserId asc, Site_Url asc +entityMappings: + - entityType: Account + fieldMappings: + - identifier: FullName + columnName: UserId + - identifier: Name + columnName: UserIdName + - identifier: UPNSuffix + columnName: UserIdUPNSuffix + - entityType: IP + fieldMappings: + - identifier: Address + columnName: ClientIp + - entityType: URL + fieldMappings: + - identifier: Url + columnName: Site_Url +version: 2.2.4 +kind: Scheduled diff --git a/Solutions/Global Secure Access/Analytic Rules/Office 365 - exchange_auditlogdisabled.yaml b/Solutions/Global Secure Access/Analytic Rules/Office 365 - exchange_auditlogdisabled.yaml new file mode 100644 index 00000000000..506248a86c6 --- /dev/null +++ b/Solutions/Global Secure Access/Analytic Rules/Office 365 - exchange_auditlogdisabled.yaml @@ -0,0 +1,49 @@ +id: 194dd92e-d6e7-4249-85a5-273350a7f5ce +name: Exchange AuditLog Disabled +description: | + 'Identifies when the exchange audit logging has been disabled which may be an adversary attempt to evade detection or avoid other defenses.' +severity: Medium +status: Available +requiredDataConnectors: + - connectorId: AzureActiveDirectory + dataTypes: + - EnrichedMicrosoft365AuditLogs +queryFrequency: 1d +queryPeriod: 1d +triggerOperator: gt +triggerThreshold: 0 +tactics: + - DefenseEvasion +relevantTechniques: + - T1562 +query: | + EnrichedMicrosoft365AuditLogs + | where Workload =~ "Exchange" + | where UserType in~ ("Admin", "DcAdmin") + | where Operation =~ "Set-AdminAuditLogConfig" + | extend AdminAuditLogEnabledValue = tostring(parse_json(tostring(parse_json(tostring(array_slice(parse_json(tostring(AdditionalProperties.Parameters)), 3, 3)))[0])).Value) + | where AdminAuditLogEnabledValue =~ "False" + | summarize StartTimeUtc = min(TimeGenerated), EndTimeUtc = max(TimeGenerated), OperationCount = count() by Operation, UserType, UserId, ClientIP = SourceIp, ResultStatus, Parameters = tostring(AdditionalProperties.Parameters), AdminAuditLogEnabledValue + | extend AccountName = iff(UserId contains '@', tostring(split(UserId, '@')[0]), UserId) + | extend AccountUPNSuffix = iff(UserId contains '@', tostring(split(UserId, '@')[1]), '') + | extend AccountName = iff(UserId contains '\\', tostring(split(UserId, '\\')[1]), AccountName) + | extend AccountNTDomain = iff(UserId contains '\\', tostring(split(UserId, '\\')[0]), '') +entityMappings: + - entityType: Account + fieldMappings: + - identifier: FullName + columnName: UserId + - identifier: Name + columnName: AccountName + - identifier: UPNSuffix + columnName: AccountUPNSuffix + - entityType: Account + fieldMappings: + - identifier: Name + columnName: AccountNTDomain + - entityType: IP + fieldMappings: + - identifier: Address + columnName: ClientIP +version: 2.0.6 +kind: Scheduled \ No newline at end of file diff --git a/Solutions/Global Secure Access/Analytic Rules/Office 365 - office_policytampering.yaml b/Solutions/Global Secure Access/Analytic Rules/Office 365 - office_policytampering.yaml new file mode 100644 index 00000000000..9b6a41d2e7b --- /dev/null +++ b/Solutions/Global Secure Access/Analytic Rules/Office 365 - office_policytampering.yaml @@ -0,0 +1,59 @@ +id: fbd72eb8-087e-466b-bd54-1ca6ea08c6d3 +name: Office Policy Tampering +description: | + Identifies if any tampering is done to either audit log, ATP Safelink, SafeAttachment, AntiPhish, or Dlp policy. + An adversary may use this technique to evade detection or avoid other policy-based defenses. + References: https://docs.microsoft.com/powershell/module/exchange/advanced-threat-protection/remove-antiphishrule?view=exchange-ps. +severity: Medium +status: Available +requiredDataConnectors: + - connectorId: AzureActiveDirectory + dataTypes: + - EnrichedMicrosoft365AuditLogs +queryFrequency: 1d +queryPeriod: 1d +triggerOperator: gt +triggerThreshold: 0 +tactics: + - Persistence + - DefenseEvasion +relevantTechniques: + - T1098 + - T1562 +query: | + let opList = EnrichedMicrosoft365AuditLogs + | summarize by Operation + | where Operation has_any ("Remove", "Disable") + | where Operation contains "AntiPhish" or Operation contains "SafeAttachment" or Operation contains "SafeLinks" or Operation contains "Dlp" or Operation contains "Audit" + | summarize make_set(Operation, 500); + EnrichedMicrosoft365AuditLogs + | where RecordType == "ExchangeAdmin" + | where UserType in~ ("Admin", "DcAdmin") + | where Operation in~ (opList) + | extend ClientIPOnly = case( + ClientIp has ".", tostring(split(ClientIp, ":")[0]), + ClientIp has "[", tostring(trim_start(@'[[]', tostring(split(ClientIp, "]")[0]))), + ClientIp + ) + | extend Port = case( + ClientIp has ".", tostring(split(ClientIp, ":")[1]), + ClientIp has "[", tostring(split(ClientIp, "]:")[1]), + "" + ) + | summarize StartTimeUtc = min(TimeGenerated), EndTimeUtc = max(TimeGenerated), OperationCount = count() by Operation, UserType, UserId, ClientIP = ClientIPOnly, Port, ResultStatus, Parameters = tostring(AdditionalProperties.Parameters) + | extend AccountName = tostring(split(UserId, "@")[0]), AccountUPNSuffix = tostring(split(UserId, "@")[1]) +entityMappings: + - entityType: Account + fieldMappings: + - identifier: FullName + columnName: UserId + - identifier: Name + columnName: AccountName + - identifier: UPNSuffix + columnName: AccountUPNSuffix + - entityType: IP + fieldMappings: + - identifier: Address + columnName: ClientIP +version: 2.0.3 +kind: Scheduled diff --git a/Solutions/Global Secure Access/Analytic Rules/Office 365 - sharepoint_file_transfer_above_threshold.yaml b/Solutions/Global Secure Access/Analytic Rules/Office 365 - sharepoint_file_transfer_above_threshold.yaml new file mode 100644 index 00000000000..97ac45b3517 --- /dev/null +++ b/Solutions/Global Secure Access/Analytic Rules/Office 365 - sharepoint_file_transfer_above_threshold.yaml @@ -0,0 +1,59 @@ +id: 299e96a8-5524-41b2-ac72-4527742590f1 +name: Office365 Sharepoint File Transfer Above Threshold +description: | + Identifies Office365 Sharepoint File Transfers above a certain threshold in a 15-minute time period. + Please note that entity mapping for arrays is not supported, so when there is a single value in an array, we will pull that value from the array as a single string to populate the entity to support entity mapping features within Sentinel. Additionally, if the array is multivalued, we will input a string to indicate this with a unique hash so that matching will not occur. +severity: Medium +requiredDataConnectors: + - connectorId: AzureActiveDirectory + dataTypes: + - EnrichedMicrosoft365AuditLogs +queryFrequency: 15m +queryPeriod: 15m +triggerOperator: gt +triggerThreshold: 0 +tactics: + - Exfiltration +relevantTechniques: + - T1020 +query: | + let threshold = 5000; + EnrichedMicrosoft365AuditLogs + | where Workload has_any("SharePoint", "OneDrive") and Operation has_any("FileDownloaded", "FileSyncDownloadedFull", "FileSyncUploadedFull", "FileUploaded") + | summarize count_distinct_ObjectId=dcount(ObjectId), fileslist=make_set(ObjectId, 10000) by UserId, ClientIp, bin(TimeGenerated, 15m) + | where count_distinct_ObjectId >= threshold + | extend FileSample = iff(array_length(fileslist) == 1, tostring(fileslist[0]), strcat("SeeFilesListField","_", tostring(hash(tostring(fileslist))))) + | extend AccountName = tostring(split(UserId, "@")[0]), AccountUPNSuffix = tostring(split(UserId, "@")[1]) +entityMappings: + - entityType: Account + fieldMappings: + - identifier: FullName + columnName: UserId + - identifier: Name + columnName: AccountName + - identifier: UPNSuffix + columnName: AccountUPNSuffix + - entityType: IP + fieldMappings: + - identifier: Address + columnName: ClientIp + - entityType: File + fieldMappings: + - identifier: Name + columnName: FileSample +customDetails: + TransferCount: count_distinct_ObjectId + FilesList: fileslist +incidentConfiguration: + createIncident: true + groupingConfiguration: + enabled: true + reopenClosedIncident: false + lookbackDuration: 5h + matchingMethod: Selected + groupByEntities: + - Account + groupByAlertDetails: [] + groupByCustomDetails: [] +version: 1.0.4 +kind: Scheduled diff --git a/Solutions/Global Secure Access/Analytic Rules/Office 365 - sharepoint_file_transfer_folders_above_threshold.yaml b/Solutions/Global Secure Access/Analytic Rules/Office 365 - sharepoint_file_transfer_folders_above_threshold.yaml new file mode 100644 index 00000000000..73bf59cbc7b --- /dev/null +++ b/Solutions/Global Secure Access/Analytic Rules/Office 365 - sharepoint_file_transfer_folders_above_threshold.yaml @@ -0,0 +1,61 @@ +id: bfe81463-814b-4fa5-9885-c95a579f1957 +name: Office365 Sharepoint File Transfer Above Threshold +description: | + Identifies Office365 Sharepoint File Transfers with a distinct folder count above a certain threshold in a 15-minute time period. + Please note that entity mapping for arrays is not supported, so when there is a single value in an array, we will pull that value from the array as a single string to populate the entity to support entity mapping features within Sentinel. Additionally, if the array is multivalued, we will input a string to indicate this with a unique hash so that matching will not occur. +severity: Medium +requiredDataConnectors: + - connectorId: AzureActiveDirectory + dataTypes: + - EnrichedMicrosoft365AuditLogs +queryFrequency: 15m +queryPeriod: 15m +triggerOperator: gt +triggerThreshold: 0 +tactics: + - Exfiltration +relevantTechniques: + - T1020 +query: | + let threshold = 500; + EnrichedMicrosoft365AuditLogs + | where Workload has_any("SharePoint", "OneDrive") and Operation has_any("FileDownloaded", "FileSyncDownloadedFull", "FileSyncUploadedFull", "FileUploaded") + | extend EventSource = tostring(parse_json(tostring(AdditionalProperties)).EventSource) + | extend UserAgent = tostring(parse_json(tostring(AdditionalProperties)).UserAgent) + | summarize count_distinct_ObjectId = dcount(ObjectId), dirlist = make_set(ObjectId, 10000) by UserId, ClientIp, UserAgent, bin(TimeGenerated, 15m) + | where count_distinct_ObjectId >= threshold + | extend DirSample = iff(array_length(dirlist) == 1, tostring(dirlist[0]), strcat("SeeDirListField","_", tostring(hash(tostring(dirlist))))) + | extend AccountName = tostring(split(UserId, "@")[0]), AccountUPNSuffix = tostring(split(UserId, "@")[1]) +entityMappings: + - entityType: Account + fieldMappings: + - identifier: FullName + columnName: UserId + - identifier: Name + columnName: AccountName + - identifier: UPNSuffix + columnName: AccountUPNSuffix + - entityType: IP + fieldMappings: + - identifier: Address + columnName: ClientIp + - entityType: File + fieldMappings: + - identifier: Name + columnName: DirSample +customDetails: + TransferCount: count_distinct_ObjectId + FilesList: dirlist +incidentConfiguration: + createIncident: true + groupingConfiguration: + enabled: true + reopenClosedIncident: false + lookbackDuration: 5h + matchingMethod: Selected + groupByEntities: + - Account + groupByAlertDetails: [] + groupByCustomDetails: [] +version: 1.0.4 +kind: Scheduled diff --git a/Solutions/Global Secure Access/Analytic Rules/SWG - Abnormal Deny Rate.yaml b/Solutions/Global Secure Access/Analytic Rules/SWG - Abnormal Deny Rate.yaml new file mode 100644 index 00000000000..137210a2b0a --- /dev/null +++ b/Solutions/Global Secure Access/Analytic Rules/SWG - Abnormal Deny Rate.yaml @@ -0,0 +1,58 @@ +id: e3b6a9e7-4c3a-45e6-8baf-1d3bfa8e0c2b +name: Detect Abnormal Deny Rate for Source to Destination IP +description: | + Identifies abnormal deny rate for specific source IP to destination IP based on the normal average and standard deviation learned during a configured period. This can indicate potential exfiltration, initial access, or C2, where an attacker tries to exploit the same vulnerability on machines in the organization but is being blocked by firewall rules. +configurableParameters: + - minimumOfStdsThreshold: The number of stds to use in the threshold calculation. Default is set to 3. + - learningPeriodTime: Learning period for threshold calculation in days. Default is set to 5. + - binTime: Learning buckets time in hours. Default is set to 1 hour. + - minimumThreshold: Minimum threshold for alert. Default is set to 5. + - minimumBucketThreshold: Minimum learning buckets threshold for alert. Default is set to 5. +severity: Medium +status: Available +requiredDataConnectors: + - connectorId: AzureActiveDirectory + dataTypes: + - NetworkAccessTrafficLogs +queryFrequency: 1h +queryPeriod: 25h +triggerOperator: gt +triggerThreshold: 1 +tactics: + - InitialAccess + - Exfiltration + - CommandAndControl +relevantTechniques: [] +query: | + let NumOfStdsThreshold = 3; + let LearningPeriod = 5d; + let BinTime = 1h; + let MinThreshold = 5.0; + let MinLearningBuckets = 5; + let TrafficLogs = NetworkAccessTraffic + | where Action == 'Denied' + | where isnotempty(DestinationIp) and isnotempty(SourceIp); + let LearningSrcIpDenyRate = TrafficLogs + | where TimeGenerated between (ago(LearningPeriod + 1d) .. ago(1d)) + | summarize count() by SourceIp, bin(TimeGenerated, BinTime), DestinationIp + | summarize LearningTimeSrcIpDenyRateAvg = avg(count_), LearningTimeSrcIpDenyRateStd = stdev(count_), LearningTimeBuckets = count() by SourceIp, DestinationIp + | where LearningTimeBuckets > MinLearningBuckets; + let AlertTimeSrcIpDenyRate = TrafficLogs + | where TimeGenerated between (ago(1h) .. now()) + | summarize AlertTimeSrcIpDenyRateCount = count() by SourceIp, DestinationIp; + AlertTimeSrcIpDenyRate + | join kind=leftouter (LearningSrcIpDenyRate) on SourceIp, DestinationIp + | extend LearningThreshold = max_of(LearningTimeSrcIpDenyRateAvg + NumOfStdsThreshold * LearningTimeSrcIpDenyRateStd, MinThreshold) + | where AlertTimeSrcIpDenyRateCount > LearningThreshold + | project SourceIp, DestinationIp, AlertTimeSrcIpDenyRateCount, LearningThreshold +entityMappings: + - entityType: IP + fieldMappings: + - identifier: Address + columnName: SourceIp + - entityType: URL + fieldMappings: + - identifier: Url + columnName: DestinationIp +version: 1.0.0 +kind: Scheduled diff --git a/Solutions/Global Secure Access/Analytic Rules/SWG - Abnormal Port to Protocol.yaml b/Solutions/Global Secure Access/Analytic Rules/SWG - Abnormal Port to Protocol.yaml new file mode 100644 index 00000000000..cfb6b7509f2 --- /dev/null +++ b/Solutions/Global Secure Access/Analytic Rules/SWG - Abnormal Port to Protocol.yaml @@ -0,0 +1,54 @@ +id: f6a8d6a5-3e9f-47c8-a8d5-1b2b9d3b7d6a +name: Detect Protocol Changes for Destination Ports +description: | + Identifies changes in the protocol used for specific destination ports, comparing the current runtime with a learned baseline. This can indicate potential protocol misuse or configuration changes. + +Configurable Parameters: + - Learning period - the time range to establish the baseline. Default is set to 7 days. + - Run time - the time range for current analysis. Default is set to 1 day. +severity: Medium +status: Available +requiredDataConnectors: + - connectorId: AzureActiveDirectory + dataTypes: + - EnrichedMicrosoft365AuditLogs +queryFrequency: 1h +queryPeriod: 8d +triggerOperator: gt +triggerThreshold: 1 +tactics: + - DefenseEvasion + - Exfiltration + - CommandAndControl +relevantTechniques: [] +query: | + let LearningPeriod = 7d; + let RunTime = 1d; + let StartLearningPeriod = ago(LearningPeriod + RunTime); + let EndRunTime = ago(RunTime); + let LearningPortToProtocol = + NetworkAccessTraffic + | where TimeGenerated between (StartLearningPeriod .. EndRunTime) + | where isnotempty(DestinationPort) + | summarize LearningTimeCount = count() by LearningTimeDstPort = DestinationPort, LearningTimeProtocol = TransportProtocol, SourceIp, DestinationFqdn; + let AlertTimePortToProtocol = + NetworkAccessTraffic + | where TimeGenerated between (EndRunTime .. now()) + | where isnotempty(DestinationPort) + | summarize AlertTimeCount = count() by AlertTimeDstPort = DestinationPort, AlertTimeProtocol = TransportProtocol, SourceIp, DestinationFqdn; + AlertTimePortToProtocol + | join kind=leftouter (LearningPortToProtocol) on $left.AlertTimeDstPort == $right.LearningTimeDstPort and $left.SourceIp == $right.SourceIp and $left.DestinationFqdn == $right.DestinationFqdn + | where isnull(LearningTimeProtocol) or LearningTimeProtocol != AlertTimeProtocol + | project AlertTimeDstPort, AlertTimeProtocol, LearningTimeProtocol, SourceIp, DestinationFqdn + | extend IPCustomEntity = SourceIp, FqdnCustomEntity = DestinationFqdn +entityMappings: + - entityType: IP + fieldMappings: + - identifier: Address + columnName: IPCustomEntity + - entityType: URL + fieldMappings: + - identifier: Url + columnName: FqdnCustomEntity +version: 1.0.0 +kind: Scheduled diff --git a/Solutions/Global Secure Access/Analytic Rules/SWG - Source IP Port Scan.yaml b/Solutions/Global Secure Access/Analytic Rules/SWG - Source IP Port Scan.yaml new file mode 100644 index 00000000000..1c2f4ebeb1e --- /dev/null +++ b/Solutions/Global Secure Access/Analytic Rules/SWG - Source IP Port Scan.yaml @@ -0,0 +1,41 @@ +id: 82cfa6b9-5f7e-4b8b-8b2f-a63f21b7a7d1 +name: Detect Source IP Scanning Multiple Open Ports +description: | + Identifies a source IP scanning multiple open ports on Global Secure Access Firewall. This can indicate malicious scanning of ports by an attacker, trying to reveal open ports in the organization that can be compromised for initial access. +Configurable Parameters: + - Port scan time - the time range to look for multiple ports scanned. Default is set to 30 seconds. + - Minimum different ports threshold - alert only if more than this number of ports scanned. Default is set to 100. +severity: Medium +status: Available +requiredDataConnectors: + - connectorId: AzureActiveDirectory + dataTypes: + - EnrichedMicrosoft365AuditLogs +queryFrequency: 1d +queryPeriod: 1d +triggerOperator: gt +triggerThreshold: 1 +tactics: + - Discovery +relevantTechniques: + - T1046 +query: | + let port_scan_time = 30s; + let min_ports_threshold = 100; + NetworkAccessTraffic + | where TimeGenerated > ago(1d) + | where Action == 'Allowed' + | summarize PortsScanned = dcount(DestinationPort) by SourceIp, bin(TimeGenerated, port_scan_time) + | where PortsScanned > min_ports_threshold + | project SourceIp, PortsScanned, TimeGenerated +entityMappings: + - entityType: IP + fieldMappings: + - identifier: Address + columnName: SourceIp + - entityType: URL + fieldMappings: + - identifier: Url + columnName: Fqdn +version: 1.0.0 +kind: Scheduled diff --git a/Solutions/Global Secure Access/Data/Solution_GlobalSecureAccess.json b/Solutions/Global Secure Access/Data/Solution_GlobalSecureAccess.json new file mode 100644 index 00000000000..d13a3a72a59 --- /dev/null +++ b/Solutions/Global Secure Access/Data/Solution_GlobalSecureAccess.json @@ -0,0 +1,66 @@ +{ + "Name": "Global Secure Access", + "Author": "Microsoft - support@microsoft.com", + "Logo": "", + "Description": "[Global Secure Access](https://aka.ms/GlobalSecureAccess) is a [domain solution](https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.microsoft.com%2Fazure%2Fsentinel%2Fsentinel-solutions-catalog%23domain-solutions&data=05%7C01%7Ckavishbakshi%40microsoft.com%7Cbe2a496082b24caa4b8c08da9cefacca%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637994850502413731%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=OJegu%2B2EqD7rmYmK9pm9QniD6YWp5ooloZ6tHzcwVi0%3D&reserved=0) and does not include any data connectors. The content in this solution requires one of the product solutions below.\n\n**Prerequisite :-**\n\n Install one or more of the listed solutions to unlock the value provided by this solution.\n 1. Microsoft Entra Id \n\n**Underlying Microsoft Technologies used:** \n\nThis solution takes a dependency on the following technologies, and some of these dependencies either may be in Preview state or might result in additional ingestion or operational costs: \n 1. Product solutions as described above \n", + "WorkbookBladeDescription": "This Microsoft Sentinel Solution installs workbooks. Workbooks provide a flexible canvas for data monitoring, analysis, and the creation of rich visual reports within the Azure portal. They allow you to tap into one or many data sources from Microsoft Sentinel and combine them into unified interactive experiences.", + "AnalyticalRuleBladeDescription": "This solution installs the following analytic rule templates. After installing the solution, create and enable analytic rules in Manage solution view.", + "HuntingQueryBladeDescription": "This solution installs the following hunting queries. After installing the solution, run these hunting queries to hunt for threats in Manage solution view.", + "Workbooks": [ + "Workbooks/GSAM365EnrichedEvents.json", + "Workbooks/GSANetworkTraffic.json" + ], + "Analytic Rules": [ + "Analytic Rules/Identity - AfterHoursActivity.yaml", + "Analytic Rules/Identity - NewCountry.yaml", + "Analytic Rules/Identity - SharedSessions.yaml", + "Analytic Rules/Office 365 - exchange_auditlogdisabled.yaml", + "Analytic Rules/Office 365 - External User added to Team and immediately uploads file.yaml", + "Analytic Rules/Office 365 - ExternalUserAddedRemovedInTeams.yaml", + "Analytic Rules/Office 365 - Mail_redirect_via_ExO_transport_rule.yaml", + "Analytic Rules/Office 365 - Malicious_Inbox_Rule.yaml", + "Analytic Rules/Office 365 - MultipleTeamsDeletes.yaml", + "Analytic Rules/Office 365 - Office_MailForwarding.yaml", + "Analytic Rules/Office 365 - office_policytampering.yaml", + "Analytic Rules/Office 365 - Office_Uploaded_Executables.yaml", + "Analytic Rules/Office 365 - RareOfficeOperations.yaml", + "Analytic Rules/Office 365 - SharePoint_Downloads_byNewIP.yaml", + "Analytic Rules/Office 365 - SharePoint_Downloads_byNewUserAgent.yaml", + "Analytic Rules/Office 365 - sharepoint_file_transfer_above_threshold.yaml", + "Analytic Rules/Office 365 - sharepoint_file_transfer_folders_above_threshold.yaml", + "Analytic Rules/SWG - Abnormal Deny Rate.yaml", + "Analytic Rules/SWG - Abnormal Port to Protocol.yaml", + "Analytic Rules/SWG - Source IP Port Scan.yaml" + ], + "Playbooks": [], + "Hunting Queries": [ + "Hunting Queries/AnomolousUserAccessingOtherUsersMailbox.yaml", + "Hunting Queries/ExternalUserAddedRemovedInTeams_HuntVersion.yaml", + "Hunting Queries/ExternalUserFromNewOrgAddedToTeams.yaml", + "Hunting Queries/Mail_redirect_via_ExO_transport_rule_hunting.yaml", + "Hunting Queries/MultiTeamBot.yaml", + "Hunting Queries/MultiTeamOwner.yaml", + "Hunting Queries/MultipleTeamsDeletes.yaml", + "Hunting Queries/NewBotAddedToTeams.yaml", + "Hunting Queries/New_WindowsReservedFileNamesOnOfficeFileServices.yaml", + "Hunting Queries/OfficeMailForwarding_hunting.yaml", + "Hunting Queries/TeamsFilesUploaded.yaml", + "Hunting Queries/UserAddToTeamsAndUploadsFile.yaml", + "Hunting Queries/WindowsReservedFileNamesOnOfficeFileServices.yaml", + "Hunting Queries/double_file_ext_exes.yaml", + "Hunting Queries/new_adminaccountactivity.yaml", + "Hunting Queries/new_sharepoint_downloads_by_IP.yaml", + "Hunting Queries/new_sharepoint_downloads_by_UserAgent.yaml", + "Hunting Queries/nonowner_MailboxLogin.yaml", + "Hunting Queries/powershell_or_nonbrowser_MailboxLogin.yaml", + "Hunting Queries/sharepoint_downloads.yaml", + "Hunting Queries/MultipleUsersEmailForwardedToSameDestination.yaml" + ], + "Watchlists": [], + "WatchlistDescription": "", + "BasePath": "C:\\Github\\Azure-Sentinel\\Solutions\\Global Secure Access", + "Version": "3.0.0", + "Metadata": "SolutionMetadata.json", + "TemplateSpec": true, + "Is1PConnector": true +} diff --git a/Solutions/Global Secure Access/Hunting Queries/AnomolousUserAccessingOtherUsersMailbox.yaml b/Solutions/Global Secure Access/Hunting Queries/AnomolousUserAccessingOtherUsersMailbox.yaml new file mode 100644 index 00000000000..5a5e54f3638 --- /dev/null +++ b/Solutions/Global Secure Access/Hunting Queries/AnomolousUserAccessingOtherUsersMailbox.yaml @@ -0,0 +1,62 @@ +id: 271e8881-3044-4332-a5f4-42264c2e0315 +name: Anomalous access to other users' mailboxes +description: | + 'Looks for users accessing multiple other users' mailboxes or accessing multiple folders in another users mailbox.' +requiredDataConnectors: + - connectorId: AzureActiveDirectory + dataTypes: + - EnrichedMicrosoft365AuditLogs +tactics: + - Collection +relevantTechniques: + - T1114.002 +tags: + - Solorigate + - NOBELIUM +query: | + let starttime = todatetime('{{StartTimeISO}}'); + let endtime = todatetime('{{EndTimeISO}}'); + let lookback = totimespan((endtime - starttime) * 2); + // Adjust this value to alter how many mailbox (other than their own) a user needs to access before being included in results + let user_threshold = 1; + // Adjust this value to alter how many mailbox folders in other's email accounts a users needs to access before being included in results. + let folder_threshold = 5; + // Exclude historical as known good (set lookback and timeframe to same value to skip this) + EnrichedMicrosoft365AuditLogs + | where TimeGenerated between (ago(lookback)..starttime) + | where Operation =~ "MailItemsAccessed" + | where ResultStatus =~ "Succeeded" + | extend MailboxOwnerUPN = tostring(parse_json(AdditionalProperties).MailboxOwnerUPN) + | where tolower(MailboxOwnerUPN) != tolower(UserId) + | join kind=rightanti ( + EnrichedMicrosoft365AuditLogs + | where TimeGenerated between (starttime..endtime) + | where Operation =~ "MailItemsAccessed" + | where ResultStatus =~ "Succeeded" + | extend MailboxOwnerUPN = tostring(parse_json(AdditionalProperties).MailboxOwnerUPN) + | where tolower(MailboxOwnerUPN) != tolower(UserId) + ) on MailboxOwnerUPN, UserId + | where isnotempty(tostring(parse_json(AdditionalProperties).Folders)) + | mv-expand Folders = parse_json(AdditionalProperties).Folders + | extend folders = tostring(Folders.Path) + | extend ClientIP = iif(ClientIp startswith "[", extract("\\[([^\\]]*)", 1, ClientIp), ClientIp) + | extend ClientInfoString = tostring(parse_json(AdditionalProperties).ClientInfoString) + | extend MailboxGuid = tostring(parse_json(AdditionalProperties).MailboxGuid) + | summarize StartTime = max(TimeGenerated), EndTime = min(TimeGenerated), set_folders = make_set(folders, 100000), set_ClientInfoString = make_set(ClientInfoString, 100000), set_ClientIP = make_set(ClientIP, 100000), set_MailboxGuid = make_set(MailboxGuid, 100000), set_MailboxOwnerUPN = make_set(MailboxOwnerUPN, 100000) by UserId + | extend folder_count = array_length(set_folders) + | extend user_count = array_length(set_MailboxGuid) + | where user_count > user_threshold or folder_count > folder_threshold + | extend Reason = case(user_count > user_threshold and folder_count > folder_threshold, "Both User and Folder Threshold Exceeded", folder_count > folder_threshold and user_count < user_threshold, "Folder Count Threshold Exceeded", "User Threshold Exceeded") + | sort by user_count desc + | project-reorder UserId, user_count, folder_count, set_MailboxOwnerUPN, set_ClientIP, set_ClientInfoString, set_folders + | extend AccountName = tostring(split(UserId, "@")[0]), AccountUPNSuffix = tostring(split(UserId, "@")[1]) + | extend Account_0_Name = AccountName + | extend Account_0_UPNSuffix = AccountUPNSuffix +entityMappings: + - entityType: Account + fieldMappings: + - identifier: Name + columnName: AccountName + - identifier: UPNSuffix + columnName: AccountUPNSuffix +version: 2.0.1 diff --git a/Solutions/Global Secure Access/Hunting Queries/ExternalUserAddedRemovedInTeams_HuntVersion.yaml b/Solutions/Global Secure Access/Hunting Queries/ExternalUserAddedRemovedInTeams_HuntVersion.yaml new file mode 100644 index 00000000000..02f36b96d27 --- /dev/null +++ b/Solutions/Global Secure Access/Hunting Queries/ExternalUserAddedRemovedInTeams_HuntVersion.yaml @@ -0,0 +1,42 @@ +id: 119d9e1c-afcc-4d23-b239-cdb4e7bf851c +name: External User Added and Removed in a Short Timeframe +description: | + This hunting query identifies external user accounts that are added to a Team and then removed within one hour. +requiredDataConnectors: + - connectorId: AzureActiveDirectory + dataTypes: + - EnrichedMicrosoft365AuditLogs +tactics: + - Persistence +relevantTechniques: + - T1136 +query: | + // If you want to look at user added further than 7 days ago adjust this value + // If you want to change the timeframe of how quickly accounts need to be added and removed change this value + let time_delta = 1h; + EnrichedMicrosoft365AuditLogs + | where Workload == "MicrosoftTeams" + | where Operation == "MemberAdded" + | extend UPN = tostring(parse_json(tostring(AdditionalProperties)).UPN) // Assuming UPN is stored in AdditionalProperties + | where UPN contains "#EXT#" + | project TimeAdded = TimeGenerated, Operation, UPN, UserWhoAdded = UserId, TeamName = tostring(parse_json(tostring(AdditionalProperties)).TeamName), TeamGuid = tostring(parse_json(tostring(AdditionalProperties)).TeamGuid) + | join kind=innerunique ( + EnrichedMicrosoft365AuditLogs + | where Workload == "MicrosoftTeams" + | where Operation == "MemberRemoved" + | extend UPN = tostring(parse_json(tostring(AdditionalProperties)).UPN) // Assuming UPN is stored in AdditionalProperties + | where UPN contains "#EXT#" + | project TimeDeleted = TimeGenerated, Operation, UPN, UserWhoDeleted = UserId, TeamName = tostring(parse_json(tostring(AdditionalProperties)).TeamName), TeamGuid = tostring(parse_json(tostring(AdditionalProperties)).TeamGuid) + ) on UPN, TeamGuid + | where TimeDeleted < (TimeAdded + time_delta) + | project TimeAdded, TimeDeleted, UPN, UserWhoAdded, UserWhoDeleted, TeamName, TeamGuid + | extend AccountName = tostring(split(UPN, "@")[0]), AccountUPNSuffix = tostring(split(UPN, "@")[1]) +entityMappings: + - entityType: Account + fieldMappings: + - identifier: Name + columnName: AccountName + - identifier: UPNSuffix + columnName: AccountUPNSuffix +version: 2.0.1 +kind: Scheduled diff --git a/Solutions/Global Secure Access/Hunting Queries/ExternalUserFromNewOrgAddedToTeams.yaml b/Solutions/Global Secure Access/Hunting Queries/ExternalUserFromNewOrgAddedToTeams.yaml new file mode 100644 index 00000000000..9cee2439f7c --- /dev/null +++ b/Solutions/Global Secure Access/Hunting Queries/ExternalUserFromNewOrgAddedToTeams.yaml @@ -0,0 +1,48 @@ +id: 6fce5baf-bfc2-4c56-a6b7-9c4733fc5a45 +name: External user from a new organisation added to Teams +description: | + 'This query identifies external users added to Teams where the user's domain is not one previously seen in Teams data.' +requiredDataConnectors: + - connectorId: AzureActiveDirectory + dataTypes: + - EnrichedMicrosoft365AuditLogs +tactics: + - Persistence +relevantTechniques: + - T1136 +query: | + let starttime = todatetime('{{StartTimeISO}}'); + let endtime = todatetime('{{EndTimeISO}}'); + let lookback = totimespan((endtime - starttime) * 7); + let known_orgs = ( + EnrichedMicrosoft365AuditLogs + | where TimeGenerated between (ago(lookback) .. starttime) + | where Workload == "MicrosoftTeams" + | where Operation in ("MemberAdded", "TeamsSessionStarted") + // Extract the correct UPN and parse our external organization domain + | extend Members = parse_json(tostring(AdditionalProperties.Members)) + | extend UPN = iif(Operation == "MemberAdded", tostring(Members[0].UPN), UserId) + | extend Organization = tostring(split(split(UPN, "_")[1], "#")[0]) + | where isnotempty(Organization) + | summarize by Organization + ); + EnrichedMicrosoft365AuditLogs + | where TimeGenerated between (starttime .. endtime) + | where Workload == "MicrosoftTeams" + | where Operation == "MemberAdded" + | extend Members = parse_json(tostring(AdditionalProperties.Members)) + | extend UPN = tostring(Members[0].UPN) + | extend Organization = tostring(split(split(UPN, "_")[1], "#")[0]) + | where isnotempty(Organization) + | where Organization !in (known_orgs) + | extend AccountName = tostring(split(UPN, "@")[0]), AccountUPNSuffix = tostring(split(UPN, "@")[1]) + | extend Account_0_Name = AccountName + | extend Account_0_UPNSuffix = AccountUPNSuffix +entityMappings: + - entityType: Account + fieldMappings: + - identifier: Name + columnName: AccountName + - identifier: UPNSuffix + columnName: AccountUPNSuffix +version: 2.0.1 diff --git a/Solutions/Global Secure Access/Hunting Queries/Mail_redirect_via_ExO_transport_rule_hunting.yaml b/Solutions/Global Secure Access/Hunting Queries/Mail_redirect_via_ExO_transport_rule_hunting.yaml new file mode 100644 index 00000000000..94de9dade23 --- /dev/null +++ b/Solutions/Global Secure Access/Hunting Queries/Mail_redirect_via_ExO_transport_rule_hunting.yaml @@ -0,0 +1,42 @@ +id: 9891684a-1e3a-4546-9403-3439513cbc70 +name: Mail Redirect via ExO Transport Rule +description: | + Identifies when Exchange Online transport rule is configured to forward emails. + This could be an adversary mailbox configured to collect mail from multiple user accounts. +requiredDataConnectors: + - connectorId: AzureActiveDirectory + dataTypes: + - EnrichedMicrosoft365AuditLogs +tactics: + - Collection + - Exfiltration +relevantTechniques: + - T1114 + - T1020 +query: | + EnrichedMicrosoft365AuditLogs + | where Workload == "Exchange" + | where Operation in ("New-TransportRule", "Set-TransportRule") + | mv-apply DynamicParameters = todynamic(AdditionalProperties.Parameters) on (summarize ParsedParameters = make_bag(pack(tostring(DynamicParameters.Name), DynamicParameters.Value))) + | extend RuleName = case( + Operation == "Set-TransportRule", ObjectId, + Operation == "New-TransportRule", ParsedParameters.Name, + "Unknown") + | mv-expand ExpandedParameters = todynamic(AdditionalProperties.Parameters) + | where ExpandedParameters.Name in ("BlindCopyTo", "RedirectMessageTo") and isnotempty(ExpandedParameters.Value) + | extend RedirectTo = ExpandedParameters.Value + | extend ClientIPValues = extract_all(@'\[?(::ffff:)?(?P(\d+\.\d+\.\d+\.\d+)|[^\]]+)\]?([-:](?P\d+))?', dynamic(["IPAddress", "Port"]), ClientIp)[0] + | project TimeGenerated, RedirectTo, IPAddress = tostring(ClientIPValues[0]), Port = tostring(ClientIPValues[1]), UserId, Operation, RuleName, AdditionalProperties + | extend AccountName = tostring(split(UserId, "@")[0]), AccountUPNSuffix = tostring(split(UserId, "@")[1]) +entityMappings: + - entityType: Account + fieldMappings: + - identifier: Name + columnName: AccountName + - identifier: UPNSuffix + columnName: AccountUPNSuffix + - entityType: IP + fieldMappings: + - identifier: Address + columnName: IPAddress +version: 2.0.1 diff --git a/Solutions/Global Secure Access/Hunting Queries/MultiTeamBot.yaml b/Solutions/Global Secure Access/Hunting Queries/MultiTeamBot.yaml new file mode 100644 index 00000000000..b150a46ba9c --- /dev/null +++ b/Solutions/Global Secure Access/Hunting Queries/MultiTeamBot.yaml @@ -0,0 +1,39 @@ +id: 9eb64924-ec8d-44d0-b1f2-10665150fb74 +name: Bots added to multiple teams +description: | + 'This hunting query helps identify bots added to multiple Teams in a short space of time.' +requiredDataConnectors: + - connectorId: AzureActiveDirectory + dataTypes: + - EnrichedMicrosoft365AuditLogs +tactics: + - Persistence + - Collection +relevantTechniques: + - T1176 + - T1119 +query: | + // Adjust these thresholds to suit your environment. + let threshold = 2; + let time_threshold = timespan(5m); + EnrichedMicrosoft365AuditLogs + | where Workload == "MicrosoftTeams" + | where Operation == "BotAddedToTeam" + | extend TeamName = tostring(parse_json(tostring(AdditionalProperties)).TeamName) + | summarize Start = max(TimeGenerated), End = min(TimeGenerated), Teams = make_set(TeamName, 10000) by UserId + | extend CountOfTeams = array_length(Teams) + | extend TimeDelta = End - Start + | where CountOfTeams > threshold + | where TimeDelta <= time_threshold + | project Start, End, Teams, CountOfTeams, UserId + | extend AccountName = tostring(split(UserId, "@")[0]), AccountUPNSuffix = tostring(split(UserId, "@")[1]) + | extend Account_0_Name = AccountName + | extend Account_0_UPNSuffix = AccountUPNSuffix +entityMappings: + - entityType: Account + fieldMappings: + - identifier: Name + columnName: AccountName + - identifier: UPNSuffix + columnName: AccountUPNSuffix +version: 2.0.1 diff --git a/Solutions/Global Secure Access/Hunting Queries/MultiTeamOwner.yaml b/Solutions/Global Secure Access/Hunting Queries/MultiTeamOwner.yaml new file mode 100644 index 00000000000..637e316c514 --- /dev/null +++ b/Solutions/Global Secure Access/Hunting Queries/MultiTeamOwner.yaml @@ -0,0 +1,44 @@ +id: 558f15dd-3171-4b11-bf24-31c0610a20e0 +name: User made Owner of multiple teams +description: | + This hunting query identifies users who have been made Owner of multiple Teams. +requiredDataConnectors: + - connectorId: AzureActiveDirectory + dataTypes: + - EnrichedMicrosoft365AuditLogs +tactics: + - PrivilegeEscalation +relevantTechniques: + - T1078 +query: | + // Adjust this value to change how many teams a user is made owner of before detecting + let max_owner_count = 3; + // Identify users who have been made owner of multiple Teams + let high_owner_count = ( + EnrichedMicrosoft365AuditLogs + | where Workload == "MicrosoftTeams" + | where Operation == "MemberRoleChanged" + | extend Member = tostring(UserId) + | extend NewRole = toint(parse_json(tostring(AdditionalProperties)).Role) + | where NewRole == 2 + | summarize TeamCount = dcount(ObjectId) by Member + | where TeamCount > max_owner_count + | project Member + ); + EnrichedMicrosoft365AuditLogs + | where Workload == "MicrosoftTeams" + | where Operation == "MemberRoleChanged" + | extend Member = tostring(UserId) + | extend NewRole = toint(parse_json(tostring(AdditionalProperties)).Role) + | where NewRole == 2 + | where Member in (high_owner_count) + | extend AccountName = tostring(split(Member, "@")[0]), AccountUPNSuffix = tostring(split(Member, "@")[1]) +entityMappings: + - entityType: Account + fieldMappings: + - identifier: Name + columnName: AccountName + - identifier: UPNSuffix + columnName: AccountUPNSuffix +version: 2.0.1 +kind: Scheduled diff --git a/Solutions/Global Secure Access/Hunting Queries/MultipleTeamsDeletes.yaml b/Solutions/Global Secure Access/Hunting Queries/MultipleTeamsDeletes.yaml new file mode 100644 index 00000000000..edc5adc2882 --- /dev/null +++ b/Solutions/Global Secure Access/Hunting Queries/MultipleTeamsDeletes.yaml @@ -0,0 +1,39 @@ +id: 64990414-b015-4edf-bef0-343b741e68c5 +name: Multiple Teams deleted by a single user +description: | + 'This hunting query identifies where multiple Teams have been deleted by a single user in a short timeframe.' +requiredDataConnectors: + - connectorId: AzureActiveDirectory + dataTypes: + - EnrichedMicrosoft365AuditLogs +tactics: + - Impact +relevantTechniques: + - T1485 + - T1489 +query: | + // Adjust this value to change how many Teams should be deleted before including + let max_delete = 3; + let deleting_users = ( + EnrichedMicrosoft365AuditLogs + | where Workload == "MicrosoftTeams" + | where Operation == "TeamDeleted" + | summarize count_ = count() by UserId + | where count_ > max_delete + | project UserId + ); + EnrichedMicrosoft365AuditLogs + | where Workload == "MicrosoftTeams" + | where Operation == "TeamDeleted" + | where UserId in (deleting_users) + | extend AccountName = tostring(split(UserId, "@")[0]), AccountUPNSuffix = tostring(split(UserId, "@")[1]) + | extend Account_0_Name = AccountName + | extend Account_0_UPNSuffix = AccountUPNSuffix +entityMappings: + - entityType: Account + fieldMappings: + - identifier: Name + columnName: AccountName + - identifier: UPNSuffix + columnName: AccountUPNSuffix +version: 2.0.1 diff --git a/Solutions/Global Secure Access/Hunting Queries/MultipleUsersEmailForwardedToSameDestination.yaml b/Solutions/Global Secure Access/Hunting Queries/MultipleUsersEmailForwardedToSameDestination.yaml new file mode 100644 index 00000000000..12d9310574d --- /dev/null +++ b/Solutions/Global Secure Access/Hunting Queries/MultipleUsersEmailForwardedToSameDestination.yaml @@ -0,0 +1,56 @@ +id: a1551ae4-f61c-4bca-9c57-4d0d681db2e9 +name: Multiple Users Email Forwarded to Same Destination +description: | + Identifies when multiple (more than one) users' mailboxes are configured to forward to the same destination. + This could be an attacker-controlled destination mailbox configured to collect mail from multiple compromised user accounts. +severity: Medium +status: Available +requiredDataConnectors: + - connectorId: AzureActiveDirectory + dataTypes: + - EnrichedMicrosoft365AuditLogs +queryFrequency: 1d +queryPeriod: 7d +triggerOperator: gt +triggerThreshold: 0 +tactics: + - Collection + - Exfiltration +relevantTechniques: + - T1114 + - T1020 +query: | + let queryfrequency = 1d; + let queryperiod = 7d; + EnrichedMicrosoft365AuditLogs + | where TimeGenerated > ago(queryperiod) + | where Workload == "Exchange" + | where AdditionalProperties has_any ("ForwardTo", "RedirectTo", "ForwardingSmtpAddress") + | mv-apply DynamicParameters = todynamic(AdditionalProperties) on (summarize ParsedParameters = make_bag(bag_pack(tostring(DynamicParameters.Name), DynamicParameters.Value))) + | evaluate bag_unpack(ParsedParameters, columnsConflict='replace_source') + | extend DestinationMailAddress = tolower(case( + isnotempty(column_ifexists("ForwardTo", "")), column_ifexists("ForwardTo", ""), + isnotempty(column_ifexists("RedirectTo", "")), column_ifexists("RedirectTo", ""), + isnotempty(column_ifexists("ForwardingSmtpAddress", "")), trim_start(@"smtp:", column_ifexists("ForwardingSmtpAddress", "")), + "")) + | where isnotempty(DestinationMailAddress) + | mv-expand split(DestinationMailAddress, ";") + | extend ClientIPValues = extract_all(@'\[?(::ffff:)?(?P(\d+\.\d+\.\d+\.\d+)|[^\]]+)\]?([-:](?P\d+))?', dynamic(["IPAddress", "Port"]), ClientIp)[0] + | extend ClientIp = tostring(ClientIPValues[0]), Port = tostring(ClientIPValues[1]) + | summarize StartTime = min(TimeGenerated), EndTime = max(TimeGenerated), DistinctUserCount = dcount(UserId), UserId = make_set(UserId, 250), Ports = make_set(Port, 250), EventCount = count() by tostring(DestinationMailAddress), ClientIp + | where DistinctUserCount > 1 and EndTime > ago(queryfrequency) + | mv-expand UserId to typeof(string) + | extend AccountName = tostring(split(UserId, "@")[0]), AccountUPNSuffix = tostring(split(UserId, "@")[1]) +entityMappings: + - entityType: Account + fieldMappings: + - identifier: Name + columnName: AccountName + - identifier: UPNSuffix + columnName: AccountUPNSuffix + - entityType: IP + fieldMappings: + - identifier: Address + columnName: ClientIp +version: 2.0.1 +kind: Scheduled diff --git a/Solutions/Global Secure Access/Hunting Queries/NewBotAddedToTeams.yaml b/Solutions/Global Secure Access/Hunting Queries/NewBotAddedToTeams.yaml new file mode 100644 index 00000000000..7e25db9f105 --- /dev/null +++ b/Solutions/Global Secure Access/Hunting Queries/NewBotAddedToTeams.yaml @@ -0,0 +1,39 @@ +id: bf76e508-9282-4cf1-9cc1-5c20c3dea2ee +name: Previously Unseen Bot or Application Added to Teams +description: | + This hunting query helps identify new, and potentially unapproved applications or bots being added to Teams. +requiredDataConnectors: + - connectorId: AzureActiveDirectory + dataTypes: + - EnrichedMicrosoft365AuditLogs +tactics: + - Persistence + - Collection +relevantTechniques: + - T1176 + - T1119 +query: | + let starttime = todatetime('{{StartTimeISO}}'); + let endtime = todatetime('{{EndTimeISO}}'); + let lookback = starttime - 14d; + let historical_bots = + EnrichedMicrosoft365AuditLogs + | where TimeGenerated between (lookback .. starttime) + | where Workload == "MicrosoftTeams" + | extend AddonName = tostring(parse_json(tostring(AdditionalProperties)).AddonName) + | where isnotempty(AddonName) + | distinct AddonName; + EnrichedMicrosoft365AuditLogs + | where TimeGenerated between (starttime .. endtime) + | where Workload == "MicrosoftTeams" + | extend AddonName = tostring(parse_json(tostring(AdditionalProperties)).AddonName) + | where AddonName !in (historical_bots) + | extend AccountName = tostring(split(UserId, "@")[0]), AccountUPNSuffix = tostring(split(UserId, "@")[1]) +entityMappings: + - entityType: Account + fieldMappings: + - identifier: Name + columnName: AccountName + - identifier: UPNSuffix + columnName: AccountUPNSuffix +version: 2.0.1 diff --git a/Solutions/Global Secure Access/Hunting Queries/New_WindowsReservedFileNamesOnOfficeFileServices.yaml b/Solutions/Global Secure Access/Hunting Queries/New_WindowsReservedFileNamesOnOfficeFileServices.yaml new file mode 100644 index 00000000000..19250a69449 --- /dev/null +++ b/Solutions/Global Secure Access/Hunting Queries/New_WindowsReservedFileNamesOnOfficeFileServices.yaml @@ -0,0 +1,74 @@ +id: 641ecd2d-27c9-4f05-8433-8205096b09fc +name: New Windows Reserved Filenames staged on Office file services +description: | + 'This identifies new Windows Reserved Filenames on Office services like SharePoint and OneDrive in the past 7 days. It also detects when a user uploads these files to another user's workspace, which may indicate malicious activity.' +description-detailed: | + 'Identifies when new Windows Reserved Filenames show up on Office services such as SharePoint and OneDrive in relation to the previous 7 days. + List currently includes ''CON'', ''PRN'', ''AUX'', ''NUL'', ''COM1'', ''COM2'', ''COM3'', ''COM4'', ''COM5'', ''COM6'', + ''COM7'', ''COM8'', ''COM9'', ''LPT1'', ''LPT2'', ''LPT3'', ''LPT4'', ''LPT5'', ''LPT6'', ''LPT7'', ''LPT8'', ''LPT9'' file extensions. + Additionally, identifies when a given user is uploading these files to another users workspace. + This may be indication of a staging location for malware or other malicious activity. + References: https://docs.microsoft.com/windows/win32/fileio/naming-a-file' +requiredDataConnectors: + - connectorId: AzureActiveDirectory + dataTypes: + - EnrichedMicrosoft365AuditLogs +tactics: + - CommandAndControl +relevantTechniques: + - T1105 +query: | + let starttime = todatetime('{{StartTimeISO}}'); + let endtime = todatetime('{{EndTimeISO}}'); + let lookback = totimespan((endtime - starttime) * 7); + let Reserved = dynamic(['CON', 'PRN', 'AUX', 'NUL', 'COM1', 'COM2', 'COM3', 'COM4', 'COM5', 'COM6', 'COM7', 'COM8', 'COM9', 'LPT1', 'LPT2', 'LPT3', 'LPT4', 'LPT5', 'LPT6', 'LPT7', 'LPT8', 'LPT9']); + EnrichedMicrosoft365AuditLogs + | where TimeGenerated between (starttime .. endtime) + | extend FileName = tostring(parse_json(tostring(AdditionalProperties)).SourceFileName) + | extend ClientUserAgent = tostring(parse_json(tostring(AdditionalProperties)).ClientUserAgent) + | extend SiteUrl = tostring(parse_json(tostring(AdditionalProperties)).SiteUrl) + | where isnotempty(ObjectId) + | where ObjectId !~ FileName + | where ObjectId in (Reserved) or FileName in (Reserved) + | where ClientUserAgent !has "Mac OS" + | project TimeGenerated, Id, Workload, RecordType, Operation, UserType, UserKey, UserId, ClientIp, ClientUserAgent, SiteUrl, ObjectId, FileName + | join kind=leftanti ( + EnrichedMicrosoft365AuditLogs + | where TimeGenerated between (ago(lookback) .. starttime) + | extend FileName = tostring(parse_json(tostring(AdditionalProperties)).SourceFileName) + | extend ClientUserAgent = tostring(parse_json(tostring(AdditionalProperties)).ClientUserAgent) + | extend SiteUrl = tostring(parse_json(tostring(AdditionalProperties)).SiteUrl) + | where isnotempty(ObjectId) + | where ObjectId !~ FileName + | where ObjectId in (Reserved) or FileName in (Reserved) + | where ClientUserAgent !has "Mac OS" + | summarize PrevSeenCount = count() by ObjectId, UserId, FileName + ) on ObjectId + | extend SiteUrlUserFolder = tolower(split(SiteUrl, '/')[-2]) + | extend UserIdUserFolderFormat = tolower(replace_regex(UserId, '@|\\.', '_')) + | extend UserIdDiffThanUserFolder = iff(SiteUrl has '/personal/' and SiteUrlUserFolder != UserIdUserFolderFormat, true, false) + | summarize TimeGenerated = make_list(TimeGenerated, 100000), StartTime = min(TimeGenerated), EndTime = max(TimeGenerated), Operations = make_list(Operation, 100000), UserAgents = make_list(ClientUserAgent, 100000), + Ids = make_list(Id, 100000), SourceRelativeUrls = make_list(ObjectId, 100000), FileNames = make_list(FileName, 100000) + by Workload, RecordType, UserType, UserKey, UserId, ClientIp, SiteUrl, ObjectId, SiteUrlUserFolder, UserIdUserFolderFormat, UserIdDiffThanUserFolder + | extend AccountName = tostring(split(UserId, "@")[0]), AccountUPNSuffix = tostring(split(UserId, "@")[1]) + | extend IP_0_Address = ClientIp + | extend Account_0_Name = AccountName + | extend Account_0_UPNSuffix = AccountUPNSuffix + | extend URL_0_Url = SiteUrl +entityMappings: + - entityType: IP + fieldMappings: + - identifier: Address + columnName: IP_0_Address + - entityType: Account + fieldMappings: + - identifier: Name + columnName: AccountName + - identifier: UPNSuffix + columnName: AccountUPNSuffix + - entityType: URL + fieldMappings: + - identifier: Url + columnName: URL_0_Url +version: 2.0.1 +kind: Scheduled diff --git a/Solutions/Global Secure Access/Hunting Queries/OfficeMailForwarding_hunting.yaml b/Solutions/Global Secure Access/Hunting Queries/OfficeMailForwarding_hunting.yaml new file mode 100644 index 00000000000..77344589187 --- /dev/null +++ b/Solutions/Global Secure Access/Hunting Queries/OfficeMailForwarding_hunting.yaml @@ -0,0 +1,83 @@ +id: d49fc965-aef3-49f6-89ad-10cc4697eb5b +name: Office Mail Forwarding - Hunting Version +description: | + Adversaries often abuse email-forwarding rules to monitor victim activities, steal information, and gain intelligence on the victim or their organization. This query highlights cases where user mail is being forwarded, including to external domains. +description-detailed: | + Adversaries often abuse email-forwarding rules to monitor activities of a victim, steal information and further gain intelligence on + victim or victim's organization. This query over Office Activity data highlights cases where user mail is being forwarded and shows if + it is being forwarded to external domains as well. +requiredDataConnectors: + - connectorId: AzureActiveDirectory + dataTypes: + - EnrichedMicrosoft365AuditLogs +tactics: + - Collection + - Exfiltration +relevantTechniques: + - T1114 + - T1020 +query: | + EnrichedMicrosoft365AuditLogs + | where Workload == "Exchange" + | where (Operation == "Set-Mailbox" and tostring(parse_json(tostring(AdditionalProperties))) contains 'ForwardingSmtpAddress') + or (Operation in ('New-InboxRule', 'Set-InboxRule') and (tostring(parse_json(tostring(AdditionalProperties))) contains 'ForwardTo' or tostring(parse_json(tostring(AdditionalProperties))) contains 'RedirectTo')) + | extend parsed = parse_json(tostring(AdditionalProperties)) + | extend fwdingDestination_initial = iif(Operation == "Set-Mailbox", tostring(parsed.ForwardingSmtpAddress), coalesce(tostring(parsed.ForwardTo), tostring(parsed.RedirectTo))) + | where isnotempty(fwdingDestination_initial) + | extend fwdingDestination = iff(fwdingDestination_initial has "smtp", (split(fwdingDestination_initial, ":")[1]), fwdingDestination_initial) + | parse fwdingDestination with * '@' ForwardedtoDomain + | parse UserId with *'@' UserDomain + | extend subDomain = ((split(strcat(tostring(split(UserDomain, '.')[-2]), '.', tostring(split(UserDomain, '.')[-1])), '.'))[0]) + | where ForwardedtoDomain !contains subDomain + | extend Result = iff(ForwardedtoDomain != UserDomain, "Mailbox rule created to forward to External Domain", "Forward rule for Internal domain") + | extend ClientIPAddress = case(ClientIp has ".", tostring(split(ClientIp, ":")[0]), ClientIp has "[", tostring(trim_start(@'[[]', tostring(split(ClientIp, "]")[0]))), ClientIp) + | extend Port = case( + ClientIp has ".", + (split(ClientIp, ":")[1]), + ClientIp has "[", + tostring(split(ClientIp, "]:")[1]), + ClientIp + ) + | project + TimeGenerated, + UserId, + UserDomain, + subDomain, + Operation, + ForwardedtoDomain, + ClientIPAddress, + Result, + Port, + ObjectId, + fwdingDestination, + AdditionalProperties + | extend + AccountName = tostring(split(UserId, "@")[0]), + AccountUPNSuffix = tostring(split(UserId, "@")[1]) + | extend Host = tostring(parse_json(tostring(AdditionalProperties)).OriginatingServer) + | extend HostName = tostring(split(Host, ".")[0]) + | extend DnsDomain = tostring(strcat_array(array_slice(split(Host, '.'), 1, -1), '.')) + | extend Account_0_Name = AccountName + | extend Account_0_UPNSuffix = AccountUPNSuffix + | extend IP_0_Address = ClientIPAddress + | extend Host_0_HostName = HostName + | extend Host_0_DnsDomain = DnsDomain +entityMappings: + - entityType: Account + fieldMappings: + - identifier: Name + columnName: AccountName + - identifier: UPNSuffix + columnName: AccountUPNSuffix + - entityType: IP + fieldMappings: + - identifier: Address + columnName: ClientIPAddress + - entityType: Host + fieldMappings: + - identifier: HostName + columnName: Host_0_HostName + - identifier: DnsDomain + columnName: Host_0_DnsDomain +version: 2.0.1 +kind: Scheduled diff --git a/Solutions/Global Secure Access/Hunting Queries/TeamsFilesUploaded.yaml b/Solutions/Global Secure Access/Hunting Queries/TeamsFilesUploaded.yaml new file mode 100644 index 00000000000..a61d6f2fa9a --- /dev/null +++ b/Solutions/Global Secure Access/Hunting Queries/TeamsFilesUploaded.yaml @@ -0,0 +1,47 @@ +id: 90e198a9-efb6-4719-ad89-81b8e93633a7 +name: Files uploaded to teams and access summary +description: | + 'This hunting query identifies files uploaded to SharePoint via a Teams chat and + summarizes users and IP addresses that have accessed these files. This allows for + identification of anomalous file sharing patterns.' +requiredDataConnectors: + - connectorId: AzureActiveDirectory + dataTypes: + - EnrichedMicrosoft365AuditLogs +tactics: + - InitialAccess + - Exfiltration +relevantTechniques: + - T1199 + - T1102 + - T1078 +query: | + EnrichedMicrosoft365AuditLogs + | where RecordType == "SharePointFileOperation" + | where Operation == "FileUploaded" + | where UserId != "app@sharepoint" + | where ObjectId has "Microsoft Teams Chat Files" + | extend SourceFileName = tostring(parse_json(tostring(AdditionalProperties)).SourceFileName) + | join kind=leftouter ( + EnrichedMicrosoft365AuditLogs + | where RecordType == "SharePointFileOperation" + | where Operation == "FileDownloaded" or Operation == "FileAccessed" + | where UserId != "app@sharepoint" + | where ObjectId has "Microsoft Teams Chat Files" + | extend UserId1 = UserId, ClientIp1 = ClientIp + ) on ObjectId + | extend userBag = bag_pack("UserId1", UserId1, "ClientIp1", ClientIp1) + | summarize AccessedBy = make_bag(userBag), make_set(UserId1, 10000) by bin(TimeGenerated, 1h), UserId, ObjectId, SourceFileName + | extend NumberOfUsersAccessed = array_length(bag_keys(AccessedBy)) + | project timestamp = TimeGenerated, UserId, FileLocation = ObjectId, FileName = SourceFileName, AccessedBy, NumberOfUsersAccessed + | extend AccountName = tostring(split(UserId, "@")[0]), AccountUPNSuffix = tostring(split(UserId, "@")[1]) + | extend Account_0_Name = AccountName + | extend Account_0_UPNSuffix = AccountUPNSuffix +entityMappings: + - entityType: Account + fieldMappings: + - identifier: Name + columnName: AccountName + - identifier: UPNSuffix + columnName: AccountUPNSuffix +version: 2.0.1 diff --git a/Solutions/Global Secure Access/Hunting Queries/UserAddToTeamsAndUploadsFile.yaml b/Solutions/Global Secure Access/Hunting Queries/UserAddToTeamsAndUploadsFile.yaml new file mode 100644 index 00000000000..f1ba1da23c2 --- /dev/null +++ b/Solutions/Global Secure Access/Hunting Queries/UserAddToTeamsAndUploadsFile.yaml @@ -0,0 +1,37 @@ +id: 3d6d0c04-7337-40cf-ace6-c471d442356d +name: User added to Teams and immediately uploads file +description: | + 'This hunting query identifies users who are added to a Teams Channel or Teams chat + and within 1 minute of being added upload a file via the chat. This might be + an indicator of suspicious activity.' +requiredDataConnectors: + - connectorId: AzureActiveDirectory + dataTypes: + - EnrichedMicrosoft365AuditLogs +tactics: + - InitialAccess +relevantTechniques: + - T1566 +query: | + let threshold = 1m; + let MemberAddedEvents = EnrichedMicrosoft365AuditLogs + | where Workload == "MicrosoftTeams" + | where Operation == "MemberAdded" + | extend TeamName = tostring(parse_json(AdditionalProperties).TeamName) + | project TimeGenerated, UploaderID = UserId, TeamName; + let FileUploadEvents = EnrichedMicrosoft365AuditLogs + | where RecordType == "SharePointFileOperation" + | where ObjectId has "Microsoft Teams Chat Files" + | where Operation == "FileUploaded" + | extend SourceFileName = tostring(parse_json(AdditionalProperties).SourceFileName) + | project UploadTime = TimeGenerated, UploaderID = UserId, FileLocation = ObjectId, SourceFileName; + MemberAddedEvents + | join kind=inner (FileUploadEvents) on UploaderID + | where UploadTime > TimeGenerated and UploadTime < TimeGenerated + threshold + | extend timestamp = TimeGenerated, AccountCustomEntity = UploaderID +entityMappings: + - entityType: Account + fieldMappings: + - identifier: Name + columnName: AccountCustomEntity +version: 2.0.1 diff --git a/Solutions/Global Secure Access/Hunting Queries/WindowsReservedFileNamesOnOfficeFileServices.yaml b/Solutions/Global Secure Access/Hunting Queries/WindowsReservedFileNamesOnOfficeFileServices.yaml new file mode 100644 index 00000000000..226886457a7 --- /dev/null +++ b/Solutions/Global Secure Access/Hunting Queries/WindowsReservedFileNamesOnOfficeFileServices.yaml @@ -0,0 +1,57 @@ +id: 61c28cd7-3139-4731-8ea7-2cbbeabb4684 +name: Windows Reserved Filenames Staged on Office File Services +description: | + 'This identifies Windows Reserved Filenames on Office services like SharePoint and OneDrive. It also detects when a user uploads these files to another user's workspace, which may indicate malicious activity.' +description-detailed: | + 'Identifies when Windows Reserved Filenames show up on Office services such as SharePoint and OneDrive. + List currently includes CON, PRN, AUX, NUL, COM1, COM2, COM3, COM4, COM5, COM6, + COM7, COM8, COM9, LPT1, LPT2, LPT3, LPT4, LPT5, LPT6, LPT7, LPT8, LPT9 file extensions. + Additionally, identifies when a given user is uploading these files to another user's workspace. + This may be an indication of a staging location for malware or other malicious activity. + References: https://docs.microsoft.com/windows/win32/fileio/naming-a-file' +requiredDataConnectors: + - connectorId: AzureActiveDirectory + dataTypes: + - EnrichedMicrosoft365AuditLogs +tactics: + - CommandAndControl +relevantTechniques: + - T1105 +query: | + // Reserved FileNames/Extension for Windows + let Reserved = dynamic(['CON', 'PRN', 'AUX', 'NUL', 'COM1', 'COM2', 'COM3', 'COM4', 'COM5', 'COM6', 'COM7', 'COM8', 'COM9', 'LPT1', 'LPT2', 'LPT3', 'LPT4', 'LPT5', 'LPT6', 'LPT7', 'LPT8', 'LPT9']); + EnrichedMicrosoft365AuditLogs + | extend SourceFileName = tostring(parse_json(tostring(AdditionalProperties)).SourceFileName) + | extend UserAgent = tostring(parse_json(tostring(AdditionalProperties)).UserAgent) + | extend Site_Url = tostring(parse_json(tostring(AdditionalProperties)).SiteUrl) + | where isnotempty(ObjectId) + | where ObjectId in (Reserved) or SourceFileName in (Reserved) + | where UserAgent !has "Mac OS" + | extend SiteUrlUserFolder = tolower(split(Site_Url, '/')[-2]) + | extend UserIdUserFolderFormat = tolower(replace_regex(UserId, '@|\\.', '_')) + // identify when UserId is not a match to the specific site url personal folder reference + | extend UserIdDiffThanUserFolder = iff(Site_Url has '/personal/' and SiteUrlUserFolder != UserIdUserFolderFormat, true, false) + | summarize TimeGenerated = make_list(TimeGenerated, 100000), StartTime = min(TimeGenerated), EndTime = max(TimeGenerated), Operations = make_list(Operation, 100000), UserAgents = make_list(UserAgent, 100000), ObjectIds = make_list(Id, 100000), SourceRelativeUrls = make_list(ObjectId, 100000), FileNames = make_list(SourceFileName, 100000) + by Workload, RecordType, UserType, UserKey, UserId, ClientIp, Site_Url, ObjectId, SiteUrlUserFolder, UserIdUserFolderFormat, UserIdDiffThanUserFolder + // Use mvexpand on any list items and you can expand out the exact time and other metadata about the hit + | extend AccountName = tostring(split(UserId, "@")[0]), AccountUPNSuffix = tostring(split(UserId, "@")[1]) + | extend IP_0_Address = ClientIp + | extend Account_0_Name = AccountName + | extend Account_0_UPNSuffix = AccountUPNSuffix + | extend URL_0_Url = Site_Url +entityMappings: + - entityType: IP + fieldMappings: + - identifier: Address + columnName: ClientIp + - entityType: Account + fieldMappings: + - identifier: Name + columnName: AccountName + - identifier: UPNSuffix + columnName: AccountUPNSuffix + - entityType: URL + fieldMappings: + - identifier: Url + columnName: Site_Url +version: 2.0.1 diff --git a/Solutions/Global Secure Access/Hunting Queries/double_file_ext_exes.yaml b/Solutions/Global Secure Access/Hunting Queries/double_file_ext_exes.yaml new file mode 100644 index 00000000000..df44ad7cdb8 --- /dev/null +++ b/Solutions/Global Secure Access/Hunting Queries/double_file_ext_exes.yaml @@ -0,0 +1,52 @@ +id: d12580c2-1474-4125-a8a3-553f50d91215 +name: Exes with double file extension and access summary +description: | + 'Provides a summary of executable files with double file extensions in SharePoint + and the users and IP addresses that have accessed them.' +requiredDataConnectors: + - connectorId: AzureActiveDirectory + dataTypes: + - EnrichedMicrosoft365AuditLogs +tactics: + - DefenseEvasion +relevantTechniques: + - T1036 +query: | + let known_ext = dynamic(["lnk", "log", "option", "config", "manifest", "partial"]); + let excluded_users = dynamic(["app@sharepoint"]); + EnrichedMicrosoft365AuditLogs + | where RecordType == "SharePointFileOperation" and isnotempty(ObjectId) + | where ObjectId has ".exe." + and not(ObjectId endswith ".lnk") + and not(ObjectId endswith ".log") + and not(ObjectId endswith ".option") + and not(ObjectId endswith ".config") + and not(ObjectId endswith ".manifest") + and not(ObjectId endswith ".partial") + | extend Extension = extract("[^.]*\\.[^.]*$", 0, ObjectId) + | extend SourceFileName = tostring(parse_json(tostring(AdditionalProperties)).SourceFileName) + | join kind=leftouter ( + EnrichedMicrosoft365AuditLogs + | where RecordType == "SharePointFileOperation" and (Operation == "FileDownloaded" or Operation == "FileAccessed") + | where not(ObjectId endswith ".lnk") + and not(ObjectId endswith ".log") + and not(ObjectId endswith ".option") + and not(ObjectId endswith ".config") + and not(ObjectId endswith ".manifest") + and not(ObjectId endswith ".partial") + ) on ObjectId + | where UserId1 !in (excluded_users) + | extend userBag = bag_pack("UserId", UserId1, "ClientIp", ClientIp1) + | summarize make_set(UserId1, 10000), userBag = make_bag(userBag), UploadTime = max(TimeGenerated) by UserId, ObjectId, SourceFileName, Extension + | extend NumberOfUsers = array_length(bag_keys(userBag)) + | project UploadTime, Uploader = UserId, FileLocation = ObjectId, FileName = SourceFileName, AccessedBy = userBag, Extension, NumberOfUsers + | extend UploaderName = tostring(split(Uploader, "@")[0]), UploaderUPNSuffix = tostring(split(Uploader, "@")[1]) +entityMappings: + - entityType: Account + fieldMappings: + - identifier: Name + columnName: UploaderName + - identifier: UPNSuffix + columnName: UploaderUPNSuffix +version: 2.0.1 +kind: Scheduled diff --git a/Solutions/Global Secure Access/Hunting Queries/new_adminaccountactivity.yaml b/Solutions/Global Secure Access/Hunting Queries/new_adminaccountactivity.yaml new file mode 100644 index 00000000000..99a142e7dd6 --- /dev/null +++ b/Solutions/Global Secure Access/Hunting Queries/new_adminaccountactivity.yaml @@ -0,0 +1,53 @@ +id: 723c5f46-133f-4f1e-ada6-5c138f811d75 +name: New Admin Account Activity Seen Which Was Not Seen Historically +description: | + This will help you discover any new admin account activity which was seen and were not seen historically. + Any new accounts seen in the results can be validated and investigated for any suspicious activities. +severity: Medium +requiredDataConnectors: + - connectorId: AzureActiveDirectory + dataTypes: + - EnrichedMicrosoft365AuditLogs +tactics: + - PrivilegeEscalation + - Collection +relevantTechniques: + - T1078 + - T1114 +query: | + let starttime = todatetime('{{StartTimeISO}}'); + let endtime = todatetime('{{EndTimeISO}}'); + let lookback = starttime - 14d; + let historicalActivity = + EnrichedMicrosoft365AuditLogs + | where TimeGenerated between (lookback .. starttime) + | where RecordType == "ExchangeAdmin" and UserType in ("Admin", "DcAdmin") + | summarize historicalCount = count() by UserId; + let recentActivity = EnrichedMicrosoft365AuditLogs + | where TimeGenerated between (starttime .. endtime) + | where UserType in ("Admin", "DcAdmin") + | summarize recentCount = count() by UserId; + recentActivity + | join kind=leftanti (historicalActivity) on UserId + | project UserId, recentCount + | join kind=rightsemi ( + EnrichedMicrosoft365AuditLogs + | where TimeGenerated between (starttime .. endtime) + | where RecordType == "ExchangeAdmin" + | where UserType in ("Admin", "DcAdmin") + ) on UserId + | summarize StartTime = min(TimeGenerated), EndTime = max(TimeGenerated), count() by RecordType, Operation, UserType, UserId, ResultStatus + | extend AccountName = iff(UserId contains '@', tostring(split(UserId, '@')[0]), UserId) + | extend AccountUPNSuffix = iff(UserId contains '@', tostring(split(UserId, '@')[1]), '') + | extend AccountName = iff(UserId contains '\\', tostring(split(UserId, '\\')[1]), AccountName) + | extend AccountNTDomain = iff(UserId contains '\\', tostring(split(UserId, '\\')[0]), '') +entityMappings: + - entityType: Account + fieldMappings: + - identifier: Name + columnName: AccountName + - identifier: UPNSuffix + columnName: AccountUPNSuffix + - identifier: NTDomain + columnName: AccountNTDomain +version: 2.0.1 diff --git a/Solutions/Global Secure Access/Hunting Queries/new_sharepoint_downloads_by_IP.yaml b/Solutions/Global Secure Access/Hunting Queries/new_sharepoint_downloads_by_IP.yaml new file mode 100644 index 00000000000..1ef34600f99 --- /dev/null +++ b/Solutions/Global Secure Access/Hunting Queries/new_sharepoint_downloads_by_IP.yaml @@ -0,0 +1,50 @@ +id: e3d24cfd-b2a1-4ba7-8f80-0360892f9d57 +name: SharePointFileOperation via previously unseen IPs +description: | + 'Shows SharePoint upload/download volume by IPs with high-risk ASNs. New IPs with volume spikes may be unauthorized and exfiltrating documents.' +description-detailed: | + 'Shows volume of documents uploaded to or downloaded from SharePoint by IPs with ASNs associated with high user lockout or malicious activity. + In stable environments such connections by new IPs may be unauthorized, especially if associated with + spikes in volume which could be associated with large-scale document exfiltration.' +requiredDataConnectors: + - connectorId: AzureActiveDirectory + dataTypes: + - SigninLogs + - connectorId: AzureActiveDirectory + dataTypes: + - EnrichedMicrosoft365AuditLogs +tactics: + - Exfiltration +relevantTechniques: + - T1030 +query: | + let starttime = todatetime('{{StartTimeISO}}'); + let endtime = todatetime('{{EndTimeISO}}'); + let lookback = starttime - 14d; + let BLOCK_THRESHOLD = 1.0; + let HighBlockRateASNs = + SigninLogs + | where TimeGenerated > lookback + | where isnotempty(AutonomousSystemNumber) + | summarize make_set(IPAddress), TotalIps = dcount(IPAddress), BlockedSignins = countif(ResultType == "50053"), TotalSignins = count() by AutonomousSystemNumber + | extend BlockRatio = 1.00 * BlockedSignins / TotalSignins + | where BlockRatio >= BLOCK_THRESHOLD + | distinct AutonomousSystemNumber; + let ASNIPs = + SigninLogs + | where TimeGenerated > lookback + | where AutonomousSystemNumber in (HighBlockRateASNs) + | distinct IPAddress, AutonomousSystemNumber; + EnrichedMicrosoft365AuditLogs + | where TimeGenerated between (starttime .. endtime) + | where RecordType == "SharePointFileOperation" + | where Operation in ("FileDownloaded", "FileUploaded") + | where ClientIp in (ASNIPs) + | summarize StartTime = min(TimeGenerated), EndTime = max(TimeGenerated), RecentFileActivities = count() by ClientIp + | extend IP_0_Address = ClientIp +entityMappings: + - entityType: IP + fieldMappings: + - identifier: Address + columnName: IP_0_Address +version: 2.0.1 diff --git a/Solutions/Global Secure Access/Hunting Queries/new_sharepoint_downloads_by_UserAgent.yaml b/Solutions/Global Secure Access/Hunting Queries/new_sharepoint_downloads_by_UserAgent.yaml new file mode 100644 index 00000000000..be10886060c --- /dev/null +++ b/Solutions/Global Secure Access/Hunting Queries/new_sharepoint_downloads_by_UserAgent.yaml @@ -0,0 +1,61 @@ +id: f2367171-1514-4c67-88ef-27434b6a1093 +name: SharePointFileOperation via devices with previously unseen user agents +description: | + 'Tracking via user agent is one way to differentiate between types of connecting device. + In homogeneous enterprise environments the user agent associated with an attacker device may stand out as unusual.' +requiredDataConnectors: + - connectorId: AzureActiveDirectory + dataTypes: + - SigninLogs + - connectorId: AzureActiveDirectory + dataTypes: + - EnrichedMicrosoft365AuditLogs +tactics: + - Exfiltration +relevantTechniques: + - T1030 +query: | + let starttime = todatetime('{{StartTimeISO}}'); + let endtime = todatetime('{{EndTimeISO}}'); + let lookback = starttime - 14d; + let MINIMUM_BLOCKS = 10; + let SUCCESS_THRESHOLD = 0.2; + let HistoricalActivity = + SigninLogs + | where TimeGenerated > lookback + | where isnotempty(ClientAppUsed) + | summarize SuccessfulSignins = countif(ResultType == "0"), BlockedSignins = countif(ResultType == "50053") by ClientAppUsed + | extend SuccessBlockRatio = 1.00 * SuccessfulSignins / BlockedSignins + | where SuccessBlockRatio < SUCCESS_THRESHOLD + | where BlockedSignins > MINIMUM_BLOCKS; + EnrichedMicrosoft365AuditLogs + | where TimeGenerated between (starttime .. endtime) + | where RecordType == "SharePointFileOperation" + | where Operation in ("FileDownloaded", "FileUploaded") + | extend ClientAppUsed = tostring(parse_json(AdditionalProperties).UserAgent) + | extend SiteUrl = tostring(parse_json(AdditionalProperties).SiteUrl) + | summarize StartTime = min(TimeGenerated), EndTime = max(TimeGenerated), RecentFileActivities = count() by ClientAppUsed, UserId, ClientIp, SiteUrl + | join kind=innerunique (HistoricalActivity) on ClientAppUsed + | project-away ClientAppUsed1 + | extend AccountName = tostring(split(UserId, "@")[0]), AccountUPNSuffix = tostring(split(UserId, "@")[1]) + | extend IP_0_Address = ClientIp + | extend Account_0_Name = AccountName + | extend Account_0_UPNSuffix = AccountUPNSuffix + | extend URL_0_Url = SiteUrl +entityMappings: + - entityType: IP + fieldMappings: + - identifier: Address + columnName: IP_0_Address + - entityType: Account + fieldMappings: + - identifier: Name + columnName: AccountName + - identifier: UPNSuffix + columnName: AccountUPNSuffix + - entityType: URL + fieldMappings: + - identifier: Url + columnName: URL_0_Url +version: 2.0.1 +kind: Scheduled diff --git a/Solutions/Global Secure Access/Hunting Queries/nonowner_MailboxLogin.yaml b/Solutions/Global Secure Access/Hunting Queries/nonowner_MailboxLogin.yaml new file mode 100644 index 00000000000..43497e35311 --- /dev/null +++ b/Solutions/Global Secure Access/Hunting Queries/nonowner_MailboxLogin.yaml @@ -0,0 +1,47 @@ +id: 0a8f410d-38b5-4d75-90da-32b472b97230 +name: Non-owner mailbox login activity +description: | + 'Finds non-owner mailbox access by admin/delegate permissions. Whitelist valid users and check others for unauthorized access.' +description-detailed: | + 'This will help you determine if mailbox access observed with Admin/Delegate Logontype. + The logon type indicates mailbox accessed from non-owner user. Exchange allows Admin + and delegate permissions to access other user's inbox. + If your organization has valid admin, delegate access given to users, you can whitelist those and investigate other results. + References: https://docs.microsoft.com/office/office-365-management-api/office-365-management-activity-api-schema#logontype' +requiredDataConnectors: + - connectorId: AzureActiveDirectory + dataTypes: + - EnrichedMicrosoft365AuditLogs +tactics: + - Collection + - Exfiltration +relevantTechniques: + - T1114 + - T1020 +tags: + - Solorigate + - NOBELIUM +query: | + EnrichedMicrosoft365AuditLogs + | where Workload == "Exchange" + | where Operation == "MailboxLogin" + | extend Logon_Type = tostring(parse_json(tostring(AdditionalProperties)).LogonType) + | extend MailboxOwnerUPN = tostring(parse_json(tostring(AdditionalProperties)).MailboxOwnerUPN) + | where Logon_Type != "Owner" + | summarize StartTime = min(TimeGenerated), EndTime = max(TimeGenerated), count() by Operation, UserType, UserId, MailboxOwnerUPN, Logon_Type, ClientIp + | extend AccountName = tostring(split(UserId, "@")[0]), AccountUPNSuffix = tostring(split(UserId, "@")[1]) + | extend IP_0_Address = ClientIp + | extend Account_0_Name = AccountName + | extend Account_0_UPNSuffix = AccountUPNSuffix +entityMappings: + - entityType: Account + fieldMappings: + - identifier: Name + columnName: AccountName + - identifier: UPNSuffix + columnName: AccountUPNSuffix + - entityType: IP + fieldMappings: + - identifier: Address + columnName: IP_0_Address +version: 2.0.1 diff --git a/Solutions/Global Secure Access/Hunting Queries/powershell_or_nonbrowser_MailboxLogin.yaml b/Solutions/Global Secure Access/Hunting Queries/powershell_or_nonbrowser_MailboxLogin.yaml new file mode 100644 index 00000000000..a04c13e8d02 --- /dev/null +++ b/Solutions/Global Secure Access/Hunting Queries/powershell_or_nonbrowser_MailboxLogin.yaml @@ -0,0 +1,46 @@ +id: 49a4f65a-fe18-408e-afec-042fde93d3ce +name: PowerShell or non-browser mailbox login activity +description: | + 'Detects mailbox login from Exchange PowerShell. All accounts can use it by default, but admins can change it. Whitelist benign activities.' +description-detailed: | + 'This will help you determine if mailbox login was done from Exchange PowerShell session. + By default, all accounts you create in Office 365 are allowed to use Exchange Online PowerShell. + Administrators can use Exchange Online PowerShell to enable or disable a user's ability to connect to Exchange Online PowerShell. + Whitelist any benign scheduled activities using exchange PowerShell if applicable in your environment. + References: https://docs.microsoft.com/powershell/exchange/exchange-online/connect-to-exchange-online-powershell/connect-to-exchange-online-powershell?view=exchange-ps' +requiredDataConnectors: + - connectorId: AzureActiveDirectory + dataTypes: + - EnrichedMicrosoft365AuditLogs +tactics: + - Execution + - Persistence + - Collection +relevantTechniques: + - T1059 + - T1098 + - T1114 +query: | + EnrichedMicrosoft365AuditLogs + | where Workload == "Exchange" and Operation == "MailboxLogin" + | extend ClientApplication = tostring(parse_json(AdditionalProperties).ClientInfoString) + | where ClientApplication == "Client=Microsoft.Exchange.Powershell; Microsoft WinRM Client" + | extend TenantName = tostring(parse_json(AdditionalProperties).TenantName) + | extend MailboxOwner = tostring(parse_json(AdditionalProperties).MailboxOwnerUPN) + | extend LogonType = tostring(parse_json(AdditionalProperties).LogonType) + | summarize StartTime = min(TimeGenerated), EndTime = max(TimeGenerated), count() by Operation, TenantName, UserType, UserId, MailboxOwner, LogonType, ClientApplication + | extend AccountName = iff(UserId contains '@', tostring(split(UserId, '@')[0]), UserId) + | extend AccountUPNSuffix = iff(UserId contains '@', tostring(split(UserId, '@')[1]), '') + | extend AccountName = iff(UserId contains '\\', tostring(split(UserId, '\\')[1]), AccountName) + | extend AccountNTDomain = iff(UserId contains '\\', tostring(split(UserId, '\\')[0]), '') +entityMappings: + - entityType: Account + fieldMappings: + - identifier: Name + columnName: AccountName + - identifier: UPNSuffix + columnName: AccountUPNSuffix + - identifier: NTDomain + columnName: AccountNTDomain +version: 2.0.1 +kind: Scheduled diff --git a/Solutions/Global Secure Access/Hunting Queries/sharepoint_downloads.yaml b/Solutions/Global Secure Access/Hunting Queries/sharepoint_downloads.yaml new file mode 100644 index 00000000000..0e9fc5b8561 --- /dev/null +++ b/Solutions/Global Secure Access/Hunting Queries/sharepoint_downloads.yaml @@ -0,0 +1,40 @@ +id: e8ae1375-4640-430c-ae8e-2514d09c71eb +name: SharePoint File Operation via Client IP with Previously Unseen User Agents +description: | + New user agents associated with a client IP for SharePoint file uploads/downloads. +requiredDataConnectors: + - connectorId: AzureActiveDirectory + dataTypes: + - EnrichedMicrosoft365AuditLogs +tactics: + - Exfiltration +relevantTechniques: + - T1030 +query: | + let starttime = todatetime('{{StartTimeISO}}'); + let endtime = todatetime('{{EndTimeISO}}'); + let lookback = starttime - 14d; + let historicalUA = EnrichedMicrosoft365AuditLogs + | where RecordType == "SharePointFileOperation" + | where Operation in ("FileDownloaded", "FileUploaded") + | where TimeGenerated between(lookback..starttime) + | extend ClientApplication = tostring(parse_json(AdditionalProperties).UserAgent) + | summarize by ClientIp, ClientApplication; + let recentUA = EnrichedMicrosoft365AuditLogs + | where RecordType == "SharePointFileOperation" + | where Operation in ("FileDownloaded", "FileUploaded") + | where TimeGenerated between(starttime..endtime) + | extend ClientApplication = tostring(parse_json(AdditionalProperties).UserAgent) + | summarize StartTime = min(TimeGenerated), EndTime = max(TimeGenerated) by ClientIp, ClientApplication; + recentUA | join kind=leftanti ( + historicalUA + ) on ClientIp, ClientApplication + // Some EnrichedMicrosoft365AuditLogs records do not contain ClientIp information - exclude these for fewer results + | where not(isempty(ClientIp)) + | extend IP_0_Address = ClientIp +entityMappings: + - entityType: IP + fieldMappings: + - identifier: Address + columnName: IP_0_Address +version: 2.0.1 diff --git a/Solutions/Global Secure Access/Package/3.0.0.zip b/Solutions/Global Secure Access/Package/3.0.0.zip new file mode 100644 index 0000000000000000000000000000000000000000..73fa61b1d26794535400022ca124344f30a0a452 GIT binary patch literal 22335 zcma&MV{m6t*F6{;9ox2T+qP{dzu2~Ivt!#G+qTV4^6%$;-l>|Inh*1B-&<>)efB!F z@7=ZPD9V6>p#lK`K>>Mcf@yVJbS-B50s^X20|LVM_twPO%*fSD%}UhF+{)g{)yl!1 z-rB{%{#y6ad2=-ByHD*CL1oL$l`4t2vdhL-o+&Apax5-Yvh@XbLLjU^AP1_=5J<_H zUG0rY{nYEIkn7_o{SL*y1;)3TMvW{-MSB~IcjWahOzS=f-8X1z-0NCl$+8G`1YVrA;MsLh{%$ z1if#bO!p~?b8ct?TzBC_*gqvRJ~|LC)>_>IV!^Whh1K9G^`1HR#Qx}KZeB5C%G*gz ziX!>&Me(%QSP?VTXgG&dv~fRmtxw0Iy}|^|UPv?JXywv0Bcrx3(awdX+dAU+%OetC zdsoik-lgQpF-4>A#}&g4t)~GKUIr`aZt*l**)ai;`E8=YhjgI_SieUpWIndfNcw<-Mq`>p5)6LN&T4f zSN~oC?sabzk32hq;-PE#@URyDUZ(D+Hh~JG`rkxC{WZ-DDt+kKUs0s$#L${-fv|md4^@f4iiKxzGt<+HviBn5r_#I*cJ__r zxtegB_RL5~b$T9!VR0WVJ3v3g2q?E%4!h$GdrS_^@#eu@=UB$7^LEjbn$hV_c~VXX zO-k!qJ{X_Wu(y(zOW!`$_Z{7%zEnP`)UGJr9vMF|R)1{t z*t9OlBPUygimNTGD8aMAzuZT`2E!WG4um*6(BQDNB)9uHlt9lvuWAZzG3BuGFgC~< z$QQQnkdtwki%26DJEjxGHPe{_-i`=6l)6=sXT*~95DQkrR(5Torl)UV7v>7zDiyKJ zr&hac-SlZPN8AtRq!L$$wKlf6NQTJ^R6pSF4UBu!Ct3YJ_N}=X*>G0+xIHYRgtiG* zc**RGf=kAE-K_VA^4=PEgqOblZYo!t$cfRmRwZ5*@4Obk0lRJpH?f7;%26A6wc&cQ z)Ie_$|8zhtmjkjdg4#||V)t8G#^^u^7g#Ug1!VpH>SJKJ%Fv@?tVNN2GI|F`B)$Y1 z6XWjM3xlzo7E2&YTs}92(o5LaL-;19R+62r<0m6lX}}CtOeHhp(Ag38UYVCx!1$dgN8KEZB zU_ggwLxGC#P=U^nP>%sZW~cdOVO03LrLT0vC61l;zIap9y-^ix;{hXQv>>x|L=Ahd zw->F2E*@G>c zzZkxUML|R|o_W1u@mV|&dHUv2k6S|DHU)#-9K#|$2i7Ml+`@}mcI#@U>al0*v2Els zu+i>SIwZ2`Q+ zBC;2gbCjc#`;6~mYyF{2nFJ8acTyU(K8B)FLXKhuERK5)F50~tsi z_#my4b)sO{WKOtz+$RFfRVz$(`WEc6tX&3%A7c`=X+%JpSWgL1tvvd%2OeEIu~)*{ zkLcZbWFMsoiQWB6z%bBh4U|WhBj;$E@Dl-7(I*_ZH6lr^HUgL_A{t*p2wh z+ebBD5B*CEi^SIG7yqpa-A~17cHa7`hrjvEs@xdU*58n9L!Bp3&yY{yR=Gs9-_ed! zyi)p6^uJxEB#u5Z$~H)zP4Q7*HG{k}6EA->2oBRaK*E(#_O_98rHctj@^Hw(K@@TQ z$aP6^zl%yjv_ReF_X#`ne!;veXLGcqgg1J}uF7IVe|0Oi`79(vAj?NQ?UFzqxWHnI zNSrrM&G)yzn7$Lvi&A>(!QbkxB@VWxDZgZH;2lnhDDAFOHfZ`|p)jfWktJXEZ2JZN z0y&To&sng76B?7vk(t|#9o4vRc)r#xO1JCo4mB(8Kj+a_C2*q4U%#KF7IsW&XRP>M zhr-p(xs(J?8PS0jCz#^kKqrKt!2JuyDXRw);V7OUJGUTKL@H*lWjbdODcKn_>4IPe zTLZQo7&b#m;Zwlo^-0=X^Tg=*0|7vWIRmfNw1>XuCVQ7bq(^&%}G&E<}T&vWmJ)V|ZkPDBi??CLpL@bLzD{;yrq zs;o5Gl8@Pn+bh%iPa=#;f-J1VQ8@PH$XeqHy~2lA;B?>+eGkG zSRJJEO9F;l2HOH|3(Ws@qQV~Z@ge1n6v(SVR4`Be?5!&Unk$Eqt}ef4tC zXesR~j1e1Hf;>t|Hr9fJiCd1+%z9~`%92gAZ@>+LC7%!u>NjwaYS`6`&Vu$XF+2+N z+6F2ZbROu`GZ59xkJ>a`)RK6LXZfUzY}Qh!b!Q=msjs6c$eEkpD=BNqrdCl@yWELj zKaF=Y*+h$ICXe^+PNJq%Oy8s7#hgdDt1`H&e1Azg-PP~jV}$o+zbFt!Ry`-6BGO-0 zs={&AVM;>7&pn>B&TOeAxFT_Sg^Zx@ZA7UiDa&JZuru{kxg8aI5`IfUYhK8z3!%Dl z;ZbNRiFhl72n1&fD(zS_edkdl+cq$2{nKF!d0~j>^el+t?DL%7X1PoRSDxW|=2NIj zA)d3=t|gz6ULK4T=~)g1ibZntKpi>m5nt77lT!XQaZ#j0$tp!$lvJcXE>S@fU1)S} zy!XElx^)%JSX?!nxJbs>oJLdB4i-LKrlQaT7SxqPDT;u5%pkeUg`b;UxTAh?hf$F8 zU;gEa^kDDi^6cBL30TZRu72xti)38meARO_+!w|M2yN?s z=;KsDy;3T-VN(h?o+KE^6)}?arR~`q5+Os!VYoCSQ<6G$@Vbr=>Oz^rNja6IQ^Da$ zRI&%x$5=ayn0FhvYoHURqTzsfe@4;f+L%mc@2;(C>yo9%Ih?7j6B!WZDX?Tyu<4$D zpgtL8QvHcUBW}~{X&(b?QrA;ibNrq-k2;$gI%ZVDf_hM98BMb+j_|-`IqVgRbP0Ky z$E)4Jc7qviX11#n`?-<`h>MYSTWo>kK6i6@b>;;5D;9T!EZ>E`c#)=GN@4_BPKh~6 zVxWC=uT{XmIHWlivnLUM`&A#}V4x*Gxyg>`uH(mIYFiKXgqR^RUE(1JMZzSzA_Xi; zU5x|U%-Q_G4P`h_B^CO3CU|Uu3@aB~R6^E?*-tBl`HqtDMJhd)N&F|qLM=^LMbPg6 zCzp&#rq-C-UeikUV4m;=b;?Y|D~_rt^g8Pq3Jcp3!Pgu}zB~dJaCwuDEh4FHj{G`C zYCrJOk->~sGk?l>FnM1uj)6~a_6c*UQAL@n*TOTTSPFzxKu3*72qSFp9ocMzzf0a5 z5rNUOGM!U8x@%2=xg=ao zr}MC=CIKWzcMT;ONyZ^8qN-G&b|3sQ!nkun{7ppp8nBRUiAQQdHIeq2-8NycID^2A z4FCCfX1-_xSjT*MR#I+%;?7phr=kFpZn{}NT}n}n7K`t*e00<#sq%^M_}Kzmy2$c)pV-G6FG+!(-NpP-^@G2CY=# z^<^>!9ho0N2>#&Zx*1Bl|E9F_Ty=tO%=rQVkfJn2bzPr;OAjSWOnQ_io z+gB+D1f<>s0)+I>%&;@EvR5^;bF}?uY5dp5@cjgAiYMLveENPOM4TK&NJ~cT<>swL z(o#jb+sfEX+}~*HBS^AJ#Rvuf3;vNF{mixCig(XDQhf%u3;=@CpNa;P8zl|AxwyHw z*sQ1jI_>+8F2eoG&?Z1^a=n-7%=pk9`FZu0!ABL(CWDj2^t-$9Wo(J)xR>wbcI(hu z>^g<|Sy_y4Wn#FQfN>ihOF?#;mb1=CM>9^lZtv&qlj)vS z@38^G{{YmpM6M_C+Hhf2eD}AW_Z}75NUl72>){tG`fP)63>2MtjG80UYKxsbAEoTQ zXJ|^`HDzChy8=t9%|iGnCB+xN(>CbTSE!n45f`>9#08bwNb@Il5)A%;$gPoZ1MaE| zoDF4FfE`nf#xOR3#IqVA-i>*#tn4-0T;8e|5y9!Ya*?8s^Tkz}lR8?Nf3n&9ZP2R2 zcP!(M8?XB}pVoFDx%jZ z6?q(2s8SGk@Fj9`&?Ncke$$94A#1SE)8Ete$;oe1L{8pHtFhV4`oUW%&sa$8T+-7F zF%?CIg@CvCR@eX;6LCPYE6m7Lb9ng1Es`U*guT>a)598CieWi)Wr_7PEaM4gez=?C6ZTTVAwXJ`Jj@;Y*pcPpj?@=1QAil{>#)@)Nq^8?dmUA zvUb*~%>XSTm1qzw-tIiw$Z^u>N_x_p7P6F#h<1sL%n~w;>C;gen8VQvRNVti)dS_D zL0;p?g>bz8bpGe#Yp6cw6Qun6pmXg0xJ$g4^J_zeEWpKEcP^}wB$ED+jiK?gvS%PHC zQ#-qj-^PLyFXHhyq`wBPry|pj<+U3-rk}U0N!hrax`cayA#rutweUatua`Ni&J5}8 z3>G%XrFp7Zana5ff~e-930{6@#xz^Bj9UD-+btjVYQOpdWtX?M>`2}Hlk9?)hN!0P z+vO}g!^E#!O_$odY1g7!y>wX$s8y%4iUszmR?mL+OI5YD7AYb{*_gED`QW4W4A;sE zh(W{o!!U7GJ7eO&#^Y_Jtag2dSM(yYQLxLf{A^vjRK3Do+PhPotnM&pU-1=lRcjyF zqm`AA*wf;5RcmI!Ah&`0Bvo7vFWn>5r(N}mGo7?@)gqni*P~Vq{{df{rv|XmF?L8J zH#K$e#rM8kUzbUC-@t2Gud^XbU20bDQF2J*ewMCPtzPAZZ&|s0)=B-B!{L8(#Cl!X znf@mSQIC0#N^QDiUv2t@TaWTZWw5nWEo(M>ixSq8_H)dYoo#dv)_-<2{f}Y(ABJT! zq_xPZ3|mWS+6A9lC=-NQZRMA=O0DHG%mj7MG~I6w85HKmHn#Yl+N-Nlslr{J)J|=N zXKL$WRSIrdBU8nJMDX0YB=fF(w;MYZFHR z(LnmNtXynR`((pCUlsDNQg4~7>4ksz>nRflivQrrT^$VSFG{Vecd3>kQ^hOcb;gvt zw5?RRr}ax&#ygoVZRG%`97H7E%adC!VrGHC;BwWgg@5InlorMd)Po47mAi`18(5z{ zpUum~0I~Wj$zo{)$UOmL2M4nlB+}>_ysv8{Os0f5$$* z)YRyyL(xuaH$HjLA;FnNOcT9MB!8{3>DvR|h0UoxSSdl*61hUH_Su6!59r~(+Wkkc zDQ}1SAHvxG5UjL+orrgVoXWK9fEa@Lr8c*!)39OxGslWNmaN@VEOaP3{&#(@|EzDd zq296rxm2m8yuXA{{ae})e=)0JUCHKJNJs5i-5lNFk~O^)UQ3Jjl~Y2+)Qm|^#u|X; zp2)qYfSng+=p$51T`FCxW#v&79Je#xy=8YP`oD0=|H64HR#G?Hi#G2;4@Fx__*9glBwKidNj*bJ%H+s%YMQs z7#YSO9Yd%8GK&9~(Nnw(IUS~s4HRuSv>4`PEBImPriORcP`PAdD3X*ovdO(|W+kFt zJG!;_kD*pCw3yTi(M5Om3TV;?E|md)0tLI!3}q_U;P#!HFy-533fjzwW@#p(i9XG{ zv5cyrEwf^4nO9^}W`H;JfR+(60DUU~#_{Ya;@GU(sRnsU_`g!nM*Hg7s19_6_^q;~ zuiV0Tk86G1$ZBiVRHJla$Bbf6p-|ReJdBsInpPoTLd^PqF`MB4 zkkltwjT2fqRGSQ|6!kXKqaDWqk(BeZ0)=XI#IkTH-a|Ox?j8A>8q`E8Owwpm^R)9) z`yd>K%~u$#Hr;=TmfysY!AF}DD<~?DC>D%LiVVeF*@1x|1W5>kwWqk#wG0?Bv)Tvgb9_YIx*Z{^s&&Z9-)M_$P z`c%<#k>JCb8k`4NV;xnbZ=tGJ+glFS>E(L^88P0pl){&_la{JHI4m&FwVXaG`?~gc zlxDmF(LUy2G9+;*FIo_CrX0VvB*H&y|gBl>T90FNHLvez5ZOR zyj(Z2Vl>4trEX)gDls;dvVAoKs4nYQDqRL1)N9wKaC7GvS_jxJ;q*wOtTl&__6C>! zNe!*dBD6KZbRA_&W$?lec8gu$Dq(dUOvB8PJqw=GrD#q3UV&&$qfp7qTbC;K7SGqIrZ=lDFfOpq@?T_d}0M*$ED6>7DEPF0tZqTU~xUljwfO8hDT48hw6!;#qWzc{r*x1-`(%QMG=6(&egWAcO0>?L}^CxC1)(4kov- zw!-vzZGX6DIx~J(8=9@^7Ou}V#e9gz6`X@YR3-+hobnPYX<5oE4txm5yY@WxyuFm; zU!1WAg#mkqbsBIB`*5IAWp_^CcM7{1mgM+ChBMH}dMvX0FvwB$3!5yI;|&$Vi=>@T z-pEBHrQMBq3_0leu5MJ%(9hu^qS#-^MXqMq;`w>0dtbvpNYbEuW*uiO5SW=3uXZ^a zJ!egp2v<6|i?p?GsY_8F4hEq(_cPEcJ~AI*Jz56*Kqp{Qc<&w+EoUTD%7vR7woxpC z#fDM6Wn>HWwne|gRuSpPW#NK%vHAN> z=iws}wLI(PE+t;ySl$Pt{6BCc9L}^_o3a9~aD2{Z4YvmS&JifIR}O^Jg1CHV-{-J6 z`NnpCryXPSj6m*28b6yLVRT)~fNi06a1O?8+fVxx*ih1St>&R;NeZcgTk*x4a4HA< z<@zJe%IOPYfQ1gJ<=baYN|Z}!a)QO%i~e1L_SYGVxDwaT0~3Irwg2}$+%7agi&4=I zq55$HR9M1b|7Bc6mXRD-*gBvR`9!*&cQEPYw8;+&;zl2Fi@)uO~KQ- zode`SbBvTk{~~^%9rQQVBtn)q>k)f1Qcsri5D%lTholF^wsJ>5T1l3|2Vd70Flbd6 z>r!ovUX_w~5^yq<6CzAf{3(0Rau8-_)-dd^eGJ?uuw$xH>F96_@IG!9wAgDzb~g-5 z=M5rSnGzM$3aBU%A^JPYB>@R1-{Hyj0Og!84Ew{>Evb3*v!>Z<|ZsByM=M#!zygFxy51&F#~t1^8s3({J< z7ha=|M!8Ji1ruvUU~>Bs)^F(gz~__G_nt3c?RktDsvSs4oYqol{2?$}vF6*#3+J(<~xIj%dpt zgxeGS5P5osV!xOp>`e`Dl?tKN2}cM46Tlf>La`Y-*OS790D!TEai20rS%dXFBC_$B zSjvs@T?NS5Mg@TyU8PYL!51u~v{N8wAz&kn?P9^-rwjB$u|fz`87cr@sU1g#h?ra5Bvd;Z1Uo0|Q)a-`ksC7 z@M#=wf<$Ho)F-f;>`K>L-XgDSC+$c|eiMrpPGjYa_834uofPsyKur>Zk^$Bv_pljM zXUy~;c~A02Q}A}Dg)~^5f)k8Eh=@*ECLjI);$qV|;Sdwk{dX5b&N_;UiDZZbwr=4x zWuahoUfvJIcS(vhn<)t!I8K30WX|597(^yO$0X$ zPA;RN-y$lr!-Nm5B*h_ZF9w6&jNUsVQg5?AelO-sPV#8wSd&JHNv70J+rn0W$mP%? zvfL4NGb3%VFJQD zLNrK7u(`s8fc`5z)RjGnkGHnnKWqy58YVFwCwOp2#{dcPHONHo*Ku!n4nGqW8L%i309#RR zHhV(>VX<&sPhfe7&H=j-w^F1Kj!BOpYuk#5$oTAlm3orDgcm1?Bk|--V_COBNdt+c zQ8(63_%=;>TsHS^PlsJa{`t_`lN{Mh_5!@)cTSukm%?#OMi$wPe|hRC3ayrADJPJq zCP1kiXR@YoaJaeh!W>1AX|pI6VLSZquVgb0-^tX3Jgr9O6HJNe;Jj@InEpabNaj!T zTq2R}PTpHsfB8hpR;b!Od7&r!1y0`mdW~!WhK4sFWDc($c!n%*1x?9x*~~#N8C{Pz z6@FYu=p+84gK*3jXY<`{CHMW#^hVSKFOK#6@mD9RB9axlH?C=>pWx8>6T!(z>)uSb zw?mlvbRYC5i(XC&1EGdnETY?ACX*=51C%%787jVdPuAyylFTHu8+OVT8pGCN8%gz^~4TX?tw&s%uB9+0!!11=tS|KA~eXYkOYqaW*MN)v-4+4w|2yP3K+N+FJ=Ndu(D1xL`~Mkkfs($$7;MpWce?2B-}g#KclfAt z?4jjpir=8oyO6xX%=Qd=%+qv#v~&+vUp~Xs*X^P4Cwl~D+6nXw9_ySicw+`>@$piZ zZ}Zik>>Sv1;QbwL9BZ{w&})`A8ITD$PRGYps_5CUnP&8UIlZYDG60eb{ZX~t<)!X> zcrT(1V!Vp#^V)iIYf%vGBgfp)$1k^HN?4Na4))-jkxL)xIA>NuGM+DuIj=Gp((=90 zPusE-Df!mBYNcm>E$+6Vyp0mq30P%Yqr7IF$@Z>@$?P97l34JF|_bDiGF4*6y@h+i^kuUAeF=`-dvrBU~UX}}Q@{IM#3z?-0()(>SsM1)jI~KNF&_?dYq?z%`Or>Pu0En0JWzq*F45B8o#)+uD2QuCapSRsUg}26`A-$7Rf{U zEGkS0UK7Wm_ZU+5^P&)rNA9?nIkrf)Cvosd1!s?iXC@|*=Eb0h7T($DGY}h|eeLcH zt*w&5U1WGL2)l3Abkv3M1HxR9HYkx(vYOc`8FtL&$yf#O`bIMp11EeoX~C*_#6)Z( zs~mn7-53V&`by~v5FBvNd1lvARpeMZye%|UXDC>|X+Rex89WEEddgrUjsTRfiR1;I zrcwfZ-zXPyyZ+M2%N~U#3`99Y6rAGKvnwMb|Lk868qcjrqXP}h)@Xf#e)c%qz6h2DOm!QRAPl|HJZ#5+ z5z@5QiY&5YRIEQtf#ioIb~6qY;qs=w9)2VWc8g%p;$bzvT^9)Ed7M~O_r%qf0UgSf zqv-;liZJC^*(c{=sA+eZ;SnHG{jeB-eMjIWpopnZvCan*f)TaVs_dxfdYpm$rFZUX zIz}TQw>9D6#bwh*M%p539qi8oQx~+XsaW06wCcImdSM+u?Z~Q?B=gi~!J7Lj_TFwU z$1Q5o-!*FiF8?NCKzQ-)K7sC6nJeUA>nylD2@}sWHAfthR$6!sM7Y`+v7{SnJ%o?z zb&@)2*1EG#sM z!q3^%L?ts*x7XA};S(%U@zT5lZQUm-?E>BSU%{P7+QrXRWI~~COp5qdmClF&WZg<7 zn-WV|rgF<>>EKEf%5UwcI==n|elRj^RS5|-VKIG_6rWmx940OPse7t&()VgpQ<9t#k__iFx!np$t@-QM4%E zJv|C8SZFPgHu32Sud*p%oHsO`_DI~tP1?K)6RNXFF==CIaV@~Y7C;V=N_NeF3!|j9 z?d}?mV!q`UcK( zZY>Rk`tfjWANEgy+T2BJ5^TAUFTrX=@hyjjsRJSKQktgvjlrS-zb*Ide_adHHp~M7 zInr=`qBU-W_TD6417Ek8BQ)L;jO)ws#%plEH)^y&G?p_NnI-UrzLg2S#8`04vqP?% z*&h*l|HBcF=ecQXp_>|@aj!A7^Mz)6!?!VP*Ga&(t)BE>x8T|v@NC6-^z;$Erq3kI zkZ`yMvJ|@_+9|0!AL@b6 zFS?kQDJ&!UZaV!M6H!HNlSWlhHN=FVL`jYi(DdTYV8TSNj%KVY50&`)OBr~Ac{T_i zo~51f1GB^mBMP{AYyt>EGSO(?9;pmKrQr{O0aqBT7lv@K+UIDibkcd$O@wl61+ojo z7@M{WdX%O2!#q0#QA%<5`(0W)dl|qAeH#Cimg2ZfpS3H*4|*Q1N>b+ zc(Y}A(ZOzU&)v>u&m9{@9imMo!U1M$#xvz#k2~s|h$Gma?!C|lZEBULrVd<_DO`Pm z+m}1K)DK*jZa!NMTz}v?cI5?c+5orBPjtenJ3}1sZ7YPW@csC#gOiRsQxqUwa;qdm zP54YQdZ^-iiEF{V4?Zp#-F(~(ZBafIe47c^2h4%Kc|~djGZ$*?1kKfBtmse9eEel; zI*c2;z#N60tVl9&s^Jg;)JJ0Y(jE+3CPNDnTOiJrivLXB!b0RVmERlcC!}FVqk~wY z?6iv_&KD^O0I;))Uv5EC9Lv_2+e~wP?{N-98uliH*b9ho5sQu3Gra7Q~42JI(PE%}C7sEhI6ET!gl_{k;(4dr-;e)&5&6 z9M;MY9u)aR%Ew2v&>Q+IhG-%KH_Bx2Y->&NwgisJDB#S+mL~pXaap$MZgKzmI-CG@ zHV=O9c6~lRl%U?Py&VL<-}JPXa%<;ecXubvLLlxtk|~Ja@9#I%_t)>c!lx?|^PZp` zFQHw6FDP%~fknhNNPeYJI9X5cJEb@ZumsyBK`rKO1Z_Q4A8lrR9DDL1kKZXNtUzZl z%Od0Kx=>C`^J+#-LNe~yIK5CnMwsa6qd7)(bm{0ZK!O2ZTsR!mP(Oo%{ET4@-1Cn! z{q8qx5*9)?jN*9U*@1H8RZ4~d{qsQE zhrrxzdBmme#cNe*I)IOs1Y|ji#(*HL*GjX^^ zb4;eXBA6_4)zd~YF!<~u{sOlkAMnRFSv-CH1R7PWp zA4XXwjYlz(%Hyy&+zD79w9;zkeBk>gM8t@el^H zHz%YVsX-`0s$ltDRjNMMK9LTZ$cO5a#Se!=@R$L`3J0rRHe5yX$S8U*HrJ%oAuPMce z{?nA9Q|&A#rY@+;C*pC!CzMC@MG60!(oAW*2D0Hxm_Vhyb@l9U;Tq6u_6_G5_+9KyH{XSH@DXx2JCQ3_B4xCX)44pOA&@JYuIE4`;&SHl zQ!s0OkXhMbb=K6ucE%D5O(T*|HOv9-Yrd7@(#Z8hzI9szg**JG9Y|-~M zD4?R*w)%GZA2Hu7Y!JTJC+}yU_wyN9=8AuHsUJ&0R>V%?%~D3=7|7*u!)$E$qN+l* zK^>1dkb%s>)D#wwZPB>!Xi`?AV46AID)+g=fwR^0Lf@sw1T~`K0*!<}0lz>E@v=i0 z8pHU3Cre`Ng-&fCI$w2I>E%bYK2c5#dyxzKULj2vQe&AKu zVs%yD!gj^*uY42#f8~dMnQcWmH*&pDxR8u}J6}0q{O^biU^cEU>K6o<2!{ zOxxu=alkbflp&7<&}tA+5SR4Y>4Vgvzf$EPmYLBZ&7{iM&qi1Lj~;kBpu6d;1)uOd z>Y9=Qg){dz;Eo2LVBkwtNQg|V_L3JkfHDvM4(o~B4GDbM2EI+{eWcD6DOIrAb-PvF z@$%)7V!Iht4#*h97mBd>$M`dy#ur>aVh}XzskJCV)E0PV%SFQ`dJAJ+%!1JHPLjna zDD$89%OUNlXUo{t&bc|~v`Qk$fU7Ow(KoYQ|B4-MOOdC&kv&SZsWU{hn9;zDkSXk= z!f856$3&5Rn83{8jLSSmTPwBr3?zpQ5|aTemo_F)$N$M$g+!LPTo zv(R-fc_C0i8j_z1@2%wj{&0os_csco!v$4AHdRJAV%4=7mYCVd-2$E%Kq2zhNcshZ z))8PcL~@JkvL4m61)bgjo9{M(kRqVm`%aK=!Q_C%g2wC-;;otASI8kWLz&%+Wkp}q zt8LKHZEoo>I4um70#ku`i*>OX=LgDSeI`vvI)#7G)|VK*cR=VAsKlflUSwG7+M!l4 z{nJp$6oJRfG10$hm}fXTjHL?hk_x^t_kso?(S!{uh0fy?{e)s)tP5#HJs0 zjC!Ahn@!xr`lsVmnpK8&`yK-4%I3@miBq@{9Pvm&(oWF?pq3-a$irY5mT!mB`jygG z=Bt2<;P`P6TX7h!%x20q4Flu+W6NVQoovb3z!qHEdznD=epOA2;Qw(-_czt)=4LR> zJ?tQp33Drkl}44pliV8gWt?6W>H~w@fF&NWa>cNfX_r@_!dU4(hYIc~(7e-@Jng_a z1Og{s*fz+X0=GP4j5utO1okSL0p$SeQH+}ip-}*|qj0b!a)MzTBgJtclS|6f@WG`p zJlP=RLO%ROC+IgaKhY;~%U$T?>^=deF!YFu01*w&5wqXUH0%24R4q%cuI$wTsn$kO z_P~f*+X6g&D+=8gAP#DvAMgo-vWS)P=t%Gsnq(4`+8c`aa$~$%mobW`R3}kT)jl}K z?3&cxJe~=f6xYbH&;U&R_KQWiF_YsKoxOE4#R zhfPbwn7YUso*cO(z!4$QgW3KXiSDObZ4*4yRwzz%Nz|!T~7Y@fho;U}xS=HrDEhl$X zjs|d`<&TSka|AHv>QANCCfBa2*FGn`!kJ7j-(`E7p)DFC;%iL>t>LH57o;h`7%Zv zkjmm=4{~y5rG@Bz#cR<+IVYoHYOhEI1ccxU@SiAy*}z6n;rhG50vrcKPOCITWEu=~ zh0;gWrj3{AYM}628~T0ilxS#-Bxg%hMs@HkXnIUlieD3NL@7w$cpjDdt^bDFa6|$` zl}NuM(ZrvF4&7%OxcZ^XKji&q2C_5Mc zF*XK41iI~Opa$aaw}NA%ezOsj{`iTQ-zicYKY@HC6)AQfN)<5Kp%E*!)CXNcMutkyHnlw#1px->-NYySZnYD4b>m_Vz%v zO3nC`6R0q;X>T!cpK3YHmDF~&Ljag$jsPLUA!1e2gg&T#q`---1_;#_nbd>!XdGf0 z!6pgWMWAVpoxaItKn|GwwD_>&-XF!L7y-+bMq#$-El{L53Ua=pIVrUefnscd8cO}L zL0&koSf%^h@L$8)CJItA)9yZq!I%2cr}@CDk891Xd_8&E3_BI6)?}+U*ZJ=8#Blcw z`P%EvehfEIeMH~}+yv_C_oYd@DM<`0S;Nq$*8G_`9a#(-kJm+644+GlHAN0sOU`|+ zfJ)vio7x>1I`3`(pIe^3!t^u1X8uws-;@>FaaSo?x=6svE-$O$Cut;>fnGsByZok? zJsyU=4b6OwtuG604kk9&A)|a?Nd3tx5S(A*<85?a)5+gl9{M8we7HY0@&Ym8n{H|* zIbXMgS7?&Rcu*(ovm;{Tp`ogrWV-l7cz;dL=(YISYd6%l>52+!26;vc_D*#MeQ1^C za|by`?24KknujF%k_g25{0cF(OA@0YhG-WT?Tz4hsow(FIseEuq+mnF4$8`Vqaix` zc<>sSB8nU38!gZi9}i#qYJv!yx9Jz8MS(4r%CNL2_cv-D97+6H$s z=xFh|$G~_vm~?gu1-?@p2$1A1E5&ec0EdKzo`b@~6@8)j9lwFSu*5y?xj5_2J*? zJ9@a`Z|P0%-?a2^vr>oC+XHd^c7@1O0{bfky1N|GlR@k0Q|R^3@8R|u=#cU#iR#zM zkA28A51)VycRVX%Nm$nKodMW^iW4W<6or$=d(3dJhc-4~CA@j3z~?-@+&!d8#qLM~ zeJl%D`@QC-WqQzNOFGPXSkdj`L{8L9Ok*Jtu){DD8|rvNHh&T$4ar5XiM}n!t7B4> zCACVrc;LBKMw=rqYBe+>C^0ooO2aiLj){(1idvK_=JZ@(n`xkIXCMlqxlfp)|MSc1 z%a_q!*hg-lwBz~leChe>o-0Nf5!kcC*c)zwS@GG=6f{mD2wDyn44r#S^q-(pJKE!> zy7h&SYH+|1Riq(G$6ZouN01?uMNxb7*wiNO2orHm4p3SNSx{JDBS2Ul7xL~z_KHw} z+t_Ctmh3Lo2Yg`K)e~b47o&kI7cT)Ts{Azw&1H$Zm~&ZfF0;_5g4I*8xR%p_E4g6W zEDCggKx(UTiC^LDulq-zRo&-Q|5&xouD$nJ%)@GpjI0+9i4hf2yFm|< zgl1*eVhmGqo6C{FJh?SulnA+c+5A~d6tdtnANq^P*d-|>wJH2R5?#mG?$G}KRrU>L(VJrDQ-flrH8IF&eQE+r2_XJEWY zsuwv8_@yDjJ)Axv^Uh1jAB?=Umy&%Q-svsXPz>9RP4n5S|8{{5{lj&KFSk-KHEI2p zvR4QBOFFyZe1EK3P^7z_axZ_M2q&}GTh(-)T;LOet5m6zplp09jpOxL(t3}p%xyRt4T87s#Rowb1E-V0V8 z2;;{A+|)mG(KM_-$$W3HeMpWQ){Sa=r|N*%`P6&a=#u4#Mhhqn*d_WEL-q@^SAR66 zm#I&WWd@co$CC|eN&%R(Z35WSCb+$q)GociExhxQG__G#`#Q1uZ369*?L)@9A9+96 zH_0#JxH3|DQ&Al*Q(cHvwa@6ERimw~XGkLJ+gST*EvUR~$IfiL(!DW%n`x!RO zaanie83ygv3Hrhl>BSj#Tba=?J2oEo)tU2Zb9)|#5ZAom$;If`@E~;xiS~IZ--DNy zS1?kSUv2K8LVOAyo$R08K^GA7n>%8&(m{W@;Z=yac;GoV6=D$u=1_D)u1kL2uH!KE z2}GE_O?lU?+6e-e@mD~pLM@HX-k?_A2=6gLR3hA!_~#4fxvzp zv>6~Hr6eHi@gvJMDuw>!Fv%99W6fQhBcneqy1%eDZlTTxM8X>jD%&fj7`YykGMM3Z&H>h?*fake8l@(nq4I-wc7zoRnDB02)J3 zBc5ZElol0lnP+?xao0?Y9Sd|#;0m!+`K{x&`rR0KwrQx^L~u+;N#@NYEsj}+Omx%S z+t-<2m^CZ!Wu&AG%O-#5t1+pYdMuK_8Wo)HaZU9(er$+YT+v}3;!o+m?)eJVBsN&T z6`fA-OYWp65O6hKy=EIF3_}M1zSR30EE>~#h!BwKk5#jG;hD>%xRjI1#}jWXK!idM z3CQ(Yv1dcI@EWu2cZ2YFyKlqwL4k%8oE_nOTc1iU>Qw@~{>`xiAtU@0Ckq}6r2ff+qFzOu)^)lqU zn?6D`)4Ablysgo1vMNy6{1e+Jdeh(>DaY02zCA68bCjB`Sp8lyXIXT$(ZGr#Co&m~20XII=+b;$DV>ZBC@1WzfRz(a>4X=3~(G z^KT%Jvk={!D!*c1>ZgQR>`O&|h>S-FQKyZ8L>O*xpndp7)8sZCaWl!s;&sGdVn1Z= zd7h_dzk1$}BiBp`KQ>gfAZ6-J-!t@@EviGh!FD6PW2&u=tvytlc0f@a4D03R;xy5V z*RF>*VSvG&jxI7A$KQvF6exuaX!J)t)}^V2&#|Jf#uHmI0t_9UX<40}30XC^yZw|Dv6-8=^7s8)=3qgF|&0Mn?o_4)_@^;exBt_EZhcn zgX^E&@SxTe_BetDl1rN!^wS8$KtXr;!)vG)++tfhI>$tA!q*t}9Xe=zLcXt(f5o^p z=&D(5V(W3o5lFNfXoOlTCP z@rr%VLtjV(jvAg0X zgk7z7Xn5`N7l58;i&l#7H`Gyz*pDwhug_ET&ObckZZ#P3I*_4&^POOLzMqgn89QRc zV0j}SkpAJi7sG5s1XgsYE9}uIbNgk<^GMWqRaK_9L6l&wp&o0l7^&!uGI95PYqw=e z3K}5jUu0d+HIQKLh}AgP*Wrf7^}&6-JIDOmo_56rFZd=+`aNEUG-0<3g6h#vAfRff z1qukhg4v`?-w88HMP3vN-g(0@-=u-sZ>4;P+uQEaAAn0-TG&{v5LM7xALB-Q%dOwU zb?mQ_Mj;_ub7uO}LY1uv>ShV@oO!)3-%8Ya(TdRpI%3^UH~5lVjw)7oR3sE$!6Dxb zgTqD&R18|$6|7>X?WmGeDZV#jfcJFZ0zNd~@2TrYK2o}Ps-Go>jW39BVDJ#IbyX34 zWI395wYNeDNyzwxuY{;>Dk~Fbn-7PEep>PTGpS5sK4qpF$lYi`#Gl_tO3_tn$RBFr z`l11MMX6=Y`&6r-%`LCGO*&5ysY`&kf5LbXo8SFNT^i>=hVe8Wd2Z|>eMnuJ>|&t+ z@gGo!r}woyL=t^*S=fvql00MV(I8-|z)<))e>LvGVv%XGvK#2)jM3*fp5r+Fs7Mz|Y`k%WYEkH_q~|%&uqBND#8tbmmq7co22<4N z&c=9KF}#|2|K!Zfp7?^#^yc%hDftuZbfs#geWyo(yn`uC6nAo@+%1t88{Z_#m==X= zv!1icNvcc0;LZ!#vqyPmrW2nrm{>Ah>l?K$)#D1c_Ck>k-M0NWNej9(AntyTU9?!^ zj&@egz(Tc&3JCZ~MITeHfw?$+9-~UgD^HAS!wDkq{#?CEUmg1mcCgloIM-01wbyS1 zx|-|le$IYIxV*~AYPesO2lIAyt`9e{8~YGq=^R zf6%iLsJO3MW>7<%+8ST*?t=2(3K)wE4EAnue9k!0$O2eKnGUo$i8??guZr!r;zhns z`47F*HJ>Bo{tCU#z8SK_+83Et6U#nP>U6N40=q0%I4go(klBPtKb-*=oIfK0oonG9 zKlG7x--{ja5uZZaLUG!RC05xPV~Z)HE7zAR8ua(ytP?2F^$;PQ4g_eG80bOx2z5&| zSJYMQAg zORl`mPxwZnbxp2vJ4c8%#Q=bI7SHt0H=O|Ii<}sodCzu8C zHi)FH3!6+v{PMsoBV-~er&Kb3AtpZF_&u$r&JJ+SbEnltSw zg3wwv2xTd9q=B8QwFL~gvhN?(Oq;IqUHyLs2m2f4Jb-Qy(5LpchwGC&mg}p2ICQc$ zA^l>|yOr|%VIrZ*nv7+)`yfO!r5ZrGLT_e;%b@%Sz5yBijgCEo8o|*l8Na27Na6K0 z$1aau!@@zPxsz(u4@1luZzK!NO?%KG4eB@^S6t5f_HiaRFJy@L$7JOXFsug(Wzr=! zp0m zKHQK}ZLolA32cUkS>v-XGF00!LE%z3$=xM1OIL4G-x+PWmjUQNV z&o-mB5ywEIZ-vFn+^`!`2o{6?y3?=HavN*sQpZd+4BM{2S`xldqO{<1++eY>H<$dHpQ#Gy^X}zMKwQe=-yWf`0%(Z?_qrFISqinFm z`JSupU$hRtx#STt3-o#XAQkG5D3_bJ=orVV4Tp|gx^Vv3t^t>VLw0aYXVrY@jLS} zK0ZB;Jz;!O+iwA*ZDYNmM%_a+w2zuUYmT)~D5cT>FLXZgMqkqT6EOAXeT2N1p=ev9 z7bXZYDi@%KQ}*?4HiXYI0Jqcn&600IWwmw-7~)}+-&9w?L?Nc`vPO~z1k+4an_DpA z1J@$~vbyzVNV^>I`4@PQ1vZr`sS`10aAJgOJh>M?*XMTx3AWTmmp?NMxckuiP-g>v zsC{*ukdUXVOQ%310^6sVILYNrOE%zbq6dzgJag8Ru0tsbJlmWW%$<^2oz-YBf5dy* z^JXyE9|I)f&}&B!2jIl3n5xNKsS3!wn4(Ai^PVVINvQsl5m56HM{jQNOm%Z<*8WvQ z@L`>%0F~cjwxm#dxjy_=y@r2b>5SxvYRlr!*}F`=BiLPPeTCPp6$-)^Ke?_nOrzyD zur3P#t8fU5FTE)B`&p^4`}SzYC=ngEwDTzordO=vBE}V`3agkkd=YRmns0))>b&wK zwfAsp>RegWFwou6)`3zmH&=Xdr~d?M3J&zPXq9+q2=2G-cssK9SC;SiY6!TQ@9S0^ zUw3tNeJ2|v*=E;X&$T)`3Nb6!?y^`2uDjrKdfe_vT0dXI4wne3`2ji}t*)699$LqYIUR!E_p9!QZGi$H0Nn-Mz}_Bdal05SXG3}6hSs71-r z`fM;QXqK^|!38AprKOrKOndKWEl7O{6@=TNDAe9n?4#0clGfuNlQuC<34Bm?A1gSi%zZ+RnC z_~TnUgfMW`7cr%sB#Bov`VYtoun9M>eyUkVpnC?J#X@8LoHfAmKw!fh5qD=qKa627M;CewJj`s8T)J>|2(Gws2&=k)k0zi&rA zx;{VJzDL`c<^09cQbSj@wkSM9x_uW)$0;IQO3XE!tzm|{H^R?rU(5MrIQoIiu!<$x zT=B5*1wiaM6Dj#?;npLNhC{rR&S+iqh))U(i``{3UymEI1y?V$c4HvRXD(`_0>5~d zcH~>6v&ta8!oh-yPqy%i=aVbqwRlbRt-gLquvhABF-s{f2D$Pjg=wDCiRUJB;=V%G z&jA6rs#66UWU6I+$Iv3{12?RRVs&ScudXR)e&-hXs=uMB9oNa3wZ5rZI}3Q?;-HoX)6%skt~ zt~PVOEl*ExDV6o(5YqykozI|+WAAT+NpDB?OG}5-NOcn@rPrMOFn{(-D~Hn}B-H;G zB3&)|kkIyDXyb6YgM>c+LR*JZ%r_=Z(0`%br}umvIlxVyyx+JhUa%b8GH>LlFUUkw zZtkGLe?sor-)QG5z`^@*R(EOd_$2QkSy{HcZa}wN8@G*vTc0uO#5FpP=32*isy|jc zxf&Tk8szVq+Zrv+b$Kt-xVj?HvSp0-fGNdJTe4>^Pd=pM$boIBM%+nRaUD=w=Q`U5 z00+G(T04kGy?(qfUF&!v1goK\n\n**Note:** Please refer to the following before installing the solution: \n\n• Review the solution [Release Notes](https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/Global%20Secure%20Access/ReleaseNotes.md)\n\n • There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing.\n\n[Global Secure Access](https://aka.ms/GlobalSecureAccess) is a [domain solution](https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.microsoft.com%2Fazure%2Fsentinel%2Fsentinel-solutions-catalog%23domain-solutions&data=05%7C01%7Ckavishbakshi%40microsoft.com%7Cbe2a496082b24caa4b8c08da9cefacca%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637994850502413731%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=OJegu%2B2EqD7rmYmK9pm9QniD6YWp5ooloZ6tHzcwVi0%3D&reserved=0) and does not include any data connectors. The content in this solution requires one of the product solutions below.\n\n**Prerequisite :-**\n\n Install one or more of the listed solutions to unlock the value provided by this solution.\n 1. Microsoft Entra Id \n\n**Underlying Microsoft Technologies used:** \n\nThis solution takes a dependency on the following technologies, and some of these dependencies either may be in Preview state or might result in additional ingestion or operational costs: \n 1. Product solutions as described above \n\n\n**Workbooks:** 2, **Hunting Queries:** 21\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)", + "subscription": { + "resourceProviders": [ + "Microsoft.OperationsManagement/solutions", + "Microsoft.OperationalInsights/workspaces/providers/alertRules", + "Microsoft.Insights/workbooks", + "Microsoft.Logic/workflows" + ] + }, + "location": { + "metadata": { + "hidden": "Hiding location, we get it from the log analytics workspace" + }, + "visible": false + }, + "resourceGroup": { + "allowExisting": true + } + } + }, + "basics": [ + { + "name": "getLAWorkspace", + "type": "Microsoft.Solutions.ArmApiControl", + "toolTip": "This filters by workspaces that exist in the Resource Group selected", + "condition": "[greater(length(resourceGroup().name),0)]", + "request": { + "method": "GET", + "path": "[concat(subscription().id,'/providers/Microsoft.OperationalInsights/workspaces?api-version=2020-08-01')]" + } + }, + { + "name": "workspace", + "type": "Microsoft.Common.DropDown", + "label": "Workspace", + "placeholder": "Select a workspace", + "toolTip": "This dropdown will list only workspace that exists in the Resource Group selected", + "constraints": { + "allowedValues": "[map(filter(basics('getLAWorkspace').value, (filter) => contains(toLower(filter.id), toLower(resourceGroup().name))), (item) => parse(concat('{\"label\":\"', item.name, '\",\"value\":\"', item.name, '\"}')))]", + "required": true + }, + "visible": true + } + ], + "steps": [ + { + "name": "workbooks", + "label": "Workbooks", + "subLabel": { + "preValidation": "Configure the workbooks", + "postValidation": "Done" + }, + "bladeTitle": "Workbooks", + "elements": [ + { + "name": "workbooks-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "This Microsoft Sentinel Solution installs workbooks. Workbooks provide a flexible canvas for data monitoring, analysis, and the creation of rich visual reports within the Azure portal. They allow you to tap into one or many data sources from Microsoft Sentinel and combine them into unified interactive experiences." + } + }, + { + "name": "workbooks-link", + "type": "Microsoft.Common.TextBlock", + "options": { + "link": { + "label": "Learn more", + "uri": "https://docs.microsoft.com/azure/sentinel/tutorial-monitor-your-data" + } + } + }, + { + "name": "workbook1", + "type": "Microsoft.Common.Section", + "label": "TextBlock", + "elements": [ + { + "name": "workbook1-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "TextBlock" + } + } + ] + }, + { + "name": "workbook2", + "type": "Microsoft.Common.Section", + "label": "TextBlock", + "elements": [ + { + "name": "workbook2-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "TextBlock" + } + } + ] + } + ] + }, + { + "name": "huntingqueries", + "label": "Hunting Queries", + "bladeTitle": "Hunting Queries", + "elements": [ + { + "name": "huntingqueries-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "This solution installs the following hunting queries. After installing the solution, run these hunting queries to hunt for threats in Manage solution view." + } + }, + { + "name": "huntingqueries-link", + "type": "Microsoft.Common.TextBlock", + "options": { + "link": { + "label": "Learn more", + "uri": "https://docs.microsoft.com/azure/sentinel/hunting" + } + } + }, + { + "name": "huntingquery1", + "type": "Microsoft.Common.Section", + "label": "Anomalous access to other users' mailboxes", + "elements": [ + { + "name": "huntingquery1-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "Looks for users accessing multiple other users' mailboxes or accessing multiple folders in another users mailbox. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" + } + } + ] + }, + { + "name": "huntingquery2", + "type": "Microsoft.Common.Section", + "label": "External User Added and Removed in a Short Timeframe", + "elements": [ + { + "name": "huntingquery2-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "This hunting query identifies external user accounts that are added to a Team and then removed within one hour. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" + } + } + ] + }, + { + "name": "huntingquery3", + "type": "Microsoft.Common.Section", + "label": "External user from a new organisation added to Teams", + "elements": [ + { + "name": "huntingquery3-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "This query identifies external users added to Teams where the user's domain is not one previously seen in Teams data. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" + } + } + ] + }, + { + "name": "huntingquery4", + "type": "Microsoft.Common.Section", + "label": "Mail Redirect via ExO Transport Rule", + "elements": [ + { + "name": "huntingquery4-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "Identifies when Exchange Online transport rule is configured to forward emails.\nThis could be an adversary mailbox configured to collect mail from multiple user accounts. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" + } + } + ] + }, + { + "name": "huntingquery5", + "type": "Microsoft.Common.Section", + "label": "Bots added to multiple teams", + "elements": [ + { + "name": "huntingquery5-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "This hunting query helps identify bots added to multiple Teams in a short space of time. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" + } + } + ] + }, + { + "name": "huntingquery6", + "type": "Microsoft.Common.Section", + "label": "User made Owner of multiple teams", + "elements": [ + { + "name": "huntingquery6-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "This hunting query identifies users who have been made Owner of multiple Teams. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" + } + } + ] + }, + { + "name": "huntingquery7", + "type": "Microsoft.Common.Section", + "label": "Multiple Teams deleted by a single user", + "elements": [ + { + "name": "huntingquery7-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "This hunting query identifies where multiple Teams have been deleted by a single user in a short timeframe. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" + } + } + ] + }, + { + "name": "huntingquery8", + "type": "Microsoft.Common.Section", + "label": "Previously Unseen Bot or Application Added to Teams", + "elements": [ + { + "name": "huntingquery8-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "This hunting query helps identify new, and potentially unapproved applications or bots being added to Teams. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" + } + } + ] + }, + { + "name": "huntingquery9", + "type": "Microsoft.Common.Section", + "label": "New Windows Reserved Filenames staged on Office file services", + "elements": [ + { + "name": "huntingquery9-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "This identifies new Windows Reserved Filenames on Office services like SharePoint and OneDrive in the past 7 days. It also detects when a user uploads these files to another user's workspace, which may indicate malicious activity. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" + } + } + ] + }, + { + "name": "huntingquery10", + "type": "Microsoft.Common.Section", + "label": "Office Mail Forwarding - Hunting Version", + "elements": [ + { + "name": "huntingquery10-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "Adversaries often abuse email-forwarding rules to monitor victim activities, steal information, and gain intelligence on the victim or their organization. This query highlights cases where user mail is being forwarded, including to external domains. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" + } + } + ] + }, + { + "name": "huntingquery11", + "type": "Microsoft.Common.Section", + "label": "Files uploaded to teams and access summary", + "elements": [ + { + "name": "huntingquery11-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "This hunting query identifies files uploaded to SharePoint via a Teams chat and\nsummarizes users and IP addresses that have accessed these files. This allows for \nidentification of anomalous file sharing patterns. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" + } + } + ] + }, + { + "name": "huntingquery12", + "type": "Microsoft.Common.Section", + "label": "User added to Teams and immediately uploads file", + "elements": [ + { + "name": "huntingquery12-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "This hunting query identifies users who are added to a Teams Channel or Teams chat\nand within 1 minute of being added upload a file via the chat. This might be\nan indicator of suspicious activity. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" + } + } + ] + }, + { + "name": "huntingquery13", + "type": "Microsoft.Common.Section", + "label": "Windows Reserved Filenames Staged on Office File Services", + "elements": [ + { + "name": "huntingquery13-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "This identifies Windows Reserved Filenames on Office services like SharePoint and OneDrive. It also detects when a user uploads these files to another user's workspace, which may indicate malicious activity. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" + } + } + ] + }, + { + "name": "huntingquery14", + "type": "Microsoft.Common.Section", + "label": "Exes with double file extension and access summary", + "elements": [ + { + "name": "huntingquery14-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "Provides a summary of executable files with double file extensions in SharePoint \n and the users and IP addresses that have accessed them. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" + } + } + ] + }, + { + "name": "huntingquery15", + "type": "Microsoft.Common.Section", + "label": "New Admin Account Activity Seen Which Was Not Seen Historically", + "elements": [ + { + "name": "huntingquery15-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "This will help you discover any new admin account activity which was seen and were not seen historically.\nAny new accounts seen in the results can be validated and investigated for any suspicious activities. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" + } + } + ] + }, + { + "name": "huntingquery16", + "type": "Microsoft.Common.Section", + "label": "SharePointFileOperation via previously unseen IPs", + "elements": [ + { + "name": "huntingquery16-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "Shows SharePoint upload/download volume by IPs with high-risk ASNs. New IPs with volume spikes may be unauthorized and exfiltrating documents. This hunting query depends on AzureActiveDirectory AzureActiveDirectory data connector (SigninLogs EnrichedMicrosoft365AuditLogs Parser or Table)" + } + } + ] + }, + { + "name": "huntingquery17", + "type": "Microsoft.Common.Section", + "label": "SharePointFileOperation via devices with previously unseen user agents", + "elements": [ + { + "name": "huntingquery17-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "Tracking via user agent is one way to differentiate between types of connecting device.\nIn homogeneous enterprise environments the user agent associated with an attacker device may stand out as unusual. This hunting query depends on AzureActiveDirectory AzureActiveDirectory data connector (SigninLogs EnrichedMicrosoft365AuditLogs Parser or Table)" + } + } + ] + }, + { + "name": "huntingquery18", + "type": "Microsoft.Common.Section", + "label": "Non-owner mailbox login activity", + "elements": [ + { + "name": "huntingquery18-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "Finds non-owner mailbox access by admin/delegate permissions. Whitelist valid users and check others for unauthorized access. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" + } + } + ] + }, + { + "name": "huntingquery19", + "type": "Microsoft.Common.Section", + "label": "PowerShell or non-browser mailbox login activity", + "elements": [ + { + "name": "huntingquery19-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "Detects mailbox login from Exchange PowerShell. All accounts can use it by default, but admins can change it. Whitelist benign activities. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" + } + } + ] + }, + { + "name": "huntingquery20", + "type": "Microsoft.Common.Section", + "label": "SharePoint File Operation via Client IP with Previously Unseen User Agents", + "elements": [ + { + "name": "huntingquery20-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "New user agents associated with a client IP for SharePoint file uploads/downloads. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" + } + } + ] + }, + { + "name": "huntingquery21", + "type": "Microsoft.Common.Section", + "label": "Multiple Users Email Forwarded to Same Destination", + "elements": [ + { + "name": "huntingquery21-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "Identifies when multiple (more than one) users' mailboxes are configured to forward to the same destination. \nThis could be an attacker-controlled destination mailbox configured to collect mail from multiple compromised user accounts. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" + } + } + ] + } + ] + } + ], + "outputs": { + "workspace-location": "[first(map(filter(basics('getLAWorkspace').value, (filter) => and(contains(toLower(filter.id), toLower(resourceGroup().name)),equals(filter.name,basics('workspace')))), (item) => item.location))]", + "location": "[location()]", + "workspace": "[basics('workspace')]" + } + } +} \ No newline at end of file diff --git a/Solutions/Global Secure Access/Package/mainTemplate.json b/Solutions/Global Secure Access/Package/mainTemplate.json new file mode 100644 index 00000000000..344ae182315 --- /dev/null +++ b/Solutions/Global Secure Access/Package/mainTemplate.json @@ -0,0 +1,2277 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "author": "Microsoft - support@microsoft.com", + "comments": "Solution template for Global Secure Access" + }, + "parameters": { + "location": { + "type": "string", + "minLength": 1, + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "Not used, but needed to pass arm-ttk test `Location-Should-Not-Be-Hardcoded`. We instead use the `workspace-location` which is derived from the LA workspace" + } + }, + "workspace-location": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "[concat('Region to deploy solution resources -- separate from location selection',parameters('location'))]" + } + }, + "workspace": { + "defaultValue": "", + "type": "string", + "metadata": { + "description": "Workspace name for Log Analytics where Microsoft Sentinel is setup" + } + }, + "workbook1-name": { + "type": "string", + "defaultValue": null, + "minLength": 1, + "metadata": { + "description": "Name for the workbook" + } + }, + "workbook2-name": { + "type": "string", + "defaultValue": null, + "minLength": 1, + "metadata": { + "description": "Name for the workbook" + } + } + }, + "variables": { + "email": "support@microsoft.com", + "_email": "[variables('email')]", + "_solutionName": "Global Secure Access", + "_solutionVersion": "3.0.0", + "solutionId": "azuresentinel.azure-sentinel-solution-globalsecureaccess", + "_solutionId": "[variables('solutionId')]", + "workbookVersion1": "", + "workbookContentId1": "", + "workbookId1": "[resourceId('Microsoft.Insights/workbooks', variables('workbookContentId1'))]", + "workbookTemplateSpecName1": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-wb-',uniquestring(variables('_workbookContentId1'))))]", + "_workbookContentId1": "[variables('workbookContentId1')]", + "workspaceResourceId": "[resourceId('microsoft.OperationalInsights/Workspaces', parameters('workspace'))]", + "_workbookcontentProductId1": "[concat(take(variables('_solutionId'),50),'-','wb','-', uniqueString(concat(variables('_solutionId'),'-','Workbook','-',variables('_workbookContentId1'),'-', variables('workbookVersion1'))))]", + "workbookVersion2": "", + "workbookContentId2": "", + "workbookId2": "[resourceId('Microsoft.Insights/workbooks', variables('workbookContentId2'))]", + "workbookTemplateSpecName2": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-wb-',uniquestring(variables('_workbookContentId2'))))]", + "_workbookContentId2": "[variables('workbookContentId2')]", + "_workbookcontentProductId2": "[concat(take(variables('_solutionId'),50),'-','wb','-', uniqueString(concat(variables('_solutionId'),'-','Workbook','-',variables('_workbookContentId2'),'-', variables('workbookVersion2'))))]", + "huntingQueryObject1": { + "huntingQueryVersion1": "2.0.1", + "_huntingQuerycontentId1": "271e8881-3044-4332-a5f4-42264c2e0315", + "huntingQueryTemplateSpecName1": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-hq-',uniquestring('271e8881-3044-4332-a5f4-42264c2e0315')))]" + }, + "huntingQueryObject2": { + "huntingQueryVersion2": "2.0.1", + "_huntingQuerycontentId2": "119d9e1c-afcc-4d23-b239-cdb4e7bf851c", + "huntingQueryTemplateSpecName2": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-hq-',uniquestring('119d9e1c-afcc-4d23-b239-cdb4e7bf851c')))]" + }, + "huntingQueryObject3": { + "huntingQueryVersion3": "2.0.1", + "_huntingQuerycontentId3": "6fce5baf-bfc2-4c56-a6b7-9c4733fc5a45", + "huntingQueryTemplateSpecName3": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-hq-',uniquestring('6fce5baf-bfc2-4c56-a6b7-9c4733fc5a45')))]" + }, + "huntingQueryObject4": { + "huntingQueryVersion4": "2.0.1", + "_huntingQuerycontentId4": "9891684a-1e3a-4546-9403-3439513cbc70", + "huntingQueryTemplateSpecName4": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-hq-',uniquestring('9891684a-1e3a-4546-9403-3439513cbc70')))]" + }, + "huntingQueryObject5": { + "huntingQueryVersion5": "2.0.1", + "_huntingQuerycontentId5": "9eb64924-ec8d-44d0-b1f2-10665150fb74", + "huntingQueryTemplateSpecName5": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-hq-',uniquestring('9eb64924-ec8d-44d0-b1f2-10665150fb74')))]" + }, + "huntingQueryObject6": { + "huntingQueryVersion6": "2.0.1", + "_huntingQuerycontentId6": "558f15dd-3171-4b11-bf24-31c0610a20e0", + "huntingQueryTemplateSpecName6": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-hq-',uniquestring('558f15dd-3171-4b11-bf24-31c0610a20e0')))]" + }, + "huntingQueryObject7": { + "huntingQueryVersion7": "2.0.1", + "_huntingQuerycontentId7": "64990414-b015-4edf-bef0-343b741e68c5", + "huntingQueryTemplateSpecName7": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-hq-',uniquestring('64990414-b015-4edf-bef0-343b741e68c5')))]" + }, + "huntingQueryObject8": { + "huntingQueryVersion8": "2.0.1", + "_huntingQuerycontentId8": "bf76e508-9282-4cf1-9cc1-5c20c3dea2ee", + "huntingQueryTemplateSpecName8": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-hq-',uniquestring('bf76e508-9282-4cf1-9cc1-5c20c3dea2ee')))]" + }, + "huntingQueryObject9": { + "huntingQueryVersion9": "2.0.1", + "_huntingQuerycontentId9": "641ecd2d-27c9-4f05-8433-8205096b09fc", + "huntingQueryTemplateSpecName9": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-hq-',uniquestring('641ecd2d-27c9-4f05-8433-8205096b09fc')))]" + }, + "huntingQueryObject10": { + "huntingQueryVersion10": "2.0.1", + "_huntingQuerycontentId10": "d49fc965-aef3-49f6-89ad-10cc4697eb5b", + "huntingQueryTemplateSpecName10": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-hq-',uniquestring('d49fc965-aef3-49f6-89ad-10cc4697eb5b')))]" + }, + "huntingQueryObject11": { + "huntingQueryVersion11": "2.0.1", + "_huntingQuerycontentId11": "90e198a9-efb6-4719-ad89-81b8e93633a7", + "huntingQueryTemplateSpecName11": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-hq-',uniquestring('90e198a9-efb6-4719-ad89-81b8e93633a7')))]" + }, + "huntingQueryObject12": { + "huntingQueryVersion12": "2.0.1", + "_huntingQuerycontentId12": "3d6d0c04-7337-40cf-ace6-c471d442356d", + "huntingQueryTemplateSpecName12": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-hq-',uniquestring('3d6d0c04-7337-40cf-ace6-c471d442356d')))]" + }, + "huntingQueryObject13": { + "huntingQueryVersion13": "2.0.1", + "_huntingQuerycontentId13": "61c28cd7-3139-4731-8ea7-2cbbeabb4684", + "huntingQueryTemplateSpecName13": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-hq-',uniquestring('61c28cd7-3139-4731-8ea7-2cbbeabb4684')))]" + }, + "huntingQueryObject14": { + "huntingQueryVersion14": "2.0.1", + "_huntingQuerycontentId14": "d12580c2-1474-4125-a8a3-553f50d91215", + "huntingQueryTemplateSpecName14": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-hq-',uniquestring('d12580c2-1474-4125-a8a3-553f50d91215')))]" + }, + "huntingQueryObject15": { + "huntingQueryVersion15": "2.0.1", + "_huntingQuerycontentId15": "723c5f46-133f-4f1e-ada6-5c138f811d75", + "huntingQueryTemplateSpecName15": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-hq-',uniquestring('723c5f46-133f-4f1e-ada6-5c138f811d75')))]" + }, + "huntingQueryObject16": { + "huntingQueryVersion16": "2.0.1", + "_huntingQuerycontentId16": "e3d24cfd-b2a1-4ba7-8f80-0360892f9d57", + "huntingQueryTemplateSpecName16": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-hq-',uniquestring('e3d24cfd-b2a1-4ba7-8f80-0360892f9d57')))]" + }, + "huntingQueryObject17": { + "huntingQueryVersion17": "2.0.1", + "_huntingQuerycontentId17": "f2367171-1514-4c67-88ef-27434b6a1093", + "huntingQueryTemplateSpecName17": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-hq-',uniquestring('f2367171-1514-4c67-88ef-27434b6a1093')))]" + }, + "huntingQueryObject18": { + "huntingQueryVersion18": "2.0.1", + "_huntingQuerycontentId18": "0a8f410d-38b5-4d75-90da-32b472b97230", + "huntingQueryTemplateSpecName18": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-hq-',uniquestring('0a8f410d-38b5-4d75-90da-32b472b97230')))]" + }, + "huntingQueryObject19": { + "huntingQueryVersion19": "2.0.1", + "_huntingQuerycontentId19": "49a4f65a-fe18-408e-afec-042fde93d3ce", + "huntingQueryTemplateSpecName19": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-hq-',uniquestring('49a4f65a-fe18-408e-afec-042fde93d3ce')))]" + }, + "huntingQueryObject20": { + "huntingQueryVersion20": "2.0.1", + "_huntingQuerycontentId20": "e8ae1375-4640-430c-ae8e-2514d09c71eb", + "huntingQueryTemplateSpecName20": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-hq-',uniquestring('e8ae1375-4640-430c-ae8e-2514d09c71eb')))]" + }, + "huntingQueryObject21": { + "huntingQueryVersion21": "2.0.1", + "_huntingQuerycontentId21": "a1551ae4-f61c-4bca-9c57-4d0d681db2e9", + "huntingQueryTemplateSpecName21": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-hq-',uniquestring('a1551ae4-f61c-4bca-9c57-4d0d681db2e9')))]" + }, + "_solutioncontentProductId": "[concat(take(variables('_solutionId'),50),'-','sl','-', uniqueString(concat(variables('_solutionId'),'-','Solution','-',variables('_solutionId'),'-', variables('_solutionVersion'))))]" + }, + "resources": [ + { + "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates", + "apiVersion": "2023-04-01-preview", + "name": "[variables('workbookTemplateSpecName1')]", + "location": "[parameters('workspace-location')]", + "dependsOn": [ + "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" + ], + "properties": { + "description": "GSAM365EnrichedEvents Workbook with template version 3.0.0", + "mainTemplate": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "[variables('workbookVersion1')]", + "parameters": {}, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/workbooks", + "name": "[variables('workbookContentId1')]", + "location": "[parameters('workspace-location')]", + "kind": "shared", + "apiVersion": "2021-08-01", + "metadata": { + "description": "" + }, + "properties": { + "displayName": "[parameters('workbook1-name')]", + "serializedData": "{\"version\":\"Notebook/1.0\",\"items\":[{\"type\":1,\"content\":{\"json\":\"## Traffic Logs workbook\\n---\\n\\nLog information in the dashboard is limited to 30 days.\"},\"name\":\"text - 2\"},{\"type\":9,\"content\":{\"version\":\"KqlParameterItem/1.0\",\"parameters\":[{\"id\":\"ff8b2a55-1849-4848-acf8-eab5452e9f10\",\"version\":\"KqlParameterItem/1.0\",\"name\":\"LogAnalyticWorkspace\",\"label\":\"Log Analytic Workspace\",\"type\":5,\"description\":\"The log analytic workspace in which to execute the queries\",\"isRequired\":true,\"query\":\"resources\\r\\n| where type == \\\"microsoft.operationalinsights/workspaces\\\"\\r\\n| project id\",\"typeSettings\":{\"resourceTypeFilter\":{\"microsoft.operationalinsights/workspaces\":true},\"additionalResourceOptions\":[\"value::1\"],\"showDefault\":false},\"timeContext\":{\"durationMs\":86400000},\"defaultValue\":\"value::1\",\"queryType\":1,\"resourceType\":\"microsoft.resourcegraph/resources\"},{\"id\":\"f15f34d8-8e2d-4c39-8dee-be2f979c86a8\",\"version\":\"KqlParameterItem/1.0\",\"name\":\"TimeRange\",\"label\":\"Time Range\",\"type\":4,\"isRequired\":true,\"typeSettings\":{\"selectableValues\":[{\"durationMs\":300000},{\"durationMs\":900000},{\"durationMs\":1800000},{\"durationMs\":3600000},{\"durationMs\":14400000},{\"durationMs\":43200000},{\"durationMs\":86400000},{\"durationMs\":172800000},{\"durationMs\":259200000},{\"durationMs\":604800000},{\"durationMs\":1209600000},{\"durationMs\":2419200000},{\"durationMs\":2592000000}],\"allowCustom\":true},\"timeContext\":{\"durationMs\":86400000},\"value\":{\"durationMs\":2592000000}},{\"id\":\"8bab511b-53b3-4220-9d1c-372345b06728\",\"version\":\"KqlParameterItem/1.0\",\"name\":\"Users\",\"type\":2,\"isRequired\":true,\"multiSelect\":true,\"quote\":\"'\",\"delimiter\":\",\",\"query\":\"EnrichedMicrosoft365AuditLogsDemos_CL\\r\\n| summarize Count = count() by UserId_s\\r\\n| order by Count desc, UserId_s asc\\r\\n| project Value = UserId_s, Label = strcat(UserId_s, ' - ', Count, ' Logs'), Selected = false\",\"typeSettings\":{\"limitSelectTo\":20,\"additionalResourceOptions\":[\"value::all\"],\"selectAllValue\":\"*\",\"showDefault\":false},\"timeContext\":{\"durationMs\":0},\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"value\":[\"value::all\"]}],\"style\":\"pills\",\"queryType\":1,\"resourceType\":\"microsoft.operationalinsights/workspaces\"},\"name\":\"parameters - 15\"},{\"type\":11,\"content\":{\"version\":\"LinkItem/1.0\",\"style\":\"tabs\",\"links\":[{\"id\":\"2b2cd1be-9d25-412c-8444-f005c4789b55\",\"cellValue\":\"tabSel\",\"linkTarget\":\"parameter\",\"linkLabel\":\"Overview\",\"subTarget\":\"Overview\",\"style\":\"link\"},{\"id\":\"cc3e67f2-f20f-4430-8dee-d0773b90d9ce\",\"cellValue\":\"tabSel\",\"linkTarget\":\"parameter\",\"linkLabel\":\"All Traffic\",\"subTarget\":\"AllTraffic\",\"style\":\"link\"}]},\"name\":\"links - 7\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| project \\r\\n Timestamp = createdDateTime_t,\\r\\n User = userPrincipalName_s,\\r\\n SourceIP = SourceIP,\\r\\n DestinationIP = destinationIp_s,\\r\\n DestinationPort = destinationPort_d,\\r\\n Action = action_s,\\r\\n PolicyName = policyName_s,\\r\\n TransportProtocol = transportProtocol_s,\\r\\n TrafficType = trafficType_s,\\r\\n DestinationURL = destinationUrl_s,\\r\\n ReceivedBytes = receivedBytes_d,\\r\\n SentBytes = sentBytes_d,\\r\\n DeviceOS = deviceOperatingSystem_s,\\r\\n PolicyRuleID = policyRuleId_s\\r\\n| order by Timestamp desc\",\"size\":3,\"showAnalytics\":true,\"title\":\"Log\",\"timeContextFromParameter\":\"TimeRange\",\"showExportToExcel\":true,\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"gridSettings\":{\"rowLimit\":1000,\"filter\":true}},\"conditionalVisibility\":{\"parameterName\":\"tabSel\",\"comparison\":\"isEqualTo\",\"value\":\"AllTraffic\"},\"name\":\"query - 6\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"// Unique Users\\nNetworkAccessDemo_CL\\n| extend GeoInfo = geo_info_from_ip_address(SourceIP) // Extend each row with geolocation info\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\n| project SourceIP, Country = tostring(GeoInfo.country), State = tostring(GeoInfo.state), City = tostring(GeoInfo.city), Latitude = tostring(GeoInfo.latitude), Longitude = tostring(GeoInfo.longitude)\\n| summarize UniqueUsers=dcount(Country)\\n| extend snapshot = \\\"Total Locations\\\"\\n| project col1 = UniqueUsers, snapshot\\n\\n// Union with Unique Devices\\n| union (\\n NetworkAccessDemo_CL\\n | where userPrincipalName_s in ({Users}) or '*' in ({Users})\\n | extend BytesInGB = todouble(sentBytes_d + receivedBytes_d) / (1024 * 1024 * 1024) // Convert bytes to gigabytes\\n | summarize TotalBytesGB = sum(BytesInGB)\\n | extend snapshot = \\\"Total Bytes (GB)\\\"\\n | project col1 = tolong(TotalBytesGB), snapshot\\n)\\n\\n// Union with Total Internet Access\\n| union (\\n NetworkAccessDemo_CL\\n | where userPrincipalName_s in ({Users}) or '*' in ({Users})\\n | summarize TotalTransactions = count()\\n | extend snapshot = \\\"Total Transactions\\\"\\n | project col1 = TotalTransactions, snapshot\\n)\\n\\n// Union with Total Private Access\\n// Order by Snapshot for consistent tile ordering on dashboard\\n| order by snapshot\",\"size\":4,\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"tiles\",\"tileSettings\":{\"titleContent\":{\"columnMatch\":\"snapshot\",\"formatter\":1},\"leftContent\":{\"columnMatch\":\"col1\",\"formatter\":12,\"formatOptions\":{\"palette\":\"auto\"}},\"showBorder\":true,\"size\":\"auto\"},\"mapSettings\":{\"locInfo\":\"LatLong\",\"sizeSettings\":\"ExistingClients\",\"sizeAggregation\":\"Sum\",\"legendMetric\":\"ExistingClients\",\"legendAggregation\":\"Sum\",\"itemColorSettings\":{\"type\":\"heatmap\",\"colorAggregation\":\"Sum\",\"nodeColorField\":\"ExistingClients\",\"heatmapPalette\":\"greenRed\"}},\"textSettings\":{\"style\":\"bignumber\"}},\"conditionalVisibility\":{\"parameterName\":\"tabSel\",\"comparison\":\"isEqualTo\",\"value\":\"Overview\"},\"name\":\"query - 2\"},{\"type\":12,\"content\":{\"version\":\"NotebookGroup/1.0\",\"groupType\":\"editable\",\"items\":[{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\r\\n| extend BytesInGB = todouble(sentBytes_d + receivedBytes_d) / (1024 * 1024 * 1024) // Convert bytes to gigabytes\\r\\n| summarize TotalBytesGB = sum(BytesInGB) by bin(createdDateTime_t, 1h), trafficType_s\\r\\n| order by bin(createdDateTime_t, 1h) asc, trafficType_s asc\\r\\n| project createdDateTime_t, trafficType_s, TotalBytesGB\\r\\n\",\"size\":2,\"title\":\"Usage over Time (GB)\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"barchart\"},\"conditionalVisibility\":{\"parameterName\":\"tabSel\",\"comparison\":\"isEqualTo\",\"value\":\"Overview\"},\"name\":\"query - 0\"}]},\"name\":\"group - 5\"},{\"type\":12,\"content\":{\"version\":\"NotebookGroup/1.0\",\"groupType\":\"editable\",\"items\":[{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\r\\n| extend GeoInfo = geo_info_from_ip_address(SourceIP) // Extend each row with geolocation info\\r\\n| project createdDateTime_t, SourceIP, Country = tostring(GeoInfo.country), State = tostring(GeoInfo.state), City = tostring(GeoInfo.city), Latitude = tostring(GeoInfo.latitude), Longitude = tostring(GeoInfo.longitude)\\r\\n| where Country != \\\"\\\"\\r\\n| summarize Count = count() by City, State, Country\\r\\n\",\"size\":0,\"title\":\"Locations\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"map\",\"mapSettings\":{\"locInfo\":\"CountryRegion\",\"locInfoColumn\":\"Country\",\"latitude\":\"Latitude\",\"longitude\":\"Longitude\",\"sizeSettings\":\"Count\",\"sizeAggregation\":\"Sum\",\"labelSettings\":\"Country\",\"legendMetric\":\"Country\",\"legendAggregation\":\"Count\",\"itemColorSettings\":{\"nodeColorField\":\"Count\",\"colorAggregation\":\"Sum\",\"type\":\"heatmap\",\"heatmapPalette\":\"turquoise\"}}},\"customWidth\":\"50\",\"name\":\"query - 0\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\r\\n| where tolower(action_s) == \\\"allow\\\" and destinationWebCategory_displayName_s != '' // Filter for allowed traffic\\r\\n| extend firstCategory = tostring(split(destinationWebCategory_displayName_s, ',')[0]) // Split and get the first category\\r\\n| summarize Count = count() by firstCategory\\r\\n| top 10 by Count\\r\\n\",\"size\":2,\"title\":\"Top Allowed Web Categories\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\"},\"customWidth\":\"50\",\"name\":\"query - 7\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\r\\n| where tolower(action_s) == \\\"block\\\" and destinationFQDN_s != '' // Filter for allowed traffic\\r\\n| summarize Count = count() by destinationFQDN_s\\r\\n| top 100 by Count\",\"size\":0,\"title\":\"Top Blocked Destinations\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\"},\"customWidth\":\"50\",\"name\":\"query - 5\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\r\\n| where tolower(action_s) == \\\"block\\\" and destinationWebCategory_displayName_s != '' // Filter for blocked traffic\\r\\n| extend firstCategory = tostring(split(destinationWebCategory_displayName_s, ',')[0]) // Split and get the first category\\r\\n| summarize Count = count() by firstCategory\\r\\n| top 10 by Count\\r\\n\",\"size\":3,\"title\":\"Top Blocked Web Categories\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\"},\"customWidth\":\"50\",\"name\":\"query - 6\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\r\\n| where sentBytes_d > 0\\r\\n| where tolower(action_s) != \\\"block\\\" \\r\\n| summarize Count = count() , Sent = sum(sentBytes_d), Recived = sum(receivedBytes_d), Total = sum(receivedBytes_d+ sentBytes_d) by destinationFQDN_s\\r\\n| order by Count desc\\r\\n\",\"size\":0,\"title\":\"Top Allowed Destinations\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"gridSettings\":{\"formatters\":[{\"columnMatch\":\"Count\",\"formatter\":4,\"formatOptions\":{\"palette\":\"magenta\"}},{\"columnMatch\":\"Recived\",\"formatter\":4,\"formatOptions\":{\"palette\":\"turquoise\"}},{\"columnMatch\":\"Total\",\"formatter\":4,\"formatOptions\":{\"palette\":\"pink\"}},{\"columnMatch\":\"Sent\",\"formatter\":4,\"formatOptions\":{\"palette\":\"blue\"}}]}},\"customWidth\":\"50\",\"name\":\"query - 1\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\r\\n| where transportProtocol_s != ''\\r\\n| summarize Count = count() by toupper(transportProtocol_s)\\r\\n| top 10 by Count\\r\\n\",\"size\":2,\"title\":\"Protocol Distburion\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\"},\"customWidth\":\"50\",\"name\":\"query - 3\"}]},\"conditionalVisibility\":{\"parameterName\":\"tabSel\",\"comparison\":\"isEqualTo\",\"value\":\"Overview\"},\"name\":\"group - 4\"}],\"$schema\":\"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"}\r\n", + "version": "1.0", + "sourceId": "[variables('workspaceResourceId')]", + "category": "sentinel" + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/metadata", + "apiVersion": "2022-01-01-preview", + "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('Workbook-', last(split(variables('workbookId1'),'/'))))]", + "properties": { + "description": ".description", + "parentId": "[variables('workbookId1')]", + "contentId": "[variables('_workbookContentId1')]", + "kind": "Workbook", + "version": "[variables('workbookVersion1')]", + "source": { + "kind": "Solution", + "name": "Global Secure Access", + "sourceId": "[variables('_solutionId')]" + }, + "author": { + "name": "Microsoft", + "email": "[variables('_email')]" + }, + "support": { + "tier": "Microsoft", + "name": "Microsoft Corporation", + "email": "support@microsoft.com", + "link": "https://support.microsoft.com/" + } + } + } + ] + }, + "packageKind": "Solution", + "packageVersion": "[variables('_solutionVersion')]", + "packageName": "[variables('_solutionName')]", + "packageId": "[variables('_solutionId')]", + "contentSchemaVersion": "3.0.0", + "contentId": "[variables('_workbookContentId1')]", + "contentKind": "Workbook", + "displayName": "[parameters('workbook1-name')]", + "contentProductId": "[variables('_workbookcontentProductId1')]", + "id": "[variables('_workbookcontentProductId1')]", + "version": "[variables('workbookVersion1')]" + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates", + "apiVersion": "2023-04-01-preview", + "name": "[variables('workbookTemplateSpecName2')]", + "location": "[parameters('workspace-location')]", + "dependsOn": [ + "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" + ], + "properties": { + "description": "GSANetworkTraffic Workbook with template version 3.0.0", + "mainTemplate": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "[variables('workbookVersion2')]", + "parameters": {}, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/workbooks", + "name": "[variables('workbookContentId2')]", + "location": "[parameters('workspace-location')]", + "kind": "shared", + "apiVersion": "2021-08-01", + "metadata": { + "description": "" + }, + "properties": { + "displayName": "[parameters('workbook2-name')]", + "serializedData": "{\"version\":\"Notebook/1.0\",\"items\":[{\"type\":1,\"content\":{\"json\":\"## Traffic Logs workbook\\n---\\n\\nLog information in the dashboard is limited to 30 days.\"},\"name\":\"text - 2\"},{\"type\":9,\"content\":{\"version\":\"KqlParameterItem/1.0\",\"crossComponentResources\":[\"\"],\"parameters\":[{\"id\":\"ff8b2a55-1849-4848-acf8-eab5452e9f10\",\"version\":\"KqlParameterItem/1.0\",\"name\":\"LogAnalyticWorkspace\",\"label\":\"Log Analytic Workspace\",\"type\":5,\"description\":\"The log analytic workspace in which to execute the queries\",\"isRequired\":true,\"query\":\"resources\\r\\n| where type == \\\"microsoft.operationalinsights/workspaces\\\"\\r\\n| project id\",\"typeSettings\":{\"resourceTypeFilter\":{\"microsoft.operationalinsights/workspaces\":true},\"additionalResourceOptions\":[\"value::1\"],\"showDefault\":false},\"timeContext\":{\"durationMs\":86400000},\"defaultValue\":\"value::1\",\"queryType\":1,\"resourceType\":\"microsoft.resourcegraph/resources\"},{\"id\":\"f15f34d8-8e2d-4c39-8dee-be2f979c86a8\",\"version\":\"KqlParameterItem/1.0\",\"name\":\"TimeRange\",\"label\":\"Time Range\",\"type\":4,\"isRequired\":true,\"typeSettings\":{\"selectableValues\":[{\"durationMs\":300000},{\"durationMs\":900000},{\"durationMs\":1800000},{\"durationMs\":3600000},{\"durationMs\":14400000},{\"durationMs\":43200000},{\"durationMs\":86400000},{\"durationMs\":172800000},{\"durationMs\":259200000},{\"durationMs\":604800000},{\"durationMs\":1209600000},{\"durationMs\":2419200000},{\"durationMs\":2592000000}],\"allowCustom\":true},\"timeContext\":{\"durationMs\":86400000},\"value\":{\"durationMs\":2592000000}},{\"id\":\"8bab511b-53b3-4220-9d1c-372345b06728\",\"version\":\"KqlParameterItem/1.0\",\"name\":\"Users\",\"type\":2,\"isRequired\":true,\"multiSelect\":true,\"quote\":\"'\",\"delimiter\":\",\",\"query\":\"EnrichedMicrosoft365AuditLogsDemos_CL\\r\\n| summarize Count = count() by UserId_s\\r\\n| order by Count desc, UserId_s asc\\r\\n| project Value = UserId_s, Label = strcat(UserId_s, ' - ', Count, ' Logs'), Selected = false\",\"typeSettings\":{\"limitSelectTo\":20,\"additionalResourceOptions\":[\"value::all\"],\"selectAllValue\":\"*\",\"showDefault\":false},\"timeContext\":{\"durationMs\":0},\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"value\":[\"value::all\"]}],\"style\":\"pills\",\"queryType\":1,\"resourceType\":\"microsoft.operationalinsights/workspaces\"},\"name\":\"parameters - 15\"},{\"type\":11,\"content\":{\"version\":\"LinkItem/1.0\",\"style\":\"tabs\",\"links\":[{\"id\":\"2b2cd1be-9d25-412c-8444-f005c4789b55\",\"cellValue\":\"tabSel\",\"linkTarget\":\"parameter\",\"linkLabel\":\"Overview\",\"subTarget\":\"Overview\",\"style\":\"link\"},{\"id\":\"cc3e67f2-f20f-4430-8dee-d0773b90d9ce\",\"cellValue\":\"tabSel\",\"linkTarget\":\"parameter\",\"linkLabel\":\"All Traffic\",\"subTarget\":\"AllTraffic\",\"style\":\"link\"}]},\"name\":\"links - 7\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| project \\r\\n Timestamp = createdDateTime_t,\\r\\n User = userPrincipalName_s,\\r\\n SourceIP = SourceIP,\\r\\n DestinationIP = destinationIp_s,\\r\\n DestinationPort = destinationPort_d,\\r\\n Action = action_s,\\r\\n PolicyName = policyName_s,\\r\\n TransportProtocol = transportProtocol_s,\\r\\n TrafficType = trafficType_s,\\r\\n DestinationURL = destinationUrl_s,\\r\\n ReceivedBytes = receivedBytes_d,\\r\\n SentBytes = sentBytes_d,\\r\\n DeviceOS = deviceOperatingSystem_s,\\r\\n PolicyRuleID = policyRuleId_s\\r\\n| order by Timestamp desc\",\"size\":3,\"showAnalytics\":true,\"title\":\"Log\",\"timeContextFromParameter\":\"TimeRange\",\"showExportToExcel\":true,\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"gridSettings\":{\"rowLimit\":1000,\"filter\":true}},\"conditionalVisibility\":{\"parameterName\":\"tabSel\",\"comparison\":\"isEqualTo\",\"value\":\"AllTraffic\"},\"name\":\"query - 6\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"// Unique Users\\nNetworkAccessDemo_CL\\n| extend GeoInfo = geo_info_from_ip_address(SourceIP) // Extend each row with geolocation info\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\n| project SourceIP, Country = tostring(GeoInfo.country), State = tostring(GeoInfo.state), City = tostring(GeoInfo.city), Latitude = tostring(GeoInfo.latitude), Longitude = tostring(GeoInfo.longitude)\\n| summarize UniqueUsers=dcount(Country)\\n| extend snapshot = \\\"Total Locations\\\"\\n| project col1 = UniqueUsers, snapshot\\n\\n// Union with Unique Devices\\n| union (\\n NetworkAccessDemo_CL\\n | where userPrincipalName_s in ({Users}) or '*' in ({Users})\\n | extend BytesInGB = todouble(sentBytes_d + receivedBytes_d) / (1024 * 1024 * 1024) // Convert bytes to gigabytes\\n | summarize TotalBytesGB = sum(BytesInGB)\\n | extend snapshot = \\\"Total Bytes (GB)\\\"\\n | project col1 = tolong(TotalBytesGB), snapshot\\n)\\n\\n// Union with Total Internet Access\\n| union (\\n NetworkAccessDemo_CL\\n | where userPrincipalName_s in ({Users}) or '*' in ({Users})\\n | summarize TotalTransactions = count()\\n | extend snapshot = \\\"Total Trasnacations\\\"\\n | project col1 = TotalTransactions, snapshot\\n)\\n\\n// Union with Total Private Access\\n// Order by Snapshot for consistent tile ordering on dashboard\\n| order by snapshot\",\"size\":4,\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"tiles\",\"tileSettings\":{\"titleContent\":{\"columnMatch\":\"snapshot\",\"formatter\":1},\"leftContent\":{\"columnMatch\":\"col1\",\"formatter\":12,\"formatOptions\":{\"palette\":\"auto\"}},\"showBorder\":true,\"size\":\"auto\"},\"mapSettings\":{\"locInfo\":\"LatLong\",\"sizeSettings\":\"ExistingClients\",\"sizeAggregation\":\"Sum\",\"legendMetric\":\"ExistingClients\",\"legendAggregation\":\"Sum\",\"itemColorSettings\":{\"type\":\"heatmap\",\"colorAggregation\":\"Sum\",\"nodeColorField\":\"ExistingClients\",\"heatmapPalette\":\"greenRed\"}},\"textSettings\":{\"style\":\"bignumber\"}},\"conditionalVisibility\":{\"parameterName\":\"tabSel\",\"comparison\":\"isEqualTo\",\"value\":\"Overview\"},\"name\":\"query - 2\"},{\"type\":12,\"content\":{\"version\":\"NotebookGroup/1.0\",\"groupType\":\"editable\",\"items\":[{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\r\\n| extend BytesInGB = todouble(sentBytes_d + receivedBytes_d) / (1024 * 1024 * 1024) // Convert bytes to gigabytes\\r\\n| summarize TotalBytesGB = sum(BytesInGB) by bin(createdDateTime_t, 1h), trafficType_s\\r\\n| order by bin(createdDateTime_t, 1h) asc, trafficType_s asc\\r\\n| project createdDateTime_t, trafficType_s, TotalBytesGB\\r\\n\",\"size\":2,\"title\":\"Usage over Time (GB)\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"barchart\"},\"conditionalVisibility\":{\"parameterName\":\"tabSel\",\"comparison\":\"isEqualTo\",\"value\":\"Overview\"},\"name\":\"query - 0\"}]},\"name\":\"group - 5\"},{\"type\":12,\"content\":{\"version\":\"NotebookGroup/1.0\",\"groupType\":\"editable\",\"items\":[{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\r\\n| extend GeoInfo = geo_info_from_ip_address(SourceIP) // Extend each row with geolocation info\\r\\n| project createdDateTime_t, SourceIP, Country = tostring(GeoInfo.country), State = tostring(GeoInfo.state), City = tostring(GeoInfo.city), Latitude = tostring(GeoInfo.latitude), Longitude = tostring(GeoInfo.longitude)\\r\\n| where Country != \\\"\\\"\\r\\n| summarize Count = count() by City, State, Country\\r\\n\\r\\n\",\"size\":0,\"title\":\"Locations\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"map\",\"mapSettings\":{\"locInfo\":\"CountryRegion\",\"locInfoColumn\":\"Country\",\"latitude\":\"Latitude\",\"longitude\":\"Longitude\",\"sizeSettings\":\"Count\",\"sizeAggregation\":\"Sum\",\"labelSettings\":\"Country\",\"legendMetric\":\"Country\",\"legendAggregation\":\"Count\",\"itemColorSettings\":{\"nodeColorField\":\"Count\",\"colorAggregation\":\"Sum\",\"type\":\"heatmap\",\"heatmapPalette\":\"turquoise\"}}},\"customWidth\":\"50\",\"name\":\"query - 0\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\r\\n| where tolower(action_s) == \\\"allow\\\" and destinationWebCategory_displayName_s != '' // Filter for allowed traffic\\r\\n| extend firstCategory = tostring(split(destinationWebCategory_displayName_s, ',')[0]) // Split and get the first category\\r\\n| summarize Count = count() by firstCategory\\r\\n| top 10 by Count\\r\\n\",\"size\":2,\"title\":\"Top Allowed Web Categories\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\"},\"customWidth\":\"50\",\"name\":\"query - 7\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\r\\n| where tolower(action_s) == \\\"block\\\" and destinationFQDN_s != '' // Filter for allowed traffic\\r\\n| summarize Count = count() by destinationFQDN_s\\r\\n| top 100 by Count\",\"size\":0,\"title\":\"Top Blocked Destinations\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\"},\"customWidth\":\"50\",\"name\":\"query - 5\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\r\\n| where tolower(action_s) == \\\"block\\\" and destinationWebCategory_displayName_s != '' // Filter for blocked traffic\\r\\n| extend firstCategory = tostring(split(destinationWebCategory_displayName_s, ',')[0]) // Split and get the first category\\r\\n| summarize Count = count() by firstCategory\\r\\n| top 10 by Count\\r\\n\",\"size\":3,\"title\":\"Top Blocked Web Categories\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\"},\"customWidth\":\"50\",\"name\":\"query - 6\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\r\\n| where sentBytes_d > 0\\r\\n| where tolower(action_s) != \\\"block\\\" \\r\\n| summarize Count = count() , Sent = sum(sentBytes_d), Recived = sum(receivedBytes_d), Total = sum(receivedBytes_d+ sentBytes_d) by destinationFQDN_s\\r\\n| order by Count desc\\r\\n\",\"size\":0,\"title\":\"Top Allowed Destinations\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"gridSettings\":{\"formatters\":[{\"columnMatch\":\"Count\",\"formatter\":4,\"formatOptions\":{\"palette\":\"magenta\"}},{\"columnMatch\":\"Recived\",\"formatter\":4,\"formatOptions\":{\"palette\":\"turquoise\"}},{\"columnMatch\":\"Total\",\"formatter\":4,\"formatOptions\":{\"palette\":\"pink\"}},{\"columnMatch\":\"Sent\",\"formatter\":4,\"formatOptions\":{\"palette\":\"blue\"}}]}},\"customWidth\":\"50\",\"name\":\"query - 1\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\r\\n| where transportProtocol_s != ''\\r\\n| summarize Count = count() by toupper(transportProtocol_s)\\r\\n| top 10 by Count\\r\\n\",\"size\":2,\"title\":\"Protocol Distburion\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\"},\"customWidth\":\"50\",\"name\":\"query - 3\"}]},\"conditionalVisibility\":{\"parameterName\":\"tabSel\",\"comparison\":\"isEqualTo\",\"value\":\"Overview\"},\"name\":\"group - 4\"}],\"$schema\":\"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"}\r\n", + "version": "1.0", + "sourceId": "[variables('workspaceResourceId')]", + "category": "sentinel" + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/metadata", + "apiVersion": "2022-01-01-preview", + "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('Workbook-', last(split(variables('workbookId2'),'/'))))]", + "properties": { + "description": ".description", + "parentId": "[variables('workbookId2')]", + "contentId": "[variables('_workbookContentId2')]", + "kind": "Workbook", + "version": "[variables('workbookVersion2')]", + "source": { + "kind": "Solution", + "name": "Global Secure Access", + "sourceId": "[variables('_solutionId')]" + }, + "author": { + "name": "Microsoft", + "email": "[variables('_email')]" + }, + "support": { + "tier": "Microsoft", + "name": "Microsoft Corporation", + "email": "support@microsoft.com", + "link": "https://support.microsoft.com/" + } + } + } + ] + }, + "packageKind": "Solution", + "packageVersion": "[variables('_solutionVersion')]", + "packageName": "[variables('_solutionName')]", + "packageId": "[variables('_solutionId')]", + "contentSchemaVersion": "3.0.0", + "contentId": "[variables('_workbookContentId2')]", + "contentKind": "Workbook", + "displayName": "[parameters('workbook2-name')]", + "contentProductId": "[variables('_workbookcontentProductId2')]", + "id": "[variables('_workbookcontentProductId2')]", + "version": "[variables('workbookVersion2')]" + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates", + "apiVersion": "2023-04-01-preview", + "name": "[variables('huntingQueryObject1').huntingQueryTemplateSpecName1]", + "location": "[parameters('workspace-location')]", + "dependsOn": [ + "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" + ], + "properties": { + "description": "AnomolousUserAccessingOtherUsersMailbox_HuntingQueries Hunting Query with template version 3.0.0", + "mainTemplate": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "[variables('huntingQueryObject1').huntingQueryVersion1]", + "parameters": {}, + "variables": {}, + "resources": [ + { + "type": "Microsoft.OperationalInsights/savedSearches", + "apiVersion": "2022-10-01", + "name": "Global_Secure_Access_Hunting_Query_1", + "location": "[parameters('workspace-location')]", + "properties": { + "eTag": "*", + "displayName": "Anomalous access to other users' mailboxes", + "category": "Hunting Queries", + "query": "let starttime = todatetime('{{StartTimeISO}}');\nlet endtime = todatetime('{{EndTimeISO}}');\nlet lookback = totimespan((endtime - starttime) * 2);\n// Adjust this value to alter how many mailbox (other than their own) a user needs to access before being included in results\nlet user_threshold = 1;\n// Adjust this value to alter how many mailbox folders in other's email accounts a users needs to access before being included in results.\nlet folder_threshold = 5;\n// Exclude historical as known good (set lookback and timeframe to same value to skip this)\nEnrichedMicrosoft365AuditLogs\n| where TimeGenerated between (ago(lookback)..starttime)\n| where Operation =~ \"MailItemsAccessed\"\n| where ResultStatus =~ \"Succeeded\"\n| extend MailboxOwnerUPN = tostring(parse_json(AdditionalProperties).MailboxOwnerUPN)\n| where tolower(MailboxOwnerUPN) != tolower(UserId)\n| join kind=rightanti (\n EnrichedMicrosoft365AuditLogs\n | where TimeGenerated between (starttime..endtime)\n | where Operation =~ \"MailItemsAccessed\"\n | where ResultStatus =~ \"Succeeded\"\n | extend MailboxOwnerUPN = tostring(parse_json(AdditionalProperties).MailboxOwnerUPN)\n | where tolower(MailboxOwnerUPN) != tolower(UserId)\n) on MailboxOwnerUPN, UserId\n| where isnotempty(tostring(parse_json(AdditionalProperties).Folders))\n| mv-expand Folders = parse_json(AdditionalProperties).Folders\n| extend folders = tostring(Folders.Path)\n| extend ClientIP = iif(ClientIp startswith \"[\", extract(\"\\\\[([^\\\\]]*)\", 1, ClientIp), ClientIp)\n| extend ClientInfoString = tostring(parse_json(AdditionalProperties).ClientInfoString)\n| extend MailboxGuid = tostring(parse_json(AdditionalProperties).MailboxGuid)\n| summarize StartTime = max(TimeGenerated), EndTime = min(TimeGenerated), set_folders = make_set(folders, 100000), set_ClientInfoString = make_set(ClientInfoString, 100000), set_ClientIP = make_set(ClientIP, 100000), set_MailboxGuid = make_set(MailboxGuid, 100000), set_MailboxOwnerUPN = make_set(MailboxOwnerUPN, 100000) by UserId\n| extend folder_count = array_length(set_folders)\n| extend user_count = array_length(set_MailboxGuid)\n| where user_count > user_threshold or folder_count > folder_threshold\n| extend Reason = case(user_count > user_threshold and folder_count > folder_threshold, \"Both User and Folder Threshold Exceeded\", folder_count > folder_threshold and user_count < user_threshold, \"Folder Count Threshold Exceeded\", \"User Threshold Exceeded\")\n| sort by user_count desc\n| project-reorder UserId, user_count, folder_count, set_MailboxOwnerUPN, set_ClientIP, set_ClientInfoString, set_folders\n| extend AccountName = tostring(split(UserId, \"@\")[0]), AccountUPNSuffix = tostring(split(UserId, \"@\")[1])\n| extend Account_0_Name = AccountName\n| extend Account_0_UPNSuffix = AccountUPNSuffix\n", + "version": 2, + "tags": [ + { + "name": "description", + "value": "Looks for users accessing multiple other users' mailboxes or accessing multiple folders in another users mailbox." + }, + { + "name": "tactics", + "value": "Collection" + }, + { + "name": "techniques", + "value": "T1114.002" + } + ] + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/metadata", + "apiVersion": "2022-01-01-preview", + "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('HuntingQuery-', last(split(resourceId('Microsoft.OperationalInsights/savedSearches', variables('huntingQueryObject1')._huntingQuerycontentId1),'/'))))]", + "properties": { + "description": "Global Secure Access Hunting Query 1", + "parentId": "[resourceId('Microsoft.OperationalInsights/savedSearches', variables('huntingQueryObject1')._huntingQuerycontentId1)]", + "contentId": "[variables('huntingQueryObject1')._huntingQuerycontentId1]", + "kind": "HuntingQuery", + "version": "[variables('huntingQueryObject1').huntingQueryVersion1]", + "source": { + "kind": "Solution", + "name": "Global Secure Access", + "sourceId": "[variables('_solutionId')]" + }, + "author": { + "name": "Microsoft", + "email": "[variables('_email')]" + }, + "support": { + "tier": "Microsoft", + "name": "Microsoft Corporation", + "email": "support@microsoft.com", + "link": "https://support.microsoft.com/" + } + } + } + ] + }, + "packageKind": "Solution", + "packageVersion": "[variables('_solutionVersion')]", + "packageName": "[variables('_solutionName')]", + "packageId": "[variables('_solutionId')]", + "contentSchemaVersion": "3.0.0", + "contentId": "[variables('huntingQueryObject1')._huntingQuerycontentId1]", + "contentKind": "HuntingQuery", + "displayName": "Anomalous access to other users' mailboxes", + "contentProductId": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject1')._huntingQuerycontentId1,'-', '2.0.1')))]", + "id": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject1')._huntingQuerycontentId1,'-', '2.0.1')))]", + "version": "2.0.1" + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates", + "apiVersion": "2023-04-01-preview", + "name": "[variables('huntingQueryObject2').huntingQueryTemplateSpecName2]", + "location": "[parameters('workspace-location')]", + "dependsOn": [ + "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" + ], + "properties": { + "description": "ExternalUserAddedRemovedInTeams_HuntVersion_HuntingQueries Hunting Query with template version 3.0.0", + "mainTemplate": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "[variables('huntingQueryObject2').huntingQueryVersion2]", + "parameters": {}, + "variables": {}, + "resources": [ + { + "type": "Microsoft.OperationalInsights/savedSearches", + "apiVersion": "2022-10-01", + "name": "Global_Secure_Access_Hunting_Query_2", + "location": "[parameters('workspace-location')]", + "properties": { + "eTag": "*", + "displayName": "External User Added and Removed in a Short Timeframe", + "category": "Hunting Queries", + "query": "// If you want to look at user added further than 7 days ago adjust this value\n// If you want to change the timeframe of how quickly accounts need to be added and removed change this value\nlet time_delta = 1h;\nEnrichedMicrosoft365AuditLogs\n| where Workload == \"MicrosoftTeams\"\n| where Operation == \"MemberAdded\"\n| extend UPN = tostring(parse_json(tostring(AdditionalProperties)).UPN) // Assuming UPN is stored in AdditionalProperties\n| where UPN contains \"#EXT#\"\n| project TimeAdded = TimeGenerated, Operation, UPN, UserWhoAdded = UserId, TeamName = tostring(parse_json(tostring(AdditionalProperties)).TeamName), TeamGuid = tostring(parse_json(tostring(AdditionalProperties)).TeamGuid)\n| join kind=innerunique (\n EnrichedMicrosoft365AuditLogs\n | where Workload == \"MicrosoftTeams\"\n | where Operation == \"MemberRemoved\"\n | extend UPN = tostring(parse_json(tostring(AdditionalProperties)).UPN) // Assuming UPN is stored in AdditionalProperties\n | where UPN contains \"#EXT#\"\n | project TimeDeleted = TimeGenerated, Operation, UPN, UserWhoDeleted = UserId, TeamName = tostring(parse_json(tostring(AdditionalProperties)).TeamName), TeamGuid = tostring(parse_json(tostring(AdditionalProperties)).TeamGuid)\n) on UPN, TeamGuid\n| where TimeDeleted < (TimeAdded + time_delta)\n| project TimeAdded, TimeDeleted, UPN, UserWhoAdded, UserWhoDeleted, TeamName, TeamGuid\n| extend AccountName = tostring(split(UPN, \"@\")[0]), AccountUPNSuffix = tostring(split(UPN, \"@\")[1])\n", + "version": 2, + "tags": [ + { + "name": "description", + "value": "This hunting query identifies external user accounts that are added to a Team and then removed within one hour." + }, + { + "name": "tactics", + "value": "Persistence" + }, + { + "name": "techniques", + "value": "T1136" + } + ] + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/metadata", + "apiVersion": "2022-01-01-preview", + "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('HuntingQuery-', last(split(resourceId('Microsoft.OperationalInsights/savedSearches', variables('huntingQueryObject2')._huntingQuerycontentId2),'/'))))]", + "properties": { + "description": "Global Secure Access Hunting Query 2", + "parentId": "[resourceId('Microsoft.OperationalInsights/savedSearches', variables('huntingQueryObject2')._huntingQuerycontentId2)]", + "contentId": "[variables('huntingQueryObject2')._huntingQuerycontentId2]", + "kind": "HuntingQuery", + "version": "[variables('huntingQueryObject2').huntingQueryVersion2]", + "source": { + "kind": "Solution", + "name": "Global Secure Access", + "sourceId": "[variables('_solutionId')]" + }, + "author": { + "name": "Microsoft", + "email": "[variables('_email')]" + }, + "support": { + "tier": "Microsoft", + "name": "Microsoft Corporation", + "email": "support@microsoft.com", + "link": "https://support.microsoft.com/" + } + } + } + ] + }, + "packageKind": "Solution", + "packageVersion": "[variables('_solutionVersion')]", + "packageName": "[variables('_solutionName')]", + "packageId": "[variables('_solutionId')]", + "contentSchemaVersion": "3.0.0", + "contentId": "[variables('huntingQueryObject2')._huntingQuerycontentId2]", + "contentKind": "HuntingQuery", + "displayName": "External User Added and Removed in a Short Timeframe", + "contentProductId": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject2')._huntingQuerycontentId2,'-', '2.0.1')))]", + "id": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject2')._huntingQuerycontentId2,'-', '2.0.1')))]", + "version": "2.0.1" + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates", + "apiVersion": "2023-04-01-preview", + "name": "[variables('huntingQueryObject3').huntingQueryTemplateSpecName3]", + "location": "[parameters('workspace-location')]", + "dependsOn": [ + "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" + ], + "properties": { + "description": "ExternalUserFromNewOrgAddedToTeams_HuntingQueries Hunting Query with template version 3.0.0", + "mainTemplate": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "[variables('huntingQueryObject3').huntingQueryVersion3]", + "parameters": {}, + "variables": {}, + "resources": [ + { + "type": "Microsoft.OperationalInsights/savedSearches", + "apiVersion": "2022-10-01", + "name": "Global_Secure_Access_Hunting_Query_3", + "location": "[parameters('workspace-location')]", + "properties": { + "eTag": "*", + "displayName": "External user from a new organisation added to Teams", + "category": "Hunting Queries", + "query": "let starttime = todatetime('{{StartTimeISO}}');\nlet endtime = todatetime('{{EndTimeISO}}');\nlet lookback = totimespan((endtime - starttime) * 7);\nlet known_orgs = (\n EnrichedMicrosoft365AuditLogs\n | where TimeGenerated between (ago(lookback) .. starttime)\n | where Workload == \"MicrosoftTeams\"\n | where Operation in (\"MemberAdded\", \"TeamsSessionStarted\")\n // Extract the correct UPN and parse our external organization domain\n | extend Members = parse_json(tostring(AdditionalProperties.Members))\n | extend UPN = iif(Operation == \"MemberAdded\", tostring(Members[0].UPN), UserId)\n | extend Organization = tostring(split(split(UPN, \"_\")[1], \"#\")[0])\n | where isnotempty(Organization)\n | summarize by Organization\n);\nEnrichedMicrosoft365AuditLogs\n| where TimeGenerated between (starttime .. endtime)\n| where Workload == \"MicrosoftTeams\"\n| where Operation == \"MemberAdded\"\n| extend Members = parse_json(tostring(AdditionalProperties.Members))\n| extend UPN = tostring(Members[0].UPN)\n| extend Organization = tostring(split(split(UPN, \"_\")[1], \"#\")[0])\n| where isnotempty(Organization)\n| where Organization !in (known_orgs)\n| extend AccountName = tostring(split(UPN, \"@\")[0]), AccountUPNSuffix = tostring(split(UPN, \"@\")[1])\n| extend Account_0_Name = AccountName\n| extend Account_0_UPNSuffix = AccountUPNSuffix\n", + "version": 2, + "tags": [ + { + "name": "description", + "value": "This query identifies external users added to Teams where the user's domain is not one previously seen in Teams data." + }, + { + "name": "tactics", + "value": "Persistence" + }, + { + "name": "techniques", + "value": "T1136" + } + ] + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/metadata", + "apiVersion": "2022-01-01-preview", + "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('HuntingQuery-', last(split(resourceId('Microsoft.OperationalInsights/savedSearches', variables('huntingQueryObject3')._huntingQuerycontentId3),'/'))))]", + "properties": { + "description": "Global Secure Access Hunting Query 3", + "parentId": "[resourceId('Microsoft.OperationalInsights/savedSearches', variables('huntingQueryObject3')._huntingQuerycontentId3)]", + "contentId": "[variables('huntingQueryObject3')._huntingQuerycontentId3]", + "kind": "HuntingQuery", + "version": "[variables('huntingQueryObject3').huntingQueryVersion3]", + "source": { + "kind": "Solution", + "name": "Global Secure Access", + "sourceId": "[variables('_solutionId')]" + }, + "author": { + "name": "Microsoft", + "email": "[variables('_email')]" + }, + "support": { + "tier": "Microsoft", + "name": "Microsoft Corporation", + "email": "support@microsoft.com", + "link": "https://support.microsoft.com/" + } + } + } + ] + }, + "packageKind": "Solution", + "packageVersion": "[variables('_solutionVersion')]", + "packageName": "[variables('_solutionName')]", + "packageId": "[variables('_solutionId')]", + "contentSchemaVersion": "3.0.0", + "contentId": "[variables('huntingQueryObject3')._huntingQuerycontentId3]", + "contentKind": "HuntingQuery", + "displayName": "External user from a new organisation added to Teams", + "contentProductId": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject3')._huntingQuerycontentId3,'-', '2.0.1')))]", + "id": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject3')._huntingQuerycontentId3,'-', '2.0.1')))]", + "version": "2.0.1" + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates", + "apiVersion": "2023-04-01-preview", + "name": "[variables('huntingQueryObject4').huntingQueryTemplateSpecName4]", + "location": "[parameters('workspace-location')]", + "dependsOn": [ + "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" + ], + "properties": { + "description": "Mail_redirect_via_ExO_transport_rule_hunting_HuntingQueries Hunting Query with template version 3.0.0", + "mainTemplate": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "[variables('huntingQueryObject4').huntingQueryVersion4]", + "parameters": {}, + "variables": {}, + "resources": [ + { + "type": "Microsoft.OperationalInsights/savedSearches", + "apiVersion": "2022-10-01", + "name": "Global_Secure_Access_Hunting_Query_4", + "location": "[parameters('workspace-location')]", + "properties": { + "eTag": "*", + "displayName": "Mail Redirect via ExO Transport Rule", + "category": "Hunting Queries", + "query": "EnrichedMicrosoft365AuditLogs\n| where Workload == \"Exchange\"\n| where Operation in (\"New-TransportRule\", \"Set-TransportRule\")\n| mv-apply DynamicParameters = todynamic(AdditionalProperties.Parameters) on (summarize ParsedParameters = make_bag(pack(tostring(DynamicParameters.Name), DynamicParameters.Value)))\n| extend RuleName = case(\n Operation == \"Set-TransportRule\", ObjectId,\n Operation == \"New-TransportRule\", ParsedParameters.Name,\n \"Unknown\")\n| mv-expand ExpandedParameters = todynamic(AdditionalProperties.Parameters)\n| where ExpandedParameters.Name in (\"BlindCopyTo\", \"RedirectMessageTo\") and isnotempty(ExpandedParameters.Value)\n| extend RedirectTo = ExpandedParameters.Value\n| extend ClientIPValues = extract_all(@'\\[?(::ffff:)?(?P(\\d+\\.\\d+\\.\\d+\\.\\d+)|[^\\]]+)\\]?([-:](?P\\d+))?', dynamic([\"IPAddress\", \"Port\"]), ClientIp)[0]\n| project TimeGenerated, RedirectTo, IPAddress = tostring(ClientIPValues[0]), Port = tostring(ClientIPValues[1]), UserId, Operation, RuleName, AdditionalProperties\n| extend AccountName = tostring(split(UserId, \"@\")[0]), AccountUPNSuffix = tostring(split(UserId, \"@\")[1])\n", + "version": 2, + "tags": [ + { + "name": "description", + "value": "Identifies when Exchange Online transport rule is configured to forward emails.\nThis could be an adversary mailbox configured to collect mail from multiple user accounts." + }, + { + "name": "tactics", + "value": "Collection,Exfiltration" + }, + { + "name": "techniques", + "value": "T1114,T1020" + } + ] + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/metadata", + "apiVersion": "2022-01-01-preview", + "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('HuntingQuery-', last(split(resourceId('Microsoft.OperationalInsights/savedSearches', variables('huntingQueryObject4')._huntingQuerycontentId4),'/'))))]", + "properties": { + "description": "Global Secure Access Hunting Query 4", + "parentId": "[resourceId('Microsoft.OperationalInsights/savedSearches', variables('huntingQueryObject4')._huntingQuerycontentId4)]", + "contentId": "[variables('huntingQueryObject4')._huntingQuerycontentId4]", + "kind": "HuntingQuery", + "version": "[variables('huntingQueryObject4').huntingQueryVersion4]", + "source": { + "kind": "Solution", + "name": "Global Secure Access", + "sourceId": "[variables('_solutionId')]" + }, + "author": { + "name": "Microsoft", + "email": "[variables('_email')]" + }, + "support": { + "tier": "Microsoft", + "name": "Microsoft Corporation", + "email": "support@microsoft.com", + "link": "https://support.microsoft.com/" + } + } + } + ] + }, + "packageKind": "Solution", + "packageVersion": "[variables('_solutionVersion')]", + "packageName": "[variables('_solutionName')]", + "packageId": "[variables('_solutionId')]", + "contentSchemaVersion": "3.0.0", + "contentId": "[variables('huntingQueryObject4')._huntingQuerycontentId4]", + "contentKind": "HuntingQuery", + "displayName": "Mail Redirect via ExO Transport Rule", + "contentProductId": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject4')._huntingQuerycontentId4,'-', '2.0.1')))]", + "id": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject4')._huntingQuerycontentId4,'-', '2.0.1')))]", + "version": "2.0.1" + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates", + "apiVersion": "2023-04-01-preview", + "name": "[variables('huntingQueryObject5').huntingQueryTemplateSpecName5]", + "location": "[parameters('workspace-location')]", + "dependsOn": [ + "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" + ], + "properties": { + "description": "MultiTeamBot_HuntingQueries Hunting Query with template version 3.0.0", + "mainTemplate": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "[variables('huntingQueryObject5').huntingQueryVersion5]", + "parameters": {}, + "variables": {}, + "resources": [ + { + "type": "Microsoft.OperationalInsights/savedSearches", + "apiVersion": "2022-10-01", + "name": "Global_Secure_Access_Hunting_Query_5", + "location": "[parameters('workspace-location')]", + "properties": { + "eTag": "*", + "displayName": "Bots added to multiple teams", + "category": "Hunting Queries", + "query": "// Adjust these thresholds to suit your environment.\nlet threshold = 2;\nlet time_threshold = timespan(5m);\nEnrichedMicrosoft365AuditLogs\n | where Workload == \"MicrosoftTeams\"\n | where Operation == \"BotAddedToTeam\"\n | extend TeamName = tostring(parse_json(tostring(AdditionalProperties)).TeamName)\n | summarize Start = max(TimeGenerated), End = min(TimeGenerated), Teams = make_set(TeamName, 10000) by UserId\n | extend CountOfTeams = array_length(Teams)\n | extend TimeDelta = End - Start\n | where CountOfTeams > threshold\n | where TimeDelta <= time_threshold\n | project Start, End, Teams, CountOfTeams, UserId\n | extend AccountName = tostring(split(UserId, \"@\")[0]), AccountUPNSuffix = tostring(split(UserId, \"@\")[1])\n | extend Account_0_Name = AccountName\n | extend Account_0_UPNSuffix = AccountUPNSuffix\n", + "version": 2, + "tags": [ + { + "name": "description", + "value": "This hunting query helps identify bots added to multiple Teams in a short space of time." + }, + { + "name": "tactics", + "value": "Persistence,Collection" + }, + { + "name": "techniques", + "value": "T1176,T1119" + } + ] + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/metadata", + "apiVersion": "2022-01-01-preview", + "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('HuntingQuery-', last(split(resourceId('Microsoft.OperationalInsights/savedSearches', variables('huntingQueryObject5')._huntingQuerycontentId5),'/'))))]", + "properties": { + "description": "Global Secure Access Hunting Query 5", + "parentId": "[resourceId('Microsoft.OperationalInsights/savedSearches', variables('huntingQueryObject5')._huntingQuerycontentId5)]", + "contentId": "[variables('huntingQueryObject5')._huntingQuerycontentId5]", + "kind": "HuntingQuery", + "version": "[variables('huntingQueryObject5').huntingQueryVersion5]", + "source": { + "kind": "Solution", + "name": "Global Secure Access", + "sourceId": "[variables('_solutionId')]" + }, + "author": { + "name": "Microsoft", + "email": "[variables('_email')]" + }, + "support": { + "tier": "Microsoft", + "name": "Microsoft Corporation", + "email": "support@microsoft.com", + "link": "https://support.microsoft.com/" + } + } + } + ] + }, + "packageKind": "Solution", + "packageVersion": "[variables('_solutionVersion')]", + "packageName": "[variables('_solutionName')]", + "packageId": "[variables('_solutionId')]", + "contentSchemaVersion": "3.0.0", + "contentId": "[variables('huntingQueryObject5')._huntingQuerycontentId5]", + "contentKind": "HuntingQuery", + "displayName": "Bots added to multiple teams", + "contentProductId": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject5')._huntingQuerycontentId5,'-', '2.0.1')))]", + "id": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject5')._huntingQuerycontentId5,'-', '2.0.1')))]", + "version": "2.0.1" + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates", + "apiVersion": "2023-04-01-preview", + "name": "[variables('huntingQueryObject6').huntingQueryTemplateSpecName6]", + "location": "[parameters('workspace-location')]", + "dependsOn": [ + "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" + ], + "properties": { + "description": "MultiTeamOwner_HuntingQueries Hunting Query with template version 3.0.0", + "mainTemplate": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "[variables('huntingQueryObject6').huntingQueryVersion6]", + "parameters": {}, + "variables": {}, + "resources": [ + { + "type": "Microsoft.OperationalInsights/savedSearches", + "apiVersion": "2022-10-01", + "name": "Global_Secure_Access_Hunting_Query_6", + "location": "[parameters('workspace-location')]", + "properties": { + "eTag": "*", + "displayName": "User made Owner of multiple teams", + "category": "Hunting Queries", + "query": "// Adjust this value to change how many teams a user is made owner of before detecting\nlet max_owner_count = 3;\n// Identify users who have been made owner of multiple Teams\nlet high_owner_count = (\n EnrichedMicrosoft365AuditLogs\n | where Workload == \"MicrosoftTeams\"\n | where Operation == \"MemberRoleChanged\"\n | extend Member = tostring(UserId)\n | extend NewRole = toint(parse_json(tostring(AdditionalProperties)).Role)\n | where NewRole == 2\n | summarize TeamCount = dcount(ObjectId) by Member\n | where TeamCount > max_owner_count\n | project Member\n);\nEnrichedMicrosoft365AuditLogs\n| where Workload == \"MicrosoftTeams\"\n| where Operation == \"MemberRoleChanged\"\n| extend Member = tostring(UserId)\n| extend NewRole = toint(parse_json(tostring(AdditionalProperties)).Role)\n| where NewRole == 2\n| where Member in (high_owner_count)\n| extend AccountName = tostring(split(Member, \"@\")[0]), AccountUPNSuffix = tostring(split(Member, \"@\")[1])\n", + "version": 2, + "tags": [ + { + "name": "description", + "value": "This hunting query identifies users who have been made Owner of multiple Teams." + }, + { + "name": "tactics", + "value": "PrivilegeEscalation" + }, + { + "name": "techniques", + "value": "T1078" + } + ] + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/metadata", + "apiVersion": "2022-01-01-preview", + "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('HuntingQuery-', last(split(resourceId('Microsoft.OperationalInsights/savedSearches', variables('huntingQueryObject6')._huntingQuerycontentId6),'/'))))]", + "properties": { + "description": "Global Secure Access Hunting Query 6", + "parentId": "[resourceId('Microsoft.OperationalInsights/savedSearches', variables('huntingQueryObject6')._huntingQuerycontentId6)]", + "contentId": "[variables('huntingQueryObject6')._huntingQuerycontentId6]", + "kind": "HuntingQuery", + "version": "[variables('huntingQueryObject6').huntingQueryVersion6]", + "source": { + "kind": "Solution", + "name": "Global Secure Access", + "sourceId": "[variables('_solutionId')]" + }, + "author": { + "name": "Microsoft", + "email": "[variables('_email')]" + }, + "support": { + "tier": "Microsoft", + "name": "Microsoft Corporation", + "email": "support@microsoft.com", + "link": "https://support.microsoft.com/" + } + } + } + ] + }, + "packageKind": "Solution", + "packageVersion": "[variables('_solutionVersion')]", + "packageName": "[variables('_solutionName')]", + "packageId": "[variables('_solutionId')]", + "contentSchemaVersion": "3.0.0", + "contentId": "[variables('huntingQueryObject6')._huntingQuerycontentId6]", + "contentKind": "HuntingQuery", + "displayName": "User made Owner of multiple teams", + "contentProductId": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject6')._huntingQuerycontentId6,'-', '2.0.1')))]", + "id": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject6')._huntingQuerycontentId6,'-', '2.0.1')))]", + "version": "2.0.1" + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates", + "apiVersion": "2023-04-01-preview", + "name": "[variables('huntingQueryObject7').huntingQueryTemplateSpecName7]", + "location": "[parameters('workspace-location')]", + "dependsOn": [ + "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" + ], + "properties": { + "description": "MultipleTeamsDeletes_HuntingQueries Hunting Query with template version 3.0.0", + "mainTemplate": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "[variables('huntingQueryObject7').huntingQueryVersion7]", + "parameters": {}, + "variables": {}, + "resources": [ + { + "type": "Microsoft.OperationalInsights/savedSearches", + "apiVersion": "2022-10-01", + "name": "Global_Secure_Access_Hunting_Query_7", + "location": "[parameters('workspace-location')]", + "properties": { + "eTag": "*", + "displayName": "Multiple Teams deleted by a single user", + "category": "Hunting Queries", + "query": "// Adjust this value to change how many Teams should be deleted before including\nlet max_delete = 3;\nlet deleting_users = (\n EnrichedMicrosoft365AuditLogs\n | where Workload == \"MicrosoftTeams\"\n | where Operation == \"TeamDeleted\"\n | summarize count_ = count() by UserId\n | where count_ > max_delete\n | project UserId\n);\nEnrichedMicrosoft365AuditLogs\n| where Workload == \"MicrosoftTeams\"\n| where Operation == \"TeamDeleted\"\n| where UserId in (deleting_users)\n| extend AccountName = tostring(split(UserId, \"@\")[0]), AccountUPNSuffix = tostring(split(UserId, \"@\")[1])\n| extend Account_0_Name = AccountName\n| extend Account_0_UPNSuffix = AccountUPNSuffix\n", + "version": 2, + "tags": [ + { + "name": "description", + "value": "This hunting query identifies where multiple Teams have been deleted by a single user in a short timeframe." + }, + { + "name": "tactics", + "value": "Impact" + }, + { + "name": "techniques", + "value": "T1485,T1489" + } + ] + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/metadata", + "apiVersion": "2022-01-01-preview", + "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('HuntingQuery-', last(split(resourceId('Microsoft.OperationalInsights/savedSearches', variables('huntingQueryObject7')._huntingQuerycontentId7),'/'))))]", + "properties": { + "description": "Global Secure Access Hunting Query 7", + "parentId": "[resourceId('Microsoft.OperationalInsights/savedSearches', variables('huntingQueryObject7')._huntingQuerycontentId7)]", + "contentId": "[variables('huntingQueryObject7')._huntingQuerycontentId7]", + "kind": "HuntingQuery", + "version": "[variables('huntingQueryObject7').huntingQueryVersion7]", + "source": { + "kind": "Solution", + "name": "Global Secure Access", + "sourceId": "[variables('_solutionId')]" + }, + "author": { + "name": "Microsoft", + "email": "[variables('_email')]" + }, + "support": { + "tier": "Microsoft", + "name": "Microsoft Corporation", + "email": "support@microsoft.com", + "link": "https://support.microsoft.com/" + } + } + } + ] + }, + "packageKind": "Solution", + "packageVersion": "[variables('_solutionVersion')]", + "packageName": "[variables('_solutionName')]", + "packageId": "[variables('_solutionId')]", + "contentSchemaVersion": "3.0.0", + "contentId": "[variables('huntingQueryObject7')._huntingQuerycontentId7]", + "contentKind": "HuntingQuery", + "displayName": "Multiple Teams deleted by a single user", + "contentProductId": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject7')._huntingQuerycontentId7,'-', '2.0.1')))]", + "id": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject7')._huntingQuerycontentId7,'-', '2.0.1')))]", + "version": "2.0.1" + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates", + "apiVersion": "2023-04-01-preview", + "name": "[variables('huntingQueryObject8').huntingQueryTemplateSpecName8]", + "location": "[parameters('workspace-location')]", + "dependsOn": [ + "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" + ], + "properties": { + "description": "NewBotAddedToTeams_HuntingQueries Hunting Query with template version 3.0.0", + "mainTemplate": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "[variables('huntingQueryObject8').huntingQueryVersion8]", + "parameters": {}, + "variables": {}, + "resources": [ + { + "type": "Microsoft.OperationalInsights/savedSearches", + "apiVersion": "2022-10-01", + "name": "Global_Secure_Access_Hunting_Query_8", + "location": "[parameters('workspace-location')]", + "properties": { + "eTag": "*", + "displayName": "Previously Unseen Bot or Application Added to Teams", + "category": "Hunting Queries", + "query": "let starttime = todatetime('{{StartTimeISO}}');\nlet endtime = todatetime('{{EndTimeISO}}');\nlet lookback = starttime - 14d;\nlet historical_bots = \n EnrichedMicrosoft365AuditLogs\n | where TimeGenerated between (lookback .. starttime)\n | where Workload == \"MicrosoftTeams\"\n | extend AddonName = tostring(parse_json(tostring(AdditionalProperties)).AddonName)\n | where isnotempty(AddonName)\n | distinct AddonName;\nEnrichedMicrosoft365AuditLogs\n| where TimeGenerated between (starttime .. endtime)\n| where Workload == \"MicrosoftTeams\"\n| extend AddonName = tostring(parse_json(tostring(AdditionalProperties)).AddonName)\n| where AddonName !in (historical_bots)\n| extend AccountName = tostring(split(UserId, \"@\")[0]), AccountUPNSuffix = tostring(split(UserId, \"@\")[1])\n", + "version": 2, + "tags": [ + { + "name": "description", + "value": "This hunting query helps identify new, and potentially unapproved applications or bots being added to Teams." + }, + { + "name": "tactics", + "value": "Persistence,Collection" + }, + { + "name": "techniques", + "value": "T1176,T1119" + } + ] + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/metadata", + "apiVersion": "2022-01-01-preview", + "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('HuntingQuery-', last(split(resourceId('Microsoft.OperationalInsights/savedSearches', variables('huntingQueryObject8')._huntingQuerycontentId8),'/'))))]", + "properties": { + "description": "Global Secure Access Hunting Query 8", + "parentId": "[resourceId('Microsoft.OperationalInsights/savedSearches', variables('huntingQueryObject8')._huntingQuerycontentId8)]", + "contentId": "[variables('huntingQueryObject8')._huntingQuerycontentId8]", + "kind": "HuntingQuery", + "version": "[variables('huntingQueryObject8').huntingQueryVersion8]", + "source": { + "kind": "Solution", + "name": "Global Secure Access", + "sourceId": "[variables('_solutionId')]" + }, + "author": { + "name": "Microsoft", + "email": "[variables('_email')]" + }, + "support": { + "tier": "Microsoft", + "name": "Microsoft Corporation", + "email": "support@microsoft.com", + "link": "https://support.microsoft.com/" + } + } + } + ] + }, + "packageKind": "Solution", + "packageVersion": "[variables('_solutionVersion')]", + "packageName": "[variables('_solutionName')]", + "packageId": "[variables('_solutionId')]", + "contentSchemaVersion": "3.0.0", + "contentId": "[variables('huntingQueryObject8')._huntingQuerycontentId8]", + "contentKind": "HuntingQuery", + "displayName": "Previously Unseen Bot or Application Added to Teams", + "contentProductId": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject8')._huntingQuerycontentId8,'-', '2.0.1')))]", + "id": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject8')._huntingQuerycontentId8,'-', '2.0.1')))]", + "version": "2.0.1" + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates", + "apiVersion": "2023-04-01-preview", + "name": "[variables('huntingQueryObject9').huntingQueryTemplateSpecName9]", + "location": "[parameters('workspace-location')]", + "dependsOn": [ + "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" + ], + "properties": { + "description": "New_WindowsReservedFileNamesOnOfficeFileServices_HuntingQueries Hunting Query with template version 3.0.0", + "mainTemplate": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "[variables('huntingQueryObject9').huntingQueryVersion9]", + "parameters": {}, + "variables": {}, + "resources": [ + { + "type": "Microsoft.OperationalInsights/savedSearches", + "apiVersion": "2022-10-01", + "name": "Global_Secure_Access_Hunting_Query_9", + "location": "[parameters('workspace-location')]", + "properties": { + "eTag": "*", + "displayName": "New Windows Reserved Filenames staged on Office file services", + "category": "Hunting Queries", + "query": "let starttime = todatetime('{{StartTimeISO}}');\nlet endtime = todatetime('{{EndTimeISO}}');\nlet lookback = totimespan((endtime - starttime) * 7);\nlet Reserved = dynamic(['CON', 'PRN', 'AUX', 'NUL', 'COM1', 'COM2', 'COM3', 'COM4', 'COM5', 'COM6', 'COM7', 'COM8', 'COM9', 'LPT1', 'LPT2', 'LPT3', 'LPT4', 'LPT5', 'LPT6', 'LPT7', 'LPT8', 'LPT9']);\nEnrichedMicrosoft365AuditLogs\n| where TimeGenerated between (starttime .. endtime)\n| extend FileName = tostring(parse_json(tostring(AdditionalProperties)).SourceFileName)\n| extend ClientUserAgent = tostring(parse_json(tostring(AdditionalProperties)).ClientUserAgent)\n| extend SiteUrl = tostring(parse_json(tostring(AdditionalProperties)).SiteUrl)\n| where isnotempty(ObjectId)\n| where ObjectId !~ FileName\n| where ObjectId in (Reserved) or FileName in (Reserved)\n| where ClientUserAgent !has \"Mac OS\"\n| project TimeGenerated, Id, Workload, RecordType, Operation, UserType, UserKey, UserId, ClientIp, ClientUserAgent, SiteUrl, ObjectId, FileName\n| join kind=leftanti (\n EnrichedMicrosoft365AuditLogs\n | where TimeGenerated between (ago(lookback) .. starttime)\n | extend FileName = tostring(parse_json(tostring(AdditionalProperties)).SourceFileName)\n | extend ClientUserAgent = tostring(parse_json(tostring(AdditionalProperties)).ClientUserAgent)\n | extend SiteUrl = tostring(parse_json(tostring(AdditionalProperties)).SiteUrl)\n | where isnotempty(ObjectId)\n | where ObjectId !~ FileName\n | where ObjectId in (Reserved) or FileName in (Reserved)\n | where ClientUserAgent !has \"Mac OS\"\n | summarize PrevSeenCount = count() by ObjectId, UserId, FileName\n) on ObjectId\n| extend SiteUrlUserFolder = tolower(split(SiteUrl, '/')[-2])\n| extend UserIdUserFolderFormat = tolower(replace_regex(UserId, '@|\\\\.', '_'))\n| extend UserIdDiffThanUserFolder = iff(SiteUrl has '/personal/' and SiteUrlUserFolder != UserIdUserFolderFormat, true, false)\n| summarize TimeGenerated = make_list(TimeGenerated, 100000), StartTime = min(TimeGenerated), EndTime = max(TimeGenerated), Operations = make_list(Operation, 100000), UserAgents = make_list(ClientUserAgent, 100000),\n Ids = make_list(Id, 100000), SourceRelativeUrls = make_list(ObjectId, 100000), FileNames = make_list(FileName, 100000)\n by Workload, RecordType, UserType, UserKey, UserId, ClientIp, SiteUrl, ObjectId, SiteUrlUserFolder, UserIdUserFolderFormat, UserIdDiffThanUserFolder\n| extend AccountName = tostring(split(UserId, \"@\")[0]), AccountUPNSuffix = tostring(split(UserId, \"@\")[1])\n| extend IP_0_Address = ClientIp\n| extend Account_0_Name = AccountName\n| extend Account_0_UPNSuffix = AccountUPNSuffix\n| extend URL_0_Url = SiteUrl\n", + "version": 2, + "tags": [ + { + "name": "description", + "value": "This identifies new Windows Reserved Filenames on Office services like SharePoint and OneDrive in the past 7 days. It also detects when a user uploads these files to another user's workspace, which may indicate malicious activity." + }, + { + "name": "tactics", + "value": "CommandAndControl" + }, + { + "name": "techniques", + "value": "T1105" + } + ] + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/metadata", + "apiVersion": "2022-01-01-preview", + "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('HuntingQuery-', last(split(resourceId('Microsoft.OperationalInsights/savedSearches', variables('huntingQueryObject9')._huntingQuerycontentId9),'/'))))]", + "properties": { + "description": "Global Secure Access Hunting Query 9", + "parentId": "[resourceId('Microsoft.OperationalInsights/savedSearches', variables('huntingQueryObject9')._huntingQuerycontentId9)]", + "contentId": "[variables('huntingQueryObject9')._huntingQuerycontentId9]", + "kind": "HuntingQuery", + "version": "[variables('huntingQueryObject9').huntingQueryVersion9]", + "source": { + "kind": "Solution", + "name": "Global Secure Access", + "sourceId": "[variables('_solutionId')]" + }, + "author": { + "name": "Microsoft", + "email": "[variables('_email')]" + }, + "support": { + "tier": "Microsoft", + "name": "Microsoft Corporation", + "email": "support@microsoft.com", + "link": "https://support.microsoft.com/" + } + } + } + ] + }, + "packageKind": "Solution", + "packageVersion": "[variables('_solutionVersion')]", + "packageName": "[variables('_solutionName')]", + "packageId": "[variables('_solutionId')]", + "contentSchemaVersion": "3.0.0", + "contentId": "[variables('huntingQueryObject9')._huntingQuerycontentId9]", + "contentKind": "HuntingQuery", + "displayName": "New Windows Reserved Filenames staged on Office file services", + "contentProductId": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject9')._huntingQuerycontentId9,'-', '2.0.1')))]", + "id": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject9')._huntingQuerycontentId9,'-', '2.0.1')))]", + "version": "2.0.1" + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates", + "apiVersion": "2023-04-01-preview", + "name": "[variables('huntingQueryObject10').huntingQueryTemplateSpecName10]", + "location": "[parameters('workspace-location')]", + "dependsOn": [ + "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" + ], + "properties": { + "description": "OfficeMailForwarding_hunting_HuntingQueries Hunting Query with template version 3.0.0", + "mainTemplate": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "[variables('huntingQueryObject10').huntingQueryVersion10]", + "parameters": {}, + "variables": {}, + "resources": [ + { + "type": "Microsoft.OperationalInsights/savedSearches", + "apiVersion": "2022-10-01", + "name": "Global_Secure_Access_Hunting_Query_10", + "location": "[parameters('workspace-location')]", + "properties": { + "eTag": "*", + "displayName": "Office Mail Forwarding - Hunting Version", + "category": "Hunting Queries", + "query": "EnrichedMicrosoft365AuditLogs\n| where Workload == \"Exchange\"\n| where (Operation == \"Set-Mailbox\" and tostring(parse_json(tostring(AdditionalProperties))) contains 'ForwardingSmtpAddress') \n or (Operation in ('New-InboxRule', 'Set-InboxRule') and (tostring(parse_json(tostring(AdditionalProperties))) contains 'ForwardTo' or tostring(parse_json(tostring(AdditionalProperties))) contains 'RedirectTo'))\n| extend parsed = parse_json(tostring(AdditionalProperties))\n| extend fwdingDestination_initial = iif(Operation == \"Set-Mailbox\", tostring(parsed.ForwardingSmtpAddress), coalesce(tostring(parsed.ForwardTo), tostring(parsed.RedirectTo)))\n| where isnotempty(fwdingDestination_initial)\n| extend fwdingDestination = iff(fwdingDestination_initial has \"smtp\", (split(fwdingDestination_initial, \":\")[1]), fwdingDestination_initial)\n| parse fwdingDestination with * '@' ForwardedtoDomain \n| parse UserId with *'@' UserDomain\n| extend subDomain = ((split(strcat(tostring(split(UserDomain, '.')[-2]), '.', tostring(split(UserDomain, '.')[-1])), '.'))[0])\n| where ForwardedtoDomain !contains subDomain\n| extend Result = iff(ForwardedtoDomain != UserDomain, \"Mailbox rule created to forward to External Domain\", \"Forward rule for Internal domain\")\n| extend ClientIPAddress = case(ClientIp has \".\", tostring(split(ClientIp, \":\")[0]), ClientIp has \"[\", tostring(trim_start(@'[[]', tostring(split(ClientIp, \"]\")[0]))), ClientIp)\n| extend Port = case(\n ClientIp has \".\",\n (split(ClientIp, \":\")[1]),\n ClientIp has \"[\",\n tostring(split(ClientIp, \"]:\")[1]),\n ClientIp\n )\n| project\n TimeGenerated,\n UserId,\n UserDomain,\n subDomain,\n Operation,\n ForwardedtoDomain,\n ClientIPAddress,\n Result,\n Port,\n ObjectId,\n fwdingDestination,\n AdditionalProperties\n| extend\n AccountName = tostring(split(UserId, \"@\")[0]),\n AccountUPNSuffix = tostring(split(UserId, \"@\")[1])\n| extend Host = tostring(parse_json(tostring(AdditionalProperties)).OriginatingServer)\n| extend HostName = tostring(split(Host, \".\")[0])\n| extend DnsDomain = tostring(strcat_array(array_slice(split(Host, '.'), 1, -1), '.'))\n| extend Account_0_Name = AccountName\n| extend Account_0_UPNSuffix = AccountUPNSuffix\n| extend IP_0_Address = ClientIPAddress\n| extend Host_0_HostName = HostName\n| extend Host_0_DnsDomain = DnsDomain\n", + "version": 2, + "tags": [ + { + "name": "description", + "value": "Adversaries often abuse email-forwarding rules to monitor victim activities, steal information, and gain intelligence on the victim or their organization. This query highlights cases where user mail is being forwarded, including to external domains." + }, + { + "name": "tactics", + "value": "Collection,Exfiltration" + }, + { + "name": "techniques", + "value": "T1114,T1020" + } + ] + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/metadata", + "apiVersion": "2022-01-01-preview", + "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('HuntingQuery-', last(split(resourceId('Microsoft.OperationalInsights/savedSearches', variables('huntingQueryObject10')._huntingQuerycontentId10),'/'))))]", + "properties": { + "description": "Global Secure Access Hunting Query 10", + "parentId": "[resourceId('Microsoft.OperationalInsights/savedSearches', variables('huntingQueryObject10')._huntingQuerycontentId10)]", + "contentId": "[variables('huntingQueryObject10')._huntingQuerycontentId10]", + "kind": "HuntingQuery", + "version": "[variables('huntingQueryObject10').huntingQueryVersion10]", + "source": { + "kind": "Solution", + "name": "Global Secure Access", + "sourceId": "[variables('_solutionId')]" + }, + "author": { + "name": "Microsoft", + "email": "[variables('_email')]" + }, + "support": { + "tier": "Microsoft", + "name": "Microsoft Corporation", + "email": "support@microsoft.com", + "link": "https://support.microsoft.com/" + } + } + } + ] + }, + "packageKind": "Solution", + "packageVersion": "[variables('_solutionVersion')]", + "packageName": "[variables('_solutionName')]", + "packageId": "[variables('_solutionId')]", + "contentSchemaVersion": "3.0.0", + "contentId": "[variables('huntingQueryObject10')._huntingQuerycontentId10]", + "contentKind": "HuntingQuery", + "displayName": "Office Mail Forwarding - Hunting Version", + "contentProductId": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject10')._huntingQuerycontentId10,'-', '2.0.1')))]", + "id": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject10')._huntingQuerycontentId10,'-', '2.0.1')))]", + "version": "2.0.1" + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates", + "apiVersion": "2023-04-01-preview", + "name": "[variables('huntingQueryObject11').huntingQueryTemplateSpecName11]", + "location": "[parameters('workspace-location')]", + "dependsOn": [ + "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" + ], + "properties": { + "description": "TeamsFilesUploaded_HuntingQueries Hunting Query with template version 3.0.0", + "mainTemplate": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "[variables('huntingQueryObject11').huntingQueryVersion11]", + "parameters": {}, + "variables": {}, + "resources": [ + { + "type": "Microsoft.OperationalInsights/savedSearches", + "apiVersion": "2022-10-01", + "name": "Global_Secure_Access_Hunting_Query_11", + "location": "[parameters('workspace-location')]", + "properties": { + "eTag": "*", + "displayName": "Files uploaded to teams and access summary", + "category": "Hunting Queries", + "query": "EnrichedMicrosoft365AuditLogs\n| where RecordType == \"SharePointFileOperation\"\n| where Operation == \"FileUploaded\"\n| where UserId != \"app@sharepoint\"\n| where ObjectId has \"Microsoft Teams Chat Files\"\n| extend SourceFileName = tostring(parse_json(tostring(AdditionalProperties)).SourceFileName)\n| join kind=leftouter (\n EnrichedMicrosoft365AuditLogs\n | where RecordType == \"SharePointFileOperation\"\n | where Operation == \"FileDownloaded\" or Operation == \"FileAccessed\"\n | where UserId != \"app@sharepoint\"\n | where ObjectId has \"Microsoft Teams Chat Files\"\n | extend UserId1 = UserId, ClientIp1 = ClientIp\n) on ObjectId\n| extend userBag = bag_pack(\"UserId1\", UserId1, \"ClientIp1\", ClientIp1)\n| summarize AccessedBy = make_bag(userBag), make_set(UserId1, 10000) by bin(TimeGenerated, 1h), UserId, ObjectId, SourceFileName\n| extend NumberOfUsersAccessed = array_length(bag_keys(AccessedBy))\n| project timestamp = TimeGenerated, UserId, FileLocation = ObjectId, FileName = SourceFileName, AccessedBy, NumberOfUsersAccessed\n| extend AccountName = tostring(split(UserId, \"@\")[0]), AccountUPNSuffix = tostring(split(UserId, \"@\")[1])\n| extend Account_0_Name = AccountName\n| extend Account_0_UPNSuffix = AccountUPNSuffix\n", + "version": 2, + "tags": [ + { + "name": "description", + "value": "This hunting query identifies files uploaded to SharePoint via a Teams chat and\nsummarizes users and IP addresses that have accessed these files. This allows for \nidentification of anomalous file sharing patterns." + }, + { + "name": "tactics", + "value": "InitialAccess,Exfiltration" + }, + { + "name": "techniques", + "value": "T1199,T1102,T1078" + } + ] + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/metadata", + "apiVersion": "2022-01-01-preview", + "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('HuntingQuery-', last(split(resourceId('Microsoft.OperationalInsights/savedSearches', variables('huntingQueryObject11')._huntingQuerycontentId11),'/'))))]", + "properties": { + "description": "Global Secure Access Hunting Query 11", + "parentId": "[resourceId('Microsoft.OperationalInsights/savedSearches', variables('huntingQueryObject11')._huntingQuerycontentId11)]", + "contentId": "[variables('huntingQueryObject11')._huntingQuerycontentId11]", + "kind": "HuntingQuery", + "version": "[variables('huntingQueryObject11').huntingQueryVersion11]", + "source": { + "kind": "Solution", + "name": "Global Secure Access", + "sourceId": "[variables('_solutionId')]" + }, + "author": { + "name": "Microsoft", + "email": "[variables('_email')]" + }, + "support": { + "tier": "Microsoft", + "name": "Microsoft Corporation", + "email": "support@microsoft.com", + "link": "https://support.microsoft.com/" + } + } + } + ] + }, + "packageKind": "Solution", + "packageVersion": "[variables('_solutionVersion')]", + "packageName": "[variables('_solutionName')]", + "packageId": "[variables('_solutionId')]", + "contentSchemaVersion": "3.0.0", + "contentId": "[variables('huntingQueryObject11')._huntingQuerycontentId11]", + "contentKind": "HuntingQuery", + "displayName": "Files uploaded to teams and access summary", + "contentProductId": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject11')._huntingQuerycontentId11,'-', '2.0.1')))]", + "id": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject11')._huntingQuerycontentId11,'-', '2.0.1')))]", + "version": "2.0.1" + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates", + "apiVersion": "2023-04-01-preview", + "name": "[variables('huntingQueryObject12').huntingQueryTemplateSpecName12]", + "location": "[parameters('workspace-location')]", + "dependsOn": [ + "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" + ], + "properties": { + "description": "UserAddToTeamsAndUploadsFile_HuntingQueries Hunting Query with template version 3.0.0", + "mainTemplate": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "[variables('huntingQueryObject12').huntingQueryVersion12]", + "parameters": {}, + "variables": {}, + "resources": [ + { + "type": "Microsoft.OperationalInsights/savedSearches", + "apiVersion": "2022-10-01", + "name": "Global_Secure_Access_Hunting_Query_12", + "location": "[parameters('workspace-location')]", + "properties": { + "eTag": "*", + "displayName": "User added to Teams and immediately uploads file", + "category": "Hunting Queries", + "query": "let threshold = 1m;\nlet MemberAddedEvents = EnrichedMicrosoft365AuditLogs\n | where Workload == \"MicrosoftTeams\"\n | where Operation == \"MemberAdded\"\n | extend TeamName = tostring(parse_json(AdditionalProperties).TeamName)\n | project TimeGenerated, UploaderID = UserId, TeamName;\nlet FileUploadEvents = EnrichedMicrosoft365AuditLogs\n | where RecordType == \"SharePointFileOperation\"\n | where ObjectId has \"Microsoft Teams Chat Files\"\n | where Operation == \"FileUploaded\"\n | extend SourceFileName = tostring(parse_json(AdditionalProperties).SourceFileName)\n | project UploadTime = TimeGenerated, UploaderID = UserId, FileLocation = ObjectId, SourceFileName;\nMemberAddedEvents\n | join kind=inner (FileUploadEvents) on UploaderID\n | where UploadTime > TimeGenerated and UploadTime < TimeGenerated + threshold\n | extend timestamp = TimeGenerated, AccountCustomEntity = UploaderID\n", + "version": 2, + "tags": [ + { + "name": "description", + "value": "This hunting query identifies users who are added to a Teams Channel or Teams chat\nand within 1 minute of being added upload a file via the chat. This might be\nan indicator of suspicious activity." + }, + { + "name": "tactics", + "value": "InitialAccess" + }, + { + "name": "techniques", + "value": "T1566" + } + ] + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/metadata", + "apiVersion": "2022-01-01-preview", + "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('HuntingQuery-', last(split(resourceId('Microsoft.OperationalInsights/savedSearches', variables('huntingQueryObject12')._huntingQuerycontentId12),'/'))))]", + "properties": { + "description": "Global Secure Access Hunting Query 12", + "parentId": "[resourceId('Microsoft.OperationalInsights/savedSearches', variables('huntingQueryObject12')._huntingQuerycontentId12)]", + "contentId": "[variables('huntingQueryObject12')._huntingQuerycontentId12]", + "kind": "HuntingQuery", + "version": "[variables('huntingQueryObject12').huntingQueryVersion12]", + "source": { + "kind": "Solution", + "name": "Global Secure Access", + "sourceId": "[variables('_solutionId')]" + }, + "author": { + "name": "Microsoft", + "email": "[variables('_email')]" + }, + "support": { + "tier": "Microsoft", + "name": "Microsoft Corporation", + "email": "support@microsoft.com", + "link": "https://support.microsoft.com/" + } + } + } + ] + }, + "packageKind": "Solution", + "packageVersion": "[variables('_solutionVersion')]", + "packageName": "[variables('_solutionName')]", + "packageId": "[variables('_solutionId')]", + "contentSchemaVersion": "3.0.0", + "contentId": "[variables('huntingQueryObject12')._huntingQuerycontentId12]", + "contentKind": "HuntingQuery", + "displayName": "User added to Teams and immediately uploads file", + "contentProductId": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject12')._huntingQuerycontentId12,'-', '2.0.1')))]", + "id": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject12')._huntingQuerycontentId12,'-', '2.0.1')))]", + "version": "2.0.1" + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates", + "apiVersion": "2023-04-01-preview", + "name": "[variables('huntingQueryObject13').huntingQueryTemplateSpecName13]", + "location": "[parameters('workspace-location')]", + "dependsOn": [ + "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" + ], + "properties": { + "description": "WindowsReservedFileNamesOnOfficeFileServices_HuntingQueries Hunting Query with template version 3.0.0", + "mainTemplate": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "[variables('huntingQueryObject13').huntingQueryVersion13]", + "parameters": {}, + "variables": {}, + "resources": [ + { + "type": "Microsoft.OperationalInsights/savedSearches", + "apiVersion": "2022-10-01", + "name": "Global_Secure_Access_Hunting_Query_13", + "location": "[parameters('workspace-location')]", + "properties": { + "eTag": "*", + "displayName": "Windows Reserved Filenames Staged on Office File Services", + "category": "Hunting Queries", + "query": "// Reserved FileNames/Extension for Windows\nlet Reserved = dynamic(['CON', 'PRN', 'AUX', 'NUL', 'COM1', 'COM2', 'COM3', 'COM4', 'COM5', 'COM6', 'COM7', 'COM8', 'COM9', 'LPT1', 'LPT2', 'LPT3', 'LPT4', 'LPT5', 'LPT6', 'LPT7', 'LPT8', 'LPT9']);\nEnrichedMicrosoft365AuditLogs\n| extend SourceFileName = tostring(parse_json(tostring(AdditionalProperties)).SourceFileName)\n| extend UserAgent = tostring(parse_json(tostring(AdditionalProperties)).UserAgent)\n| extend Site_Url = tostring(parse_json(tostring(AdditionalProperties)).SiteUrl)\n| where isnotempty(ObjectId)\n| where ObjectId in (Reserved) or SourceFileName in (Reserved)\n| where UserAgent !has \"Mac OS\"\n| extend SiteUrlUserFolder = tolower(split(Site_Url, '/')[-2])\n| extend UserIdUserFolderFormat = tolower(replace_regex(UserId, '@|\\\\.', '_'))\n// identify when UserId is not a match to the specific site url personal folder reference\n| extend UserIdDiffThanUserFolder = iff(Site_Url has '/personal/' and SiteUrlUserFolder != UserIdUserFolderFormat, true, false)\n| summarize TimeGenerated = make_list(TimeGenerated, 100000), StartTime = min(TimeGenerated), EndTime = max(TimeGenerated), Operations = make_list(Operation, 100000), UserAgents = make_list(UserAgent, 100000), ObjectIds = make_list(Id, 100000), SourceRelativeUrls = make_list(ObjectId, 100000), FileNames = make_list(SourceFileName, 100000)\nby Workload, RecordType, UserType, UserKey, UserId, ClientIp, Site_Url, ObjectId, SiteUrlUserFolder, UserIdUserFolderFormat, UserIdDiffThanUserFolder\n// Use mvexpand on any list items and you can expand out the exact time and other metadata about the hit\n| extend AccountName = tostring(split(UserId, \"@\")[0]), AccountUPNSuffix = tostring(split(UserId, \"@\")[1])\n| extend IP_0_Address = ClientIp\n| extend Account_0_Name = AccountName\n| extend Account_0_UPNSuffix = AccountUPNSuffix\n| extend URL_0_Url = Site_Url\n", + "version": 2, + "tags": [ + { + "name": "description", + "value": "This identifies Windows Reserved Filenames on Office services like SharePoint and OneDrive. It also detects when a user uploads these files to another user's workspace, which may indicate malicious activity." + }, + { + "name": "tactics", + "value": "CommandAndControl" + }, + { + "name": "techniques", + "value": "T1105" + } + ] + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/metadata", + "apiVersion": "2022-01-01-preview", + "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('HuntingQuery-', last(split(resourceId('Microsoft.OperationalInsights/savedSearches', variables('huntingQueryObject13')._huntingQuerycontentId13),'/'))))]", + "properties": { + "description": "Global Secure Access Hunting Query 13", + "parentId": "[resourceId('Microsoft.OperationalInsights/savedSearches', variables('huntingQueryObject13')._huntingQuerycontentId13)]", + "contentId": "[variables('huntingQueryObject13')._huntingQuerycontentId13]", + "kind": "HuntingQuery", + "version": "[variables('huntingQueryObject13').huntingQueryVersion13]", + "source": { + "kind": "Solution", + "name": "Global Secure Access", + "sourceId": "[variables('_solutionId')]" + }, + "author": { + "name": "Microsoft", + "email": "[variables('_email')]" + }, + "support": { + "tier": "Microsoft", + "name": "Microsoft Corporation", + "email": "support@microsoft.com", + "link": "https://support.microsoft.com/" + } + } + } + ] + }, + "packageKind": "Solution", + "packageVersion": "[variables('_solutionVersion')]", + "packageName": "[variables('_solutionName')]", + "packageId": "[variables('_solutionId')]", + "contentSchemaVersion": "3.0.0", + "contentId": "[variables('huntingQueryObject13')._huntingQuerycontentId13]", + "contentKind": "HuntingQuery", + "displayName": "Windows Reserved Filenames Staged on Office File Services", + "contentProductId": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject13')._huntingQuerycontentId13,'-', '2.0.1')))]", + "id": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject13')._huntingQuerycontentId13,'-', '2.0.1')))]", + "version": "2.0.1" + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates", + "apiVersion": "2023-04-01-preview", + "name": "[variables('huntingQueryObject14').huntingQueryTemplateSpecName14]", + "location": "[parameters('workspace-location')]", + "dependsOn": [ + "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" + ], + "properties": { + "description": "double_file_ext_exes_HuntingQueries Hunting Query with template version 3.0.0", + "mainTemplate": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "[variables('huntingQueryObject14').huntingQueryVersion14]", + "parameters": {}, + "variables": {}, + "resources": [ + { + "type": "Microsoft.OperationalInsights/savedSearches", + "apiVersion": "2022-10-01", + "name": "Global_Secure_Access_Hunting_Query_14", + "location": "[parameters('workspace-location')]", + "properties": { + "eTag": "*", + "displayName": "Exes with double file extension and access summary", + "category": "Hunting Queries", + "query": "let known_ext = dynamic([\"lnk\", \"log\", \"option\", \"config\", \"manifest\", \"partial\"]);\nlet excluded_users = dynamic([\"app@sharepoint\"]);\nEnrichedMicrosoft365AuditLogs\n| where RecordType == \"SharePointFileOperation\" and isnotempty(ObjectId)\n| where ObjectId has \".exe.\" \n and not(ObjectId endswith \".lnk\") \n and not(ObjectId endswith \".log\") \n and not(ObjectId endswith \".option\") \n and not(ObjectId endswith \".config\") \n and not(ObjectId endswith \".manifest\") \n and not(ObjectId endswith \".partial\")\n| extend Extension = extract(\"[^.]*\\\\.[^.]*$\", 0, ObjectId)\n| extend SourceFileName = tostring(parse_json(tostring(AdditionalProperties)).SourceFileName)\n| join kind=leftouter (\n EnrichedMicrosoft365AuditLogs\n | where RecordType == \"SharePointFileOperation\" and (Operation == \"FileDownloaded\" or Operation == \"FileAccessed\")\n | where not(ObjectId endswith \".lnk\") \n and not(ObjectId endswith \".log\") \n and not(ObjectId endswith \".option\") \n and not(ObjectId endswith \".config\") \n and not(ObjectId endswith \".manifest\") \n and not(ObjectId endswith \".partial\")\n) on ObjectId\n| where UserId1 !in (excluded_users)\n| extend userBag = bag_pack(\"UserId\", UserId1, \"ClientIp\", ClientIp1)\n| summarize make_set(UserId1, 10000), userBag = make_bag(userBag), UploadTime = max(TimeGenerated) by UserId, ObjectId, SourceFileName, Extension\n| extend NumberOfUsers = array_length(bag_keys(userBag))\n| project UploadTime, Uploader = UserId, FileLocation = ObjectId, FileName = SourceFileName, AccessedBy = userBag, Extension, NumberOfUsers\n| extend UploaderName = tostring(split(Uploader, \"@\")[0]), UploaderUPNSuffix = tostring(split(Uploader, \"@\")[1])\n", + "version": 2, + "tags": [ + { + "name": "description", + "value": "Provides a summary of executable files with double file extensions in SharePoint \n and the users and IP addresses that have accessed them." + }, + { + "name": "tactics", + "value": "DefenseEvasion" + }, + { + "name": "techniques", + "value": "T1036" + } + ] + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/metadata", + "apiVersion": "2022-01-01-preview", + "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('HuntingQuery-', last(split(resourceId('Microsoft.OperationalInsights/savedSearches', variables('huntingQueryObject14')._huntingQuerycontentId14),'/'))))]", + "properties": { + "description": "Global Secure Access Hunting Query 14", + "parentId": "[resourceId('Microsoft.OperationalInsights/savedSearches', variables('huntingQueryObject14')._huntingQuerycontentId14)]", + "contentId": "[variables('huntingQueryObject14')._huntingQuerycontentId14]", + "kind": "HuntingQuery", + "version": "[variables('huntingQueryObject14').huntingQueryVersion14]", + "source": { + "kind": "Solution", + "name": "Global Secure Access", + "sourceId": "[variables('_solutionId')]" + }, + "author": { + "name": "Microsoft", + "email": "[variables('_email')]" + }, + "support": { + "tier": "Microsoft", + "name": "Microsoft Corporation", + "email": "support@microsoft.com", + "link": "https://support.microsoft.com/" + } + } + } + ] + }, + "packageKind": "Solution", + "packageVersion": "[variables('_solutionVersion')]", + "packageName": "[variables('_solutionName')]", + "packageId": "[variables('_solutionId')]", + "contentSchemaVersion": "3.0.0", + "contentId": "[variables('huntingQueryObject14')._huntingQuerycontentId14]", + "contentKind": "HuntingQuery", + "displayName": "Exes with double file extension and access summary", + "contentProductId": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject14')._huntingQuerycontentId14,'-', '2.0.1')))]", + "id": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject14')._huntingQuerycontentId14,'-', '2.0.1')))]", + "version": "2.0.1" + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates", + "apiVersion": "2023-04-01-preview", + "name": "[variables('huntingQueryObject15').huntingQueryTemplateSpecName15]", + "location": "[parameters('workspace-location')]", + "dependsOn": [ + "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" + ], + "properties": { + "description": "new_adminaccountactivity_HuntingQueries Hunting Query with template version 3.0.0", + "mainTemplate": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "[variables('huntingQueryObject15').huntingQueryVersion15]", + "parameters": {}, + "variables": {}, + "resources": [ + { + "type": "Microsoft.OperationalInsights/savedSearches", + "apiVersion": "2022-10-01", + "name": "Global_Secure_Access_Hunting_Query_15", + "location": "[parameters('workspace-location')]", + "properties": { + "eTag": "*", + "displayName": "New Admin Account Activity Seen Which Was Not Seen Historically", + "category": "Hunting Queries", + "query": "let starttime = todatetime('{{StartTimeISO}}');\nlet endtime = todatetime('{{EndTimeISO}}');\nlet lookback = starttime - 14d;\nlet historicalActivity =\n EnrichedMicrosoft365AuditLogs\n | where TimeGenerated between (lookback .. starttime)\n | where RecordType == \"ExchangeAdmin\" and UserType in (\"Admin\", \"DcAdmin\")\n | summarize historicalCount = count() by UserId;\nlet recentActivity = EnrichedMicrosoft365AuditLogs\n | where TimeGenerated between (starttime .. endtime)\n | where UserType in (\"Admin\", \"DcAdmin\")\n | summarize recentCount = count() by UserId;\nrecentActivity\n| join kind=leftanti (historicalActivity) on UserId\n| project UserId, recentCount\n| join kind=rightsemi (\n EnrichedMicrosoft365AuditLogs\n | where TimeGenerated between (starttime .. endtime)\n | where RecordType == \"ExchangeAdmin\" \n | where UserType in (\"Admin\", \"DcAdmin\")\n ) on UserId\n| summarize StartTime = min(TimeGenerated), EndTime = max(TimeGenerated), count() by RecordType, Operation, UserType, UserId, ResultStatus\n| extend AccountName = iff(UserId contains '@', tostring(split(UserId, '@')[0]), UserId)\n| extend AccountUPNSuffix = iff(UserId contains '@', tostring(split(UserId, '@')[1]), '')\n| extend AccountName = iff(UserId contains '\\\\', tostring(split(UserId, '\\\\')[1]), AccountName)\n| extend AccountNTDomain = iff(UserId contains '\\\\', tostring(split(UserId, '\\\\')[0]), '')\n", + "version": 2, + "tags": [ + { + "name": "description", + "value": "This will help you discover any new admin account activity which was seen and were not seen historically.\nAny new accounts seen in the results can be validated and investigated for any suspicious activities." + }, + { + "name": "tactics", + "value": "PrivilegeEscalation,Collection" + }, + { + "name": "techniques", + "value": "T1078,T1114" + } + ] + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/metadata", + "apiVersion": "2022-01-01-preview", + "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('HuntingQuery-', last(split(resourceId('Microsoft.OperationalInsights/savedSearches', variables('huntingQueryObject15')._huntingQuerycontentId15),'/'))))]", + "properties": { + "description": "Global Secure Access Hunting Query 15", + "parentId": "[resourceId('Microsoft.OperationalInsights/savedSearches', variables('huntingQueryObject15')._huntingQuerycontentId15)]", + "contentId": "[variables('huntingQueryObject15')._huntingQuerycontentId15]", + "kind": "HuntingQuery", + "version": "[variables('huntingQueryObject15').huntingQueryVersion15]", + "source": { + "kind": "Solution", + "name": "Global Secure Access", + "sourceId": "[variables('_solutionId')]" + }, + "author": { + "name": "Microsoft", + "email": "[variables('_email')]" + }, + "support": { + "tier": "Microsoft", + "name": "Microsoft Corporation", + "email": "support@microsoft.com", + "link": "https://support.microsoft.com/" + } + } + } + ] + }, + "packageKind": "Solution", + "packageVersion": "[variables('_solutionVersion')]", + "packageName": "[variables('_solutionName')]", + "packageId": "[variables('_solutionId')]", + "contentSchemaVersion": "3.0.0", + "contentId": "[variables('huntingQueryObject15')._huntingQuerycontentId15]", + "contentKind": "HuntingQuery", + "displayName": "New Admin Account Activity Seen Which Was Not Seen Historically", + "contentProductId": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject15')._huntingQuerycontentId15,'-', '2.0.1')))]", + "id": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject15')._huntingQuerycontentId15,'-', '2.0.1')))]", + "version": "2.0.1" + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates", + "apiVersion": "2023-04-01-preview", + "name": "[variables('huntingQueryObject16').huntingQueryTemplateSpecName16]", + "location": "[parameters('workspace-location')]", + "dependsOn": [ + "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" + ], + "properties": { + "description": "new_sharepoint_downloads_by_IP_HuntingQueries Hunting Query with template version 3.0.0", + "mainTemplate": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "[variables('huntingQueryObject16').huntingQueryVersion16]", + "parameters": {}, + "variables": {}, + "resources": [ + { + "type": "Microsoft.OperationalInsights/savedSearches", + "apiVersion": "2022-10-01", + "name": "Global_Secure_Access_Hunting_Query_16", + "location": "[parameters('workspace-location')]", + "properties": { + "eTag": "*", + "displayName": "SharePointFileOperation via previously unseen IPs", + "category": "Hunting Queries", + "query": "let starttime = todatetime('{{StartTimeISO}}');\nlet endtime = todatetime('{{EndTimeISO}}');\nlet lookback = starttime - 14d;\nlet BLOCK_THRESHOLD = 1.0;\nlet HighBlockRateASNs =\n SigninLogs\n | where TimeGenerated > lookback\n | where isnotempty(AutonomousSystemNumber)\n | summarize make_set(IPAddress), TotalIps = dcount(IPAddress), BlockedSignins = countif(ResultType == \"50053\"), TotalSignins = count() by AutonomousSystemNumber\n | extend BlockRatio = 1.00 * BlockedSignins / TotalSignins\n | where BlockRatio >= BLOCK_THRESHOLD\n | distinct AutonomousSystemNumber;\nlet ASNIPs =\n SigninLogs\n | where TimeGenerated > lookback\n | where AutonomousSystemNumber in (HighBlockRateASNs)\n | distinct IPAddress, AutonomousSystemNumber;\nEnrichedMicrosoft365AuditLogs\n| where TimeGenerated between (starttime .. endtime)\n| where RecordType == \"SharePointFileOperation\"\n| where Operation in (\"FileDownloaded\", \"FileUploaded\")\n| where ClientIp in (ASNIPs)\n| summarize StartTime = min(TimeGenerated), EndTime = max(TimeGenerated), RecentFileActivities = count() by ClientIp\n| extend IP_0_Address = ClientIp\n", + "version": 2, + "tags": [ + { + "name": "description", + "value": "Shows SharePoint upload/download volume by IPs with high-risk ASNs. New IPs with volume spikes may be unauthorized and exfiltrating documents." + }, + { + "name": "tactics", + "value": "Exfiltration" + }, + { + "name": "techniques", + "value": "T1030" + } + ] + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/metadata", + "apiVersion": "2022-01-01-preview", + "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('HuntingQuery-', last(split(resourceId('Microsoft.OperationalInsights/savedSearches', variables('huntingQueryObject16')._huntingQuerycontentId16),'/'))))]", + "properties": { + "description": "Global Secure Access Hunting Query 16", + "parentId": "[resourceId('Microsoft.OperationalInsights/savedSearches', variables('huntingQueryObject16')._huntingQuerycontentId16)]", + "contentId": "[variables('huntingQueryObject16')._huntingQuerycontentId16]", + "kind": "HuntingQuery", + "version": "[variables('huntingQueryObject16').huntingQueryVersion16]", + "source": { + "kind": "Solution", + "name": "Global Secure Access", + "sourceId": "[variables('_solutionId')]" + }, + "author": { + "name": "Microsoft", + "email": "[variables('_email')]" + }, + "support": { + "tier": "Microsoft", + "name": "Microsoft Corporation", + "email": "support@microsoft.com", + "link": "https://support.microsoft.com/" + } + } + } + ] + }, + "packageKind": "Solution", + "packageVersion": "[variables('_solutionVersion')]", + "packageName": "[variables('_solutionName')]", + "packageId": "[variables('_solutionId')]", + "contentSchemaVersion": "3.0.0", + "contentId": "[variables('huntingQueryObject16')._huntingQuerycontentId16]", + "contentKind": "HuntingQuery", + "displayName": "SharePointFileOperation via previously unseen IPs", + "contentProductId": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject16')._huntingQuerycontentId16,'-', '2.0.1')))]", + "id": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject16')._huntingQuerycontentId16,'-', '2.0.1')))]", + "version": "2.0.1" + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates", + "apiVersion": "2023-04-01-preview", + "name": "[variables('huntingQueryObject17').huntingQueryTemplateSpecName17]", + "location": "[parameters('workspace-location')]", + "dependsOn": [ + "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" + ], + "properties": { + "description": "new_sharepoint_downloads_by_UserAgent_HuntingQueries Hunting Query with template version 3.0.0", + "mainTemplate": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "[variables('huntingQueryObject17').huntingQueryVersion17]", + "parameters": {}, + "variables": {}, + "resources": [ + { + "type": "Microsoft.OperationalInsights/savedSearches", + "apiVersion": "2022-10-01", + "name": "Global_Secure_Access_Hunting_Query_17", + "location": "[parameters('workspace-location')]", + "properties": { + "eTag": "*", + "displayName": "SharePointFileOperation via devices with previously unseen user agents", + "category": "Hunting Queries", + "query": "let starttime = todatetime('{{StartTimeISO}}');\nlet endtime = todatetime('{{EndTimeISO}}');\nlet lookback = starttime - 14d;\nlet MINIMUM_BLOCKS = 10;\nlet SUCCESS_THRESHOLD = 0.2;\nlet HistoricalActivity = \n SigninLogs\n | where TimeGenerated > lookback\n | where isnotempty(ClientAppUsed)\n | summarize SuccessfulSignins = countif(ResultType == \"0\"), BlockedSignins = countif(ResultType == \"50053\") by ClientAppUsed\n | extend SuccessBlockRatio = 1.00 * SuccessfulSignins / BlockedSignins\n | where SuccessBlockRatio < SUCCESS_THRESHOLD\n | where BlockedSignins > MINIMUM_BLOCKS;\nEnrichedMicrosoft365AuditLogs\n| where TimeGenerated between (starttime .. endtime)\n| where RecordType == \"SharePointFileOperation\"\n| where Operation in (\"FileDownloaded\", \"FileUploaded\")\n| extend ClientAppUsed = tostring(parse_json(AdditionalProperties).UserAgent)\n| extend SiteUrl = tostring(parse_json(AdditionalProperties).SiteUrl)\n| summarize StartTime = min(TimeGenerated), EndTime = max(TimeGenerated), RecentFileActivities = count() by ClientAppUsed, UserId, ClientIp, SiteUrl\n| join kind=innerunique (HistoricalActivity) on ClientAppUsed\n| project-away ClientAppUsed1\n| extend AccountName = tostring(split(UserId, \"@\")[0]), AccountUPNSuffix = tostring(split(UserId, \"@\")[1])\n| extend IP_0_Address = ClientIp\n| extend Account_0_Name = AccountName\n| extend Account_0_UPNSuffix = AccountUPNSuffix\n| extend URL_0_Url = SiteUrl\n", + "version": 2, + "tags": [ + { + "name": "description", + "value": "Tracking via user agent is one way to differentiate between types of connecting device.\nIn homogeneous enterprise environments the user agent associated with an attacker device may stand out as unusual." + }, + { + "name": "tactics", + "value": "Exfiltration" + }, + { + "name": "techniques", + "value": "T1030" + } + ] + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/metadata", + "apiVersion": "2022-01-01-preview", + "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('HuntingQuery-', last(split(resourceId('Microsoft.OperationalInsights/savedSearches', variables('huntingQueryObject17')._huntingQuerycontentId17),'/'))))]", + "properties": { + "description": "Global Secure Access Hunting Query 17", + "parentId": "[resourceId('Microsoft.OperationalInsights/savedSearches', variables('huntingQueryObject17')._huntingQuerycontentId17)]", + "contentId": "[variables('huntingQueryObject17')._huntingQuerycontentId17]", + "kind": "HuntingQuery", + "version": "[variables('huntingQueryObject17').huntingQueryVersion17]", + "source": { + "kind": "Solution", + "name": "Global Secure Access", + "sourceId": "[variables('_solutionId')]" + }, + "author": { + "name": "Microsoft", + "email": "[variables('_email')]" + }, + "support": { + "tier": "Microsoft", + "name": "Microsoft Corporation", + "email": "support@microsoft.com", + "link": "https://support.microsoft.com/" + } + } + } + ] + }, + "packageKind": "Solution", + "packageVersion": "[variables('_solutionVersion')]", + "packageName": "[variables('_solutionName')]", + "packageId": "[variables('_solutionId')]", + "contentSchemaVersion": "3.0.0", + "contentId": "[variables('huntingQueryObject17')._huntingQuerycontentId17]", + "contentKind": "HuntingQuery", + "displayName": "SharePointFileOperation via devices with previously unseen user agents", + "contentProductId": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject17')._huntingQuerycontentId17,'-', '2.0.1')))]", + "id": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject17')._huntingQuerycontentId17,'-', '2.0.1')))]", + "version": "2.0.1" + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates", + "apiVersion": "2023-04-01-preview", + "name": "[variables('huntingQueryObject18').huntingQueryTemplateSpecName18]", + "location": "[parameters('workspace-location')]", + "dependsOn": [ + "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" + ], + "properties": { + "description": "nonowner_MailboxLogin_HuntingQueries Hunting Query with template version 3.0.0", + "mainTemplate": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "[variables('huntingQueryObject18').huntingQueryVersion18]", + "parameters": {}, + "variables": {}, + "resources": [ + { + "type": "Microsoft.OperationalInsights/savedSearches", + "apiVersion": "2022-10-01", + "name": "Global_Secure_Access_Hunting_Query_18", + "location": "[parameters('workspace-location')]", + "properties": { + "eTag": "*", + "displayName": "Non-owner mailbox login activity", + "category": "Hunting Queries", + "query": "EnrichedMicrosoft365AuditLogs\n| where Workload == \"Exchange\"\n| where Operation == \"MailboxLogin\"\n| extend Logon_Type = tostring(parse_json(tostring(AdditionalProperties)).LogonType)\n| extend MailboxOwnerUPN = tostring(parse_json(tostring(AdditionalProperties)).MailboxOwnerUPN)\n| where Logon_Type != \"Owner\"\n| summarize StartTime = min(TimeGenerated), EndTime = max(TimeGenerated), count() by Operation, UserType, UserId, MailboxOwnerUPN, Logon_Type, ClientIp\n| extend AccountName = tostring(split(UserId, \"@\")[0]), AccountUPNSuffix = tostring(split(UserId, \"@\")[1])\n| extend IP_0_Address = ClientIp\n| extend Account_0_Name = AccountName\n| extend Account_0_UPNSuffix = AccountUPNSuffix\n", + "version": 2, + "tags": [ + { + "name": "description", + "value": "Finds non-owner mailbox access by admin/delegate permissions. Whitelist valid users and check others for unauthorized access." + }, + { + "name": "tactics", + "value": "Collection,Exfiltration" + }, + { + "name": "techniques", + "value": "T1114,T1020" + } + ] + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/metadata", + "apiVersion": "2022-01-01-preview", + "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('HuntingQuery-', last(split(resourceId('Microsoft.OperationalInsights/savedSearches', variables('huntingQueryObject18')._huntingQuerycontentId18),'/'))))]", + "properties": { + "description": "Global Secure Access Hunting Query 18", + "parentId": "[resourceId('Microsoft.OperationalInsights/savedSearches', variables('huntingQueryObject18')._huntingQuerycontentId18)]", + "contentId": "[variables('huntingQueryObject18')._huntingQuerycontentId18]", + "kind": "HuntingQuery", + "version": "[variables('huntingQueryObject18').huntingQueryVersion18]", + "source": { + "kind": "Solution", + "name": "Global Secure Access", + "sourceId": "[variables('_solutionId')]" + }, + "author": { + "name": "Microsoft", + "email": "[variables('_email')]" + }, + "support": { + "tier": "Microsoft", + "name": "Microsoft Corporation", + "email": "support@microsoft.com", + "link": "https://support.microsoft.com/" + } + } + } + ] + }, + "packageKind": "Solution", + "packageVersion": "[variables('_solutionVersion')]", + "packageName": "[variables('_solutionName')]", + "packageId": "[variables('_solutionId')]", + "contentSchemaVersion": "3.0.0", + "contentId": "[variables('huntingQueryObject18')._huntingQuerycontentId18]", + "contentKind": "HuntingQuery", + "displayName": "Non-owner mailbox login activity", + "contentProductId": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject18')._huntingQuerycontentId18,'-', '2.0.1')))]", + "id": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject18')._huntingQuerycontentId18,'-', '2.0.1')))]", + "version": "2.0.1" + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates", + "apiVersion": "2023-04-01-preview", + "name": "[variables('huntingQueryObject19').huntingQueryTemplateSpecName19]", + "location": "[parameters('workspace-location')]", + "dependsOn": [ + "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" + ], + "properties": { + "description": "powershell_or_nonbrowser_MailboxLogin_HuntingQueries Hunting Query with template version 3.0.0", + "mainTemplate": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "[variables('huntingQueryObject19').huntingQueryVersion19]", + "parameters": {}, + "variables": {}, + "resources": [ + { + "type": "Microsoft.OperationalInsights/savedSearches", + "apiVersion": "2022-10-01", + "name": "Global_Secure_Access_Hunting_Query_19", + "location": "[parameters('workspace-location')]", + "properties": { + "eTag": "*", + "displayName": "PowerShell or non-browser mailbox login activity", + "category": "Hunting Queries", + "query": "EnrichedMicrosoft365AuditLogs\n| where Workload == \"Exchange\" and Operation == \"MailboxLogin\"\n| extend ClientApplication = tostring(parse_json(AdditionalProperties).ClientInfoString)\n| where ClientApplication == \"Client=Microsoft.Exchange.Powershell; Microsoft WinRM Client\"\n| extend TenantName = tostring(parse_json(AdditionalProperties).TenantName)\n| extend MailboxOwner = tostring(parse_json(AdditionalProperties).MailboxOwnerUPN)\n| extend LogonType = tostring(parse_json(AdditionalProperties).LogonType)\n| summarize StartTime = min(TimeGenerated), EndTime = max(TimeGenerated), count() by Operation, TenantName, UserType, UserId, MailboxOwner, LogonType, ClientApplication\n| extend AccountName = iff(UserId contains '@', tostring(split(UserId, '@')[0]), UserId)\n| extend AccountUPNSuffix = iff(UserId contains '@', tostring(split(UserId, '@')[1]), '')\n| extend AccountName = iff(UserId contains '\\\\', tostring(split(UserId, '\\\\')[1]), AccountName)\n| extend AccountNTDomain = iff(UserId contains '\\\\', tostring(split(UserId, '\\\\')[0]), '')\n", + "version": 2, + "tags": [ + { + "name": "description", + "value": "Detects mailbox login from Exchange PowerShell. All accounts can use it by default, but admins can change it. Whitelist benign activities." + }, + { + "name": "tactics", + "value": "Execution,Persistence,Collection" + }, + { + "name": "techniques", + "value": "T1059,T1098,T1114" + } + ] + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/metadata", + "apiVersion": "2022-01-01-preview", + "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('HuntingQuery-', last(split(resourceId('Microsoft.OperationalInsights/savedSearches', variables('huntingQueryObject19')._huntingQuerycontentId19),'/'))))]", + "properties": { + "description": "Global Secure Access Hunting Query 19", + "parentId": "[resourceId('Microsoft.OperationalInsights/savedSearches', variables('huntingQueryObject19')._huntingQuerycontentId19)]", + "contentId": "[variables('huntingQueryObject19')._huntingQuerycontentId19]", + "kind": "HuntingQuery", + "version": "[variables('huntingQueryObject19').huntingQueryVersion19]", + "source": { + "kind": "Solution", + "name": "Global Secure Access", + "sourceId": "[variables('_solutionId')]" + }, + "author": { + "name": "Microsoft", + "email": "[variables('_email')]" + }, + "support": { + "tier": "Microsoft", + "name": "Microsoft Corporation", + "email": "support@microsoft.com", + "link": "https://support.microsoft.com/" + } + } + } + ] + }, + "packageKind": "Solution", + "packageVersion": "[variables('_solutionVersion')]", + "packageName": "[variables('_solutionName')]", + "packageId": "[variables('_solutionId')]", + "contentSchemaVersion": "3.0.0", + "contentId": "[variables('huntingQueryObject19')._huntingQuerycontentId19]", + "contentKind": "HuntingQuery", + "displayName": "PowerShell or non-browser mailbox login activity", + "contentProductId": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject19')._huntingQuerycontentId19,'-', '2.0.1')))]", + "id": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject19')._huntingQuerycontentId19,'-', '2.0.1')))]", + "version": "2.0.1" + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates", + "apiVersion": "2023-04-01-preview", + "name": "[variables('huntingQueryObject20').huntingQueryTemplateSpecName20]", + "location": "[parameters('workspace-location')]", + "dependsOn": [ + "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" + ], + "properties": { + "description": "sharepoint_downloads_HuntingQueries Hunting Query with template version 3.0.0", + "mainTemplate": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "[variables('huntingQueryObject20').huntingQueryVersion20]", + "parameters": {}, + "variables": {}, + "resources": [ + { + "type": "Microsoft.OperationalInsights/savedSearches", + "apiVersion": "2022-10-01", + "name": "Global_Secure_Access_Hunting_Query_20", + "location": "[parameters('workspace-location')]", + "properties": { + "eTag": "*", + "displayName": "SharePoint File Operation via Client IP with Previously Unseen User Agents", + "category": "Hunting Queries", + "query": "let starttime = todatetime('{{StartTimeISO}}');\nlet endtime = todatetime('{{EndTimeISO}}');\nlet lookback = starttime - 14d;\nlet historicalUA = EnrichedMicrosoft365AuditLogs\n| where RecordType == \"SharePointFileOperation\"\n| where Operation in (\"FileDownloaded\", \"FileUploaded\")\n| where TimeGenerated between(lookback..starttime)\n| extend ClientApplication = tostring(parse_json(AdditionalProperties).UserAgent)\n| summarize by ClientIp, ClientApplication;\nlet recentUA = EnrichedMicrosoft365AuditLogs\n| where RecordType == \"SharePointFileOperation\"\n| where Operation in (\"FileDownloaded\", \"FileUploaded\")\n| where TimeGenerated between(starttime..endtime)\n| extend ClientApplication = tostring(parse_json(AdditionalProperties).UserAgent)\n| summarize StartTime = min(TimeGenerated), EndTime = max(TimeGenerated) by ClientIp, ClientApplication;\nrecentUA | join kind=leftanti (\n historicalUA\n) on ClientIp, ClientApplication\n// Some EnrichedMicrosoft365AuditLogs records do not contain ClientIp information - exclude these for fewer results\n| where not(isempty(ClientIp))\n| extend IP_0_Address = ClientIp\n", + "version": 2, + "tags": [ + { + "name": "description", + "value": "New user agents associated with a client IP for SharePoint file uploads/downloads." + }, + { + "name": "tactics", + "value": "Exfiltration" + }, + { + "name": "techniques", + "value": "T1030" + } + ] + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/metadata", + "apiVersion": "2022-01-01-preview", + "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('HuntingQuery-', last(split(resourceId('Microsoft.OperationalInsights/savedSearches', variables('huntingQueryObject20')._huntingQuerycontentId20),'/'))))]", + "properties": { + "description": "Global Secure Access Hunting Query 20", + "parentId": "[resourceId('Microsoft.OperationalInsights/savedSearches', variables('huntingQueryObject20')._huntingQuerycontentId20)]", + "contentId": "[variables('huntingQueryObject20')._huntingQuerycontentId20]", + "kind": "HuntingQuery", + "version": "[variables('huntingQueryObject20').huntingQueryVersion20]", + "source": { + "kind": "Solution", + "name": "Global Secure Access", + "sourceId": "[variables('_solutionId')]" + }, + "author": { + "name": "Microsoft", + "email": "[variables('_email')]" + }, + "support": { + "tier": "Microsoft", + "name": "Microsoft Corporation", + "email": "support@microsoft.com", + "link": "https://support.microsoft.com/" + } + } + } + ] + }, + "packageKind": "Solution", + "packageVersion": "[variables('_solutionVersion')]", + "packageName": "[variables('_solutionName')]", + "packageId": "[variables('_solutionId')]", + "contentSchemaVersion": "3.0.0", + "contentId": "[variables('huntingQueryObject20')._huntingQuerycontentId20]", + "contentKind": "HuntingQuery", + "displayName": "SharePoint File Operation via Client IP with Previously Unseen User Agents", + "contentProductId": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject20')._huntingQuerycontentId20,'-', '2.0.1')))]", + "id": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject20')._huntingQuerycontentId20,'-', '2.0.1')))]", + "version": "2.0.1" + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates", + "apiVersion": "2023-04-01-preview", + "name": "[variables('huntingQueryObject21').huntingQueryTemplateSpecName21]", + "location": "[parameters('workspace-location')]", + "dependsOn": [ + "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" + ], + "properties": { + "description": "MultipleUsersEmailForwardedToSameDestination_HuntingQueries Hunting Query with template version 3.0.0", + "mainTemplate": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "[variables('huntingQueryObject21').huntingQueryVersion21]", + "parameters": {}, + "variables": {}, + "resources": [ + { + "type": "Microsoft.OperationalInsights/savedSearches", + "apiVersion": "2022-10-01", + "name": "Global_Secure_Access_Hunting_Query_21", + "location": "[parameters('workspace-location')]", + "properties": { + "eTag": "*", + "displayName": "Multiple Users Email Forwarded to Same Destination", + "category": "Hunting Queries", + "query": "let queryfrequency = 1d;\nlet queryperiod = 7d;\nEnrichedMicrosoft365AuditLogs\n| where TimeGenerated > ago(queryperiod)\n| where Workload == \"Exchange\"\n| where AdditionalProperties has_any (\"ForwardTo\", \"RedirectTo\", \"ForwardingSmtpAddress\")\n| mv-apply DynamicParameters = todynamic(AdditionalProperties) on (summarize ParsedParameters = make_bag(bag_pack(tostring(DynamicParameters.Name), DynamicParameters.Value)))\n| evaluate bag_unpack(ParsedParameters, columnsConflict='replace_source')\n| extend DestinationMailAddress = tolower(case(\n isnotempty(column_ifexists(\"ForwardTo\", \"\")), column_ifexists(\"ForwardTo\", \"\"),\n isnotempty(column_ifexists(\"RedirectTo\", \"\")), column_ifexists(\"RedirectTo\", \"\"),\n isnotempty(column_ifexists(\"ForwardingSmtpAddress\", \"\")), trim_start(@\"smtp:\", column_ifexists(\"ForwardingSmtpAddress\", \"\")),\n \"\"))\n| where isnotempty(DestinationMailAddress)\n| mv-expand split(DestinationMailAddress, \";\")\n| extend ClientIPValues = extract_all(@'\\[?(::ffff:)?(?P(\\d+\\.\\d+\\.\\d+\\.\\d+)|[^\\]]+)\\]?([-:](?P\\d+))?', dynamic([\"IPAddress\", \"Port\"]), ClientIp)[0]\n| extend ClientIp = tostring(ClientIPValues[0]), Port = tostring(ClientIPValues[1])\n| summarize StartTime = min(TimeGenerated), EndTime = max(TimeGenerated), DistinctUserCount = dcount(UserId), UserId = make_set(UserId, 250), Ports = make_set(Port, 250), EventCount = count() by tostring(DestinationMailAddress), ClientIp\n| where DistinctUserCount > 1 and EndTime > ago(queryfrequency)\n| mv-expand UserId to typeof(string)\n| extend AccountName = tostring(split(UserId, \"@\")[0]), AccountUPNSuffix = tostring(split(UserId, \"@\")[1])\n", + "version": 2, + "tags": [ + { + "name": "description", + "value": "Identifies when multiple (more than one) users' mailboxes are configured to forward to the same destination. \nThis could be an attacker-controlled destination mailbox configured to collect mail from multiple compromised user accounts." + }, + { + "name": "tactics", + "value": "Collection,Exfiltration" + }, + { + "name": "techniques", + "value": "T1114,T1020" + } + ] + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/metadata", + "apiVersion": "2022-01-01-preview", + "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('HuntingQuery-', last(split(resourceId('Microsoft.OperationalInsights/savedSearches', variables('huntingQueryObject21')._huntingQuerycontentId21),'/'))))]", + "properties": { + "description": "Global Secure Access Hunting Query 21", + "parentId": "[resourceId('Microsoft.OperationalInsights/savedSearches', variables('huntingQueryObject21')._huntingQuerycontentId21)]", + "contentId": "[variables('huntingQueryObject21')._huntingQuerycontentId21]", + "kind": "HuntingQuery", + "version": "[variables('huntingQueryObject21').huntingQueryVersion21]", + "source": { + "kind": "Solution", + "name": "Global Secure Access", + "sourceId": "[variables('_solutionId')]" + }, + "author": { + "name": "Microsoft", + "email": "[variables('_email')]" + }, + "support": { + "tier": "Microsoft", + "name": "Microsoft Corporation", + "email": "support@microsoft.com", + "link": "https://support.microsoft.com/" + } + } + } + ] + }, + "packageKind": "Solution", + "packageVersion": "[variables('_solutionVersion')]", + "packageName": "[variables('_solutionName')]", + "packageId": "[variables('_solutionId')]", + "contentSchemaVersion": "3.0.0", + "contentId": "[variables('huntingQueryObject21')._huntingQuerycontentId21]", + "contentKind": "HuntingQuery", + "displayName": "Multiple Users Email Forwarded to Same Destination", + "contentProductId": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject21')._huntingQuerycontentId21,'-', '2.0.1')))]", + "id": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject21')._huntingQuerycontentId21,'-', '2.0.1')))]", + "version": "2.0.1" + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/contentPackages", + "apiVersion": "2023-04-01-preview", + "location": "[parameters('workspace-location')]", + "properties": { + "version": "3.0.0", + "kind": "Solution", + "contentSchemaVersion": "3.0.0", + "displayName": "Global Secure Access", + "publisherDisplayName": "Microsoft Sentinel, Microsoft Corporation", + "descriptionHtml": "

Note: Please refer to the following before installing the solution:

\n

• Review the solution Release Notes

\n

• There may be known issues pertaining to this Solution, please refer to them before installing.

\n

Global Secure Access is a domain solution and does not include any data connectors. The content in this solution requires one of the product solutions below.

\n

Prerequisite :-

\n

Install one or more of the listed solutions to unlock the value provided by this solution.

\n
    \n
  1. Microsoft Entra Id
    2. \n
\n

Underlying Microsoft Technologies used:

\n

This solution takes a dependency on the following technologies, and some of these dependencies either may be in Preview state or might result in additional ingestion or operational costs:

\n
    \n
  1. Product solutions as described above
    2. \n
\n

Workbooks: 2, Hunting Queries: 21

\n

Learn more about Microsoft Sentinel | Learn more about Solutions

\n", + "contentKind": "Solution", + "contentProductId": "[variables('_solutioncontentProductId')]", + "id": "[variables('_solutioncontentProductId')]", + "icon": "", + "contentId": "[variables('_solutionId')]", + "parentId": "[variables('_solutionId')]", + "source": { + "kind": "Solution", + "name": "Global Secure Access", + "sourceId": "[variables('_solutionId')]" + }, + "author": { + "name": "Microsoft", + "email": "[variables('_email')]" + }, + "support": { + "name": "Microsoft Corporation", + "email": "support@microsoft.com", + "tier": "Microsoft", + "link": "https://support.microsoft.com/" + }, + "dependencies": { + "operator": "AND", + "criteria": [ + { + "kind": "Workbook", + "contentId": "[variables('_workbookContentId1')]", + "version": "[variables('workbookVersion1')]" + }, + { + "kind": "Workbook", + "contentId": "[variables('_workbookContentId2')]", + "version": "[variables('workbookVersion2')]" + }, + { + "kind": "HuntingQuery", + "contentId": "[variables('huntingQueryObject1')._huntingQuerycontentId1]", + "version": "[variables('huntingQueryObject1').huntingQueryVersion1]" + }, + { + "kind": "HuntingQuery", + "contentId": "[variables('huntingQueryObject2')._huntingQuerycontentId2]", + "version": "[variables('huntingQueryObject2').huntingQueryVersion2]" + }, + { + "kind": "HuntingQuery", + "contentId": "[variables('huntingQueryObject3')._huntingQuerycontentId3]", + "version": "[variables('huntingQueryObject3').huntingQueryVersion3]" + }, + { + "kind": "HuntingQuery", + "contentId": "[variables('huntingQueryObject4')._huntingQuerycontentId4]", + "version": "[variables('huntingQueryObject4').huntingQueryVersion4]" + }, + { + "kind": "HuntingQuery", + "contentId": "[variables('huntingQueryObject5')._huntingQuerycontentId5]", + "version": "[variables('huntingQueryObject5').huntingQueryVersion5]" + }, + { + "kind": "HuntingQuery", + "contentId": "[variables('huntingQueryObject6')._huntingQuerycontentId6]", + "version": "[variables('huntingQueryObject6').huntingQueryVersion6]" + }, + { + "kind": "HuntingQuery", + "contentId": "[variables('huntingQueryObject7')._huntingQuerycontentId7]", + "version": "[variables('huntingQueryObject7').huntingQueryVersion7]" + }, + { + "kind": "HuntingQuery", + "contentId": "[variables('huntingQueryObject8')._huntingQuerycontentId8]", + "version": "[variables('huntingQueryObject8').huntingQueryVersion8]" + }, + { + "kind": "HuntingQuery", + "contentId": "[variables('huntingQueryObject9')._huntingQuerycontentId9]", + "version": "[variables('huntingQueryObject9').huntingQueryVersion9]" + }, + { + "kind": "HuntingQuery", + "contentId": "[variables('huntingQueryObject10')._huntingQuerycontentId10]", + "version": "[variables('huntingQueryObject10').huntingQueryVersion10]" + }, + { + "kind": "HuntingQuery", + "contentId": "[variables('huntingQueryObject11')._huntingQuerycontentId11]", + "version": "[variables('huntingQueryObject11').huntingQueryVersion11]" + }, + { + "kind": "HuntingQuery", + "contentId": "[variables('huntingQueryObject12')._huntingQuerycontentId12]", + "version": "[variables('huntingQueryObject12').huntingQueryVersion12]" + }, + { + "kind": "HuntingQuery", + "contentId": "[variables('huntingQueryObject13')._huntingQuerycontentId13]", + "version": "[variables('huntingQueryObject13').huntingQueryVersion13]" + }, + { + "kind": "HuntingQuery", + "contentId": "[variables('huntingQueryObject14')._huntingQuerycontentId14]", + "version": "[variables('huntingQueryObject14').huntingQueryVersion14]" + }, + { + "kind": "HuntingQuery", + "contentId": "[variables('huntingQueryObject15')._huntingQuerycontentId15]", + "version": "[variables('huntingQueryObject15').huntingQueryVersion15]" + }, + { + "kind": "HuntingQuery", + "contentId": "[variables('huntingQueryObject16')._huntingQuerycontentId16]", + "version": "[variables('huntingQueryObject16').huntingQueryVersion16]" + }, + { + "kind": "HuntingQuery", + "contentId": "[variables('huntingQueryObject17')._huntingQuerycontentId17]", + "version": "[variables('huntingQueryObject17').huntingQueryVersion17]" + }, + { + "kind": "HuntingQuery", + "contentId": "[variables('huntingQueryObject18')._huntingQuerycontentId18]", + "version": "[variables('huntingQueryObject18').huntingQueryVersion18]" + }, + { + "kind": "HuntingQuery", + "contentId": "[variables('huntingQueryObject19')._huntingQuerycontentId19]", + "version": "[variables('huntingQueryObject19').huntingQueryVersion19]" + }, + { + "kind": "HuntingQuery", + "contentId": "[variables('huntingQueryObject20')._huntingQuerycontentId20]", + "version": "[variables('huntingQueryObject20').huntingQueryVersion20]" + }, + { + "kind": "HuntingQuery", + "contentId": "[variables('huntingQueryObject21')._huntingQuerycontentId21]", + "version": "[variables('huntingQueryObject21').huntingQueryVersion21]" + } + ] + }, + "firstPublishDate": "2024-04-08", + "providers": [ + "Microsoft" + ], + "categories": { + "domains": [ + "Identity" + ] + } + }, + "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/', variables('_solutionId'))]" + } + ], + "outputs": {} +} diff --git a/Solutions/Global Secure Access/Package/testParameters.json b/Solutions/Global Secure Access/Package/testParameters.json new file mode 100644 index 00000000000..42428e73d9b --- /dev/null +++ b/Solutions/Global Secure Access/Package/testParameters.json @@ -0,0 +1,40 @@ +{ + "location": { + "type": "string", + "minLength": 1, + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "Not used, but needed to pass arm-ttk test `Location-Should-Not-Be-Hardcoded`. We instead use the `workspace-location` which is derived from the LA workspace" + } + }, + "workspace-location": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "[concat('Region to deploy solution resources -- separate from location selection',parameters('location'))]" + } + }, + "workspace": { + "defaultValue": "", + "type": "string", + "metadata": { + "description": "Workspace name for Log Analytics where Microsoft Sentinel is setup" + } + }, + "workbook1-name": { + "type": "string", + "defaultValue": null, + "minLength": 1, + "metadata": { + "description": "Name for the workbook" + } + }, + "workbook2-name": { + "type": "string", + "defaultValue": null, + "minLength": 1, + "metadata": { + "description": "Name for the workbook" + } + } +} diff --git a/Solutions/Global Secure Access/SolutionMetadata.json b/Solutions/Global Secure Access/SolutionMetadata.json new file mode 100644 index 00000000000..2f6d9a50f6c --- /dev/null +++ b/Solutions/Global Secure Access/SolutionMetadata.json @@ -0,0 +1,15 @@ +{ + "publisherId": "azuresentinel", + "offerId": "azure-sentinel-solution-globalsecureaccess", + "firstPublishDate": "2024-04-08", + "providers": [ "Microsoft" ], + "categories": { + "domains": [ "Identity"] + }, + "support": { + "tier": "Microsoft", + "name": "Microsoft Corporation", + "email": "support@microsoft.com", + "link": "https://support.microsoft.com/" + } +} \ No newline at end of file diff --git a/Solutions/Global Secure Access/Workbooks/GSAM365EnrichedEvents.json b/Solutions/Global Secure Access/Workbooks/GSAM365EnrichedEvents.json new file mode 100644 index 00000000000..e983bfd5a4c --- /dev/null +++ b/Solutions/Global Secure Access/Workbooks/GSAM365EnrichedEvents.json @@ -0,0 +1,418 @@ +{ + "version": "Notebook/1.0", + "items": [ + { + "type": 1, + "content": { + "json": "## Traffic Logs workbook\n---\n\nLog information in the dashboard is limited to 30 days." + }, + "name": "text - 2" + }, + { + "type": 9, + "content": { + "version": "KqlParameterItem/1.0", + "crossComponentResources": [], + "parameters": [ + { + "id": "ff8b2a55-1849-4848-acf8-eab5452e9f10", + "version": "KqlParameterItem/1.0", + "name": "LogAnalyticWorkspace", + "label": "Log Analytic Workspace", + "type": 5, + "description": "The log analytic workspace in which to execute the queries", + "isRequired": true, + "query": "resources\r\n| where type == \"microsoft.operationalinsights/workspaces\"\r\n| project id", + "typeSettings": { + "resourceTypeFilter": { + "microsoft.operationalinsights/workspaces": true + }, + "additionalResourceOptions": [ + "value::1" + ], + "showDefault": false + }, + "timeContext": { + "durationMs": 86400000 + }, + "defaultValue": "value::1", + "queryType": 1, + "resourceType": "microsoft.resourcegraph/resources" + }, + { + "id": "f15f34d8-8e2d-4c39-8dee-be2f979c86a8", + "version": "KqlParameterItem/1.0", + "name": "TimeRange", + "label": "Time Range", + "type": 4, + "isRequired": true, + "typeSettings": { + "selectableValues": [ + { + "durationMs": 300000 + }, + { + "durationMs": 900000 + }, + { + "durationMs": 1800000 + }, + { + "durationMs": 3600000 + }, + { + "durationMs": 14400000 + }, + { + "durationMs": 43200000 + }, + { + "durationMs": 86400000 + }, + { + "durationMs": 172800000 + }, + { + "durationMs": 259200000 + }, + { + "durationMs": 604800000 + }, + { + "durationMs": 1209600000 + }, + { + "durationMs": 2419200000 + }, + { + "durationMs": 2592000000 + } + ], + "allowCustom": true + }, + "timeContext": { + "durationMs": 86400000 + }, + "value": { + "durationMs": 2592000000 + } + }, + { + "id": "8bab511b-53b3-4220-9d1c-372345b06728", + "version": "KqlParameterItem/1.0", + "name": "Users", + "type": 2, + "isRequired": true, + "multiSelect": true, + "quote": "'", + "delimiter": ",", + "query": "EnrichedMicrosoft365AuditLogsDemos_CL\r\n| summarize Count = count() by UserId_s\r\n| order by Count desc, UserId_s asc\r\n| project Value = UserId_s, Label = strcat(UserId_s, ' - ', Count, ' Logs'), Selected = false", + "typeSettings": { + "limitSelectTo": 20, + "additionalResourceOptions": [ + "value::all" + ], + "selectAllValue": "*", + "showDefault": false + }, + "timeContext": { + "durationMs": 0 + }, + "timeContextFromParameter": "TimeRange", + "queryType": 0, + "resourceType": "microsoft.operationalinsights/workspaces", + "value": [ + "value::all" + ] + } + ], + "style": "pills", + "queryType": 1, + "resourceType": "microsoft.operationalinsights/workspaces" + }, + "name": "parameters - 15" + }, + { + "type": 11, + "content": { + "version": "LinkItem/1.0", + "style": "tabs", + "links": [ + { + "id": "2b2cd1be-9d25-412c-8444-f005c4789b55", + "cellValue": "tabSel", + "linkTarget": "parameter", + "linkLabel": "Overview", + "subTarget": "Overview", + "style": "link" + }, + { + "id": "cc3e67f2-f20f-4430-8dee-d0773b90d9ce", + "cellValue": "tabSel", + "linkTarget": "parameter", + "linkLabel": "All Traffic", + "subTarget": "AllTraffic", + "style": "link" + } + ] + }, + "name": "links - 7" + }, + { + "type": 3, + "content": { + "version": "KqlItem/1.0", + "query": "NetworkAccessDemo_CL\r\n| project \r\n Timestamp = createdDateTime_t,\r\n User = userPrincipalName_s,\r\n SourceIP = SourceIP,\r\n DestinationIP = destinationIp_s,\r\n DestinationPort = destinationPort_d,\r\n Action = action_s,\r\n PolicyName = policyName_s,\r\n TransportProtocol = transportProtocol_s,\r\n TrafficType = trafficType_s,\r\n DestinationURL = destinationUrl_s,\r\n ReceivedBytes = receivedBytes_d,\r\n SentBytes = sentBytes_d,\r\n DeviceOS = deviceOperatingSystem_s,\r\n PolicyRuleID = policyRuleId_s\r\n| order by Timestamp desc", + "size": 3, + "showAnalytics": true, + "title": "Log", + "timeContextFromParameter": "TimeRange", + "showExportToExcel": true, + "queryType": 0, + "resourceType": "microsoft.operationalinsights/workspaces", + "gridSettings": { + "rowLimit": 1000, + "filter": true + } + }, + "conditionalVisibility": { + "parameterName": "tabSel", + "comparison": "isEqualTo", + "value": "AllTraffic" + }, + "name": "query - 6" + }, + { + "type": 3, + "content": { + "version": "KqlItem/1.0", + "query": "// Unique Users\nNetworkAccessDemo_CL\n| extend GeoInfo = geo_info_from_ip_address(SourceIP) // Extend each row with geolocation info\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\n| project SourceIP, Country = tostring(GeoInfo.country), State = tostring(GeoInfo.state), City = tostring(GeoInfo.city), Latitude = tostring(GeoInfo.latitude), Longitude = tostring(GeoInfo.longitude)\n| summarize UniqueUsers=dcount(Country)\n| extend snapshot = \"Total Locations\"\n| project col1 = UniqueUsers, snapshot\n\n// Union with Unique Devices\n| union (\n NetworkAccessDemo_CL\n | where userPrincipalName_s in ({Users}) or '*' in ({Users})\n | extend BytesInGB = todouble(sentBytes_d + receivedBytes_d) / (1024 * 1024 * 1024) // Convert bytes to gigabytes\n | summarize TotalBytesGB = sum(BytesInGB)\n | extend snapshot = \"Total Bytes (GB)\"\n | project col1 = tolong(TotalBytesGB), snapshot\n)\n\n// Union with Total Internet Access\n| union (\n NetworkAccessDemo_CL\n | where userPrincipalName_s in ({Users}) or '*' in ({Users})\n | summarize TotalTransactions = count()\n | extend snapshot = \"Total Transactions\"\n | project col1 = TotalTransactions, snapshot\n)\n\n// Union with Total Private Access\n// Order by Snapshot for consistent tile ordering on dashboard\n| order by snapshot", + "size": 4, + "timeContextFromParameter": "TimeRange", + "queryType": 0, + "resourceType": "microsoft.operationalinsights/workspaces", + "visualization": "tiles", + "tileSettings": { + "titleContent": { + "columnMatch": "snapshot", + "formatter": 1 + }, + "leftContent": { + "columnMatch": "col1", + "formatter": 12, + "formatOptions": { + "palette": "auto" + } + }, + "showBorder": true, + "size": "auto" + }, + "mapSettings": { + "locInfo": "LatLong", + "sizeSettings": "ExistingClients", + "sizeAggregation": "Sum", + "legendMetric": "ExistingClients", + "legendAggregation": "Sum", + "itemColorSettings": { + "type": "heatmap", + "colorAggregation": "Sum", + "nodeColorField": "ExistingClients", + "heatmapPalette": "greenRed" + } + }, + "textSettings": { + "style": "bignumber" + } + }, + "conditionalVisibility": { + "parameterName": "tabSel", + "comparison": "isEqualTo", + "value": "Overview" + }, + "name": "query - 2" + }, + { + "type": 12, + "content": { + "version": "NotebookGroup/1.0", + "groupType": "editable", + "items": [ + { + "type": 3, + "content": { + "version": "KqlItem/1.0", + "query": "NetworkAccessDemo_CL\r\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\r\n| extend BytesInGB = todouble(sentBytes_d + receivedBytes_d) / (1024 * 1024 * 1024) // Convert bytes to gigabytes\r\n| summarize TotalBytesGB = sum(BytesInGB) by bin(createdDateTime_t, 1h), trafficType_s\r\n| order by bin(createdDateTime_t, 1h) asc, trafficType_s asc\r\n| project createdDateTime_t, trafficType_s, TotalBytesGB\r\n", + "size": 2, + "title": "Usage over Time (GB)", + "timeContextFromParameter": "TimeRange", + "queryType": 0, + "resourceType": "microsoft.operationalinsights/workspaces", + "visualization": "barchart" + }, + "conditionalVisibility": { + "parameterName": "tabSel", + "comparison": "isEqualTo", + "value": "Overview" + }, + "name": "query - 0" + } + ] + }, + "name": "group - 5" + }, + { + "type": 12, + "content": { + "version": "NotebookGroup/1.0", + "groupType": "editable", + "items": [ + { + "type": 3, + "content": { + "version": "KqlItem/1.0", + "query": "NetworkAccessDemo_CL\r\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\r\n| extend GeoInfo = geo_info_from_ip_address(SourceIP) // Extend each row with geolocation info\r\n| project createdDateTime_t, SourceIP, Country = tostring(GeoInfo.country), State = tostring(GeoInfo.state), City = tostring(GeoInfo.city), Latitude = tostring(GeoInfo.latitude), Longitude = tostring(GeoInfo.longitude)\r\n| where Country != \"\"\r\n| summarize Count = count() by City, State, Country\r\n", + "size": 0, + "title": "Locations", + "timeContextFromParameter": "TimeRange", + "queryType": 0, + "resourceType": "microsoft.operationalinsights/workspaces", + "visualization": "map", + "mapSettings": { + "locInfo": "CountryRegion", + "locInfoColumn": "Country", + "latitude": "Latitude", + "longitude": "Longitude", + "sizeSettings": "Count", + "sizeAggregation": "Sum", + "labelSettings": "Country", + "legendMetric": "Country", + "legendAggregation": "Count", + "itemColorSettings": { + "nodeColorField": "Count", + "colorAggregation": "Sum", + "type": "heatmap", + "heatmapPalette": "turquoise" + } + } + }, + "customWidth": "50", + "name": "query - 0" + }, + { + "type": 3, + "content": { + "version": "KqlItem/1.0", + "query": "NetworkAccessDemo_CL\r\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\r\n| where tolower(action_s) == \"allow\" and destinationWebCategory_displayName_s != '' // Filter for allowed traffic\r\n| extend firstCategory = tostring(split(destinationWebCategory_displayName_s, ',')[0]) // Split and get the first category\r\n| summarize Count = count() by firstCategory\r\n| top 10 by Count\r\n", + "size": 2, + "title": "Top Allowed Web Categories", + "timeContextFromParameter": "TimeRange", + "queryType": 0, + "resourceType": "microsoft.operationalinsights/workspaces", + "visualization": "piechart" + }, + "customWidth": "50", + "name": "query - 7" + }, + { + "type": 3, + "content": { + "version": "KqlItem/1.0", + "query": "NetworkAccessDemo_CL\r\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\r\n| where tolower(action_s) == \"block\" and destinationFQDN_s != '' // Filter for allowed traffic\r\n| summarize Count = count() by destinationFQDN_s\r\n| top 100 by Count", + "size": 0, + "title": "Top Blocked Destinations", + "timeContextFromParameter": "TimeRange", + "queryType": 0, + "resourceType": "microsoft.operationalinsights/workspaces" + }, + "customWidth": "50", + "name": "query - 5" + }, + { + "type": 3, + "content": { + "version": "KqlItem/1.0", + "query": "NetworkAccessDemo_CL\r\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\r\n| where tolower(action_s) == \"block\" and destinationWebCategory_displayName_s != '' // Filter for blocked traffic\r\n| extend firstCategory = tostring(split(destinationWebCategory_displayName_s, ',')[0]) // Split and get the first category\r\n| summarize Count = count() by firstCategory\r\n| top 10 by Count\r\n", + "size": 3, + "title": "Top Blocked Web Categories", + "timeContextFromParameter": "TimeRange", + "queryType": 0, + "resourceType": "microsoft.operationalinsights/workspaces", + "visualization": "piechart" + }, + "customWidth": "50", + "name": "query - 6" + }, + { + "type": 3, + "content": { + "version": "KqlItem/1.0", + "query": "NetworkAccessDemo_CL\r\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\r\n| where sentBytes_d > 0\r\n| where tolower(action_s) != \"block\" \r\n| summarize Count = count() , Sent = sum(sentBytes_d), Recived = sum(receivedBytes_d), Total = sum(receivedBytes_d+ sentBytes_d) by destinationFQDN_s\r\n| order by Count desc\r\n", + "size": 0, + "title": "Top Allowed Destinations", + "timeContextFromParameter": "TimeRange", + "queryType": 0, + "resourceType": "microsoft.operationalinsights/workspaces", + "gridSettings": { + "formatters": [ + { + "columnMatch": "Count", + "formatter": 4, + "formatOptions": { + "palette": "magenta" + } + }, + { + "columnMatch": "Recived", + "formatter": 4, + "formatOptions": { + "palette": "turquoise" + } + }, + { + "columnMatch": "Total", + "formatter": 4, + "formatOptions": { + "palette": "pink" + } + }, + { + "columnMatch": "Sent", + "formatter": 4, + "formatOptions": { + "palette": "blue" + } + } + ] + } + }, + "customWidth": "50", + "name": "query - 1" + }, + { + "type": 3, + "content": { + "version": "KqlItem/1.0", + "query": "NetworkAccessDemo_CL\r\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\r\n| where transportProtocol_s != ''\r\n| summarize Count = count() by toupper(transportProtocol_s)\r\n| top 10 by Count\r\n", + "size": 2, + "title": "Protocol Distburion", + "timeContextFromParameter": "TimeRange", + "queryType": 0, + "resourceType": "microsoft.operationalinsights/workspaces", + "visualization": "piechart" + }, + "customWidth": "50", + "name": "query - 3" + } + ] + }, + "conditionalVisibility": { + "parameterName": "tabSel", + "comparison": "isEqualTo", + "value": "Overview" + }, + "name": "group - 4" + } + ], + "fallbackResourceIds": [], + "$schema": "https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json" +} diff --git a/Solutions/Global Secure Access/Workbooks/GSANetworkTraffic.json b/Solutions/Global Secure Access/Workbooks/GSANetworkTraffic.json new file mode 100644 index 00000000000..75f2f99880b --- /dev/null +++ b/Solutions/Global Secure Access/Workbooks/GSANetworkTraffic.json @@ -0,0 +1,421 @@ +{ + "version": "Notebook/1.0", + "items": [ + { + "type": 1, + "content": { + "json": "## Traffic Logs workbook\n---\n\nLog information in the dashboard is limited to 30 days." + }, + "name": "text - 2" + }, + { + "type": 9, + "content": { + "version": "KqlParameterItem/1.0", + "crossComponentResources": [ + "" + ], + "parameters": [ + { + "id": "ff8b2a55-1849-4848-acf8-eab5452e9f10", + "version": "KqlParameterItem/1.0", + "name": "LogAnalyticWorkspace", + "label": "Log Analytic Workspace", + "type": 5, + "description": "The log analytic workspace in which to execute the queries", + "isRequired": true, + "query": "resources\r\n| where type == \"microsoft.operationalinsights/workspaces\"\r\n| project id", + "typeSettings": { + "resourceTypeFilter": { + "microsoft.operationalinsights/workspaces": true + }, + "additionalResourceOptions": [ + "value::1" + ], + "showDefault": false + }, + "timeContext": { + "durationMs": 86400000 + }, + "defaultValue": "value::1", + "queryType": 1, + "resourceType": "microsoft.resourcegraph/resources" + }, + { + "id": "f15f34d8-8e2d-4c39-8dee-be2f979c86a8", + "version": "KqlParameterItem/1.0", + "name": "TimeRange", + "label": "Time Range", + "type": 4, + "isRequired": true, + "typeSettings": { + "selectableValues": [ + { + "durationMs": 300000 + }, + { + "durationMs": 900000 + }, + { + "durationMs": 1800000 + }, + { + "durationMs": 3600000 + }, + { + "durationMs": 14400000 + }, + { + "durationMs": 43200000 + }, + { + "durationMs": 86400000 + }, + { + "durationMs": 172800000 + }, + { + "durationMs": 259200000 + }, + { + "durationMs": 604800000 + }, + { + "durationMs": 1209600000 + }, + { + "durationMs": 2419200000 + }, + { + "durationMs": 2592000000 + } + ], + "allowCustom": true + }, + "timeContext": { + "durationMs": 86400000 + }, + "value": { + "durationMs": 2592000000 + } + }, + { + "id": "8bab511b-53b3-4220-9d1c-372345b06728", + "version": "KqlParameterItem/1.0", + "name": "Users", + "type": 2, + "isRequired": true, + "multiSelect": true, + "quote": "'", + "delimiter": ",", + "query": "EnrichedMicrosoft365AuditLogsDemos_CL\r\n| summarize Count = count() by UserId_s\r\n| order by Count desc, UserId_s asc\r\n| project Value = UserId_s, Label = strcat(UserId_s, ' - ', Count, ' Logs'), Selected = false", + "typeSettings": { + "limitSelectTo": 20, + "additionalResourceOptions": [ + "value::all" + ], + "selectAllValue": "*", + "showDefault": false + }, + "timeContext": { + "durationMs": 0 + }, + "timeContextFromParameter": "TimeRange", + "queryType": 0, + "resourceType": "microsoft.operationalinsights/workspaces", + "value": [ + "value::all" + ] + } + ], + "style": "pills", + "queryType": 1, + "resourceType": "microsoft.operationalinsights/workspaces" + }, + "name": "parameters - 15" + }, + { + "type": 11, + "content": { + "version": "LinkItem/1.0", + "style": "tabs", + "links": [ + { + "id": "2b2cd1be-9d25-412c-8444-f005c4789b55", + "cellValue": "tabSel", + "linkTarget": "parameter", + "linkLabel": "Overview", + "subTarget": "Overview", + "style": "link" + }, + { + "id": "cc3e67f2-f20f-4430-8dee-d0773b90d9ce", + "cellValue": "tabSel", + "linkTarget": "parameter", + "linkLabel": "All Traffic", + "subTarget": "AllTraffic", + "style": "link" + } + ] + }, + "name": "links - 7" + }, + { + "type": 3, + "content": { + "version": "KqlItem/1.0", + "query": "NetworkAccessDemo_CL\r\n| project \r\n Timestamp = createdDateTime_t,\r\n User = userPrincipalName_s,\r\n SourceIP = SourceIP,\r\n DestinationIP = destinationIp_s,\r\n DestinationPort = destinationPort_d,\r\n Action = action_s,\r\n PolicyName = policyName_s,\r\n TransportProtocol = transportProtocol_s,\r\n TrafficType = trafficType_s,\r\n DestinationURL = destinationUrl_s,\r\n ReceivedBytes = receivedBytes_d,\r\n SentBytes = sentBytes_d,\r\n DeviceOS = deviceOperatingSystem_s,\r\n PolicyRuleID = policyRuleId_s\r\n| order by Timestamp desc", + "size": 3, + "showAnalytics": true, + "title": "Log", + "timeContextFromParameter": "TimeRange", + "showExportToExcel": true, + "queryType": 0, + "resourceType": "microsoft.operationalinsights/workspaces", + "gridSettings": { + "rowLimit": 1000, + "filter": true + } + }, + "conditionalVisibility": { + "parameterName": "tabSel", + "comparison": "isEqualTo", + "value": "AllTraffic" + }, + "name": "query - 6" + }, + { + "type": 3, + "content": { + "version": "KqlItem/1.0", + "query": "// Unique Users\nNetworkAccessDemo_CL\n| extend GeoInfo = geo_info_from_ip_address(SourceIP) // Extend each row with geolocation info\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\n| project SourceIP, Country = tostring(GeoInfo.country), State = tostring(GeoInfo.state), City = tostring(GeoInfo.city), Latitude = tostring(GeoInfo.latitude), Longitude = tostring(GeoInfo.longitude)\n| summarize UniqueUsers=dcount(Country)\n| extend snapshot = \"Total Locations\"\n| project col1 = UniqueUsers, snapshot\n\n// Union with Unique Devices\n| union (\n NetworkAccessDemo_CL\n | where userPrincipalName_s in ({Users}) or '*' in ({Users})\n | extend BytesInGB = todouble(sentBytes_d + receivedBytes_d) / (1024 * 1024 * 1024) // Convert bytes to gigabytes\n | summarize TotalBytesGB = sum(BytesInGB)\n | extend snapshot = \"Total Bytes (GB)\"\n | project col1 = tolong(TotalBytesGB), snapshot\n)\n\n// Union with Total Internet Access\n| union (\n NetworkAccessDemo_CL\n | where userPrincipalName_s in ({Users}) or '*' in ({Users})\n | summarize TotalTransactions = count()\n | extend snapshot = \"Total Trasnacations\"\n | project col1 = TotalTransactions, snapshot\n)\n\n// Union with Total Private Access\n// Order by Snapshot for consistent tile ordering on dashboard\n| order by snapshot", + "size": 4, + "timeContextFromParameter": "TimeRange", + "queryType": 0, + "resourceType": "microsoft.operationalinsights/workspaces", + "visualization": "tiles", + "tileSettings": { + "titleContent": { + "columnMatch": "snapshot", + "formatter": 1 + }, + "leftContent": { + "columnMatch": "col1", + "formatter": 12, + "formatOptions": { + "palette": "auto" + } + }, + "showBorder": true, + "size": "auto" + }, + "mapSettings": { + "locInfo": "LatLong", + "sizeSettings": "ExistingClients", + "sizeAggregation": "Sum", + "legendMetric": "ExistingClients", + "legendAggregation": "Sum", + "itemColorSettings": { + "type": "heatmap", + "colorAggregation": "Sum", + "nodeColorField": "ExistingClients", + "heatmapPalette": "greenRed" + } + }, + "textSettings": { + "style": "bignumber" + } + }, + "conditionalVisibility": { + "parameterName": "tabSel", + "comparison": "isEqualTo", + "value": "Overview" + }, + "name": "query - 2" + }, + { + "type": 12, + "content": { + "version": "NotebookGroup/1.0", + "groupType": "editable", + "items": [ + { + "type": 3, + "content": { + "version": "KqlItem/1.0", + "query": "NetworkAccessDemo_CL\r\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\r\n| extend BytesInGB = todouble(sentBytes_d + receivedBytes_d) / (1024 * 1024 * 1024) // Convert bytes to gigabytes\r\n| summarize TotalBytesGB = sum(BytesInGB) by bin(createdDateTime_t, 1h), trafficType_s\r\n| order by bin(createdDateTime_t, 1h) asc, trafficType_s asc\r\n| project createdDateTime_t, trafficType_s, TotalBytesGB\r\n", + "size": 2, + "title": "Usage over Time (GB)", + "timeContextFromParameter": "TimeRange", + "queryType": 0, + "resourceType": "microsoft.operationalinsights/workspaces", + "visualization": "barchart" + }, + "conditionalVisibility": { + "parameterName": "tabSel", + "comparison": "isEqualTo", + "value": "Overview" + }, + "name": "query - 0" + } + ] + }, + "name": "group - 5" + }, + { + "type": 12, + "content": { + "version": "NotebookGroup/1.0", + "groupType": "editable", + "items": [ + { + "type": 3, + "content": { + "version": "KqlItem/1.0", + "query": "NetworkAccessDemo_CL\r\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\r\n| extend GeoInfo = geo_info_from_ip_address(SourceIP) // Extend each row with geolocation info\r\n| project createdDateTime_t, SourceIP, Country = tostring(GeoInfo.country), State = tostring(GeoInfo.state), City = tostring(GeoInfo.city), Latitude = tostring(GeoInfo.latitude), Longitude = tostring(GeoInfo.longitude)\r\n| where Country != \"\"\r\n| summarize Count = count() by City, State, Country\r\n\r\n", + "size": 0, + "title": "Locations", + "timeContextFromParameter": "TimeRange", + "queryType": 0, + "resourceType": "microsoft.operationalinsights/workspaces", + "visualization": "map", + "mapSettings": { + "locInfo": "CountryRegion", + "locInfoColumn": "Country", + "latitude": "Latitude", + "longitude": "Longitude", + "sizeSettings": "Count", + "sizeAggregation": "Sum", + "labelSettings": "Country", + "legendMetric": "Country", + "legendAggregation": "Count", + "itemColorSettings": { + "nodeColorField": "Count", + "colorAggregation": "Sum", + "type": "heatmap", + "heatmapPalette": "turquoise" + } + } + }, + "customWidth": "50", + "name": "query - 0" + }, + { + "type": 3, + "content": { + "version": "KqlItem/1.0", + "query": "NetworkAccessDemo_CL\r\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\r\n| where tolower(action_s) == \"allow\" and destinationWebCategory_displayName_s != '' // Filter for allowed traffic\r\n| extend firstCategory = tostring(split(destinationWebCategory_displayName_s, ',')[0]) // Split and get the first category\r\n| summarize Count = count() by firstCategory\r\n| top 10 by Count\r\n", + "size": 2, + "title": "Top Allowed Web Categories", + "timeContextFromParameter": "TimeRange", + "queryType": 0, + "resourceType": "microsoft.operationalinsights/workspaces", + "visualization": "piechart" + }, + "customWidth": "50", + "name": "query - 7" + }, + { + "type": 3, + "content": { + "version": "KqlItem/1.0", + "query": "NetworkAccessDemo_CL\r\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\r\n| where tolower(action_s) == \"block\" and destinationFQDN_s != '' // Filter for allowed traffic\r\n| summarize Count = count() by destinationFQDN_s\r\n| top 100 by Count", + "size": 0, + "title": "Top Blocked Destinations", + "timeContextFromParameter": "TimeRange", + "queryType": 0, + "resourceType": "microsoft.operationalinsights/workspaces" + }, + "customWidth": "50", + "name": "query - 5" + }, + { + "type": 3, + "content": { + "version": "KqlItem/1.0", + "query": "NetworkAccessDemo_CL\r\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\r\n| where tolower(action_s) == \"block\" and destinationWebCategory_displayName_s != '' // Filter for blocked traffic\r\n| extend firstCategory = tostring(split(destinationWebCategory_displayName_s, ',')[0]) // Split and get the first category\r\n| summarize Count = count() by firstCategory\r\n| top 10 by Count\r\n", + "size": 3, + "title": "Top Blocked Web Categories", + "timeContextFromParameter": "TimeRange", + "queryType": 0, + "resourceType": "microsoft.operationalinsights/workspaces", + "visualization": "piechart" + }, + "customWidth": "50", + "name": "query - 6" + }, + { + "type": 3, + "content": { + "version": "KqlItem/1.0", + "query": "NetworkAccessDemo_CL\r\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\r\n| where sentBytes_d > 0\r\n| where tolower(action_s) != \"block\" \r\n| summarize Count = count() , Sent = sum(sentBytes_d), Recived = sum(receivedBytes_d), Total = sum(receivedBytes_d+ sentBytes_d) by destinationFQDN_s\r\n| order by Count desc\r\n", + "size": 0, + "title": "Top Allowed Destinations", + "timeContextFromParameter": "TimeRange", + "queryType": 0, + "resourceType": "microsoft.operationalinsights/workspaces", + "gridSettings": { + "formatters": [ + { + "columnMatch": "Count", + "formatter": 4, + "formatOptions": { + "palette": "magenta" + } + }, + { + "columnMatch": "Recived", + "formatter": 4, + "formatOptions": { + "palette": "turquoise" + } + }, + { + "columnMatch": "Total", + "formatter": 4, + "formatOptions": { + "palette": "pink" + } + }, + { + "columnMatch": "Sent", + "formatter": 4, + "formatOptions": { + "palette": "blue" + } + } + ] + } + }, + "customWidth": "50", + "name": "query - 1" + }, + { + "type": 3, + "content": { + "version": "KqlItem/1.0", + "query": "NetworkAccessDemo_CL\r\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\r\n| where transportProtocol_s != ''\r\n| summarize Count = count() by toupper(transportProtocol_s)\r\n| top 10 by Count\r\n", + "size": 2, + "title": "Protocol Distburion", + "timeContextFromParameter": "TimeRange", + "queryType": 0, + "resourceType": "microsoft.operationalinsights/workspaces", + "visualization": "piechart" + }, + "customWidth": "50", + "name": "query - 3" + } + ] + }, + "conditionalVisibility": { + "parameterName": "tabSel", + "comparison": "isEqualTo", + "value": "Overview" + }, + "name": "group - 4" + } + ], + "fallbackResourceIds": [ + ], + "$schema": "https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json" +} \ No newline at end of file diff --git a/Workbooks/GSAM365EnrichedEvents.json b/Workbooks/GSAM365EnrichedEvents.json new file mode 100644 index 00000000000..e983bfd5a4c --- /dev/null +++ b/Workbooks/GSAM365EnrichedEvents.json @@ -0,0 +1,418 @@ +{ + "version": "Notebook/1.0", + "items": [ + { + "type": 1, + "content": { + "json": "## Traffic Logs workbook\n---\n\nLog information in the dashboard is limited to 30 days." + }, + "name": "text - 2" + }, + { + "type": 9, + "content": { + "version": "KqlParameterItem/1.0", + "crossComponentResources": [], + "parameters": [ + { + "id": "ff8b2a55-1849-4848-acf8-eab5452e9f10", + "version": "KqlParameterItem/1.0", + "name": "LogAnalyticWorkspace", + "label": "Log Analytic Workspace", + "type": 5, + "description": "The log analytic workspace in which to execute the queries", + "isRequired": true, + "query": "resources\r\n| where type == \"microsoft.operationalinsights/workspaces\"\r\n| project id", + "typeSettings": { + "resourceTypeFilter": { + "microsoft.operationalinsights/workspaces": true + }, + "additionalResourceOptions": [ + "value::1" + ], + "showDefault": false + }, + "timeContext": { + "durationMs": 86400000 + }, + "defaultValue": "value::1", + "queryType": 1, + "resourceType": "microsoft.resourcegraph/resources" + }, + { + "id": "f15f34d8-8e2d-4c39-8dee-be2f979c86a8", + "version": "KqlParameterItem/1.0", + "name": "TimeRange", + "label": "Time Range", + "type": 4, + "isRequired": true, + "typeSettings": { + "selectableValues": [ + { + "durationMs": 300000 + }, + { + "durationMs": 900000 + }, + { + "durationMs": 1800000 + }, + { + "durationMs": 3600000 + }, + { + "durationMs": 14400000 + }, + { + "durationMs": 43200000 + }, + { + "durationMs": 86400000 + }, + { + "durationMs": 172800000 + }, + { + "durationMs": 259200000 + }, + { + "durationMs": 604800000 + }, + { + "durationMs": 1209600000 + }, + { + "durationMs": 2419200000 + }, + { + "durationMs": 2592000000 + } + ], + "allowCustom": true + }, + "timeContext": { + "durationMs": 86400000 + }, + "value": { + "durationMs": 2592000000 + } + }, + { + "id": "8bab511b-53b3-4220-9d1c-372345b06728", + "version": "KqlParameterItem/1.0", + "name": "Users", + "type": 2, + "isRequired": true, + "multiSelect": true, + "quote": "'", + "delimiter": ",", + "query": "EnrichedMicrosoft365AuditLogsDemos_CL\r\n| summarize Count = count() by UserId_s\r\n| order by Count desc, UserId_s asc\r\n| project Value = UserId_s, Label = strcat(UserId_s, ' - ', Count, ' Logs'), Selected = false", + "typeSettings": { + "limitSelectTo": 20, + "additionalResourceOptions": [ + "value::all" + ], + "selectAllValue": "*", + "showDefault": false + }, + "timeContext": { + "durationMs": 0 + }, + "timeContextFromParameter": "TimeRange", + "queryType": 0, + "resourceType": "microsoft.operationalinsights/workspaces", + "value": [ + "value::all" + ] + } + ], + "style": "pills", + "queryType": 1, + "resourceType": "microsoft.operationalinsights/workspaces" + }, + "name": "parameters - 15" + }, + { + "type": 11, + "content": { + "version": "LinkItem/1.0", + "style": "tabs", + "links": [ + { + "id": "2b2cd1be-9d25-412c-8444-f005c4789b55", + "cellValue": "tabSel", + "linkTarget": "parameter", + "linkLabel": "Overview", + "subTarget": "Overview", + "style": "link" + }, + { + "id": "cc3e67f2-f20f-4430-8dee-d0773b90d9ce", + "cellValue": "tabSel", + "linkTarget": "parameter", + "linkLabel": "All Traffic", + "subTarget": "AllTraffic", + "style": "link" + } + ] + }, + "name": "links - 7" + }, + { + "type": 3, + "content": { + "version": "KqlItem/1.0", + "query": "NetworkAccessDemo_CL\r\n| project \r\n Timestamp = createdDateTime_t,\r\n User = userPrincipalName_s,\r\n SourceIP = SourceIP,\r\n DestinationIP = destinationIp_s,\r\n DestinationPort = destinationPort_d,\r\n Action = action_s,\r\n PolicyName = policyName_s,\r\n TransportProtocol = transportProtocol_s,\r\n TrafficType = trafficType_s,\r\n DestinationURL = destinationUrl_s,\r\n ReceivedBytes = receivedBytes_d,\r\n SentBytes = sentBytes_d,\r\n DeviceOS = deviceOperatingSystem_s,\r\n PolicyRuleID = policyRuleId_s\r\n| order by Timestamp desc", + "size": 3, + "showAnalytics": true, + "title": "Log", + "timeContextFromParameter": "TimeRange", + "showExportToExcel": true, + "queryType": 0, + "resourceType": "microsoft.operationalinsights/workspaces", + "gridSettings": { + "rowLimit": 1000, + "filter": true + } + }, + "conditionalVisibility": { + "parameterName": "tabSel", + "comparison": "isEqualTo", + "value": "AllTraffic" + }, + "name": "query - 6" + }, + { + "type": 3, + "content": { + "version": "KqlItem/1.0", + "query": "// Unique Users\nNetworkAccessDemo_CL\n| extend GeoInfo = geo_info_from_ip_address(SourceIP) // Extend each row with geolocation info\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\n| project SourceIP, Country = tostring(GeoInfo.country), State = tostring(GeoInfo.state), City = tostring(GeoInfo.city), Latitude = tostring(GeoInfo.latitude), Longitude = tostring(GeoInfo.longitude)\n| summarize UniqueUsers=dcount(Country)\n| extend snapshot = \"Total Locations\"\n| project col1 = UniqueUsers, snapshot\n\n// Union with Unique Devices\n| union (\n NetworkAccessDemo_CL\n | where userPrincipalName_s in ({Users}) or '*' in ({Users})\n | extend BytesInGB = todouble(sentBytes_d + receivedBytes_d) / (1024 * 1024 * 1024) // Convert bytes to gigabytes\n | summarize TotalBytesGB = sum(BytesInGB)\n | extend snapshot = \"Total Bytes (GB)\"\n | project col1 = tolong(TotalBytesGB), snapshot\n)\n\n// Union with Total Internet Access\n| union (\n NetworkAccessDemo_CL\n | where userPrincipalName_s in ({Users}) or '*' in ({Users})\n | summarize TotalTransactions = count()\n | extend snapshot = \"Total Transactions\"\n | project col1 = TotalTransactions, snapshot\n)\n\n// Union with Total Private Access\n// Order by Snapshot for consistent tile ordering on dashboard\n| order by snapshot", + "size": 4, + "timeContextFromParameter": "TimeRange", + "queryType": 0, + "resourceType": "microsoft.operationalinsights/workspaces", + "visualization": "tiles", + "tileSettings": { + "titleContent": { + "columnMatch": "snapshot", + "formatter": 1 + }, + "leftContent": { + "columnMatch": "col1", + "formatter": 12, + "formatOptions": { + "palette": "auto" + } + }, + "showBorder": true, + "size": "auto" + }, + "mapSettings": { + "locInfo": "LatLong", + "sizeSettings": "ExistingClients", + "sizeAggregation": "Sum", + "legendMetric": "ExistingClients", + "legendAggregation": "Sum", + "itemColorSettings": { + "type": "heatmap", + "colorAggregation": "Sum", + "nodeColorField": "ExistingClients", + "heatmapPalette": "greenRed" + } + }, + "textSettings": { + "style": "bignumber" + } + }, + "conditionalVisibility": { + "parameterName": "tabSel", + "comparison": "isEqualTo", + "value": "Overview" + }, + "name": "query - 2" + }, + { + "type": 12, + "content": { + "version": "NotebookGroup/1.0", + "groupType": "editable", + "items": [ + { + "type": 3, + "content": { + "version": "KqlItem/1.0", + "query": "NetworkAccessDemo_CL\r\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\r\n| extend BytesInGB = todouble(sentBytes_d + receivedBytes_d) / (1024 * 1024 * 1024) // Convert bytes to gigabytes\r\n| summarize TotalBytesGB = sum(BytesInGB) by bin(createdDateTime_t, 1h), trafficType_s\r\n| order by bin(createdDateTime_t, 1h) asc, trafficType_s asc\r\n| project createdDateTime_t, trafficType_s, TotalBytesGB\r\n", + "size": 2, + "title": "Usage over Time (GB)", + "timeContextFromParameter": "TimeRange", + "queryType": 0, + "resourceType": "microsoft.operationalinsights/workspaces", + "visualization": "barchart" + }, + "conditionalVisibility": { + "parameterName": "tabSel", + "comparison": "isEqualTo", + "value": "Overview" + }, + "name": "query - 0" + } + ] + }, + "name": "group - 5" + }, + { + "type": 12, + "content": { + "version": "NotebookGroup/1.0", + "groupType": "editable", + "items": [ + { + "type": 3, + "content": { + "version": "KqlItem/1.0", + "query": "NetworkAccessDemo_CL\r\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\r\n| extend GeoInfo = geo_info_from_ip_address(SourceIP) // Extend each row with geolocation info\r\n| project createdDateTime_t, SourceIP, Country = tostring(GeoInfo.country), State = tostring(GeoInfo.state), City = tostring(GeoInfo.city), Latitude = tostring(GeoInfo.latitude), Longitude = tostring(GeoInfo.longitude)\r\n| where Country != \"\"\r\n| summarize Count = count() by City, State, Country\r\n", + "size": 0, + "title": "Locations", + "timeContextFromParameter": "TimeRange", + "queryType": 0, + "resourceType": "microsoft.operationalinsights/workspaces", + "visualization": "map", + "mapSettings": { + "locInfo": "CountryRegion", + "locInfoColumn": "Country", + "latitude": "Latitude", + "longitude": "Longitude", + "sizeSettings": "Count", + "sizeAggregation": "Sum", + "labelSettings": "Country", + "legendMetric": "Country", + "legendAggregation": "Count", + "itemColorSettings": { + "nodeColorField": "Count", + "colorAggregation": "Sum", + "type": "heatmap", + "heatmapPalette": "turquoise" + } + } + }, + "customWidth": "50", + "name": "query - 0" + }, + { + "type": 3, + "content": { + "version": "KqlItem/1.0", + "query": "NetworkAccessDemo_CL\r\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\r\n| where tolower(action_s) == \"allow\" and destinationWebCategory_displayName_s != '' // Filter for allowed traffic\r\n| extend firstCategory = tostring(split(destinationWebCategory_displayName_s, ',')[0]) // Split and get the first category\r\n| summarize Count = count() by firstCategory\r\n| top 10 by Count\r\n", + "size": 2, + "title": "Top Allowed Web Categories", + "timeContextFromParameter": "TimeRange", + "queryType": 0, + "resourceType": "microsoft.operationalinsights/workspaces", + "visualization": "piechart" + }, + "customWidth": "50", + "name": "query - 7" + }, + { + "type": 3, + "content": { + "version": "KqlItem/1.0", + "query": "NetworkAccessDemo_CL\r\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\r\n| where tolower(action_s) == \"block\" and destinationFQDN_s != '' // Filter for allowed traffic\r\n| summarize Count = count() by destinationFQDN_s\r\n| top 100 by Count", + "size": 0, + "title": "Top Blocked Destinations", + "timeContextFromParameter": "TimeRange", + "queryType": 0, + "resourceType": "microsoft.operationalinsights/workspaces" + }, + "customWidth": "50", + "name": "query - 5" + }, + { + "type": 3, + "content": { + "version": "KqlItem/1.0", + "query": "NetworkAccessDemo_CL\r\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\r\n| where tolower(action_s) == \"block\" and destinationWebCategory_displayName_s != '' // Filter for blocked traffic\r\n| extend firstCategory = tostring(split(destinationWebCategory_displayName_s, ',')[0]) // Split and get the first category\r\n| summarize Count = count() by firstCategory\r\n| top 10 by Count\r\n", + "size": 3, + "title": "Top Blocked Web Categories", + "timeContextFromParameter": "TimeRange", + "queryType": 0, + "resourceType": "microsoft.operationalinsights/workspaces", + "visualization": "piechart" + }, + "customWidth": "50", + "name": "query - 6" + }, + { + "type": 3, + "content": { + "version": "KqlItem/1.0", + "query": "NetworkAccessDemo_CL\r\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\r\n| where sentBytes_d > 0\r\n| where tolower(action_s) != \"block\" \r\n| summarize Count = count() , Sent = sum(sentBytes_d), Recived = sum(receivedBytes_d), Total = sum(receivedBytes_d+ sentBytes_d) by destinationFQDN_s\r\n| order by Count desc\r\n", + "size": 0, + "title": "Top Allowed Destinations", + "timeContextFromParameter": "TimeRange", + "queryType": 0, + "resourceType": "microsoft.operationalinsights/workspaces", + "gridSettings": { + "formatters": [ + { + "columnMatch": "Count", + "formatter": 4, + "formatOptions": { + "palette": "magenta" + } + }, + { + "columnMatch": "Recived", + "formatter": 4, + "formatOptions": { + "palette": "turquoise" + } + }, + { + "columnMatch": "Total", + "formatter": 4, + "formatOptions": { + "palette": "pink" + } + }, + { + "columnMatch": "Sent", + "formatter": 4, + "formatOptions": { + "palette": "blue" + } + } + ] + } + }, + "customWidth": "50", + "name": "query - 1" + }, + { + "type": 3, + "content": { + "version": "KqlItem/1.0", + "query": "NetworkAccessDemo_CL\r\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\r\n| where transportProtocol_s != ''\r\n| summarize Count = count() by toupper(transportProtocol_s)\r\n| top 10 by Count\r\n", + "size": 2, + "title": "Protocol Distburion", + "timeContextFromParameter": "TimeRange", + "queryType": 0, + "resourceType": "microsoft.operationalinsights/workspaces", + "visualization": "piechart" + }, + "customWidth": "50", + "name": "query - 3" + } + ] + }, + "conditionalVisibility": { + "parameterName": "tabSel", + "comparison": "isEqualTo", + "value": "Overview" + }, + "name": "group - 4" + } + ], + "fallbackResourceIds": [], + "$schema": "https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json" +} diff --git a/Workbooks/GSANetworkTraffic.json b/Workbooks/GSANetworkTraffic.json new file mode 100644 index 00000000000..75f2f99880b --- /dev/null +++ b/Workbooks/GSANetworkTraffic.json @@ -0,0 +1,421 @@ +{ + "version": "Notebook/1.0", + "items": [ + { + "type": 1, + "content": { + "json": "## Traffic Logs workbook\n---\n\nLog information in the dashboard is limited to 30 days." + }, + "name": "text - 2" + }, + { + "type": 9, + "content": { + "version": "KqlParameterItem/1.0", + "crossComponentResources": [ + "" + ], + "parameters": [ + { + "id": "ff8b2a55-1849-4848-acf8-eab5452e9f10", + "version": "KqlParameterItem/1.0", + "name": "LogAnalyticWorkspace", + "label": "Log Analytic Workspace", + "type": 5, + "description": "The log analytic workspace in which to execute the queries", + "isRequired": true, + "query": "resources\r\n| where type == \"microsoft.operationalinsights/workspaces\"\r\n| project id", + "typeSettings": { + "resourceTypeFilter": { + "microsoft.operationalinsights/workspaces": true + }, + "additionalResourceOptions": [ + "value::1" + ], + "showDefault": false + }, + "timeContext": { + "durationMs": 86400000 + }, + "defaultValue": "value::1", + "queryType": 1, + "resourceType": "microsoft.resourcegraph/resources" + }, + { + "id": "f15f34d8-8e2d-4c39-8dee-be2f979c86a8", + "version": "KqlParameterItem/1.0", + "name": "TimeRange", + "label": "Time Range", + "type": 4, + "isRequired": true, + "typeSettings": { + "selectableValues": [ + { + "durationMs": 300000 + }, + { + "durationMs": 900000 + }, + { + "durationMs": 1800000 + }, + { + "durationMs": 3600000 + }, + { + "durationMs": 14400000 + }, + { + "durationMs": 43200000 + }, + { + "durationMs": 86400000 + }, + { + "durationMs": 172800000 + }, + { + "durationMs": 259200000 + }, + { + "durationMs": 604800000 + }, + { + "durationMs": 1209600000 + }, + { + "durationMs": 2419200000 + }, + { + "durationMs": 2592000000 + } + ], + "allowCustom": true + }, + "timeContext": { + "durationMs": 86400000 + }, + "value": { + "durationMs": 2592000000 + } + }, + { + "id": "8bab511b-53b3-4220-9d1c-372345b06728", + "version": "KqlParameterItem/1.0", + "name": "Users", + "type": 2, + "isRequired": true, + "multiSelect": true, + "quote": "'", + "delimiter": ",", + "query": "EnrichedMicrosoft365AuditLogsDemos_CL\r\n| summarize Count = count() by UserId_s\r\n| order by Count desc, UserId_s asc\r\n| project Value = UserId_s, Label = strcat(UserId_s, ' - ', Count, ' Logs'), Selected = false", + "typeSettings": { + "limitSelectTo": 20, + "additionalResourceOptions": [ + "value::all" + ], + "selectAllValue": "*", + "showDefault": false + }, + "timeContext": { + "durationMs": 0 + }, + "timeContextFromParameter": "TimeRange", + "queryType": 0, + "resourceType": "microsoft.operationalinsights/workspaces", + "value": [ + "value::all" + ] + } + ], + "style": "pills", + "queryType": 1, + "resourceType": "microsoft.operationalinsights/workspaces" + }, + "name": "parameters - 15" + }, + { + "type": 11, + "content": { + "version": "LinkItem/1.0", + "style": "tabs", + "links": [ + { + "id": "2b2cd1be-9d25-412c-8444-f005c4789b55", + "cellValue": "tabSel", + "linkTarget": "parameter", + "linkLabel": "Overview", + "subTarget": "Overview", + "style": "link" + }, + { + "id": "cc3e67f2-f20f-4430-8dee-d0773b90d9ce", + "cellValue": "tabSel", + "linkTarget": "parameter", + "linkLabel": "All Traffic", + "subTarget": "AllTraffic", + "style": "link" + } + ] + }, + "name": "links - 7" + }, + { + "type": 3, + "content": { + "version": "KqlItem/1.0", + "query": "NetworkAccessDemo_CL\r\n| project \r\n Timestamp = createdDateTime_t,\r\n User = userPrincipalName_s,\r\n SourceIP = SourceIP,\r\n DestinationIP = destinationIp_s,\r\n DestinationPort = destinationPort_d,\r\n Action = action_s,\r\n PolicyName = policyName_s,\r\n TransportProtocol = transportProtocol_s,\r\n TrafficType = trafficType_s,\r\n DestinationURL = destinationUrl_s,\r\n ReceivedBytes = receivedBytes_d,\r\n SentBytes = sentBytes_d,\r\n DeviceOS = deviceOperatingSystem_s,\r\n PolicyRuleID = policyRuleId_s\r\n| order by Timestamp desc", + "size": 3, + "showAnalytics": true, + "title": "Log", + "timeContextFromParameter": "TimeRange", + "showExportToExcel": true, + "queryType": 0, + "resourceType": "microsoft.operationalinsights/workspaces", + "gridSettings": { + "rowLimit": 1000, + "filter": true + } + }, + "conditionalVisibility": { + "parameterName": "tabSel", + "comparison": "isEqualTo", + "value": "AllTraffic" + }, + "name": "query - 6" + }, + { + "type": 3, + "content": { + "version": "KqlItem/1.0", + "query": "// Unique Users\nNetworkAccessDemo_CL\n| extend GeoInfo = geo_info_from_ip_address(SourceIP) // Extend each row with geolocation info\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\n| project SourceIP, Country = tostring(GeoInfo.country), State = tostring(GeoInfo.state), City = tostring(GeoInfo.city), Latitude = tostring(GeoInfo.latitude), Longitude = tostring(GeoInfo.longitude)\n| summarize UniqueUsers=dcount(Country)\n| extend snapshot = \"Total Locations\"\n| project col1 = UniqueUsers, snapshot\n\n// Union with Unique Devices\n| union (\n NetworkAccessDemo_CL\n | where userPrincipalName_s in ({Users}) or '*' in ({Users})\n | extend BytesInGB = todouble(sentBytes_d + receivedBytes_d) / (1024 * 1024 * 1024) // Convert bytes to gigabytes\n | summarize TotalBytesGB = sum(BytesInGB)\n | extend snapshot = \"Total Bytes (GB)\"\n | project col1 = tolong(TotalBytesGB), snapshot\n)\n\n// Union with Total Internet Access\n| union (\n NetworkAccessDemo_CL\n | where userPrincipalName_s in ({Users}) or '*' in ({Users})\n | summarize TotalTransactions = count()\n | extend snapshot = \"Total Trasnacations\"\n | project col1 = TotalTransactions, snapshot\n)\n\n// Union with Total Private Access\n// Order by Snapshot for consistent tile ordering on dashboard\n| order by snapshot", + "size": 4, + "timeContextFromParameter": "TimeRange", + "queryType": 0, + "resourceType": "microsoft.operationalinsights/workspaces", + "visualization": "tiles", + "tileSettings": { + "titleContent": { + "columnMatch": "snapshot", + "formatter": 1 + }, + "leftContent": { + "columnMatch": "col1", + "formatter": 12, + "formatOptions": { + "palette": "auto" + } + }, + "showBorder": true, + "size": "auto" + }, + "mapSettings": { + "locInfo": "LatLong", + "sizeSettings": "ExistingClients", + "sizeAggregation": "Sum", + "legendMetric": "ExistingClients", + "legendAggregation": "Sum", + "itemColorSettings": { + "type": "heatmap", + "colorAggregation": "Sum", + "nodeColorField": "ExistingClients", + "heatmapPalette": "greenRed" + } + }, + "textSettings": { + "style": "bignumber" + } + }, + "conditionalVisibility": { + "parameterName": "tabSel", + "comparison": "isEqualTo", + "value": "Overview" + }, + "name": "query - 2" + }, + { + "type": 12, + "content": { + "version": "NotebookGroup/1.0", + "groupType": "editable", + "items": [ + { + "type": 3, + "content": { + "version": "KqlItem/1.0", + "query": "NetworkAccessDemo_CL\r\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\r\n| extend BytesInGB = todouble(sentBytes_d + receivedBytes_d) / (1024 * 1024 * 1024) // Convert bytes to gigabytes\r\n| summarize TotalBytesGB = sum(BytesInGB) by bin(createdDateTime_t, 1h), trafficType_s\r\n| order by bin(createdDateTime_t, 1h) asc, trafficType_s asc\r\n| project createdDateTime_t, trafficType_s, TotalBytesGB\r\n", + "size": 2, + "title": "Usage over Time (GB)", + "timeContextFromParameter": "TimeRange", + "queryType": 0, + "resourceType": "microsoft.operationalinsights/workspaces", + "visualization": "barchart" + }, + "conditionalVisibility": { + "parameterName": "tabSel", + "comparison": "isEqualTo", + "value": "Overview" + }, + "name": "query - 0" + } + ] + }, + "name": "group - 5" + }, + { + "type": 12, + "content": { + "version": "NotebookGroup/1.0", + "groupType": "editable", + "items": [ + { + "type": 3, + "content": { + "version": "KqlItem/1.0", + "query": "NetworkAccessDemo_CL\r\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\r\n| extend GeoInfo = geo_info_from_ip_address(SourceIP) // Extend each row with geolocation info\r\n| project createdDateTime_t, SourceIP, Country = tostring(GeoInfo.country), State = tostring(GeoInfo.state), City = tostring(GeoInfo.city), Latitude = tostring(GeoInfo.latitude), Longitude = tostring(GeoInfo.longitude)\r\n| where Country != \"\"\r\n| summarize Count = count() by City, State, Country\r\n\r\n", + "size": 0, + "title": "Locations", + "timeContextFromParameter": "TimeRange", + "queryType": 0, + "resourceType": "microsoft.operationalinsights/workspaces", + "visualization": "map", + "mapSettings": { + "locInfo": "CountryRegion", + "locInfoColumn": "Country", + "latitude": "Latitude", + "longitude": "Longitude", + "sizeSettings": "Count", + "sizeAggregation": "Sum", + "labelSettings": "Country", + "legendMetric": "Country", + "legendAggregation": "Count", + "itemColorSettings": { + "nodeColorField": "Count", + "colorAggregation": "Sum", + "type": "heatmap", + "heatmapPalette": "turquoise" + } + } + }, + "customWidth": "50", + "name": "query - 0" + }, + { + "type": 3, + "content": { + "version": "KqlItem/1.0", + "query": "NetworkAccessDemo_CL\r\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\r\n| where tolower(action_s) == \"allow\" and destinationWebCategory_displayName_s != '' // Filter for allowed traffic\r\n| extend firstCategory = tostring(split(destinationWebCategory_displayName_s, ',')[0]) // Split and get the first category\r\n| summarize Count = count() by firstCategory\r\n| top 10 by Count\r\n", + "size": 2, + "title": "Top Allowed Web Categories", + "timeContextFromParameter": "TimeRange", + "queryType": 0, + "resourceType": "microsoft.operationalinsights/workspaces", + "visualization": "piechart" + }, + "customWidth": "50", + "name": "query - 7" + }, + { + "type": 3, + "content": { + "version": "KqlItem/1.0", + "query": "NetworkAccessDemo_CL\r\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\r\n| where tolower(action_s) == \"block\" and destinationFQDN_s != '' // Filter for allowed traffic\r\n| summarize Count = count() by destinationFQDN_s\r\n| top 100 by Count", + "size": 0, + "title": "Top Blocked Destinations", + "timeContextFromParameter": "TimeRange", + "queryType": 0, + "resourceType": "microsoft.operationalinsights/workspaces" + }, + "customWidth": "50", + "name": "query - 5" + }, + { + "type": 3, + "content": { + "version": "KqlItem/1.0", + "query": "NetworkAccessDemo_CL\r\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\r\n| where tolower(action_s) == \"block\" and destinationWebCategory_displayName_s != '' // Filter for blocked traffic\r\n| extend firstCategory = tostring(split(destinationWebCategory_displayName_s, ',')[0]) // Split and get the first category\r\n| summarize Count = count() by firstCategory\r\n| top 10 by Count\r\n", + "size": 3, + "title": "Top Blocked Web Categories", + "timeContextFromParameter": "TimeRange", + "queryType": 0, + "resourceType": "microsoft.operationalinsights/workspaces", + "visualization": "piechart" + }, + "customWidth": "50", + "name": "query - 6" + }, + { + "type": 3, + "content": { + "version": "KqlItem/1.0", + "query": "NetworkAccessDemo_CL\r\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\r\n| where sentBytes_d > 0\r\n| where tolower(action_s) != \"block\" \r\n| summarize Count = count() , Sent = sum(sentBytes_d), Recived = sum(receivedBytes_d), Total = sum(receivedBytes_d+ sentBytes_d) by destinationFQDN_s\r\n| order by Count desc\r\n", + "size": 0, + "title": "Top Allowed Destinations", + "timeContextFromParameter": "TimeRange", + "queryType": 0, + "resourceType": "microsoft.operationalinsights/workspaces", + "gridSettings": { + "formatters": [ + { + "columnMatch": "Count", + "formatter": 4, + "formatOptions": { + "palette": "magenta" + } + }, + { + "columnMatch": "Recived", + "formatter": 4, + "formatOptions": { + "palette": "turquoise" + } + }, + { + "columnMatch": "Total", + "formatter": 4, + "formatOptions": { + "palette": "pink" + } + }, + { + "columnMatch": "Sent", + "formatter": 4, + "formatOptions": { + "palette": "blue" + } + } + ] + } + }, + "customWidth": "50", + "name": "query - 1" + }, + { + "type": 3, + "content": { + "version": "KqlItem/1.0", + "query": "NetworkAccessDemo_CL\r\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\r\n| where transportProtocol_s != ''\r\n| summarize Count = count() by toupper(transportProtocol_s)\r\n| top 10 by Count\r\n", + "size": 2, + "title": "Protocol Distburion", + "timeContextFromParameter": "TimeRange", + "queryType": 0, + "resourceType": "microsoft.operationalinsights/workspaces", + "visualization": "piechart" + }, + "customWidth": "50", + "name": "query - 3" + } + ] + }, + "conditionalVisibility": { + "parameterName": "tabSel", + "comparison": "isEqualTo", + "value": "Overview" + }, + "name": "group - 4" + } + ], + "fallbackResourceIds": [ + ], + "$schema": "https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json" +} \ No newline at end of file diff --git a/Workbooks/Images/Logos/gsa.svg b/Workbooks/Images/Logos/gsa.svg new file mode 100644 index 00000000000..407569607d0 --- /dev/null +++ b/Workbooks/Images/Logos/gsa.svg @@ -0,0 +1,5 @@ + + + + + diff --git a/Workbooks/Images/Preview/GSAEnrichedLogsBlack.png b/Workbooks/Images/Preview/GSAEnrichedLogsBlack.png new file mode 100644 index 0000000000000000000000000000000000000000..e255e73c2ba95a19e201decc916ac03cdf623155 GIT binary patch literal 192716 zcmdqJcTkhv*Dh>96ctfXkd9R8N|g>GB~=d;WFI=dIxpDmJ%DGM9 zs%GMG;Q|fkKR*`%dK_C9E}Z27o+}#o0M~I8=~@eC-?kB6Hgs_r4yit_(HEf72k1ag#UZGl^fm-4^bm(QJ4c*$yv!x^K4p!1*5id=OPI!e5Ef@>7gt~3n`P&*wi&G61 z(uvirkHwPZxh=kZmyfE$p0pP&RQhjUN|AdNzuU+@C@FH*au~og``f?$-Jm3O<xrLH^fxZWSrXLG`y*kd8t!UQs7(3g-mlr4D^UdWqMA#$X6P=dH6P^6zilEQp z0l5y;5;=Ocs7MmD=dvsT*2v62lf3v9YE4Ba<5$!Rd@SwsP5mPw;fUbCL&?{nkuKrQ zE(lb|xbVmV(*)Yv8 zo3(oz#lr2TJjz0x7Yi4`{)4X|BFtt z$&f}TjWIcF*$@z4)*O2E5|L{-Rol)FZh#Tr;Myx zLXd=|(OJrRzvmC*B%=Xssc2(MA1~PCrn5k}n1+U};GLADS#vX)u4Ov8j6@N;!$`YH zwGev4yf;yuLo=nj7!I4yv z?5dhNQ}{}_-Gc0Cq2!W6Dl*7{0UW4!xncg|665b-N^h7CVEy#tZpm!m@gyKlK;9>M zP-NFHLWHSnGf~iD{_{@r+y`19$Mm1rpEo_9Kck62aUHqJ+?oXsiCkqE;5hZ7cV{9r zNo{CMZS$_;zB-IUhl);dZ46x&K=6^G7+Olq55|k%LL}-yyySauWiA$ULmJ9um zI*EXF))j*(i(c+z@+qmRE|Sg^`|}g+A(vf)lx8d6)ym>T^t%*&&~N?H%NHM&Ss`6Y z2-|deHvlp2@02YbFE|Mv@H+IXZ4M&aEYOKZl4;+k!pw zrIGHbGW$8wnGXv-J4wHECsO!Xs4b#?m5@eUQ=~BZ&izvQS3O}!3zeQr(i>~11fnF* z^NDKh09kXt+UstohF}3%JfqNX#=?p3<2_vF(1->9T{8)&IDj&qi0ONA*K{v_2JgZ7 zF@U@yIq>X&MVQhwnm`0AKY~EQ9V?uZWyC=>M~b^ zq2FuX&E?iF2YWLLpzfI~Z#qYa^x=TSnQTenuK#(4FDDfn_IufR>VOya&GqVbSW`qr#F`ywdlTIT z@|%TnKP@zo3fP|?20cjdmW5hCc?TPc>x*i%ECM~>XBN9Fn470Jo%Bl+$IO&CIXRV2 zkEYI0`x}!BHJFcTr^i>Yd4Evi9{MOm;5qE7_KlWzUkJW+1ul<}n_K`<92*B3+j9pf zc1QP}CzGTZ*Pb(9_~U}RIPSS|&kM~*izdir>A>1Z zHJWG6es)lbrJ6*!Ia~Bs=^%l?2rU*Dlu-+1i+D2R#e*F6iBK zdF@%WVN$*YdCy4CNmY%mh?3#mybheU6qh#)=_eCfhpN6ql^;;k#pK1=COek9K%G0P zpJRip%XSae7ktQ&GnW^;vCyoiK?h2Tx%VJ8PuRFKzbwjoY;DM(C}}r7tx9`OJYc>( z$PR*JcZ=!C5--&sO;yKSoEu`&Y0VCq$I~pSy{l@Hrz)}>GsORvN?Wz^528DLW(;1H zHO2h2JzSOmzyjW z;1s{x)cxG?DU1_5_LA=BoTBeHI`SrYEh85%(k9%sUsC&!OJiz3No};qFmLrtwn#s3 zZCP=sFnW?0598QTp?W;&_nCA%rSkj6fP4`6eQ|#XOzcn*7W4GD zMG(_`1%|soOR4HqxCyGyvr!wtiAd&G@@rgSlC^|kmFM2nCY-ul1=2nC-O33T^}plj zo{%eaX-($moUZQ%LtNazRXH7smQHq)#b!{_3LiVJFwQGMcb{TuQ>7=3sxEQ$gFc6E zpD5kf9Qn$uP|hmoosJZ(y1y|w1Q1W=q6G2>7f$BKM5bY@$TDxvJ$?Lv2iCL1DYZ5?V`vhkHGny<0K@%H=Pkk9j*@EXW!?^TCUjokJfYMYw0D{iBvsEt=y%T(oF z9>4sL$|82Xh7o=dwR*C?;gP<&Np!5%H2Gx=Q}c_SnDFvw_LJ0)@0oURqPws=t@WES z?mr~J0s+ShgoaKV-v&Dy++BcrA6wSFapVic!$M4Y%bf956t;oQ(8aCMY>_<|!2|Cp z3})!r$=ES1kZj*!$A(Aqf2CdVg-&eWnt|fN^CFv`Sx&Nl9a8F~^j^({u2gn8BPghY z05BT~`^QngpMys^v|%kbMnZuIog2Vb&N8Gq#4b6>t^+Y+4A`7aC zY*@P6kiB%fsx*9)D%M#55%*Bshoh{_oD>h0u}e&x4So{0Cz3b0Hhc-u`BFluv&qLe zRTK-gTeHdm5=&a#wa|?=-;SL9ptW%t1c1{`fdDY~%F3};s+eT#$L3njUH~5dO^Uip zCy{RLd7?k{@2275M?O|n7M)r;w)PjEC#VeV9;Ss@V9hM3QT5i^rsxFkTlO`Yo(w9X zniZ5S!Q?+Ob$qkRGWp=Djg;@srdF2@rIT0iW3TmM?@jHv`$M{p#XcrW&F~wxe=Eq;FqS&wxT; z{BQb|{n=|NwJ!=ddLrwX;{`1z=^qGDM6q3M{)JqL;yzzwJ<~m0x}z}N)`&G>rTL1n zvjlLP_pY#BVTE*R@SJ)O@g|+CK7#}$d#>@MDhQQDXgVHUC}F_51vOB$a*^U2J(#2X ziyB0oOEIw{4*liK7W2|+o7)sa-DC*ouEQIoi?FdwyvUqbU7x=L93(zL~E4rI| zq(=6gck?7bN#ZvjsPAP1TGkt?<@31|$bM<(1lCfoA=n`Hf<>k2m$H<9d}@r_!rI}x zUcJ)OdBuiKbBId!TQlkIWoYwq?hPc+5qUp9h2i9>3+{(8!FW2Uinp# zbHuYN{4cgI7-_cA5LZ=&+nsiJELv--Z$zrUCglfX^t<1rJbB!Q=J^7#`_f1m7jO9y z5L)-eWfuV4&AYiJL1t+v@%ws6sYqy#^-3m62X-;XF3gE`tn*RTu|zRvkN8JJ2Z7

UyIPhhwhVY8w;E0wyUqB-1PH}azWs-5`#)jd z5`~_ATe}SO;r_mMx%y(Wp@;7`rw2?wOB-aK;+ZYdN1WWNq{}){Z!?`QXWcrFn=a>O z75chmK9SnSh##W~`K0%#_PO|R;lwe$F7hCbfdq=?lNr8#KloC<+(8DN+0s>p$4a+$ zLhewU@1S_VwfaF=H;3L{Luce{?xAExZ!-N(+qF0@r##gu37e7kg~DEo=j_&}LDL1E zy4j)e(T`$a8xTZ@N=R{dmo0hMvY)B%+jefynvgZUoJY!8>Cf6qhhlDkleFE-ZWQC(!egiouJbkT z>p*`%2Q*-HNzm0%R1fhj30dv@siaPktKTi_HCi0L6c7uK?veFh3BvE7Qe9W%gT)ew`AB%s!Dd{(>9Pc?=qLB^L@pLOXtOG)7J zzX1CD`bKSR1#w@q?jYauOLeo3>I7dC$S%!XV5Z>|$1lchdkdU2+-90AQ!o1GBN;c&Rk zb_~Hsw3=VoW7ECt_Db8oy)tAz;`*vZ7&t|H8JXv4wh>mp$C!LlTv8|U4@@^Xw-Ri3A+$GAJt;= ztM5TnLHZNSw_seiVx3DFG)m9bSYw*ym1>c3G|ky0uRGiX(8irJr(sOmot`PWn?!FFm(D-PsQ#=}xKPKMMLS?Zy4VI83Gut6 zIy=ib$fT9?dV8dLiFNZy>1llt_yLuKs69dz&bo28xDf>Bn3Bb+F#EW@*F5HW@r>f& zU0$Nbg4LmpXM+S(iO|sd(bO@4j-^rdw*i5=kHBY zt7x7Q_Si&f)rdfd=yx$miBBg@@{;KR`{TksTUHH6gvNz~mH~9*W;1t^xqJA!yu#-{ zY`^>DHC1ga$BLM5;O9Z%APazu&`;E-YHU>!MGZ&qqpIpioWtU0(q9S5bWq~ z+{d=LN#wac<=T~J;sCy1q+9hVF+0FT{ZmP%?02RCsT9GvZ4Hhdag>pIJe07NWUlYK z^XaE#G7e^&$E?4110VKeblO`Nfc5SIvM)GT_-9JK)qG5%WRJ4>HVJM%? z{Z;jXxM7gN6tu6_)Qj-YMLUy&lsWg2$ua98JBw@kRpd>`zKHrE4ySh)$NCQ0M@ZnN z&uh__2ZLElayOyFdJIQGYdmvYO%G+ICU>KgR@yp8@0rMMbGl_&$C$crJvsJ~EcRl7 z)5@ycO3EaRxUSX)sc;D-^X8D}E?O3ZPQ?PMreeKEvDVs|53MbCYQIG%0J8+#vW{bt zeyG}_pTaFk>a7*S3sJ>bTXZ}p5$vL4Qde(GuH%MU#mTuN#*MjGo_v$s=aJ>C$ZhOJ z_6T!`G-v+6#I{`~|M1{Y4HJ=mkRo7B#|oz%cLtA&ozN%EG>qS;P8*+)%%X(VAl` zMaZ+O-)*dR@Kzlnl&z*^8Hcx$+FCB8m&EO@P`QLfW`H1z@lcYRGZO@T5-JfL6x1Sh zw73iq4j`DOj5HU<*B0Q1?hvhxUKJ|dpDIb3*6=S9O;Bu}l)_{pheiOyxwNJl&wgbJ zc;~e&K04(G;~L=}{IWJ9lYSq%`~9Qf!nDu<)qyQX%um^m^I;q-3k_Ud5-U9LmSG3q zX?puI3hG_tqF`*=4}Uxhw~LUFp%X-&fX+s-q zy_@CHj6cU14>3u2A$#)c!LzWp$24QXI`0JNnqDT8EC|N zQ?)+KX))t-z?3BbTu8ArhL?`CO+<{yWgJwL-}CAhL?HV{7wqPNLD8v1+#x*lCB zlIyZ`6_k4Pgez}=LKK$IPzFc$k6aNp>tt(ZW`NN@j-LXwT5QhL4wajK>U|)u5 zuj9@+rWks*^A%#Y{o|f(vGit>KGLgEBk*L;7@}U3r;*fP{V!lHG?;On^8v0F2_;7l z9E>HDtSbhMd^NQ2jv*JbOjqgG=)`qXZ9J1>rzMl^iR>oQ`MqZ&zZbNv;2RT9j~S>Z z{vlDJ*dZ4qL3m!{p4n?rF*;oQey+TVusXSNq!5H5d$wz>X zIR6lttyLQnVnIRAfor9s#ZyH;+|QR%O$*X6%f+6iy&k{%LYV_Et+`!ACKFx}P)Ry+ zY^L)n=obXMBXKamDO^En&1=64dB^U%_6EWq>OVJcR;(~ldwBf`$fc6wMA+nG6Kq09 zedwFGJH~8yC|xA=Z1E|~KY^8=E38|xwORLSkD1M+Hbf=@vLT&tXDa%3yGfDqc)kDCBj z5@*3+y{hwP(Z6uP6~_MS(iUL(sku}J?NXpR>>$ggN5lOOJ}z9~rU0_P3(6O42l-*h z0I3p6wt*r#r;n+ra|dfm7myJ}8vcPIih7Gwaf?pm*Jl2%fks%}I2Q4udx`s9CRs6gi*pzWGY|=JuX_sv@VQRyZnefzz z%yKG}Vo8>%9DG>tU%s23 zztdtD(OIWH<(vmvq}EZ_k=Fbr$cbv)(RrI+hvOMFqNL2X%NLDJB{X3lD)yIESe*VE ze4Z-q&HdLSd<$1kwu;~yDy``r;l?L`3HPk`8=vgGh^x7qs~OHzX$yR#Lo>`ZUx{bG zORrYLgr4tHcF1*a<{~`*Yc8(BJ+zi3FI^xqhI5NU`P0I_cBg)jXMTnZK*79Pe?AZK zW$u9HF7~0BRdk+-h}~DDPKz6clD|%;zqv83deE2h2KtbWZ$Zc|v&B6}wV?R&nrJbb zYU_z%AXS-lof9W|W+;5CrJ%4a_b|!F4 z6lby~S~yt{;g~M@dT|ytx~`XOJ+TQfz&h#%LY5j7Lma%((-~ zKaeF(c|>Eg+pgfhU82;s=N2Y3NPtS5b&}jdxKr`_VI!7Vsp3_ApO)0BDkt?q1Z1)_ zM%Cjxqjt!L975<;1>l)NQP*;-c5B>2()z1YyQ4Bbp+3dYKd1nHGCWBd;kSy(4)=ua zGLHXV3|dIg+4a#6;hwm6%2n@F)mPr7*W);~XwABzjjxk87H{2jPWn&ipWl3?MK>m_ zx*R!r5}7!273<8-4>V%umc!Nu#6Io{$D(+;0IK2*;2acgZo zAE0o+t_+$yc~!z6o9gcUPI{&e5WMkgCJ#`_mK`6DtuPcvM%avHjw=m2A2C_JeV+qv zegl3dtQq@0EtI~z!Y&Pwc8gMvr^2H4{in+mUi>f)YoL2)R~Yv5WUIjK?k5{e7PcuP zBVh2QCx0PH!TTDMW1J|Uv+tZ@C_hZ6tW-+vrYvHE9|Lj&(tvXGXO`r_+`-JE z`F@u<(qFB*jLu)Oo8nuPlpL%t6$+@b`5@BTz#w|(9^oZ_f#adv6Tqn&^-U2Cy#H(a ziD~M;CKxL~G$?s-nk=2E-8UxN>mc&ZyB9{%5<0KNxR*a(@RCFlRi1*Rz~w~ zq_l0EwDEI0@lFugk{=v9_)1BnzSPKzgYYSZT0~23(G^_os33f8{|!ehB!MFaLcd zM%CoKzfzV$ZTN%#mY3gFKWkO_JLz9|c;~9n$X zAzA^%MYN0D8u|L?Xe7Jp<)HcQICkPrmk8*n?Mq$>=w>v ztg&Bq3KS1It!5mrYtJ|$=^Z3e*;dSIPPf3CL`?;p{s>J>s!hUwytqR|%xg$JyYs&lR32+gQir-$2PGy9nvM zA6rQtDnlb7jCv(T9^vvwmi=Czvk#hrPGrW#f=bp+wxbS?b>dpP!Fo-vqeMa zS5zPMnJK7?B74Z5uBXat*Pi`GdJum7%u6@UJSyc2gQB&+`IjnbIGvBH;$eZ1S0W$>XSc{a0_b%CSP-yNEK z{)Y#8`zX1}h2k@H;+JsSi5`BP)2BScvlP_1HP(xdCCl9^7_klbUcQ$^PilYN)gdTo z3TbHr_i&PgRZjN)@!B_evqd1gUU@8|B$xXyx}js))cu`orBG03vSj7X3ol8(-LG^+ z8liP(GH%m5l-2g6kBlCugND^&mxEgG!ZiNpZv@v(h}Znuy$4EhSDJyg#8g zJr68f^U7?z&N;D=U26U8#7=S#yAP8n``TzgfXTNsIUWVZatIw86nWC|9YiE}EzLLO z@bnN~65w?&n&KN~0RZ|zMQ@=q)UIt#J0TCg5JQ^ONJ-R5Q}_%|Sn=X;xmbuDm!yqh zj+>flQupp>;JbQi&Z|nrkv8+K^Fw98;^Tvj(R|wsl!ctPkz_~YA3sfJ3Fx=c97dkR z-44R^rwarLnmNm{NcpP;GE1B7Gs?368db)#9poy2=!@JhQ&xX<9Zsv92_m68D@bY` z-Y%)!jW>)Xb@pA%X9Yj3zsT=^yKf13^tRH5D?}|xLzJQ znVQD6g6JE-q)afVUR^S64@h_w*J~`2SQvFC4?qBkI{@zUrmxn_EY{mNp#|yp>kkcgE{|DthUqbzm_D zaBJ0=6vgXH3C9#4=92~ezj!h6X-N1B2_adUfyaS4{3rEkM?8F#v0#QobaEM?i~4If z9c`*YL=?*uH`F*t2#V>CrL-m_s&7oiUqACxuGRGIw-8>#9&8h>THY`t&H~@kofYuB z`10vqVPN?2!8kSHUik0TFl$vRbUsCl+VQv(N13A*x>CRd1am@g_)9uV{|E%2C zNi8q!qg1;YSJzO)OP?y!f!2WwR#fG6QW2c(R4*QIAGT zEN@*Ddi!m}Yp=5S;mvdou`F{g!_C8IpGJ}2GvLyU_=dLK`PeT1H! z(cn|d(}0r6J-_BJNta;n313f^G>>M+u4(uD8jP1+tYIq*;{zB&o~XM7}7ZYMr&mGB-CR5l)=%6LQOQNLIWYhN|-e zp880L{d{(xHz;xaXoH)(6{2wIdj!@gv$Xicno=0q6MX%B_pvPRUrefUfH=i_g zw0N~9*PMn4w@tFEqT)WSot$43tQ)a-p{{4uLXCN|@|N9`b;A!e<>W{2Z zRK{H<>h9ZX&Ai-*sQ#9+vKDm}<6ZMKom{Kw_e?{WLRx7chwvO-p+QArHACY5-ySzF z@6e5Fmtwp@X3B4Aq8QE8$F3T~EJnE>-0B=dQ!t-!e1A?ewnNwMgEi8foH?^meRcpT zqt$M(C%nzJy|>`56N1j50CD2#EOs1#~8~L3I ztUMlRd}lC3F2(ewu1^-^w*K`Vzc2EhTr=Q@Vv-w;_}RjHeQkNm{nLH;5sx3#SR4M` z&U`r#1uPIJJnD&%gU9#rVR>ele%1e!yvp5Exa8$tFdsQfIiVJ%x^xcStb|I;u`#M9 zQ1{e_#040K9U3%}n;H;g)YUEgT765q^S5z0$#KN)0uGc@)rvzGpyJ|jmFFid&a=*m z9&%iXaJRv11{Ib2qN55lmCAzU;bz&;?Ua7*Ktdt%UVNy+>gfJd_$XX#laSjSv>?@! z2C9+vdj`G@+B~f6hPtdYzgXSFKN|Mm)=PuqJ-g1!gnxKmrGEZ90a5d3p_Ds82?>0B zpBT}0`D`a%HQ*Fyug-;Wj7_d8C{5Nv`gY*Q7=Yh#K+c z21qm8oI5-P|2W9-dbMMz9meO8&xmEl>F)x0%rI)fv-hz&Ef57T%WIv_1O$p14*M!chew;PKp%!E_+a zgQ0w$-DXiADz&b0)y7Jq{-%PHf=u*C3PDT|DB;OMQmJ1CM zyY(lT8KDfyJ6_p64yMsSqXw;gwWw%RGtP*{f*c2YG{V6&dQW5Kg; zc#aK&Gv7t&@bh^*+ilsJCF!6)n5h(`FlYJHROvv>ti{nEnw_lS;>7Bt%KT#Dx8uPf zxtc-yX%f+3c2U82T`IZ2Z5VPHL20sqK7KS{)MUWyUB}Z_eMFy9`Sv_`gfHHgyl4Lk z)xKj>sej9uyR&ge25GrEKNtgBkFQ%a$zZ4=6wc>TIRi-Ze)SK*Bc%k>@y%ovW>Dv# z5{%m=UmKI$kx;~SB$3CJH(ka;uuat@!A68lGq+)E ze(mMt)jiyiRoGE{L2vI#@3<+e78o&yhpsG-YWqpqzVP-#=l~y0eMDYOW!2nZn%4pw zo7FA(>;K#xX?Y>2zSB_J_(zgc*hd+xZR8)cqTWdSe8!MbZ5?sR@VZ9kr2`I~8GpUc zdarn1w3M%$vi(f^aEst$;MC`Ws*8Y!1m71DFM3$KxPRNE)&y3Z#b94jWMMRGJP;R} zF(@tHV)~|pIb%X?zGRA^p=0%t-M7=es>B$?usaP^4IoA;7G9*nsiJknx2&z84KD)Y z+cGjK`4AMI8rb}be9F3-15)AbNSgK9&}jO}v?*!bi!ghb+CXCIHy3cMy;0tz72%RY8mohL`W+|WOG)3txpYhW7Mu$d68XlHQC56U| z^?L~n4*_W}DM1To`fD(QG3$GNzv?OUcbL zqL;m~cGvPu3i9S{X2ex-0dINGH^yQH8LQ}FhLHJDy8otxx8|(pl$nn< zDY0GkvaBg1+C!6Q%*z22ieVhZ^W9>h=809U=8ni|V;1oATfI#gaQ*4HXs;(61%iRl z!ggN@f>kd+hSiZ}-ZjR%DP0!%E_&h0NbC)2PAw&%eXvy+Ymm~y$6Muj3UWWcgaW3&<}C+?BdH@Qzskw!l3A-D{4rTS3i{ z{WN}W(6W$It~59yfaO$9PhE`$Ax?sh*^~!vp7^~}+ZAIv8atj2M9CeRMp%bZsg)KO ztB*qS)w8ef;Urg99JF}7d{q1W9fKKVt97oYn+|5cMRxDgN(a(CEU@sei$|`vefyCU zI{&ku12FFWdTr`7SMq%4bPKR7gKA>q$eufL_nfkHckN;!++~|=VTgCQBw#R@nv{m; zk8V|ssK$Kw_SkeNKI{nfNrAO<*!@)#>Avor<-IW`Ss)0pYQ3ucv@t1&Gff_9KC7Nd z(5Cq5v8@m<+nRhdGV6kas;IQxp^G>2$r!V)2@gK zr5Zs*zm$WE9)e~i&@AE?{%A4NWa#sp{-nq56cI$^PG|EaE1;b86N z1p33u3R`*9O|aF6ktFn0py1v*yzPrDa2dLJHTlBLjZ~aE>3!M0|DAmblNxoE0$*jd zrx_Wzh3{jcA;l9MfFb%naxJA(hxBzbWus0?`37tyufYlqrj{b=SR0KwXfgf zTN6z2@a{iRQwO>>&Py*CK-4>lv^+d{Ld}-my+_>{umIj#sD7=~{TG(t3N)a2EZY@T zvns@sW}IwXyPm$2ZBQ>4!Rs7Iz{O&pO+cYqru&v&ql|(WCSVu5FV_6 zw0f(wR~&#jTkZ(V+PQv*Yz|s#^!yIWaXG4{*N)oLO$Omh(Zc)VWE}*20uuvK{Tqg{ z_l3{9h=T9?#sFH>3+m4UQAE}>Ig@|=oQRbN$;z5Nof{lv=A2#l?oAs`mUZ*iu21%6 zGnIEAL0h8?kEhO^_D(57Fo!?S>dw$Lns8BLaJ{qXi#W|-kxxbn4d3>RlbK!#nC*xb z4XNO$5L<9HJUv%YbYb$QFk<%C z6X<(J>}jJ%pS1lcA$hNiBMPa^i+%j^TqT+*i;I}=V|N#wSle;?xn`fb=Ec!3`#Hy{ z2~xI(8^%*bcb$4wfd)Pm>MfozdllGxlcj|xX~%_326}LRw6i>#p?dM4Sqivnk&W>Q z5cs%M!*;nfY5z_cJf&rTE?D8bp+$Asmkss^%|FDa+yp$9GZ)g9ozJ1umO3G+a=VPx z@i8dt{5i3FL6ZAC*TUpu=8IpxB-)?%=Z!E6{MfZWucJ$G^YAZwrE<<>k2U zg7atlV9aQBcZ``GTM#NCBLHfNBmlqxY>?em`k_FjH*?y=$UgV7BMzc|cpAuaYh{Xg zsCw3ZeBD>?U{zp%%rYx`@;aGI{mQb1ksKmO_zbQmeqE2ga_?zrQT)?08q#oh-2vJz&uWEUZ#%z^ZQnIpXK>BI z>OAq9)M^HHW~4UXI&LsfPsj8`COt*u?2MCuj4_wf64l~XlTx?YMuncNEx!Mrz#!@6 zn|v&}{bWh%_VO!*;d6eTmiuxevC{20q`!vi;|(nu-V~oS3M0UH6E*{uxH#C~z@lEL z!Qxsl&n$kM=SUJWD2j2gyLNOKZgT)eHxS(ap`w+GhxSgVM7nbs)r=SWyXfAdlzrsP zeHq$0K2)L*v{9dZg)1rRK8x_}XPXYeZ{qbPJ}%)h3N1{p*ZIb)1heNuz$n*tvQEI$MuDnhB@8hp`h&f za6Z!)*H3_5NMvPnGMfI;W0BM6D|=PSym(Uu|2$yT@Ect@;>__-K*P=XQ-GT29)8F~w) zy_Q>w5#qi-(c}osilY|o{_>qNB=^NLrSXHEYvawwe3HM<4>)tX0C`@pDbB8$a~5P` zboWb-OvD3-u`4O;-1Z?J<9txS3~C9LxiF>PCOn!UlgbY@@^=E#eVIj#!M=#40V+%d z=BI1L`hTCLcsd_c#xP>zY!Z6}C!{qNv^S-_4k!RX*s0+y-?>luzE0ZO(sOv1`ItLQ z^RC1!Lj3MIE_92qazLY2&lc$`+5gB;Wr+gKRdsQ)I{0I~RU%<=Pp*;1|FvJ^)AGPf zk144){T;8p5Q%q}yki4e&(_VAkkWg6n$!R3Iz81DzVE1u+)2}`KkeXh{Z6h+=2v!& zO#l61T9=9D8NremwVu8eJASKDXF-q!oz1jnGc{qdC`J|PT?Sc7KUU|$KRlOvu_yP^ z(y!N+pR2wvKV=OYUC+WlC(;Ul@|o~eeLQt^m1~$7&}J%2Up4hV(x_euzDBRa_J(Ah zx;6F9FJ5m*pLi;vGtZZfG2KP!@SocOaG_e&2yDJBLacH&WwpPfzhUb`cGQubT!T!x zxuD)^rGg8CZUyFlv(x+EiQlmZ=&K?82V@s6eCt`+0c15;&ve{#+-?n@ zQX|IcFZ`;I`AeQXcXMlJvkJ(>UV zkAk!Nvk(E%&tIOwmpEG7J$PQ!H>ojmOZI=BlhRsR`A^rx`DYqBC~nj~f&g`>U(Af= z?(^7g4S_tz?Jc}tv73mH^v7FgR7KWJrL{8sev6CfoOgUkj`73IPL3=EG!OS&ywfB$ zF8j{qbzyZXhP}KP#sQ=XP=~PzjHQAZK@b5CF0~y}^Of3}PBpECPUPnU&@zdB2avDm zIQv5}mS+hL)m{1MzVzd0I*d&9Qq!%9#e&1vz0+ZPCc}PBOSWI7vgiCVt|xgjVZc&4 zF~fq0rH)@S0qu*{DowsLtBk|Px4{6b~Kn2?JJ z=&GzrT5Dk3;)fj2?V`-prMZSolM0~fiKoS8z_>;M_@rXT)3Sm&$Y{v(mq%Y#R$!_& z6u2CV^BN{5*4@JIh~#+Mr#hJ&4sQyvGYzcQa5ZLhSFgxb%{CE-H^z?`{>$yGB&mmO zG!teWJbCozy#=P3#?MvcfcTqIggkWTP`fg!Eo2Dtv(a6>BVs-eBOfa*RnwC|NoFEo zpj3w07KdeAv&%A6s&$&;VRC6gWx$%7e0OKg^3|R-7cY#{ieRR{AW7ZzD2&pzUjKnQDc<}t!W;>&^J+K5t8zV zH>9_sjuV3?@glp)n~lvG4cg z89PV<{(7u+TgBEF{d@qO{^pw;9cbS#k%<(AgYFkJ2$~v;X~c(IrE1Lj5#L-2<$gyp zpR5O)eZ&-k<@+f!MF!0^D!E-qJx)|I44R?DtI8kdv|531W@MxF;{d$Fe)wXmosHeZ zGh9|B5&CcRPj3ozg$T^5kEmgCK1kKr%R%@z>d#v*krjupIuVu70pPG&SSziQV{}9W ze4yZzqrg}&i!-WD(#c|oYuMf?V``b7`rhZD1ZFt%WUu6nKD%QN`|&CF;TmB=mCLZ` z2w33*xx5YJ?O?kO)h%*$`x8Ecub%<%Oo&*qaa;@S{!v(9mnpsi^1^D`CY*wE+Fm&;;+%Yv1>uK)bEk$=WpxNh`SvwNkk zh0=**s>3kQ^jU41VwVy{owMx z`)Iy&SKqHqzS%)FY3r`IA8Y!=Am;-Oxh$gfbXCE&QJo~A`E+H789Y_wKR(>+Zx*Od zLZDZs`*Q49T8EEox|n%&gn8RpZ2OXCx0U-Uz45;X3a%6wKC)Dwy-pJ^=734_P5t;{ za#-{Ya3%1h%Vsza?X!a!6Jy%#!GfvrH=QS$TOqzoO`tnvw|s^l6s>!Y5RU8<&3LNmXrHB>=fmu~ zHJ<^oR#&f~wEZJzmo;rIjk?04pRL~Jh-`0J7daDT>w3M5{mGCbVmpzXc14u(u;TkD zbs7+tC7{~a>bk&E*85#xQ+EG;)hX@vDSfyg!zyqA*OHIMyX>agtcBK@{}1xsGpxyN z?HW~4Toy!^9RyTVq$^cw6ags&}#xj2n3K4 zLLdP`2qYw&$G!L3d+l?6d_TS)@AY2i7v+K^b3XT+_kE8!#+Z^bZidm>jaN=gPzo^5 z-TiH^h?EwulD(Mr%v;R1!cJ%^#$(92-??%omqy~ggX?q)H)fX~o^R@>=Fm@)tDo7o zn%8~pW*1(I*GF>MN6SZ7PXzZZ`%|pzoBErFgfkTTNB`}uAO!&;HPcdtC(IvmNDN6o zlX-*oJP#b`>0Ilh@_BW)zfa_6Cs&%+De(rJ)yIm8{$SVikYtn)i1V$kP8Kd!{a6oK z=SR@94~=XyB}ffmoR%F%UgU#|X-Ypz)Ko#au_T;r{-SUs9poz3$PZQr$<>W*m6r0H z^I*?j;r0dcN_AwK)Wa>)%eNG<6Q^KHFSi$xmhlC~AEFE+9CLoQ?C~2(@~Q6=bj&!8 z9{039+!YCOvOyFLO3_uz_$>}cWfmtpdPk}^6q)IQ@ZLWWk(cG2#N{1Wjdq3}&M&ZU zTd?%z5LuK*HL7$OXL*gPWGs5LrrDUlBr#~+iDM&0WrP}thwb#pi@YEQO?Pom4Tp5w z@FsF)859|Q$!Wy@SaJEMS2M<)d;w`!bRj$a*zpW!Ja4{YE~wjxTMa9ks___ju9a1| zQ39iMLkqSmaXgO{xTLgh09kI9)zaTJSL@@0gnDz`uUlZ!=JKdV`D9$ZB?=^VuBU8UvWw+ZV+XB9G4 zy6v&)zCH_tP0O_tsvq^3mc56ajG%e`oo2-J85SBzSO|*R^~%@8V~kKq47}P)a*xRC z*Yrh|g?E2){FJFBl}snj#?(Q$9^zrp&fL}#SS~>_`I&gkP*g@Jzlnu+-kXY)ag1V8 zvg*u9!9m$u$qF|0fnXZB!HsyJFsij&r!d>~oTJkkKC-Qx`y3MJgW99%?%yw!SlAFq zV2(4r-#tpnNh#0(Wd_PPZp1dm#yXHA7F07fWqFk)~*BP^V?q6)o)9lXWyRUa3lY(3EGS=D%IXGj#a*}icU-hiaC^}liF$a9c zGbUE8T!*zON)>6Yx%`uKr6lg$TCgxDuil&+uyB`oJx@*7bIPrTAY15hwV$d9O(o2* zZW=9CT!r6ZrY4NpI{WZj!F_YO zO>w8~kq1s)`B2zA3{LHTE-CM47AqL%9`3XB!kj4R8R1B_Rd?4N4wC7Xbt1k}w7;Dl zIj08m`o4Y_tv9GzGud0#tkmzqy0c(4v*tkx6$G6xFg_+M_;@|umQY0P=Ny!V`v3xh z8uKmf&|4GhS?HXN63CFVz*syZr<*)#j-W!#cmNP(I;#?wlGjXOUc` zc*n5TXs^ycLO728Z8lF3JXayT*nJ&kT^qX(cLPQH!+=J}Ehr(JiuY~2-EI{_)b~3{ ztF5W9V48SLJnNo{gZnCbSd*t#@f)OCh6$!McDqM-Ac7CVT$W?vK(Rfasd z$2K)D;V4_kPpo3Q^uDahy#`FZx})>iNEdgSXa0(CsIYKdq^l|Sq3@E&gP7FY^%2R4 zl$Y!ita_jL-8opv?|Ka7v>c*0iTVC$xq_F|D#VHxe0d<)DWcdShaP1wp^R?jJVPG{ zr^2Y?uK7$^n*{oy$(0MEQGZpO@3=EzpAD|SMsar65Xb7k@*`3!`par><~|BlbDZmR zUlxJY=2d*YSdW~@1D}%NT_*D{(tRcdo41Y>RDvJRCo;(8Rr-tLiUVuH;<~5SUapt^ z+5PZGvEBy$7Sch~v`Hv*g|8jRw(5edUbpGOn2>>oUg`f zej;93bh`g_w_*YHrmfzLBZ;MfvN!Id_;>MjJx4g_i8(Q@GE~iC(BRU;i~b zfLyI^C(@SN3fE>g`LmZsjRm%I*k~vuD&kGM$>RAl%GGqL&gFrcGm;`Z^C(F5@tV@F zgERibk5h-bb%tcqRo3f1wH~2wcE}{)kJA40v?8X%KL5z!WsFt)6zfGtbMop!s0(m= zOVR0SH$k62@UUc=q=%H9bA;lNxg5|due|)8__f%FyvI<)-66p?e=d7(U6fDPP|Mvd zFQZE1($*OOmmIk=WtO2<=m9<;*&6AA_d(nrawcjo5n7H2=`E>8hBb-_OXaOpseHNC zX(4)bfq+byTS*_XfaNxe`ZQ|$ig@YmigC}2s>n6ysvt#Cp}bN;FxKbYYDgo>={2q5 z>Aqul$gb=Nsu&^SHEy!cftaNG(vMKs`q63FOJsH3N1(cgICHybYEWhVaP!IJ#|p@q zvW=2!^6C7fq$3TRzgp4`$hF^0hjg>up;>ufvwFjuSo61q&539~s8h~HzEH{*Hpd`6 za%kI$F`FXfx@5n?QjJ0w;jZXS9!jDwaN&oWC8CKKl*XYtIxMh$WFsf%b3(=b(N9uJ zvTB<{gz|@pycA46 zB6sIYKG-ALgKWpydzkd%lnhQXE5e?>X1&Xp$i|}2ARo+PbBL#%kft6K%>_Y^XMZm0 zC|Yhf@FT(uI}sOakw-*VU3w9B+_U<={80w35IiuaV}LRfdGvq*p09rYg@$d^xXAdVd(yn0NVrrnsye}@{o?)5D*MA#QGJJd`vXmEiNKE|jO zQ>~^a*BD2Axg$$CD8qikvkY`?f>p?C5Cu;10+iH+|b!$Nr%Dj)>Q*)~yp;jQ| zn6B$n-!FJ7%QsubDdWLx#Bj?I_*914Bae4i^9_^yXDCS0kf62C&NVg9aAr|R9AWGe zm3ckh8cNCSq`F1DhcY3lOv0iUahcpANxEA?SgfXlvEKN665$%{mHF%IjblWqpc-?} zwAf-VW9H;rbDyr&SUTMuqLa%VM7Aq>JC2(YH`H)?VyM|hP+SNaAulWHm@DKtQgpQV znrdFSs65=MtEfW$&#i~gOSWw4nRd)ujn#F8n$W|fh!=PkB%CK;bsQJZq zI^kom)kd$87H0SdW!LZ49_3I;JPy<`O{_i#+=8aeZDD!)q20pbN;;v}H5FO*o&+Su zc(Z~J4mG#0y+`Iw*WtQq?u|J3sVZJD+h|VG&#&x50|j%i${!aT`J~NdibuXzv9Af+ zhfuIlK#3`s3SZDv9EC~HM+pH$uh)yaimor`-a|#CC5W+wOqd3=(%HIMuPZq#qj219 zzDigpC_SP+6b3TWHzZ0&9ep}xWVliAb<8iR@ESw77HeoCy0oZiFQqbJCc2zAX@;9k z5ES2F{>q>Reg)!c$N)Z8OL;Vln2j@MlAR@!4T@+V>rQ?3Q6Akm>IqHgkk7mUJ50w4 z{VTlMc>m(hi}w!_9c3AB5R~YSrusis^8sLJ6#U5;kq&lkvi$J|y8cCTxN_>nN%qJU z+RdB8hr;&$DYe_DsqgtdpBHU6MK?Y#rnZ94s zxp6{dvT(qA_R&AK@nL$Ha)GNu6{v%fA5QD6`~`TLAJ7o@&f(jy)GmzIe&HPfj>y^) z@*X#XQwM{W*hn3_pY%!$s;W)8cHcvW*WqoMn@y;_6=ST}aHrjmy85>nM|H>Rv?gKo z_W%1+WtIkPs-A@)2Qf~+WYt4K&kA+y54!)G<^{}Nr9*jC+>2DfTi%(h{5?fis{In% zD)Ln2H@Gh zNh*P9kcz)^|11E;zUZw>eDrt7+~2bQ&L43vU)cPXof#d~dB{>FqW`1D{Qa-UUa6?r zx6h6T|JNLCyB`_%$KU4p3rOt0A@Bc_-RS@5B>iuC^LKg8$7VW`6Kx?dgJX&ix!;24 zUHgu;)es?Gvrd2$kJ7`hJMC&blhfEgjziltD4CLe7*@(}rN8Gu(Y+M?o_WBvCvv4- zDuC-#*Jzc?Y%aQ0c*?Ci{rt=0=g?MF@pOH50e69j!fC0pIbilyTSu~N_s6M8$MM;4 zyK47a&0RS^wr*y628FdDE>D@cn{Dn`&i8u(@~Bitol%lGrpNczzJ22zYBIMse5DW=J)SfSA+I z_ql^#!=P#B9+98RBVPIs$W0rS;VjRma?a)D= z_J?n{gublazMX$2&oHzgZZT)5M&Cxg#Vg#eVdj_yccE&gmgJY%64x6@`CH5`^&SoU z{7g{yji|c$$k>3nj7{mq4JJjMz?^QEL}rHOs&Bdxl zGc^KdnwUL_%pM(E-IH4{9YZ!;EYU$88jM>1*8kr|L|IpjVTCO9GMM13z$j-AYE~o2zGnuc$AbnIV>+T zc*yR8klz6@&$nhV(&_5BuTGY~Jz`hdB;!APNtAb}Z6km|J}JaU3E#h8Ke@VcHS}hJ zl}XaOD^kJ-#5B*LnmDiQhzH!VVTDcFmuil`xuL>9v*)s1qr}7`7H);UEX~2VxP#9D zc72IGS(*jX|K?Q#!VMlDEv zu>9+bEXW*XZ*5=eEe(xgCGS6V>C%a?{&FV=g4fqlyQ&BMxdyXU_ziSs4-Hs)n@BGF z0kF)06o&F0L$|L|2`<2pU17YE?WfbtO(Njy8x({KYktu6&T)$6%G&iRp>E}WQQkHbTet~!2L9WwLb zNou|qu=FknA5(BV-K))f)0p4J@+nt$`N$O9f8ul=NW^EwYql#5U%w11TnNhMv+!iY z=Qyp=VY1%FV%>Px5)FkjW{@#s=PfYSex~Fb4 z7))4ZE+A&wk=dq+Hhvn~tN|+}*h=aJ3`adlMAfq`6&meP`)Q^C(-KB)K)U3+6m`z= zrOZE^{%s`Fc>Ph~HA1dOWiT{#P{nJ6x9Re!(@R)+sx=;5w`ie~RU7TWVO{yp!kKt* zEco-YHL^wNoy*GQaT8>S#Ab?|lXp0-Z{n#8(l&v|U2E5M>$|!u7}&)Q7bUz8xVpAD z?xri7h3ZU$?G_+xR-f6(nq+(sBtLz+ldugF%77@NjFV+7Ya{J|SHuI0x-Ln<$v$LZ z)FV8tZ*|V=G9;2(5G1soQ0+NppB=WcN7}0J&2J|m?B>coWhc=YV8^@LqV79-R|M-L z&?Fe*u89%qJ#UhAVb|Uxm$AoWYq z7v`=)s{)oLt|^y!4_5|k2?)2jq&m6kdPO%a&t~9jogAbg+T`hFD5);Pw$|O^ITqc5 z4}i~2#^zfV7|&J>rT%%|xJ}H7afuuMprz|%C0Qs5pe`FhF}dlgUKeIMQq`x>aU(UJ z8Ot0YksHY!$z~WwbWmDaA**9Zry$sxk}BT*l%Y&=dj@j0|YxnQR;I-kewZpgiMLQ$i&WV^=X97lcBKL)1rR?u-2 zzQvpU+rIiJ(Qcsmn3~1a#j(cTO(8c*PgY@qZK|SE@tbNaU6YxQ5qkCE(!Jb)5?inW zW>tw$k3u8^op%rfg^Wn^h-Qxl#ybWq|0s-o0gXtl)MO;XZNr?$k2b|$qac0WwL z!n%F4>C(Z|OG}c%8IKNj9~W}%<9VI*Sb8P6$Nkb%!6tWIC(6KiGn`=W&nbK*q~1Sa z&%w5~rj0-|v5R(<`6`|RZKfsTAF)T`nFbhrYz9j zmW7HQqNe+)k4IM7jpLaUw<%$<7@aOT_>ZHu^?{Zi+hPSD6!n6(w4FXa!;9OI!)fw~ zM3EE9lLW9?6n-MPq#WBJ=ghREVX+4&coRic*g%2FaUj>n-86ZfB5&qI2p`~qwl0$f zD+g8xKBUS4j{=kA_ZcHK>ZCQomv=@IQ3Iu@nVjGce^iNHWDtC=!9J$vZl6m;LD~U&fSmz>H=N)5V1D4!EOTk{o6A&7oU693ZlB4^RIFjH zTW@yZq;}>pTgQ7(lnzMfo^x(_n`|4~G~aVbnGftGXvB{9iHR-)v3aJFO|vuAjKZ{u zT|zrwD%y;ytV1WJk+X~)Zd-m$%g-AN+t?sefMYw+VdplOY@&euzIr>C%U>mcV_FMH z(X_IhLiIOqHZ|doZ^rsoWm~Bgn=fk4GEg{$OYq)OI|47Fa1Zuptxv}0`c!;#c+DaT zH_akKO|00uCs>a)Y{tq3lh@6-YYtTIIM#JMde70rrjHDppX_p(Ew#g!*v?(evjg?M zKMsxTe?toq#I3w4h2qFNVJhx@r_CVq8~rHw)?GVK9fJ7nYT|y;xm?tGzb(&wsk7Q+ zyg;@SI@@)5%I&t+x1CL49#Qa-n@GVk)Q7?+mCl`b`frXh&=xfo0l*Mr%S0Njz6;Rk<6{i{0-3_ zH$;@{?}z+Hwb8TY7{ShLokla%Zk-5SUy)i2Q0brLaaqb!BVTy!>tNHEdbJ(|gtcFJ z3`{`j1aH>5#%+|MuDyKjTNe>eFHGH|<*pfwfQ-B-*Kr8*;mSr{{o0ZI_|c0St9MpE ztSt=7GAX=yb0IL)q{7F<)9*MfQ7wPih!@T}j}3dM9DVQp{dBS>FdyA+q91Ny^>!V8 z_mK;!cCWB&9l`nGPH9B`D71+nvp$(g&N-{x(xLyn?+Mg?yVlZ z96Udu${h;8ul@|L8J32^?>5(sM>;=IO2YY4VV?tn=g`HJb^z+|fj}!qhI^HxI8Wtc z${co(>Qu}`)ptE{Q+d>uk&5H3Wu!4`+$Z%YS3-9&m2(1~NSg?KxlY9PPA42Ue!2{c?NI`ZlW)SW@r4N#Ia{sU08GqJ>4YZ(unxeTjN{GabL3PSa2C zSmf!6-ME>N9Ve=m4mqimOCtYL!*6As(haz78QB`yq~=FHRaqLe9!R(l`e}+(H_KLX zix7EX`6FrS{A}`BG|vyaF|-<)`&gJoQ+;QAR5tx?OhG4J@N9nmsi4-k2rT`Z;P)hX zTZIRx6A4Ljx4w#*$fh&DtrVWIM@I=&_kD@u_@YGqGrlG8A)sKnUfydv_Yx zVU(w$H8BuORagC5($bIPh>YdZ&(vPCX2SM4$nIlCO@OB;R zW4_FGO`E#BMTEMPki7KMEDP`|S8R=o+;zQTf>!8G^numY6CJ6tZY}ZRLaV3VXHYBV zE@#(gss6qxY+H?#X(g5^GqYWM#5lQ_s#@RL3P7JU)$^Z{ z{!tZQ^7Ip8RcOgbOLL_CkZWXR(p1mrJKJ3=5nf|*!e1F#9 zRomMvEteLsa#uKiaXz4z$JPjx>Y{ZaxMeDMLLz3f=HQC#C1JK-Rs_uo&vPju)Hwcbg$hgV`3WgE?=tS} zc3}5tF&qib-&3KH(h_m}Ho3#EZ{-=b12!LKS^W?#L1FPsg^Ap|%}*|Txe;SkZBBZW z1Ekf2Lz0Fc9x^s^Sp7paliy-ZfF#mY;lZgsRnzk(Xg+huW6@f_Zc*N(jDg$YH#X^b ze;BSs_|npJqq_Lj3%-quYF3c{Y=Qojucd$Ld2BO?Js>unxQu8U@*$ZjZZqDZ|EwT1 zspSKKTDV(I$`ODz7ndB0WJ$~HLP~fV{)oZCv zi=|sVB*xAN**|7d5pE`ymJ=`GPGHgZp$xJ-h`*Ysz4S$(@ZKn1kVf*ujV+i&F#BA7 zLq$OUuD)GL5wrTfG5B@w3SwGh@3)JLs{%UVZ2Eaw8##3y9e2My z;ilnT<561OPBP(4N^h!>IP7|1lzR7c)ojjeqoB3>-S47)*hvLxe4df;#&jY$bLPF- z=cm{m&cpZuJPrzylHWa6prjT`Kb06#uu(o!RNeaL;>I-(dm!N4T9SuKBIsCB5}?3M zsan*yKiHAH@@t=BhjTp0RoCtL&{3}EfyK06R0zfta>wcdSPgT_9pW|dY;EPT2mTyv zJtx+5Bx!5&bFi7fH5Ek!omCAx|GFU9j#i!WSg_CC&NJInQ8Zium=>KAaz|d#fr5%( z*edFT3PkqIa{lv#wnFN@oh7j0e?iOttKs+mO~~^9`~I-M4x?@{ zx4dTG{wFO0wC&8oXkMJwF$jtN|8vFI|K`d0zq?%Rw8;~B zK7j{P3Z-i|V7poLq{EC76jn+9oaR={t-MiiT58y}T+=OnM51u32|?LwNUo~;uvxs@ zZ%DB1m9rKkUHxP-bv!Ox`SmgR_t88~qZJ-ctq>11B&`x6f&A)I{wY*u$hmE=U9e7@ zZv$22Ugu33*gVDBe4nj)C5@b##uT>$cTOPe52Rtl=Nmo}k)^s)mHNKgy#WN4PF-8v zR?C$`z_&MO9==@izs`0tFW%baFemK6iAm>wo|RByI!Bt<|9U0c<)1s;(&i6(H}Xi3 zWHDT!zuNL;JW+Y8Mye&fuArAlbSFx2*NQ+|uG{FVh1L!%y4Ks_o=a=;peQ8faT z2H+xn`b^09mI5rPKX{8Fm*=dN?Oey!;$m9Cbu^6dY$2Q&hEtbeux!nP2rJF*vN)YhsF3}MTbMjBjPtoR$~X03QRIKG}lF6x4t1#y;v*O|qw7%X8{B%9(2^*?W$*3{ z6vEe+keukFSHBSeh|aTILK7O}qcYdR@o0H7fo?eebLX~4T_aU)@qvEc?-kas;;ht* zpyRwG?)Mc;0$k#sBb#`TdLDJCq8vLv{~0U+Lzur>J@SD~y}(cl+JtY3x@CvqVPqs` zfdKypK#K%e08ODF@?tn5UFL}G#d@a)XU*BGJfsv0ADsyjua^p0n^p{SEY_ zZDY|n^;d3kri4R{?>3UBYQb0-;bZ5Vmx;<)NIF24PG$M(Q{A+BGZe|x5QlVi^dbQ6 z-uPW4XD8MHke@O_(bUv5^|-O90Z(&$XzvjW zsSj6RoaI{RkT9R`Lh!BoMExU}KDWs?Pwz;Pmjw#0{j)Kl5}NC@*V%4pp)vB8?E?7B zh}u)$!|R0lFrRqu`_FV11T(~55p1;!9` zV!2nREtTKI9bi>QHj+achavfat@ai73sk(r-g2d{rj|j<(&ZpcKeOKRMJB3as3?AMXV6vYUfyDGn?@@6<8@#io}BjrmjF!V#0RROl9rA+OE| z2N*Cj@~9iF3k9t+AjKfN#&LhvHEIAkvVYm1TR}8vEVCdHS3S|m@~Q4Ufmw8%Zi&Ul zoQ_&S=ScW3#BtxKh_1B{3)=9k>LAkE9q*|A#W1Sc0(L<=tB`mDWAm2dpJd9}46KTB zut`6_SPo}GkE1bnIrTugP^eQt6=4{{2aujKGU$S{t zVP^!voBiplScX$C0u{dB-keXv9?&fBq^{`|fQf8GUVkZ4Pu`92t1M4*Y_^8pTR27s zQ-iu~9oUiIFY`WVvIe3SbH{-#!ZE(ktW)0(?E z!*H^NF@HAxOBpng?9zPf$E%|NCN7&H6<^JMy)x6e8(v)nTA*r272gyU#(-Sy0DaJ~ zR7Nt}s2RZg+CNk{cWG}~^`p0(+S^^Tw+02!LW~fMP%7DHUN~cf@DwkxO)I3{jvU4m zQf4rFaR6Eg8`xZ@fGLlY1T1?r$TzSXYob+e*+#ZwLV9N&2e{Yhtck^jb|?dQAOHE5+((IQy%jk4wK%M zKUTM2E3rWZAa|~q)#c25q=Ck09vWMl0}>OGgY9pgYKE>3UW(VGbj)^VnCW`z&gr5@ zM+{oDW=cArYeK;wUQnW1ndD8;A*2R-wMN-Kr6byxSetb-?|?|xU0Q}&>`;Lgqn?nj zPs{ieksWz!a=ut6WQ%1)dye6UQI{7-j@~HoHGv^Mug)gUKAwG6?%a7{RO49B`vQ{~ zilrf?=j*e5U9ewfb!zqQ7{aEI0b$J);r1lhFg|J=dv)r~R{9BPVIEP1yXv0LG)?Vy z#^;1&Y2rU#izz}KGVa|i>YpQIHv3Z|>{3|V5~WOSdT!M}&Ne)os^JndQl0IoZ(Z;d zICX)A;tde!}6k-3tqZhhH`r04a!^kxPy7^+Yz)21z^Z#C}bh^^U3*}q)ODI zR|R~&c0|gNix!uDt|MCuSgxb>TP|T^aVdpHjNRc*1B-KOwOg#zH1TtC{TtIs+Oo^O%x+=OO?40tr9lTm-DTVE*tUIz={v-038{MnqiC@dqq7bzhEu24#^}P z!@iDIb4V+bR1^N1o!JW7QdJpc*W9QU|K56B8BlF3TELDJm-AUfwZOL# z&rB%UPK{@-|zOz-%iZ#vY@Hnp<0_71uTIfZ^R??m|)~3pjZn&z8TNNMobQz@PMY%5|4xXI=QnUA#d6TJ$I2ES% zw<@1)Rja#I7WMdz46HEU0tt$y9tNlI|L}xY55hPxX}n1@HY)B~^jfSA?;6q97ExY1 zHCg*9E|V-#QM29HDX8Coir?V8BTo04WpssIp$(NO3td4w6>QuW{rt6GB93Kb!4*L1 zo^)+hz4X1X8ykL=aL*%}_K;RFcX*QAWLfLjwDFs0!qgNX`5%_$EnC75MlpEo>BKz< zK?2gn2Y$N_ybCt{QrM&uc^+Xw<$WdD|_>(%ijE{2Hf9i9a z;7ml*eZKTbO!#1B84bwR{5XAb?}&ei$AAxy236n5v?3gebD#IDr^O=*xhR6?y0qK>rPLmjf;`l|GhQq8ZC23CqsNJn>?<% z#VES#dXJ&4jkU%dR;voldOaevA!P1raomvDSayn$;rKJTEL2>LJuz6v$D$hJJ{&MO z)mg5|=siAzAZOTcz^)fSkPM1TGomJot?*4lO8e>@9{$wXq*xM!{y5|lAP%R{^?@y{CwhL zvO*{ZR7{JXA|quntGjQ>2l8@M-&?qRcA*VT#JBLBnR`YW598pQ7_x%ld8*>GnB*8aRGd|u#rj~uhfOQrH!(Shk;05=2-MYeG zye>0dnj4o@%Qq^PN*M};!=4?M77muMLYk`vcaQ?F8&d2_S4XRaq(**D>1?gG-|^Eg zQd9GYiAAVw^FZsVLWWyD0rz-kM05cl-MzQBK(rd7xQT0rWyF~!HT!44lIp(}Z%fO9 zL{vX+e-%V-4aeZ=KWon1WKTtftEV^*wcL=GnDOcBF6Mj;Ht#$?aM>s#t}hrvaWniH zCESlLB=vI>)IvOA!{KvBeWU!G{eTmQX_Ciy`lEfkQdnv~%})+K_HwQ9T}m9V|HU4W z0tau2oXbIUhrTe&=nfdRrbv!?SyvMsjxJUL+dNh(zDI+C16J#I?}+9nhX^g0y$-1;VGOB(u7pQl8I+KCeMEjXdM_AWPmpkG93A?xSx<$( z8tBC#Zfpu&4sR;F*X8400SfZW%ZgI!LMWo6ZB$OU!>CrCYptX1q8UkrMug-93s|0z zc?cAUEkE_!(GR{OkkJVpSDD|jzrK*dsFd;NxI@afv#LRsZb!R~6uT+@LU|Q^EeE3R zlS0}{opg+3OXiE!F3c?tZxS~5x8ma8^i-67j8m|e(%Njyt3tI2DWu?*s?2uNE}-r1O}%DYWElWcc`M$Z^zt4Oda`r3tvW3T;?$th7{^ zzgjfaVEEu1o_!FYloKibI=7xWj6+C@rcF02Ef1t?7NVy5dSx7)!_L_&^hY1ZFM2^d z)j6Dz?LPGb*{Z8m>^t|R;j-zP5>$w2CrfR_B_8>9oq5{w-8+cM>fk~9Sx!D?G5GWd z#oWt`yk01g~jte792C z9GfhRWM#6}yeBC-e2XTw$`<>qU-myYuWdH9yB&VEC^EPS`W2w}^M}E98_p?oDB|6k zFB@p#di*6gtI#5LvzKN~vkAPuhSUdtY!u)EtV_lcaA^1EO1liN z!V&Rn1v~DDxU+xIJs)&>KE8+(^9cl9Z4LFg^cmFB`iqK0m?zqz;aum!!d|X!_*i_Q zEs~~bFP>74q`p%13(^`9s`4eIG(?HT;2%aQ4foC(6>&axl6>YOyGtx!#ktY~WmX*L zT7Fw;CwJJ#oqthBtt`f-UNbE@NP-hnD=(|#TSl9FqJKX}$bpPJUvv4KNKVgW*N`>u z(3oyb5edJtgx{cN-?%p@U_W_p< zP9Jo?;rF1>%g!LM{CU9XnMbe@C)$mo779@N3chg99uZWJT0viLfA6ZD$0W<*Ssmbb zgI;wV#(f=EK-(ESm~5M-`H^LWbh$0D1150=6@1c3?Fc+P$PR;ZSrbV(WCqV?oJkk& zwvGA)?d(^~W7Rl%4ryEc`n5N`nx@usWokcx@U&cXpA)q6M?|?{E+t;=iKiHmQ@|zs zj#8bJJDuYlMLjg^*)cEWe`H*5SK5p28227!#cn8u>@H9?i!9G$kxdAH(z*6FWYHuD z`&TAQa@W)|6J#aJgh&j(Pjkx;Rx)9`pnynSS&jzpm&%)2y`qA{j8|3C(7)VzW4j`4 z`-4^EIE3w&Pye{ld>Vx6^dnrx(>mLn3Hkx14%Ck8I1g*AXYoIaBdP*>{M% zxyIC*eGX$_fOn#=Yh4J^)&*KMrhbE2iJJW!$5`~{LJ%+EmMD02owtz-`Vz7QW`Bm| zdH6<>VP_f%V;HwOj~A8PTWg>0nIUu^4z<{|0u(dsktG(R>ZoZqAKh zrII<_>elTUf;zrYA|Olkm3}-C6xR9Ogb8KmjYZJnf2tM}{V6-Y+uMHY2a42u#sQ+C zu_CVm!gQk00&0C9+{V^QZ8JmohA#j5;ZZ9FRILQ1z99GL2SJhi6?~vY?+=T!GdU2q z#fMZi-4m+#Q-Ow*G-&?RfHQizMKp%nFL=2TF6NzAZWfchFFdl?rY!voai4)`>fR%5 zeta1pmHyt5xlc+moi`RVid*ME?6X-~=sT7+{O1&1r8v4BH^&kw|rZ@b6yVmtU>wTqopF4D${9 zZ_r53H5TpksA>nqO)u*>K6pM`#daKQjy}Eu@d`@M-aYb1F}KQt804N+7Z;x<4L2bQ z*;1_YBYc1?k*zr5U+jVk*3R>)N*>m{A1^ryn=K$JaE*6#y9wp@G4Bw7lzgv<;dOFM z^z1Sv0lzX-`TDl4WPue`qYQPql4b2uZGMhS<4X#I{#+4BIt1UCJ6L>8D{n?Gs#i0c zW^Bmz-P)YmD9do!z;*r3=izTSBFBJYH9I2W zADtDf=6w&rWmTIMjU0sIJSJZC0AmOb+M2{3|JPARG)%_kBD_m%x4Heu#gHf(ZMvdW zJbvEDkJsskU@B{j}f&!j$1GGI~Pc z#_itoi`G)N5B`ggagjH#+C{Ot+r_%ygeRIe1X^AbvFdc#d$*n8%hw9-r z1C>7G2%tB3@UNt?O-j7^*cE9HHnElqT~xCJ?!uO~*d`^gxI?G0+^v=tG_&X__T^>4 zxYw%cADj+B$iL8Pz%xbwb?EQMH!rs9IQ;dZzrX&^+7JEz_Y~;=F!GpxotC=2+W z|9hJJ^nlE9BjdDdS`!B29AL%oo9|{ zWLA=#&blQlSQ#3p$Vo3RF9&o;KRXZSZ}tSg+jqu1)4Av7Z<6pZ4vsh{CDpmMNOGa2 z$kRtNe{39r_{vEA6(R>ADZ3nwC^$LDWW!^VK8>4)l&8tG)1u!;WgKsRoJE^%d+Zdj z@bgya&24Sru$AfL$Y-xia;!>jOjfeaVLP4$c-G8Tx=fxJUSc{_`q7j^+ZXbLTCB}M zPJqJVfyhmDKeD%ov6ZD|m;ZFzq0pPBDKnj^;9tLfb$xt%z@;-qwfTUkT4`!9Zp&9> zz3MQti_P>xpLe9}%9~!|ivdE2D-Tx?mU_m|H0vUZYdu9aPHH|Q=VWcmRpMH&`q~y*ocVo1RRFNRDqUGJ!}SmI zw4}TqMxR1t{%tNWQ-Gp^EazDpZUE>&6>bs`Qf)h~mgiqPz9&^%0hv^MUiJbRF@td& zD77~EHTAj^5QjYYjSt_RVC4Oly^vv)_HrjJmme!L^nudmjfCLJs?5Kp`l`2*nD;I1 z$;eMpQ{2jXEmwzEXg5M--YNI^T0qmc#%C<+{SSri<@*8;OV$dKcsAOQ^iZ3;+GLGB(BM>O!z~kW-fc z^HOEwA+^_r+Qn$(}AXZG>%F)}!^nBV7NI_dYO8nLY zW9Ek~TbYUV%JsxAq#m95H~CUYarW+O<#bjGkCeikKe!F<5YEHXK0tbvB!O7BEDIM( zQ+7LmGW>GWh*m9l^ET>X;U`+fug$iTtq$gYP5i|A_aojpC}C;R=e%=faB|j;ZE$e7 z7=e}sA>Oy1Sta}?$W{U@{?NVt0l#lD_8zHjA7I^i7(JaiCH?QE;vWeJP>RC%Vk;Cy z{h8lUcx2mp#6LdGD*9MSrAuc!fZ~sVzqES{SGrhYBNtFb6Ps;zY4U%2iQEIVZ4$Po z9Rq$+4#(aEAUBmGb*aiQ_ShsHIY$lGoIVC)j7&H-?YJx^n;L9}^6Qsz0^|gwS~EaoGi}~30y5nq@4uqqZl|yw zjCG9cH=rls5P->3$55GrSysGFNR~vyV5>xYGGLd~9;eRl{Owv6VCmYi=dUR{g##$B z#+k!P=C^t?OZVvtFUb_96V|teY1=HgeDl!l2c6TDJMO@}95!pddP1glOGM zW7U2$U%y`u^`%=jg*^et5IftR#y146mSI)9@PF=VE3rTS?=0mA{DfG5fR0IR_#aZ zkrUmADW|gJ?SY(78Nv2tTdn#wRg?jIQwX1h5}g4UVM)TEQ$D)tSGcDrAEJX&J0Q~1 z(n@zHu2wXjpk{t;c*vK4}NlM*uFI-3Z_C<4GKfMU3hf15)f0+c#E#0F= znz(s{Y|Oawo#S;bxMf+}lA{tG37X)pJK zkJt1nB8M%N*CV|9$d``EJKml3=oQWbZC?5%tE2KoPZU-N-a2D8@dWQf_V#R;wm;u z9!pvm-v&5~jQ8ikfU*s^QHkv1sXI*857ICz5l8hfDQR?l!d=4T*jssltimaBtUA(&>EYG{J;3Xgg{B#k_xc5R=X8G>8~crh%0 zf|^}Mo$EtVSyfR6k9i9-i>i_-kZpj7OLnFsB^b18&8u!|k)?+Oa~7)Z_MTX)*^?5w zg&ti%xTR(9m1Be~UVct%KmC4-&(C)A3yMlpdJCv1y(lQXDK&Iyfdq(v0!lB^ zdzBibB(zXOsnSb;P^A+>@1cAbx_$P$_c&vG-i%3^H>Q%qizQy10aCRzk_%@kK)*8MT zdTT!csi&5w^SW=xaCoUJQ`rWVwZ2$!=nl1)WPsw)d7`(m$YEQrVhfzoB693FaNp)D zkOeEakg!+qr1$n!^YT8 zsVx1UBf4hAPo)25zOyG|e_7kU!(Q=gU4}XuE-ls)bKFC(LXYEv4@M6%HhC6^nAXa} z0Kl1e5crggqZsF-KfU+H^RlI3RXTy-U+F{bIh?y%#=~jfcu4`KZoohuAK7Ja- zPnsF9o9(DI2%?KQcrW)kju;S$SS(XVTMpbjB#jD{O?I^?C|}isD-2F}TWfE9HEOyH zQ_6NE^vQCzaOwd_7X*=l+DeEQY zR#txetkkw4zRA#3h5+HbTxYSKeJek-Yuar?7SJ&j+~?PEqt24~m4(I+lr3=CpS1+q z-V(%yF&C62Ho{$ZrY6VWq|GIY2n;ZEv~e0JhK6xyS1BycJ4K4#<|9I$AZj}vBMN0I zuXnDy15POA+TgoqN)V>qzUR>g`&%XnU3zQ|<&=}ln@^HaCpF9LjAN{{MDp>SM8fV& z0=_YxItjmQEyy?=I9#>Za!7x9=^>UliNOd`9j-`Ce4yQJS=&#DgezhF(wvA|U56iN zjesC;F?<5%kwlo|&&Wj+r5|;K#dr>*X0ZjM-FsqJ%a>7$@=B_}2!O zNW@Zw^8J@z4CqI&iB@Cp4j|oGnS+Mjn`+6G0UhIJ$7-e`1^JHy+DQy-ap>xTo1_Z@ zYu1re<-fZu35d_yi?FWbJ<=%BpgNqJMaHKP`W4@6y#JW0QzX6P-fCym!>+6~&eaxf z`?S|}_HhI}r`?t=EP8}oeBZ%y=&h+BwL?);76bjGuf_zmoz}8I^D3;woA(vz>kgtN z7B~Ui8@D`VKm?cyS56E_uPuR!e3wfd1VCvmXZ#=<>}DC!h7(V_mzEZXb<&|wF4>iFL&w|C~l zhVD_{QSk4#XaTL)ewOH=vIIwmI^$!q-AJ(t#~SiF4z6)FNUB92x$me0 zF`bI|cQn|*J#XOW`r+3UNFx?ACo%)}%x7aITlM*;a!?A#yaaw)O!RINkxc;XG@qUu z6}Be}@Ju$l_>Nq|Ea`)Q++4YUOl{W&ag)#Yk$yL5xjl6_oa_~Ctv@$znyH@qveOm) z_!9m0MOpLb^`!vdtHVO-biVofRnH=T}jvef63yB$UatbkJV>sg(Sjd143d>aOj z3(R6htKERZsx(~+$WFp*nusRA=1L0ZjNEmoC;?n*m({GypQYCN3}~x_`G@_LJz_X! zq3}ih$hCYNW@)W+?TnXQz<^l-;FIlbi5fsDey(BB->#d zb~+1CeU4IqRaXgtY1MVKYOak_K1f=>!FDDd*6dBm zFqGARdY=4bj-J^fL9>o88%`Xp);~uZNSw3&9Z6uKXW|Z7kb4rmX0~33_JD;@`|hJn zbv%vh)sNMfbKFFTv{%A<)&Ynrj6K;7CS29Zhb^>Ec_un&v&WY&rO#wqMfJIvL9i9t z7zYxL+=|jpg}&wmMoD+)CuE7}#7`{G6LBQO>`Ub!f|!A-%Z8d`z1u%=5=hrn?&b%( zF!_?-yuz;bGJ;#5i#Rwu$vEn>N*WxUnhm*SB0SuVs?I>33KM9ya9`hFLK>6wkxkdx z_UR2?l*+s=YQ5FAOIJ4gjY6^D`?j)p$PEI6)TJMq$ZR%U_|=30!vq{Wy{O9bZ> zkUHCEej4g3D=IEWzxqkJJ>UP;aIya*MjVRGf}tC(Ud;;33J>>!PS54oA0%Q)$AWXR z>4n_UZI-Bkgb@VleMh)?>Y4j*p3U9Yc=Rad8(YftR<3iOeBV5N_Wbz6;1QW6w=m1* z&5>$ETN_>>!YZs>_CSKMXl*1`eW^lqv1|suCKmts$6A|cJNif*p#^%!t(vJZwYu7s zDs2${W>PhCDfn8N22T_9Gu8$;<{zD%rx^}Pr0rnP2^2YlbM5I`4+diAb+7XB@|q$^ z&`l(KoY*;b+9tjn8^5!oOMYe+h=Jz5IzA(N!~@?DndGN$OagPqJSPd1WxAR1Rpe5rDS~92jsw>1n*hc1}TOKYLgDDEvzp4l-1Fd#PDb8qs zlkeSYT>f6)jCt+19lM<=bq&KcCfJa5_qro+!;qk;U!Ju+83cjb&K`5D_m8G|w6eU# zjK(=U#W-#bn1a1#uZaJ;B<_`l^P>!<=*Ny7szm+0=Bb@nRgz zsAXDl^)okeU|x1()=(lGHmYk~hp1fHMNSH~Lo6Os3?~n8@ew{;K%{zz1eKDMizu9L z-n@AN>6i;k98qIK0nuZE1&x13#vPJ2)am``-n1}7_8Ss9PayZBG{eeo%Ij~3%958al+ z($dnLmQc^*X8)Og#{zXQ+P4`jnpwXgA8_t=ju}TRn?;aW6%1+@;1Vpx9v7h7A>|h+ zpLV?Fu6%b^ksTGVqbK#D4IBgc+CG?$hRU5aGW!eZ9%l#HH;2~RtXjo7nPP;W1m&^Q zYb4K1exu+jcyxu5vD4=O!XGSKM^V*LUxxNL2S2a(KnijH{{5+V*vQufn%c)#V>F)x zY4aMJdA*W8et%?lqXahO?!&J#PjI+Pjk=-l=n&7R>J1CT`a~X|(C9XJALvcp>9DU~ zJ|&-5XFgkSgNez@B)`KYX7~xi_mRD&*wFAOv-W-Q#D(E*6(>A-+`_QB!J6nf+YYx5 z@4m5PpW1rLtOz1ra{}1wmzb=j7`pMPkFV1|U)@_uz$8C=LRsGN&ad5lvuL%3jHnN%RcR9;aFiXCOZs@u z`+rF`jV$WYkq_`sRAdAR+Wk7&GB~+P0GtQwBaK>If zd!;klTcsq+@?m?HgT{1pbpmXh;RH$K9mwROK0O|3vEKA}G2yiRXH*Olbw z!wm1p_@Gk1Ue!TL6_p$`+dS9$CV9&b|o$6{B~@m6o!;f>P_-?@Yi_xda^(KiNv{%l<5b$4H#A$D-$)Jrq&&M|LS%9v{s z?s2UIe}M!q_e6zh0lwd8GR7=6r>986z z^(_@i;Nw0f*&cL(&93tqEt*{MBvooxH11%7Tl1@3`p{aQ4VKOC8UDtzbyvj9q3GxV zT9-<<8kaO{OaPMq%AYjw;dRII$}XHmkbzr#)krL}LT2m1s5TS13nM4kJ|lHpWewyg zD6gz|Pb@PJ)|EnH%AVkop#-3tGdxa-)!FHs5!D&k;87{2>}&klSeSclWDo7oPuuzc zXkcku@-V~nQG;L265IRe6fjwu?BROSHqO-P;C%;OU`lDodQ7`DjMO(U-vYBBQ(_+_M8}jIS*ItPT<0Bg@uKY zwJUL035`@4`snO`RDM6ytw(nLU}~Ohsf6BaoZpn>lDF!=Na@{? zEaxB;0vur)$*6|7seoggF*)FG|3IA3?911+Ky}0QaBDqb%8Yi0w{PFp%Alb1FWdg* zm&>(2+i^ucf+GY(*>ZAnpE$JoReUVaUbOmqSbru_wNLV&B$@AgYl&MftNR%~*6G$| z(XZ=+K$>ZGE{N3*s1^GwT$9kF;e;=dVj`2J$@E3;8^)hyR!K`O{9>%-V-IqtgSm+T z)5IdUDr#KQwDlZ^%eGRF<3CuhbUrxduOifCEvIK|iaN|_$XofwjpIAU*?P#pJo2Z5 zlslG_i@9zVB^J4WGd!B65(mB2m;EZoN>7{qd2;P(E1z{UhJwzJ#QnXQJkrWq;$dzH z#sR@+_K1O>Z}wX%J|04{D*N@R1y2clImlRwADy*1LrE!RR)K1!Na?6Q97{S&>DfUZ zJ$CFoM46s1S<-n{gkSpyjOD0^!37_a zAG1H_`ExjnJ}kbx%i;~?+T8NR@I;IV-9&=u!9Jn$YF%+HIOn~SS8 z;ftMcMFM6KoIr5p)cucXko}VLgpP9~56;DJ^ige^!VcM6FD6BE6~ETjKdcyqj1s*^ z(fFX1hW-a4%uMLVEm0U7QJAGoYepwsEB$gfp3P0{pss;c?B>u3=pE$*BgY_eZZqr` zK8Bjl>h3QO#uk_Eg|W2&%N{O?ojGMr`R|}e!AbfFt6H;a8KUM8xTD5ZI(9--ADB8t ze*a$Itg0*l6pu~Hxg)zHTg)ND6|ffC>g7`wzBrLx{3x_3=971KHc$y~9lvc9Lc8zm z3@9T_*2?AEmA^#m4R&ok=Uf|hWZja+7pC9{Hb_#1?&+&yKU;mo*B|e+c~NO~JcYGH z0h8h7TO)RIEjH48h!5lovlsbm)lhm?(X2p{T3Hi*%l>9Q^e+Xg`+i-%KuVbvUf%)^#nrnxH%NrAkd;Q+bo!7}J z-8;NZZCu>;lRU_#(AqXdHK&II$;F-5K5vPjX7>HK4{E)ap6|jTm=Skq&G%uLTZ`gh zfR*YDVVQB49+-yt2#~i$i{f}xom=i%UAr*ijyLSer31cOp+41H1v>6KSDC67oe{IO zOO5-Z?lu#Sh~kGE^UAJ2J@fe(9=&obQN$(8gxygJ?p)l~b6$DIU~=<{m-rs_0A_lr z5IH69aZk7V#<}ToLek@xLgD1MhumP*Z8{Hf_ClOCUG zZmD^jEppY9(>9nKsk1vC)W`&LEvidaPJ zw}`aLbtg1NU7>^3z0q9uO741&-}fH(@FFiGl8je=MOfYunk5b#79mS&nc};p>?nJ> zZanDf>Y5C+8M%i99AGkg<;tcoHu->x1_2w9sK*(ir4oUtI_$sU`9=rCwM$mMLzrLB znyw)n4Vu5EOCoc1zE(OmejIzvp>)y)Nq*tlb&35ZWinNd1mz+f9mlCxg|{TCrB7)w zUZBi~614#)O(3XeDI+bbSG%_{i&RQ}@t~0-@aEy3oGpHi$5<8JxOMsR*LOimYrot015IqFOSvmh6FGOR+$QYPPpFllSVqsq~w}C(Ngn( zKqc3EP~wp_92pjNOSsI1$Fz+RYH4|1;gpj5rAwFWrlU>e4%(PNC1A0pr^6P>h>)HT z`KP{Gha>)^kz-)p;@Zz!PuOU!xpE8=Law&HG+MpUNlnJ7#Fy7lEG`=Nh$1~8c52F) z=k2fWHCM)Zl8noXizj{Qm&+sqv8iw4|E|KCaSEW*wsM&e|0v6Hhi)SOtithkVSau3 zT0u}ZC)PfcHd||JD=_ymA{bwY`&oQmIhyB3b8!Um){p(SmW;%IM`ah38-Y8+{%93z z8LxF%&uf-*3daLc+1YYUtt}K{bxks;M7@RyMFMADbuqIjy&6jE9wp@li0>3W`uS0S zPtT?0sQ8%HTqW{m#BS9gmT(k*O(2?HGavg0Bp*NKZTK{!2R6bf;_Q#TDeEnrZMvAJSl0Ifqe%bpLWcGpijg2yMcvRx#^t3D# znzew(D1Z9&Dfe|*cJ}>(E4FWDm#M`Q+nJ$IC_qrSW#!~Tbt_hlNocFCj*g2OtNmjK zvkBC0|J zk>aQDCfwLa#@sxc_0AnR1%+IGKA#UCPEDU^(6_fQ;_p#cSC`e)j6Nl@FpA-Ru(kc` zU{*u9{GU~rWGH-lwbi)fO z^xqkL^j+xlhtmhA{>LMa1plkq*opsaPWI%#)YWJHQ$T#?zj}7vxc;Bg>60h_gR%4e zzo;V@|M%j5?#0FbPlw%8RiOXZz)V6|Yph_4VURdYl-+#U23p$~K&_igO>$dqb>5V# z!%O0fQ73{Ds3C%EEgSI<-MoJ$O6VT|VDfZ^Ll76syoHi_T+WucHdTVZnnBDy8Lba7 zT!Vj_&bR|M{qR8m-i3#S3B=3_Z!$x&F1=tl?X{)I0!hE2(cT$)TYjpmg^N-F3Vm-? zQQeUJLJpG?kYt6yh2RK%gBsdKtJU17Eo|923@nPH8@Zwu9iP%Wzps=Zt zPB+%&zsurXx4cX(4Y0LBiviOL;CB}(18g@ZmxiDLH$p-}?Aiuq8iSB~hGmnXR3{_E zzlyI#w>JV?n8`pud!1q()!PIQ0MIKH}$T@=z4~znDY!RCrn1c8zRh-vP z2Q>p=a4i^-nwzWOzQ2G9D*d`^RAD0qAD!J#-RkUg;4u>IFx+acjVrUKDnlya5Hq$T z3>AKlZv5RT0t2mqN2u)&MZsZ?va+&5_kEEvkg*!~X__{b%_Ok1?2Vl^9{=_%G$iB( z&TWMP%@OD?a6dCWy~Pjdyb@fGu|Q$b4FY0N122Ij^O_$YEw5~~4TI!`xDy~a%KG;0 zTf27bR=+rWeTh)z9KWB}!bmk}y9uBlnQHg_#=9Qff#fO*(P9Ih!Gi)fExbtIp7~8? zv!hZj{k!iUL=WS|$yK@hgigf4H#{PuImmsFnnCJ&>Hwwt-ULgN$G0bRLT153b}gK% zz~i@Kj$v{WPbKh0_wA3Xg}{Hu;(0d*ou;NHu((t1f4~}Z!w_geRu}Bso5pIrtXypR zeSUivb7&aUMa&i_9`4Nu=rSyb(T}YxA@_3}WA*MIj*$~{^2=35T-OwjYKnRCI2Ym! z%E~P-gZ*$GS7qK}9yEvRC!I6Xa79lu% z&kFGXF_VJb(L>DuU@~k!XANtgL756ys>C_6G1QH?o!Uf^Q{P>phX-QV1lZr8u7d7^T^!;u`7 zN#yT#TbZ7#W2db}ZOtCcyPxJJKnCY$T?vKoyp0$_iH&GGB0#(xL8)|QDdC*B^a!8L zD0Z!X;H{%W{!6_5h*K5pKvdgjb+bjgo;@*McNA@$&eUJ^_wlp}qvo?)r zU~mn@CwScwmfqDui50`F#F&Vft=+K+%L)nNa9G0F2Aq^fwXfac8S!xj30vN;i=Dw{ zVC~QUT_hKJi3WZ*BzPR=Y9doMHLF)crN+kz{qH}Y!OwT_Iir(5IM z4Ts8$LzH~FzU1bH1GCFw0avpJGHOofh2e@N2&LNmd=4rC?a5EiQeIQ`f)A%AZD)>4cwoowB5E^;= z3B$8NQRblbnWFKBd=_3nh;Z!FCgT>pY;kQTEzv@;Ghg$ngS)L{I6bdPv2kaI@j4@c zAh9*j-V}sfHH^);H%v`UEjmn_9^fv=@UrCiEDy$QI0NIxbbl;Uf;5Mqck+VL9l2Uh z@+KbmW2L&A2@mHj97Y|sgFyJ#cSFRJ!Ma3jwu4u?A5m zP8&fTq?e*9+_F}(a`xf;S2P60G=M=?$19`uveCHf{hlAzh@)Am83WaF?LOom%?f_rIkGE-cPQq!S%B*eHXFHvcv-}t1iJ{lyxIeP=YI?IRE(;^osgthD8BP&N-K+21IJKU)mpK<|HWs#FZ9D*IX`RL%= zygziU=1o0qspLXbupde5O4csr7OkaDDQ-RUnd)%s+(~p;`cN(b`i5=vPPDdy92aqn4a*(M{YrMjgi#VBhmw; zv${>KtYMe~2b*MW@^yaxR~br)=G~Q#0yh}?SVA4^){?2*`su~pSHlvU!GeE=Fnb3y zSD|q((;S+WW+6nB0M9I3%Ae5~#m>d`)mt`R+-&(e%=LAl-H&szuv{09Qz9Hbn|#DC z}Ec7MBa^=gU9_l`N1{n@LV7_A339<5Z?KVQ-_UJ?`gxcLYtWoHu;c|4`)#*^ZQ zG7P2bj&cm=N?zY}#tuehd3uo#W}{FNM%!12#C#D%Km*|t3**I?>gqNPxJ#ga-^uRP zjnvEpbTyv2Lfo5*!M#y@{^2~l((m2m3U^40kY#35#0KqXQ6)p>1gFzMoumkg(|7D=Qb z0hy_%EARjeQ8RzNeAcCNZGwLR-mn;7L|VkQC**)B*;{5V+7m2LZfs5=4_|r zj@B@u_ukylRiM$>#d$7pu`*|6d5nC#L&AV6C-Q6_= zcMXkluoc}|1P3`32-_<B>@(-PXtBJHqQbHbn&_G36d^|OP6dlSZ*}K#mCmMD z5#&tqooji=8O!6*8_wEHy@^EOxV6-PSuHBU#yNgO!%E+9xgz0M9)&}dV9!hSVy z`$S>-nJ+mO-NPce6VU8J6h9cDf2t7pS3!FHpn-)px}XKrSr#AmrqK7lCBb{5bGJV z61$5@Q&Uqs4vo(N)X#2NT^u6sB{ulU-?z{TTGvd)LK;V)Ga;4g9QxLEUS_BTI^GQY zE+~K*23!{*<`%Vu7O(566qp880=1I|Ka0d*lKU_%%7S=lRCjPTn^JkOLXE+#iX`O1@=lonwXeUcAd~L)Ue4yMH5D zQqMv9uE!bXRyh@YeN*gY$wP%8$EHv(4+$%VZLAM@H6v$vHN8+0=vcV4p|^N{_LoLy zea8(+Z;f|B0=`bY1_NPcn%&<0sjU>b=a_$G6eXVx3>V~kwk(N~ML>R)ESLrRMC=Ee zZBpjhh_<-D&2`AE5>?TXn1}Pr$PuQf2MY2WKZ8QjcO0pd?X<4LE6iLK;UYs!`jbqH z{Ym3*B9|L>88^~Ia@jsB{=Gp;NBe)rb#KmCLG9^}c#>W7Ify10ZFr7JJ}Ul~@sIva+(i`cwaS_My<bfqk2*O>=bMf)*`Oe0x<4cesEfiBedaIiD%(!rzTW`Xi)~2ZW^G)v;oxA(a z!t@)uU-)Dmk)3!cz2R%p4i!}4A72D6uwk@%&X13B6~yc)y~0<(sCL<%%hV!c z<|F$a(W=eL&Mt3fXUB1|&f+NvSAA#&dB)4bGkIFV`K9}ASYl(CvN)7L+Qd{_wKy1e zrhK?eM|UGtIsly%2)KNZ2Qyebca z6*?i?B;#2P;2y=HS@@m)kwYo98`gTwxr01j;$Wqt-q|XtCwyX9@%AGBP4d&GL(Xf8 z!}MBDFv*f9%?#d2V^ES<2Oru=+i20iG4EGaM&e!dFBM7ogfq;6kJ=+ID5eIKSwW{S zZ*(W_uLpbc>}zM59eBe z-Hv*dB}SL_rHVswME(=u8LRfN1QyQBMI*qS9z;l( zX{%8+tO!XD=hc-Xl$|2UMa?0pwedBw?4SMAXTM*_h4X-UQNM!F--1lzaRZRAGZY!NJuf99n*iC0Q5X-tKx6hBQWm5HaJ^(DE|p&`$sUxf986WF+;9_y28 z_Njnt^b(e>ylZ5?8aUfa&IfMhFV!tx127J?Mv5Ce;HY~Bg~+O2CKV_k)`tjzWe=O2 znnFiVpbqA~h}&p4%$D>_QJHSjQMz_*nd=4#E&!+bBCViTEm08_sk-Wnl)AlEBKl+w zo-N~nOrn9!4{n0p`h$v(<4nQ=7o}6rv8%(IKv-ow>3iwMzxVHsn;e2{6~fDcwklmC zr6B$Ia>}4XsAmmIPL>|fB;?|}rKx<*TzJ?FeTwo#=T9NFn|Dt^D7IMt?*D9RGSQsx z5@sb?4wex-kR;PC|0^*i$rY00Ni$I*ZrQ`8BCcnY`~ke7DdoAzvpu$62l+ckYd$_J zIHd%SX?+87DhSW1gEErb*?bM?VK z_duDwslhpT%3OCwOIlMHtJt1_nBI#QU-za3+fOBoYg7Pl?lfQv>tV_Xin5%bLlb?jA{}wbq)6&{xePM4nYf`zIZkr-|a=@Mp`FGm}ulKI| zY&7S8T%ZFKxBlk?*Ngt5mq(92lKEeh{?F+AZ++tLEcxHc%)dtB`v0va#i&;BV!=t3`lz+|&+(p6Mcf&d7;Xo(3A8xy2fQuey72I0P!JVIuUoa-fy+R_Yp)?VKF{MG zTm7vdv6~b$T)`F+NGpSLzb`s_rrJ189DKQL4iwsU-mDm*lGwx6^wed}D7GgiGz9vy zNa!W(^zu5zufwedi)CpzG_Hdn%FW;-4d|$oew1kxzMYWLRyuS85!wm+-+KdFSg;r8 z?$#2Za|C`)NqKWr809sMr;F+?`V7!-0QpNEtOOxJ-8Nol)kA(VBi8!dPvSruWJZT{ z^PnAh!294C>n&c@%hZ=|bKT&2@Mi}p_8H{~tft=4uJ`9Pk+D?p5C8nRDNUA|xXU6B z>c!Y4H{~{Qf+YZ)Q6KzhZ9aS`L0^x4R zmoH|qR7XQ0RQ8_H@-1Kn%1TLjS3(fzmoL?tC!17H*u&8=G4wmbYut^Tn4z18JMBo; zn>STLFNdA5N1)TfSw&|+?ZxBX&BTMAOr!1P@zrfAmcOMW;yA{CV(ICAL~^tQAFs^Y zw_lAT8k?I#HBFiEV=?Wn)4V(eHOHcPVfk^$gB>TV_{xfMBdnUFo0Xp*5#&0l(t>^n zz#&jxFS5v*`GrP}++iVYH%$8J@4Yejo#wm?lLe(JYBt62!9lH^b^=PiHUYw8J9Z3E zt9^7`wTy2qNN7SKzUi^)_@&qP^}dLR*zc7j1RH{wtB6A7MHceYtN*ya3EK{n`JO=k>RfEoR_p zdcgp&M;&-c%+wzgV zqccmkaA_W1-l?5Yh>d<)H^R8Fs2#$7L`EUX!{5qgooC|d=@QSTGmX1JNlCd1@S(z) z;pCa|1jN#3P1Cl*iH?bGmJO7(7 zGT)S$R#>Qlw!)iWnccU(EiLdTELv(qZ9?yRE5Ws_X*_Bq7mzDh(H{LeNhN>F$-YuP* zjs@%mse`>43H%NVpIPuxz@z8#MQ?8I7p#SbhDK}0+~Tl`%<25cv$8Z|Jf@3`vM|(6 zXOKH9a;HU~BkK1Xu(dmPum25btrQv;ZX|JTHgW+tMGn%=0MZ>k(kNgW$HFc*M0;?W z1unyUun3#7&?m*XPW5R|dHQh`u$&!n-gn&Dn-RCszt5lkYXp00k)L;{8ZnjZ!yFE( zscL{;&tiq>&R`j|e}ueNw&;gz>Q=_ACoMbhL81iPvNnUipwXT$9cHc&<_G#NR zfy&5&-=YHsvVX(4qsC*?@SXb{k&7t&(CMeyz*j?`-<ES{$8kR#7 zg%!06ix#}3z&Zgw6lt|THK+;Hdw(o#$yXnc8SNI&g+@i)1zmG8m9NqG~38d~vwKD3=`p->+Vs0*TMjgg6$b@Z=miO4vT**{Vgk zl;YC%HWl)&?4rDbl6Afgd@j8Ur7y81_TtkJ?I=#qjej|t1~^h-UVdZ{usW{*4T+63 zm9U;HcQgw+uDe8p4ZYU4yEPQqJ9;pUS#66G=7F!@bpa%*$*D+vCuGnfSQwRWm8$nX zqZ+qBGcb1zx+4;Jw;s!Gx@Pw$rFik)z&X&>vxK{LxVPFyg5-(KOsWZdJV%fpqIHFs zx()9Iwgr@f&Mi};hX)uyuOEVE&jtw(_x7SyySpu85|H~ZQl^&fK&{Qu)xS?Lp;s%~ zQVmKaqdb6*?%LGU1Z_Q&LV#?=*;~0;`JBkg&MsV_%}!44Ja|=xU9*hEqirY@E`d!O zofNb=xzvo=SCUgg*Ce3f#%bC$O$TJ86RJ<$5Bw5aG)?1)&A%o#_g2}tFiF2%!fTq+ z0ievXyX=z=V*3ahRRpUu74gz#1_pN3422L+NX0Pi;eA;p*{^)@wNAvJ7#7CeGVbnL zrzwoHI#ba$$8PIQQhbIUh-co7qy(4KE+x z3={{9w6;q?ot}1TSKGQ>iAGBm78Po#>dsSf4H5}B{@grr1nTo&X;F!ZV8@l+T-8xFl@e^Q#H{zEnyWx3`{a2ap7}eAq zKl0}|6|vBN;6}3S56b>)wUQgF<@cdJMn;#3rTRgS&Z(XZj*38TjZ{KYXfcs1xQZd@oWeM z4YwX+RM(U0J(`69!wKUyv5E6#q{WInwrA#AF*?X$$5ju2w?%Yw$4YG1QW=eoVD0*H zi!6s)#IYn9<7erv4Q>N*qBaSDvR_~IZq!v?zTKCMv?>40<%2>zPj5XdcA-$-czCen zXfJaT!rm%Jf*w35*ZCObfhz235VDlJjOyg{r@gJ#!$DfR{p3{a2zhO>kC(egRgaZA z3(H=|>D#>Qs*Bhq@n}J0RXW-JF0Ps@j7_m{Mno5Ra&C5LZ><-3MDfYP1h`*PR#J*c z`Sm6?bN#e02q-m|E--PISZOKg!qoBPN1uJnq0WZxbo@LBpF!|u%|KV^*wVLkG9Dm? z{odr!La$R!NjOXkR__D=`v$+oIDwW|EERHXh|wd$sOaWy;Or)!hEdy4nNu7*@Qz{v zD`{&fa!F#XFr}TilsL`qt!LS82}TXBN~VcsQYU9sQlib;>5n$*%yj3FRbz% zg>Q{sRN{Ay)6?w$mc4qL_UPRmTQ}Q_`2F0PkKG_C&%Cd=1Gwo(E$jVe^<2ykQTvhc zhCg6OhvAC$?@x4$Z3N0<31U!JoyBqj7sIWW-EYNLvC=2(f4|}}IJ0}p@1MrL8(#aD zaqREk-(8H`{4XHj@qhN5`Tr3;?_xx3*f8TZ!=I4~fB5#BbJ_AYirZXVe^Z$x!_S{T z|88;>n%;6kRpf7f9--UAjx&N&xb}T1r>U9K8GlCIfkTj6S$r+aVzSoffcrtZ;rUyC z3fxMvF~I2OPrLaJ-CfZqFkYj}|7!iCg!sCjA-n0r5;BtLss`6zi!;(&=KLtveBtMx zbV}&Tzgo?V71Q8hg=q?;+y&B>SK%5aF(STtC;STcLEfa!O8C<|CZ{6)Tu;c?;LpWu z2hULih5J)1MnI6epZL@wPiB1TxoZ6xiyGmMrX695`ty9-i~n3=s^!|vS9n?(RX0Ef zf6QN@E>kKYyqr68w5z)ATj+mYUoQqk=%atOm4CUHO4{R{54&{qX`TB53kqsjn7WgE zNJ|y!%G8XtcfpwQCu1cKEd@WR(V?7Ja; zw9qC~D7eEli`v465t}lvUnjSApTEX}{bh%52j&gU&7X4?97Wu|`(9d2rgDFD$DhTf zJ1q3FHZHYA{pCwJz*Yc!n3p%d-5RnGx9BEq5ZHkHxoG3}`+V2oIJ0%~naSTf()Gx% z)Lr#9hnUK)>n2sGdz*S1j#PESC2_ChN-I(-8_ju!W1wm;e&;gNRZf<}{)Q8(7rGW` z)RDiaS9b|ETJ;pI?knR|?j0u{tiMoGGwH5g8P;UD#lX@G}0~?vB#sk4> zZjeK(Wux07e|>0gYBNPeG%FU7$vfp{XE&d?*&|8i-cYFGEEPm=b(pVH(sj^V9lo1F6v)fU@AAG3y~|!Ole|5} z+pghsc4LZr_>Cs#OB0g}pyY_B@l8J5Y$FWQpI-qakB$t2;b2deKprGoldkZv=Afo1 z5Zd8=f&0(&4}|=Sv0MZFk;tpHD!$@BS?wI(vp9Ms3hq$3Od6Hfb&H?eXe*kD6}0(! z-G9u-H7q8@Gv{(f1Z zhyQ+AMTw|8U|EtUFhzgPQEM)Ss%rU=m4U=4QsQ7v8Q7JP3)?1j98_)pqR^f}Ncvaq zVIqy!zq}A2ZrZpG7ru6Qird(u0Gcvs%nMy@>Zm`{Qt5rcP~5_F&FJsz9m_mVsnBsl zd!;}R|M?uz5Da@|0iy;?YXsvdO1s-xbF>YGEd%wg6vaXNzX=B zK`!Kdno%rGV({I!*6x-%m0$yq1*H1z{oV5I8m*%j9GiTpsd=x=#l^$)&+Er`k6v2e zdcXKD6r3_H0x&dK@86gEMID-!k5+SauLcN$oJLga+yOTakIFm)J?l*l9S|uS()tK!>=lOTK5AKDOL2V(>yB_Yl$a{nOH^x?xZZeW9v;t99|(u(coJ17C&2y2R4P zu1(Z?d1J>9;a4MNWLJ(KWg%;->go*rzZc@{z#XM)+@PSEd}Orr_efD7; zX_~2=LyEtqKlpr*Rh0}gyZ%g7HSE3gQyJA%@>knnXhu%(rlh2%muG0v6Busu@W^H7 z-2aY!PCtasX3sHh&4yXIB`-I8mob#|!jJBPj9|o#ByVnB{+;cPX0S{e;{6A|p5EdG zAG{&OWvICWs{5G#b7;Vr9xA8n-33U5@0T-geXMJ5wOS)1xV1UbZ~s95k7o06*5LEp zljK!3vwigBiRbp-!(Tz23G#|GM&o{)vc<6($1lCMrfXGsp{K{?Uag;Pk*%d>`~Dkn zi6ZTGY(zwUmbbT0<@528{Y)a&cwoEwJ7zZ@ld-1Ut|#i-t9qRhFyr~SynN=~J+APW z`TMf6vSH!H4h$oy85vT|a_7=PHZ^a~U^Gu>TIR+b^6ArRO$1dCc~V-L6(3)Z{Chl_ zB=IrWHY+cuDF=EcT=AJ&V{L(Qx&X4!;#x}8#)We&OYLPb}blZ>45bA1N2-Mt( z)IDTWOQ&e94`d#B(q4RgW{=6ZV`3Q6lk=;L&8XN^cthuce<3I5mzGlb zbDAY^xj+WMlqL45bsx>@FEE*>y&z*9I_T}|?Jx5W+?0RvB-9uaB}l3c9bvEA)bvqZ z*>U6apr<$bmGP`>KbPXX>1Ae`8w6Z_#5XbonfA%S%&oUzmA+(teeBL4IO+-+CZ&_3+@_MVE44lDbp?#&}LmSxYitnA!E18>7;WX#`g-C}L_#`#`G zI)uMe>yy!hhV=CI%0AVI0y<2s44*R?l%pfRhdQ$^y-`YC3?o&vW|@knp7~>%>^>$_ zd&5+|a%tN~z9!WjmduWh8(sa+*+kJcpFMSV1P+aoHD&o?8&}e5$whSJpQse}ynHq2 z(pN*vbYF@$imy*l=JN%4`*WQ&Hz|i?+kZxUPhQtK-`LW+I z`tREcxl~ItyHebMaB|8wnwpeVu#BTrPNrhYfAZr;y_}0n^vhQ-wa_2ZCa+jD_C9)- zQ4a(N))Do)^k;)MW&I`8_ym$tQhM|lKFMI(zT8cG+51xVm1fo{# zEswZ5^P699Zj0R4l9QKX9nx)h|NUu8&kJ>3PX3Y-mASyo@7`~-!lYUU-=6nR6l-lZ z(SmzZj;9Prz4=AW%5z^uj)Ee+GFvC2EsBM@7SMc@MvI?PJ_OO5G|vZ;c**PepW&hRy9lh+#*sbt}j$n zUb13&c+x6!e-?6?1?|kw-*4fZnP3AR_=S67{1ksN%%2;KtHU2l$%j63(Z?uQfc z7#SDn$89(F=m$IJDHhKFMpjo>N)5ZR+eg`~%Qn%XH;vjCbqnow-oUKP%f&Jq{4U@w zPv!p~qTVu~$u@5PSGh&KDGL-3P$`j8x)G5s>25|h3}lpuf+$Fj?(S{|B1m_P93dbv z7|nn&_@CU*|9O7C@P#iFuU$LOZyd+x@G^7##*mjQ2a!sEOb!R(0|JA;kuKj)yX(|f z&&sYzzKWr;mHxrhR7xI8KDt#}XSw;+eUksVNI#y2(VNJlr}FoKKA&rh4g9_mRn%-# zIK(N$W45%oFa~uhY&cyKlPf(yF?!#?{pHtim57yUBOrQyai>S_54Njuxrn6SAp@IE z_-f;Dw9;(4$*OM4?Z3sve{W7YGq5*xDXGa9GBDH2xmY~?P+oq9%zpPYlaZ^}N_3f;8l3~^Gkr%zFX}jFcJ+k<67FolS%xhHZvKz+!^!}kyJgDnwRctm`>j&7ahmxo(3 zzz`_9R$t>2N+qi7iaU-@+@zYVTenUdM{4M5MFj=H`rh5YNB+#^^&W+eD!Mm>aK*az zAqi~w>HUGJk>TMNVFT>bs>fUNEZ&|wmFZE-62asnT%JN-zkiQQZWfD51rJ_6+^|gF zd>EfS*-rO>Ug6PT74Ee#^AKu*9DHwWCbK(HO?iE%|5sML83IPJA73r+4bQLLk(0as z=n=DK>_jE2|ExFFVtaf0YOxzfL`*dg3p;0Q{;qXF{)_0uM%(F1mz0Mz0w(SL#7~3_ zY>Vu`#Qg2?ic=ieve-?f@oW=^D9A=NCQ=oY3dT!heYUJT%(~%!!A0P1`C>x!gn~r2yL%9RQvZ%p%(Z$PIia8l zY1o?8eoBojCT4@azm$;7c3KGFW0TQ@=0M1;k%Y+g7Xb5{VsF%{Wtoik+mkwF7-fGD zeV3CJ&K6aY#IGZ{Rempvk%ir``Zq7~5i2wddY_V<<*4T9{=L8O@bA&x>((r+EEuhz zkgwgcA)_DfXrHm7{NiFM`Wh!#83h>!YFD*vN%lrmRpCo-s%$~|rJJ?0!PZH~O3hy! zn=;FHEB8>*&p*_{a!qdGIsxO$8RiKgp07q*d_3=E!li<5Z;X|-f*L1e;SuvHL<;!i z3B3(fdgok(MsP;liys1%s7^AcIi$nWUKFrwjIML!k?v*k&`MVgZp|aqwK(+c$Nu}m zUH$gaJOn(Xx89M=3{0}>=2h>crR2aNo1KG=QbJGandglLZP{=SMXroLw8^(CC%&tx z8C&UxN+hLTs#zMxX$Sv1%tql75^{g}d#r;#zq}^o%gV|ze5<)-wCwU)K}lKkOrqX& zxks%1Y;#+X$MB?W#5)6@%$pu3bFfaOM2@9MQ#D7cX*=+fNz4aZG@kr{Cl2El|^!T{eY-JvO z+7L4IMsNwueI9*7#jbL*=>X#URKU8CbxbJci{-n$ zt`i6A_{?AUN{c0fr0~=X&xPw0);aAVf4+2BtHrZ3vW07 z&))g!@d-5EuKmcsoG1Uz;&Zl@g@P?CvEw(>*Uxs&Z?oS?z3VAGFRAoe7GmLKty<-^ zmZ0VZxq0jme|5JiP)7k7W_xTzJOiTAl}$nF>gt`)Qtz-z0aTUquIO9asM9w0~hgK=bd~*L?SX`N=?z9!X8V$8qgq`M0i&z4f^9G z(>%MNKmv6C+d5ihI!rgcJ#NBXu@bh0Jp8;(l_`#0x$Se~$ZBFn*O%Wz!m2`FCqkJz z>6mYkZjtm03Lb9ozd6IwF)UF%$)&V;p2_&^nFL>{F@4j4XFcODi_4Z9M5Q*!3fZft z_TR6MSszWlkHuK#4POi1YMzfuPGnNO7dgXZ6IObkmSZ3+u`NTou&5By*IA=hB-)L( z&8euUfB-d%kg_ym3l)&O5SZYL%h1+!FUuE;iTXqJO9k zYgNsr&JG<1s@_KVTY)=;&ZTBNpbS*fb|J)%4W1Xute9=#uqNcCxXzjq3Q! zP*6}5)p;gumyc?JMsLkDps4JvQoI9rwQzVp7M7Rr{r&rQ!b78YSxNcEZJqW50)ynm zvDV1N;IFT2@}0`B1?l(~Z!NUSXt5a<6U{g?QmseA6Pa{%y(qRa+KBJ$$yJt_)D`Pj zz5VlN*&*q5MaAfrQFLPRU!z$zUQOOwqBz7h?&hz zPQsYc#^wxl+h9-wighQ{#I zXyuuxv;YC*^A7<}&zwB8N;{Yt<>HGTJU2vSVlznjSH6c-e9Q+|%&aF#b^-CfwbtSA zrP}sOYrf>$Bva0HWk}v5UfxRYAr2N+b}>_3eV)Mn^@?bQ-bWB<2$EF~u?}Tr=ZNav z=bGgwp%{A_wYc~{!;Pzt?1}L|`pH4ndt9A#^pPVYqwkHKt`j8IJV$85A&p;EWQSMo zjy~x&NDuQfRlNuLycZYiFA56tWA?wfZp0?A@bXgW471(2BgYpi(}qc@{Lm%>9KSt} zBVv-Dn=>g#=YMqupP#)$$9SiT!+8Hf#RM$R?%G#AVkey@`Ey6nc9|d1umPdFNVdp( zkrWoHnYv7KV%G1aG$A>>-J9+tq&BX7wpkW2oO+vf=#EFr(d^X7zGDY{cG*A98!j8K z7-xoy(39p4!o{EYj%|;LQQ^hK1{?g&Ux87M@NX&=Pr7v9z+9b?=VUX}D{|2=%g7O8 z+KmKV;C0<7)h})e*26dVi#}SFdmh!5EdorBfDZ86$z+<<;jilJgH}@7YLDk69)&R_yJm>1x`Ld~NcuuiKCe3WrbC z|5H%NRwKPsQ>0bz(AhhzYMx!$JO^|14xsLg)pGbS?qIu|MQCB&UQBpn-BpOamnM+V zP(!ntn9?kP`Nsp%T5!HWXR!@#?zaChg2kpDMSv1oyRX(EDW^rb?;0#qLQ+Ql5{w>^ zs5~l@rIDvMNh)8k%~`dP12~?fRkEy5aZfhO81LJ6na?xXKK^+Z!(PJegYheI%8%>) zrZ(MZ6CLyL(apcK{*(#RQBkSSz?%7wCp5$IsSA1WO-1XwL4;qd7efe>zI>7D)xY$T zA|$1?ObFmX2NU|*p!C*yKXP*E{T)0li`m#!{J#TApzwCBfRxR(Uq7FP zAwj@Hs^Rylde2XVYZY8Zt~c?+zFh=^^{mq;IHu$ddW%TauD{8Z>h7rT#@>h4X})-YHP?WhhPxvTT-P(g&MTg`qxm!)wOUtk8~n3Dv_gR zg15FcGO_JBmzo*MquQl<_otYgqOwa@>Py~34Q%K zd-o%adN76k%E_m^Id>iuboK@rA*9_pJ{7^_Ktl6ck93Q*JVVR}BLKA~D_Q1w@fJNs z4+aia?bI8mtSob!v5slfD8G&Oum0c5?FU}&-`38OJ_er-F_Q~00nhPkdDkC~h_&8) z#lz2|>--Z=Vh0)PtU=-ojnPN($YR17*}``B?Ce}QTRl!2d+V6j=FIXAk|`Y>zkBz8 zA3)H5l_;KM5R%b66ZAqbvdtlC3r4sg);cnpnhnLqh_|33tm-G9;MH_�?>ogIR6z zOTZrDxHr{M*x`1xk**-zP=ec@fhk*7qK$)voufMD6kIiMNP8_MN2TNHztsQcXc0X5 z)y~)~XplJPw}Yxu=X27tA}Q!nh!HMZW*)K@Y^7Rty+5)aKIglqW)uUMVirXr_wXgAQ&da@yi4Nm1Jp&i4A{`gU;cn_2b0g8`E z0veeV&s%h+jmu>`R-LNeaEr1bhM*0R=F9*;!^y(RS}UYdHQRAwj&fyG)6;v2!*0h$ zWfBC(3QE?ALpBrcZyd9ZZd)lTCXY7=)i)NZQ4ILbev+> zG*3f>3}l|7e9G&m>fxP(&XJFeo5v?6^@g@{g9!J!I^-=ZvY$+~8gEjgue6r6_6BRY zQVOlt334(s-|{)>u#Q=!(nG^)?vpQ7b$0*4-?BLB1wWXYJT`y)&bAlEHAsb447likk6tD91=R*qqJI^>9V?Vr&gBri z7Bp^&HU0pgLQ*mzwSU13ST-if80*>J*l9&biLqTo(`tG?A{I=tEpjf63kH>j}ATC z^K;QLUT$f06@N;{9| zyEun5Xt%SASGqrmE0ZU_&Z;Oi`rGd}c7ykm4O7M-mqtfDS{UDdumy#c1=*P>e5e=Y z`JhZ-_{&gqdTN+qAS{fJAzBL~XSrD6UfkclJ-h31Kgj@M}R_5&Xmy#i< z_-xh~YRN7s^QPDMl+GFdL7xYpWeU>iFJW-n>;3U2`#Zrkt0Po6~n#HR!U&HNw@;z?dVu zBZddNvG9pCD#gf{L`w;Z5sa6-UQm-$U&)hAH17-P1%m2Sq(3#vJ7I9l)l|a0ltV>c zIkJDtKu%tPfcY;eIV8yd_mFIN-S4r^c%zlrjSqF|2L-tMUDl0kAi zegurH%rcc+ZY7cO>g#q90fdan>(Ud0pbZ`P^yKWA&V)oY%+a54X( z|NMET)Z8;r9e0;nSC)9c4+o2dB+BidX>Et|drMR4F%};>^jhWDem4Ye;CXN=Ask4ux z{@&glN0bs=PSU)d=cmHXj&xnhqFY9rGR%MTy@Wu1ONNn|!D&zLwnM^OGqYubBN|6a z%ja2Hz_g$+>J4dhqp^~BZ?l15m}O6zFN!PjH)ojhl^y-oT*?u%6nUsu-JE8_^xV)` z+VTgEf9MnBj{&NvP5Z1R|LCo}UgLHk;dn;_dh4Kx3m#<)`SSt6d`!oq!K9S(Y|qi3 zchPLBT$PUjnVN2D2VRpO!8?9f(*_{cv^d(FP}9(O82_z3V{KnX{4CP8PfUD?&9DBL z1e(Kc0Z-8`rNoyFzGsARAy*g&?5H;)MBTFcO1b@#h}jUY59aI zEw+b$+f)-?tH2lyo6v~L=+|`fgKt!NB*)k@wCXW3595# ztyCm_!lmd`5@B8bP80eCB5EBzuRt|5qGQbb{cr0w1`YF$fyV|-o%qARz)ld>k~xQy z{ZSMc6!sVbtwv5yOiW;?G~|7KOK!?qztK=~09e%1BMg+hltbKr7jpy#ViY?0k_tA{ zw68syLsNK^q<^Hm0QY3IA|rSl)2}qCZu9pl(Fr?NDkci4gU*&pXKZN%Tlb?^yZn4x ze@oP%=iJkxExB%G;IjF7ADm5uAstu&7Omq!Vw63q@klg0mQ}kqC(iI?doW4tJ$jT? z_H}|AWdeMi;dGos=bMze6=q+KL`H)z@ZI#`|G)+I#7=uudOzJHTDhb>YyJ7~pD{XK z|NXJF-lDP#^$UKSziZd_LPQ@&>s#Q><*z?_rF0dw_ z|C`1JQ%i_{?c4b*O}%-D@XSj>oc~Ek@|Ha%fB}g9fCF4dA7|QWj-fYd0k8#nW}RBu zC;cvFe%|kztQrzy1sMzQ6d5Snk7+la9aJq2rGAv{Ej2Wm`TP57^T8mIqRpL;!|1); z_649rZ#XCw-gX@?D%Kw&igkvs?zCc(-wK>3NHj4A}|;yl&`F4I&^8W z_2LNpJDu?r=KtYK&H;X!SW&Q{Y`bSYhNO15b2x*(vpZ(PN-v@#-sJ&?ZMUOMc|DjeYn?0je3hwV-XXjJEo_B5wv(l6l#E`4!8M82z{Yd?!j7Vl;zkdvR0e1W?(pu^B0LdT)AG1oxmUY>^ z!t87v+rpPX1i^Io@ckOC(x}G5;)O#*`CaeZcE>?N*zSG|JGW&DJ)V%HVx!T?_ZD#! z3%Av@*RV7?qg{F?;znDwHnd)tvkmc=cdVn5@c_JymwM&hXA`V!eV>jkk*4p}4$slA z8{Kk6%a5qguNZ~S6?`RAK-oRx?$Cjjk4+))oTGBS|A2X!NimwoQ#qWF-8?YpM-1p5 zb%#UvVvzL*v=sBu_CI^$T>m(klF%ztDJ^MM|E!vu=xz_y4TA6iTj-c`y5V+}bvAsJX6yrGw zuSF7T-b`jB=<+NpdKVh_X6l+H8i;0wUA6^i+)hCju(y#hn|vVF=CwKHfbKk?s?Tc| znW)DZ_tla1WFJ+xsMrR@L{*v<^;HkjiCBC-F`OR33eaRS@FKL+{eIM8pR)^7ea`3E zRSirKq3X`w8OrKXuKtM-!{3qxTCJY`-bgWD+%zt=C3rJJGZ7&b`0Zb^El+4+i&Yve z^Z{5MwOoagHEb8v^#G8yK6T$my<(*mI!kj`F`m8wY4V@%;~( zc($J9`nR7O0>bf#(OtBL?D)`BLjago$(do+0bvn+QR=Kkje!1&HR6AR5 zDrti0kywy9!lOZqz>h278pr9+TPx@Vfm#wJ8GV)FzB=H&N>lO!H09Z~fAG!e37Lln z?Mr8;oPHcvC~CA}gD@4(@ShOo)CjjhF`4}X&tBt;^G99>1N@*_Qf)atD(i^@ew?3C zT`C?PwI_HWJfgW-La0kenDEe;T{GI=b!{(RikZ)-4WGY2;A436MQ)R7v_U7Q4V`h|*(m z&D`YIeOxxyFFhRGN52_jU8cG#D2iWubt)zZOyGs_ij?9uiJ>X4G(j_7W6JDae0Fw5 z*wc%4(3Yo$wa>l&k@`xvvuRmDsjvLa=MeSkxIJe|Zof~VPlP2v)nOZ^bw{qJmR+fa z_ODS|MEpxtu(AM>*s!nxithL5A2QwrbxM15e=o+mnMvM#1rzm=3nUxW%TavFx)=k9 zX_BdRmuVJsUe4!ew??4_73?q`q*U?7I;)=UbNWzHxK~ zgNqt9qkQH36%`j499HQKOKu{=9n)Dzh`=~)>8s;zuDu(3TC$h8+J!26FeetCz#}Cc zmh`+`CM-62ZvOtGw5L$acZrb;Up}@-(%HMEv9i=cBJcGq;Uuc}(VHQQLO1gGe8oqL zS=23)S;nkV=+#k=&MTJlbQ(sn>3bBf1W<^&ftUiTWX7>M^IXest_R)?TlqvKdI^r8(Z6SOuh+;=ID+Pt7~?-m9tJm`F0;lXhUVxaA$_cLbE{ zz+OA)S3l+tXoybJhqbr~6n+=>#m2n*8+qThK7;x#5{0bYp48s?VAo9Yd zb1<|v%)W8|7VU?hr3fQ52q^3U@oSJV;g@!Lq}8DtE}Q!>|7*-usqPEF*fZo;b%yTq zkL^nPFh?~ee!Lexjf)&@^f}&|*2=T>ErMcYIPhNw?2>A79guhM+QIE-z&Hb0fNlIsXB3Xcfb4bjR@(BGoJ&KQ1s!U zd&41!^6-A~eDmxf1%;fnWe`Yz$c=4n zo-?4PaPEm>)T%Z1*&{1~D3!%}8qMND=Y;u({<0vX%Nlp?_Qi3=6_vFJ0k_-WrX5~+ zWZudl2R*@6TsDGlJjwj-a8}{W<>%;7gq&d4x&U!E@?Hq|DR1D0)ccWCFg^@!H5Fx zIX~qj7T>euM`@f$-|qan$Fw$AECGTLxnoH zrq0F7D@19G%&@1xCZL#>n|;{4_Ym~xe5$tSqLrU5H+mK-Y8bgc&vMd;F?7;dwLR2R zeJ3N+u=e^77FXN_Q-apSJfw>dZSt)5Cn{0ZB)HA<%B%~?Ug^4FcBNLE^#dw{MqPQ* zt?2zqwSxRYcV^=sO+GI>ta+Rm9#PAR~vbfOA@V=6qEEC-$Le}M~$dqXm>^T6*hJRglM5dssmz~T>{ zk!*?BA6xS^?Vr9X-vSc_i^C~73WK{et5y3`d^pJ$JiGFJd6wS8AD@x@9A)DrASA0v z|K6j1B$f=hu1WPZM{>vdm8MK}C>r`N;|B?DVvDuoickTH-IevDTHMS|+~*F9qDSrm znM!D+&fmw{C#V)aou^V38lQ2W;4E3p$`$zWBQSC4?j=`%j0HjYK7X;Kyq&8{c7~;S z;f>v@3?5498*@2H7}K=T4MD6~8QhEgo}kX~Bk43G2d| zus`>sT(Pw3U>$!?Esv7Nz^e$_x9*(}7xi^2Dse-*UrNt zKvRw@HeJsA&I!M=P?qOX05dHdST%c7MZH(BoabV%ju6$8D{JCdFQ8eA*6$hsYB0-& z&BCG;V0^7Oo%a(xSq!YD8_QFQ>*H)H*2hJ{;Y{ITXYq9 zgM)ikwGB9^kxnsJ&eLPT_f`JZf5XZ9w7c_xJ6p0Bvc@6tCRF&51s$Sl;yUEOhutaD&TfUgST= z=RHA2!G_sY)5G}JNYnitfA8s;mm**i+a9Fk*tAg_Y88XqIsop{7;rCkmD-Giza zX@cLgxV*r-UgEKR;i<40qXn&0S5S|xbcEw^|y93I;<{EQvj@ij7wZ3=>!6TDCN$SJLcSvmOySSKNe9o8mew=2xMy3;NX zt(rQ4pmsk*#pl;x9rFqI{-7bid_DJUTD?U=wX!+t-*XV~@v(~b5!A=*ZBtqeFLl>; z-2#VsXK3vrE#d-Z6h7gU#yq=*#OS>8&zKN5M>S{&6)P_I`EI9<91oPXJUH5(mGS$t znazKR%RNL-s&KTPyPkF}T<)dryh+5rn$pk~a~}_AMVwDcZfb?Y3($r%+InhckZl!C zyj&15%_i~)1plETH^sc|d=K$5w2@q%#5=8vK5{Orx&+PDBHok{SC9zh9=qA-6mSvf zPJ3~AZBoK54X9UYmblp1=BVs>bTTS3)_lI&jS@e0Y<>Pb3&_6p3Q@uR``@_G_xu@z zDav(Ha?pVWS%wr7aG<;#F%@LhLv?d?W zq-t(%X1KatMJ7Py6B!w8C7H6~wD3~6&LMK5FRu68^Mcjx2IbvmYRzDV;jL>hw=UcR zi?tu@l|UYWU9$UXVX-C)N!kKthD&ICDkqyIyyl5T$OP-j zeN~94DT3=Q%IMo{B*1$t4uXy1!gMsa_Wp?EF+uW&B-HjAa$!^#r8HlrDYS}=>-uuLfCm4OJGoF zdGVu>HeKW7=6SsR?PmiwUitlTrxbEk?7J)LU`>${+HX%OZ2GOlsRPI-mc@vzb!o+5 z#r;B9p9C?qK_6SXu6yMiV$Of~J>^<$+V-Y0{wbYel~+vcL;c;agxuWepF- zSlbsm-4U=auA7sRlVjnsKe0}D1r37OjARtSuyjvfR~X)!0S<>JEch0Dmw3wy6>)s^ zk-#V&^5S$;d|SqKn=vnKZ_GPKzdZ2b1m7!e90@=%!OdqgMabK)%~ra9ChA!5OM!klUG>b#?F)vRpeOTS99)t9GB z%i`6+gkgspWBM(-zd5IxHH)p!im|-A6lY;luRY*YGN;ZRCb=QcdVUEL7 zlH(*Vt4Vv$HrnYX&oV0 zeWp91)lD0?Z_o4#Y8Tdbc4-HEa#nTdinPk$p`pYLTl)$nsy=H!X!awT9=VGjR%tn> zOFIi{ol!2g?TA<-hSxabtAtE{1 zA}sC9D8CFp0B#gNku@=6atcJ9;ajN34u@f52Ng;toYH}08-I2j%brwMzg=3nGxxmC6IkH7RWF(sEyu43v|@9d4!<2pJ(<;^cTYs?y&dBCh(zF!vb zm`rqB?c&I-3Hm{@X)ykE){$_upZ_S%ysD{{=cgP2JCjl(gA3+DuiDzQuI0goCpp5B z>SHlhQxBGSbFCUrI?k8=e9U)k^d1F|os{x03+WddVR=wrs$6?=a?$-_veGeq&c15LS$Kyczp*USwW zukYcq%=8XTW4p4}+{@~mzWYyf-cZyA5K0gblGczZefe^Wf$6mt3`_Gg+A`U+J>5FX zO&_*wS6$7Q$jgK5Ln@&enCr?E<9U?KmhaEw68~Ca6NR*0>?13qqJDNzOba$}`E*!= zpo;vW$1)0%zF9XT?G0M>5>eDPG9Yy^d!EMJ(j%1^gr_E`O8=mA3Y!R4P@l82{8;}P z-s$6DKe@%w6-auSUe|V3Q)JO|E(k^*KDr`U2i@vL8eJZz+G4#HjbmUT0n%!U-=0Dv z`}xxlt}3@JB{gxAl-qjqJh$bkliYBJHTL|8E^i6KMT)f8D)?nuEv@CgMoUOa_jbr} zZxO^18Xj(lci-TXZsZcSo%@GqYWU&%D}k=60h0|zQr~Fjf=?uL-iidHy8T0!x{!A_ ztB0nE*5B$V((=WycX>udThRU9?m=jouTxe%VYF0`%TX-z;bJ!qTDO|}>5grHuy!Q~eJjl0gX zwKV+g+)3NlB!Q!_%XdyegO| zS0;LX;%q((8pH=n@y0Y%TI}5?y3sL`laN_`y|uWwdCbnkWZ^nd`mpr;!Jw#$bQl#Q zuK4;{3OLt^X?eP-p4DW$5@3~jvAXnT={n9Qa#EQ8)#}p$v5dAGHN3a{iT=G%OsAxY zv7{M>64P>Z9P8KR&61Li-{$Dr1O%J9AP*Y(l~O0LKMI?d9eF5*Yb=f^%2>fTSB zWuq?6^48wDi5KB_?Ra5lt)i${eT|rAaMiQbcfK^s?=KOpd``)GaRQIS=|hb=%K<$( z_ca@&ZdGxGFFuH*(t5;f6HGP)#RTRJNDR<^TQ``dT$=P zw@_#pB%7$kSj2E*lExRQtRUyDa;+Bb>26=)9X?`D3P!6cwi}gyi7Xu6VM5g1#8 z*R9~%wh*^bLjComuK71^A8QPX`24=gQ6q9yGo?zZ4 z{#99OGI2q{354L2^YlL;2h{1$eQi@~diz9u8KAwmDP;|LifR8rX!&BGc=7v>3TYlg zBkE(}EE3C+$Pq5TePYUWv3DCu0C^&?t(vwd_8ByzWAj@xz5Tt>yX&&pfJ|j%v7V^} zW23R^NDG`8YnWeD7Mr*!?`c0U%1W;g^y4x69XXccb^H3@S{}oTL$Li>OoL$|s~<-A z1Fb!OAj|YP4%V6(XY1@Mw}7@m(>HUgRd$v!qiiA+A4Ucdd01U9-4Is0S)fWY1kM7LZ$J5yflSqoEkeGk+u9@7 zkASc*hI=q7!72?cCQBC4CMh%ZUU&n+#r{CuY`-9-g$htsh);zNw!0khrUu^8uyB=H z%E{Ah&-uttC~pRS{yJWo>SNpS`Or4;a?EV2vAlx9YM=3GFW@^roJrZh_YCYDZYYkg!%_giaN~j=+;|j;QWj^1senda>yLk#c6z3=;M0x#PBva z;S=w(^tQlNocITx-L3T(tnATLo({0J)!K`%W#TW$9>4n8vTRc(4h0BAy}*3ZqfxLm zKHXXq^PGZ^2$0hZ;gDHjo+@HT+2bozRIC*p0 zIa!v4!WSHb%exRe*7Q!hXBt*VXLF=n1pkcTM@;Ffm(cWaMlb1bAJ%s0nX?|KGR-ss zOn_AI2y%YL(2yI%L8me2roBdSy|Z462~RvtHpz$yhT2W)CNwVoBHG4x z9`vaAsRa>JS|EcK0wB8LGj6NF z7@(~A^~q3dZ9Z_;t+IuaZU+qWHZ_l_k2~%>09My4Tss6}h)xd;WuxSC&xf=QFFwIP z$xaLY)Yq)-WXo4K*qgUI&F=GWx{90C6eORBtONd5~j$sRr1k|ncGo% z{Ogiv7GBRm18Ph2Une1aY+o${h8J_+w?6ptwk%^|CyvZ-y*+r`KUMVRO}^wXKT_<~ z4$%sV?=SuJtG(C&I1{@@dz>9qn3y%ozgSWa8xolB5swvy;SF+vrSOIyF42x#xM=A{xwd%~Q&I zWl}>^Km5bC)Xu^0sawULKU*}7U@`M72lE$YTXTNv!Ec7npsbLkoXf~q+nn;{C=88M5FrLTA^%{5Ob-WNo&uvQctYGf*%2-qq{=Q@b?E}fxW}N z211NYd4e>3_+wF{pdU}z$1GDB&6$-V<;Dixv15wVpBT7-$t41~76d5f4O{xfCjGa- zl;~J~Ob_FgTm8eY=Cb$k7!Wb7(mJh+~z$0_QDkdgrv_K){sEZlK46SZe^}Y^UclY36FS20lw9hbZJPMwX8X9N zQ;Mh^>qk=2PDuc%ADfp7)AKu-8o`^YQ{U%N^4gjAUD?P>t(^BB62m2jQgTbzI-r=G z8c&Tc)D*nNq>KNIMj;nd+u7}Y_F&#E)LlW*a+oh?CR;4AC?GCUMd!47jWGd|R;q@E zMsKkAp=nWHjdF?*^qc)ci=kyJ9wa|aMvb1IV-dz;U>x5Ei8FR2S)kEvbg$sGHTIh( zcSSqY>G|&Vm!)o08|{>4{>fBliaibCctFd33&xIVSfd5m4BD%J^$x#D^l0YpKmT)> zOtV$H)MaGI{q0XN9}CMqH991IrVDoQ1>1bzJf#C=s`m~P?ZhB!%K)R}yq1M0 z93I3N^3KN6JDk%2_WVtd!q6Ekc5dng0-bws^Os`S)6L-@jt*Fy#Rp@|9c(X`_FA~4C;)x?`#h+l^MqFAR^(OLLL_dEi}Mm?1- z5x4^ApS~)~Ffc%p0n?+T?}R3HAAf?iNjc&;OWUV<>}Nw(PTn{)V_ynaoH`sluMXSh zEjL5MOSoKDZWGBT3FqYu5*-Pvme(!>%$#jI`Pp56lo+xG$cu1*(U&YDs4*HoGref` zLLPezLL@b>zaag*92Pgq6a(NLV{BlgOz8yTZGX>P`T5iFj|YerGn3FtT?L;Km# z*Trl$DP21g)_P9vs6+P0;iq8k9vdJj(_5};&d9{aQJ$M>^Akw2tfy}G9p8N^x#J7y$KxO-Ak+0>cYyo8v(t2@~DMawT)DCs|yBUGF~47G=cXa071ef<5ZG1xJ=l@3kZNuXNgOTAC(p0`|jO{7SFEx7fG0lM?A(bw)7v zEtVAw&v6aBMqmUvNhRW5yZ}6pSVZl?PD#dAFl>9mUsvA2;X@N(pOw_*uYowlm;n&P za<)Pzb`c+zb`eM?V!PbtzhzDrP3LoY%k@~$s%d9!71^B|_GYF$Q#1)AZKzCzqwkW)0)Hh= z6am2N#Zak&oJ~mRlhY<~oV; z)a}dy>E&czha+&pq&$>IEOJ$7zLoExnDZq8(hXPUe_8~B5oHNUsTe#_(6}vVS4P`I zn$vc=ix(=Qr!mmE#?`<2fN1R$^>z2QzP8NK*+xF|_-dhXs~^%C%Yr?9Lp|JdorY@lN(@DZS=e_c- z_`*jNlh_ouLBXzhVOrR_1g`jj{o0@pSX1h+^cIy?9~`fnhfnXFFX9&BfJUz8bj{eL z%V#xKduA=;_=<4YXs*u=1|bo*XisVllNQszT;*?!{BRVq|A|^S(=xHeuKVVN)y`Zi zNK4^)&=v6OSX>xPZ(cf>h&wNS#M8D~x4li$Qq^({+k%DGEx0s6|M+wwZWYzye7TxA zv7f<^+`Cl2Zcs@4@7j*-KuczO(E9uP0GhMdvl@GgSAJN$?fH~s>vrzZLR`xsW0NO0H@CyZ)wX+OWu>F)hU+1VC-Jj26NFO(!ikBdF#ojmiYKaW;9vng6l-#zY4g4>+cT<|NXRx#S6!X7ilVl{~udt8CUhU zt$P(jy1P@l7a=K~N_RjG)PN#=b~ZJ-5t{14fp5&oW0LIcV9oez?ZBw=NMy- z@jTywLO{!rppu>l7xixDGdz)rNbb82NF>_=g@|@~pXn%psbEgdbG7rOxMeaz5N9X~ zfq>@ZO54n=OWW&8Hl9|O_I-JA`42i**~eR~`5&ZpC(CBgy4`4;&5%Y%LGPU=#nY2A zb>B#1fr;RO!hSQ$`MF~=nD=1nYadGs9&TL~z*J?W*)CphyJUssD3^nj4_>*R&KBW; zAK#BO;hV@dyU@8evnXxYI-Rop5fwDQiff%dq3^s*n-FyQVmc8dEqG+!5oxjni-3}Z zS2J2e$qr5TMne2h7Tiup51MTJ`t-tGRK(khrXONAD&qH^{t1m#g78<*I5-n zxMCcEa$owFheJrexOAOj>O(~#9vv^|^<)SvYI^7(e8Z1*%ea^$OGrHO+W}Bf027v{ zq&N#VI%_`f^_NFRC`nh3t`Ae|ae9EHVp7p^Zw6-iEY$80iFoH_HX9{}A~&ycZ#wKcmxdt-M(CgT?vNCl{L#WD+W{_Da3&7}J7QC1f%M37>P=KZK5c zF=iZQoFj9LISSutcNIk%9;F`;OqU9b)7a-_(gG%}^?b3G1|%Zrf`Occ>zZEa1}iD4 zDsTw!?Yx0Rz`Ouvweh~Z4|WdgZDLySVdLoxo!F_)>!megKY;)m&fmV7t2STv0w_vp zft>=CUk;=3rcC=y1#dMz9hTPo30i9>yDcAP&^=g;| z10{kwb~u0%)A)!ml9MI!QB+hy%0`!Dz7{~nFY!lJ7CkpWR{t_uvU7|6uh<*U{Ss+%tSKJ@eP^&nOgpoqT1^pfxCe)d@ zsOT;ET) za{FZI0+6Fxe%IEDKC!a?oGWNYBoa^r974#R=@V_ZQUJf8I$vCIid_dU3@y{sX!k1d zDpD7HYsYeZFxCWU)|uj+w9S=b=9LTRfgMt2j8nh#2~ammm`laJpFCcz(-~ZTULnla zumk1()MI0FFj|@&fz+1&1%570o^AqsSrk4fJGTG+#=c|<=zNq*WdL+8asMpFs@ny+ zU6rk;-lu@xv02_^B-MC9S?}c#K>bLXwr78s`WyjBLzIJ2NSJC&#}Yl;oaGwyJd6Lw zjY8qt#ja&mF~wtvdzyU1Gn0itG)4zl{yxN2`97lHTXYj=?M|VP^9Zz=&=#RU_y6_$ zb;#Oez5o~}vlOPyEsVV4d`0puawEo<)!+Jz#~PI4-Jmex#-Pl#{6CX~gfSkeai$$#C|`Gj~#H{)b>#l^_& zRu*(mBLuU69c(M^D?{&!oFPOm4lruDekEXF$#423D_77cNJ&m7T})4xSK2CibG$%d zY)r-2$?A6q;IaUopowbzpKF5kLE)N&3VHKSG_H^a>r3&4cH0V$wwseRxy?;v!TzpX z02N}!z(zOeom`HUDHzOv-NCv(cZ7Z7t$!I@2dquCdCZ!}Ln;i9jI18RS*=t6ytfI$ zw;6wmMF?6HpxFQ3uz&t7@?>{n@8f9zZV1p23(Kvqt+dWc_WnJ`qmY3?IKax2HWW$! z{rl$U9}rT#Sz_gxon`HuKJ_?zP>5KgL^9wlYjmFCS*SMOA`?OeS6Bb_*#)Cal)__e z8!Kvhbp(%wM&GnpX42Th!A%12rQV=Nz$tywLEpmZHLbos<@;?2739Z&wV0Lfhl*vR z=_dLcFkeWiIM)G|t$skjBHdY@UcU@5?!pt_281m9pqwG&oP^vNmg)P-y|^qi8!LS~ zIM3EF1UUvFPi@9T#YwtGZ(?BlE^ijcPsQKvSOuSGUi}(I02T)t#m3D^co^?WDvQSR zu4R8{G|R_A`p#Wh@%g4n!rZ=YxGUXt_{~^?bTv`#Wv$yjTSl!rIay;xV5!R3a81aVnqttCe2(3pjdZUw z(GgtO{|{A(aK0rZk}-YUvQWdCt-8AGmpRK<*U@uN5QmJ1W^qr?9mAOkK-E^o0V09K zN7-~TV?W)KH_=38Y1jOp*$MW4NJ#|1JWx^g$kcc;Pj)mDX>s+>ej&&!E@rC~opWjj z#VMvf5;}B%CH{2)-_$yHg`mNi;Jt-G0$x6ZVK-tjK(`w-G-3G$Qk8_8NtwWrP;EWs z0r1FTrsrG*FZ(MuDDqrih5nLBfP~lk&JKufMi=qy4Brd~x|-MwhPeSmXES_ouCR$^JKH-)FxIb^n&j^ifpM(4RZC>uG#2-uofs z0CWOm%LyUVXFl=CY?GV9sLDV1f8w{rdxoP9(;#Lc;(^{ieUHqc*kyDo~Mx zoRRWx(6sByUQ~B(=Q~zbpM@IBq(8g10Ap{nZp*kPs1B3*o&atIHr%@F&IO*~jHec^Ui! zxv)M3n>f-gx67$A>d}pa;C;6H2bBg?Uvc4s-4zs9Pto|SvI1AxC^FtUUo1J}zrDI` zXDTXdGtJb6AX`IcJu(=|Dc4RnH*2w@0aHLJuhtS29q=L2X?$|Ll^?2eowI8D+-xxC z)z3-&0ua5pyLmSF!~PFt33jD_V;Mhtk^`H1P7t2Fg?oE?q=AH6baK*ou!0Jxs>22b z(6P{H?d{IoyqBW(k~uXTUzx7Lx?4l~y4OOXLba zO#;XwGKb>UY@OvUCxI#jEtLu|4DggYHL95SYA%j|)F>%47C&9gci6=5ZJtQhBs@@b~w_VYhz$+J@rVCi2EY+BkU_5kPrN^?7NgOEW zm}mvQ3b@QbO3Bn~!pu_Om_#hb*U73~R`83;wmja1(DMvZ6U>$U1Z>CyqeM$aW98|J z8VVZ+JIa4CYX+x1EwYPg2z;LwSxc{aeKRJa_C4%TRpw@omCP z0syA@WaF_Vo$9)Id=^c+{;ER~2U2czCU8CZi$ml4ALV%gHb~raMoFh>9wxn%B30SCBWa zuu$G<8H4duleoLP%epX*gFaD%g0gviRL4d4v?H!N?$<9$3~Jd*hr9)4(D!bS#Sg}q z6A$Ls#WN?1q75dR6P8%}2N+13liwM!(9lj2qvBZ9M3<0b-uxQP$?>kXJ+%R-df*bn zL#@Me3pHwN94rmHUK1|c(~Om$aZ6e-NCf*kobA+i6aG0M$;oGe?aL<5Iw1ou*2Iba z-3(jpc5#>Ed7G5~$&b+m7}!>^sF|efCSbV-L|jq@G=Zq4k_TkKOlOm#lnR#!7auGV9h{dmB(z)lyWFG4?i9 z)5rCNvt`u!ngk>o9D{F~A{VXlBUB|PAtH;L&Ks~nBbZ2?CjGl^V}Itr{Hxx`f)WZ zJ0uT~gPFx1Z?#aotwmRx%>#~>+rH4PaLi;?tR zadnk+EW4#^znrgS0Pjsq92^ZEduxSs&^Dr0MKo4L(U6Qxgq0h@F^86x(sM>IS)L!% zqNS>sgv3%M7Hv_{&pFTU(=E@IS-THpfQ;7YFh8mq5TAC$8v?*b`ezvA`qi-+6&3u) zNyaK*6^GgAlA@|AdNMh-)l|XS8=xR81dw(S03TG9LF+Hi^qovr0fC@b8>p$$B_;U{S+-wOGMwNpq7jB z)1+Rp$G^Y|AOliwPE*5ZW8CmuXKNms~)$dr1PxwiK`7#iQ6 zco7Il2M}F*^Ru!lNQc)E+hUAwoZO~b+-CeMcD%8B2NW_9H)dM{z+{qnWRlYP+WBW{ zDic5{neEE~>p#EX7L}DH(pfv9jAy?AzG36lrPqYXp9X1(2}@ei5eU|WfB~+VA{OAr z0fy3An8HO5d}aRBL2ypavQDP-LZeHRu`Tx^IYq9~j>hTKG`6A^j^@rA-*`Q`;z3H^ zUF3xpUOix9$`DG;&!1bTAYYSY#xe@XI*vX?GmemEcQ^bc%~no&HdnLNZYWhdKK3V9 zVdRzOfPlqrT{Ca>M@Fixhdu&mzu0UFNIkOPxazMpYGA*;1Qj*)5`NsFc2lv_HupTx z&e@)8f2cchGN%4SrD6iW(=c(cq(w+^Wz4&4j9d3j&QQjufTYvtpv&;#=A{0y8raDL z4w+qg&g*6r3$&~h3k(c7MAez7wzU;nPap>aNYZQyabTxN6KI-C9aYrXI%>M5*#&ZQ z6XGz~Km1d{kh-oF^5ITrrP6%MW1-2~@$aU**RfUKHxkw9yU%CrpU6Ub4bZS#5WYE% zdQwQ8Yofmzhf6aYP8w_EGYJt3d#fZp;VMui%g{`F>d) zS*!WUS}bP*t}zWOAu~HyZk;}k2-*NL0^X=6)n)N}+ch&Wxw*+;4EI%gZbGxgHUt7L zYatM!Le1>yYIAgm_3bdDiG;pA>ugzxcmgXYCSJRQgg7elm-UxtEnJfHD+9&4Hhf<5 z9wbxqIPtYI8s^@Lr(->FJ1g0d`37{h#dDIE4U)~xAOwq)>?jM1!-?@$l^}k3Vn%5F zD4~so^>2bUIxXRMe2d&-F{-EXn5KXHbLfNN7ur1AFH&Qr1@{94n88RoEGLKPno_9H zLjUV0@QKgjl*N}(fZ*_OSg%PV)&PN?vxTU)H?PokKJa3YE) zKgYo9ESH3jL&Up^mXR^@YW-VH=hpeR*X%7i!rn_nQ*u24Ul>dpzwOpY%jostsf6(*hqZQj}JMp_LV;aURy*iBI5}sCr$> zA){J;WNl55uAP@Ib5|_vq{w(xdU&YdyrDt5;n-h-aBB*_axfPQqdb+cXbw6*Q z@?}%3F{g8# z*vb$j2Iv+>x1NPJ+p-%;&H~EBtQlCK8)DymLm6}dLyirE zJJ#hjl$I6b-`0DFr+xirEaZK4>I@sbqbrXJN^9TG&#AL1urV^*-|T*EE74v@h(L*I zl8|flkH28-vU~p)YZHP@fG&Qpfa1${YA1M=tk7c59v%*_pssG=1%KAra{BE#SkubJ zs!#N8pVhC6D4Jqpotuu1e%h_OesO6k;^jpEu(NNSg(bz~M3{k0A{k@k)f&*k{w((j z_*ec^Aahgf*p4ubJh$BkgYKc;5(?a~8L$Wb$x$PZnX`->I;HnZ{MQZq_f-`BNM7Hc zRb4F|Mo&jyqM)pa*fJGVwLx}u?P6#^9(Xc308dX}(h=Ou zJ+v=Fuk$?^n)??rB}QDZS>Hv$TieQZxv+1|B+R9;Q^{?oK_|jZ}U^wT5&g9cbjZ2Pn0fsG0QmxUgI(%Hp2KBO6~X{kjLWhGpe{i@ntz%5#(qAOFvbg_x*irO(x# zgya!YSX3gR;|+yO?5)six7O^)94;+0zI2I;^VR!1I|(@C(beV)9Ap3Z_?vPaa4Dkb z5LGSd;I|(0&M{VyFuQQ7*8`YF!?WSt1P)M6LUwRjhT3PG`BdyGk&Zh13LWkCta~{XqvE=$PJLFB`(d( zlyQGR9ZL@4x5`{8uIg8xo1Lh8WER>C$=TMh#HpcO*4nbA&9wD$BvH!^87`q(%@uP7 zf0zihuK&=sKfvc%f!Xp1{vk0Vw>+}cE3qgG^y!4J}1SK%Q;?UTyF9f zDFbHp?m-h@r4`!B;RRw)^mD)NGj3^YTt1+}zmE-tu=4Qum*0fIhENaJby;n2n7GB1 z@!rx*bnl&^o-8-}rADQVPuF5~o|A5hzslt)+0Cc-ox+yuflHw=9D`ORaZUQnYZ)7s z0)}wLIugGcE}c9dcOMkia-{P3PM?e5@^CppkP`Ctms``<|76%H7n&HZH zet~%S5~#E2m_p9{9-$H_r=2HG-@KfrwJ)u*3UYKjQSjP7g2}dXNIzGp5*7%0;OGaF zqW{OIRe81?%7~vEcC-)>{DcM6wFXAlP)d!rwLnF39Y3|r49=A9Uz?K^b~O)LAGb~u4ElGCP- zV8J;{0U}oHQ_dWVnV8UDZn8%rZopBQA&^&9V5K#wd@ImSGT`>k)po68Yt)6kV4>!9 zofSGfVx4UfQ%sAWKL(AENXXqd;X;1W`VSs_REaz*Q^N-pl|uzZ)wc~0gpi@PAtOay z;f;JuSOS!2V}e_{sH*H&7Wy>{v656jI3L!_(#n9$p^)u8k3%b)(

6LgSBsyX6S! z{$SzGTBxoTblh@NjHG*ha&>@{QtXi>h3l@*uR`JBzs2k05tg*q8lRa z98vNuLyAVb9m-`JuA39VcS&=(eB`j~hU_n_qEI3N>I>l8H`4TTBYV0p8s7qRg0dPN z4|!l7JgG|i8M2Z$g46{3Bq?)RrOf6fG@13}iLLl_NfZYtQyY%ORjxf`lVNmPMzU|3 zzSV|JBa$<~|H_G_frm#>P}laazHo5!_UVaq>8|gsEmVLB#tI|w{;A6#?q=1FVv|Hr zWrhhi#M&71P`?o0fF$Imn`Meuu@-P1t1wUW6%z}q+oZv8xUrqT)s?^-3@$9xjLC)Q z_SDS|HTv!*Htlv5m8=Dhj4V|Ht58jCb!>%P=W0+K$^WM`{I5{db?~jJ7u)61b3g+@ z7-176;F5-f(MhVwlp(ZJnEE9<^R^4Z4WWrCulNSzD(c`}-r7)A?vwRGp2$4fl z9-#BfD#{heL|jgJBcH{Id2dOSmma;|E4fd^!H8gpzAyqewsfsg11=pq zqI^_h&%!rwGY6gB7(E!qp;=p9Ps=j@|NRjBNlW=MQsxcH#+T-DO*W8m*A{zuR;oO~ z#H8u|D|d{;veShk4NC|u-X7lX-#O{qGL^nDD=gRz+7q3ZMZ1WV%~Mu?<54}q5(wK} zHI5Mk*$RLh292D2Cdc!YzG6X3?a1#lA@se+n4cdv%m1pVsu1=Z0@xaUkDCdiITMCw zeC*P%0QTZ za}zTQ<(n%AHQfYfv{23Ytqw#_?}IGzucbS;Zn}bNF9u16hj$pYfTHO)Ut8tL9Ud{R z{01!H*AV+CdQ`YwZ1M4y_aZ+qv9Y@Lec1S#_=!O_D}GfI3UyJWuwyXM5T*thIMO|x zkJeDdT*F74mi5p9Ld#%hA_YV3EG~o_+q883{G36{_5s@=yO&bQC_?Hm1{1Kv%k2T8e8EP1(Tl+&G;|rn4~As& z%J#X}KQAnVVk9Q)oO%P}{t4+D_x{X!r^`(N_4SBq(ldeawTH0^LmbITc-v$L~B zPEpRDmM>3sdi0?1J!e%4i0q?zaZaX$flh|?B7-Cy;tS6>l zYZ^9APZ)OGkjO+iOu0@k8NF_68ug{>e#nr~8iZNOypkq3Ak|>Az-L`CvHH&SU0Sh@)~U9$6QcNV-fMJ4k4R?X0GkrIW*e{?q2c zc1@$l1|o6&3J{hM_nkD$A_A%HYPQ3RErU_Md1K(K>o9RW3A7)`yblVJZmn%HCqO0= z2Y5AeFL zd2=%YEv~1k`>Lf&ncOe$+MW`aORU?^N!tA6yblTr5MdsIXy?H9y{-CZ!y1KycQn2jreTazJ~L(- z9N_A+Yqheq%^VE4&8~RaQ5&g~yDQ3kqHWZc6Ml>3P~!hWeBhnc>UJr^!5x`=C0@M=w5{iNH40Ej)7x_icHA! zHjOc=>+@Uqr}t;~P&?Sd0(&_E=*ap89?i)>8Nz_gtNjt6aBlJ7SjwG#}I4{6+HPrrW#=N|_pSN)vod@4G%d+@0^-osBtLvXxLYcG%8wnwy?53G6JQAYLkW+AO+xvg|7#SRZmFeK|sEK{5 z&6#IIW)cGuvr+MKs#mlIER%rD`92^v=iclh?=pyfsK_+%@|Stm<4pT)NwJO{Nn*&7ZmXLRoU_mI>1%3Aw-HJ0 zX#VWI)?qNoNrisX{^*m|+QV$^vy*PhwM3(?ZJLJZtn=*FpQVtcDjVm8G6;Fojq$S) zvB+Gy?hZA^Nx@~>h`T-iVW{!+VM+)G$&2oxeEeU!iELC@pmWcoxP)g*3L8;$Ct(CI zPpkQIXep}h3bfb2V6e#`V8rx4CXT4L(AG3&Cu2`Ff zt5V#xF30%lgO7RVYNXnn@7FJTJx{?EfwY0!BZQ}A##_`&^Hilwcd~<~5=aob!7kchGg{+MXjnnbBhRab9ObgRW2OEN|2wyybBHP?h6PTTb6c9 zyaNkt`@d`iv^09XU@~QVD(b=9$~DB@JMR4K%k00kg^PzTI@kT7(c&q4+2guZx`4&- zu^epIlnx6GUui#u?H2j;F2YRSi#Xf9-a-WFWUVP|RtCpzdlK)LpeK64>MPpGN?VxL zoL1zi7A_&-cjk48?wyZ;{#zE88fWhw>&un*}29v?{G9Z|KgFYSZ{3u(xiTvV1;I3hc zGNJy{ypeqN8T7hN@+?y8>cZ5_t4y4>E4k$$aFM<%>wacjRWA6f$Qx(1E6di4|Fm;t z0Z+EmVk1yntDSCzU@O3C;Mn)+Qu`z+zSOq_Cr0lzN)IxTD`z5f$XQ~lcd<<;xOP99 zNk>6r`ra{-zXB=BZ4m)(g88}Zeu{S>P46j(ZQ7y!lc|fz<(;tGv3b_E&+ceu<^`ol zZs)G{rIkMFa-|i+hq)pj{wzs!H*YsN@CPYqivG0KyAg|);~^R4q&_O)vkia4_Q-dc z8-ky{)^gg$n~+fvY11&ot(vU~agicJ?fv4B;;uPnTGq+gSD)XjFM1s(_lo$k>G?`u zLD~fm;VOYZ&EoO1KcADls@1j1@BDn#j`>nGP&8$le^LL_c14qXi5>ow6%*a8iUfk} zfjru(X5nz{tQ+HH$OK`yapiBbYn`jP`V@S)b?8|~jB-`;wp$FiFV1pqs_GEW#1viB zy^V0=As1g%RU9wuZFXl)Io`nAzkH7(Po7g=)l(x(ec9`P$j69l-5yhf`dF(mv3s+{ zNzj&~UqTZf1*|^{``@MJ`GMH@OzhsQK2273{28RptG|H8$?6K2DMY?X)D z@etA}2Upf|A0gj)3Aim2M@Ax*u#k!bKvgbS4GwiZw{XS3F_f87ou0Ps`YeZ1uG16> z%$KtYN}yuxaJRP;=37oH;XPUT_yPfj%I`SyqXl2s4>4`ubD3L9O&k#%sRwa1NMzyZ zJv@nXD+)Z>A|t1wz#oteUpFwsi84F=q+a+ z7>Nr9MMj?{V4$rFjfp1Z^9QI7s=AzyP(TO!maxlx-J(j zWdl??q%F9FDqVsWO;4!jv_?UwmXcqwBx@!Vk)bnE-)W!V{Q%6t=&Z?xsa~6i(+q9g z-NjVj3bi>~BJtap>qE6K=q=o8d^idr0^=^I@VtTx z0Fg{HkGW3r68gYGNg>BqxhR6de8fXM^^6=0A2J!;+VBtE#vBXIMAstRqE+8UR6eY8 z{KoY=!{eCRfvwak47s}Y6x3J*acv;bs{!Yd~ zRH~QOUCyU;b$ivZ3-@g;n}XZz=sh9d13EH^uatW=x90`_(_Z>(uCPkv2Z<4IHZ)${ zH9?j4sgIkNF6GZS@t44JQf^KGgWvblBKitapQIx{Nb38HBOoHxe9>}U?}){i_gtsp z#6`gv%$3xCdxTtY{=r>zrj8VrKEi2nubs;HfD5d3_awl<>vs$0ZK%kt{4H9B@lTIV zy=>g<^26&rO1_ErMcUBf-5AadNLD?H=hwY0hryJ(&=$i$J%1IkL&O#tD6`Th zcDXofLE->r&&wdT6qMm4o3Q&$^|2pgqV2=8&esyYPZCom{-YmJ=)Ic0K!uhI{yhFw zW~R2UdKGa3)bB8+{B75~wna%dUix3Tb{>pdgT=*lZ8Nx{j#T{y9J+CynifAG$%58d zwL@nTTsZd>zB^|@bN1O<7d{@?da1zqBnwQHj%pj-_$`F%u?;v2{EB@D@_h;_x|q6l zX|uEuYrxr2(dPSPsP)V_nps(K;bB^`HQc=GUahAkhK6qgId&A<`iPXKsxAjYuPS35 zhF&U~$#VnL5uMgeC<6`5L&fjuL6vOjU2I_4(%q4V9M|CCr+)3BJHF1texH0XMA4X< zg}xrE@o~xSD(4$^FxmNoInY+$ILT1`6|N91DBidoTu`1 z7{*eM`u=8X-s-xww{3(q#xV2xj@R|1BWCTn3SE2e!tUwMjn~)gJ-@ArYYlzcb=(q& zXLJ~*K&}3Zc>FJGL_hEZX1lnWA*#5v-jWwh6m)ZTA+faf*m3R0I)cq1#zr@&y5%vIGLoWFB?(7+;C9C=t%WKZw)@*SREUaeh9r$JN}8XFiz*>fKq zyr|U^5{5)#QWVt1X6zVll6vdMg94^b&K#hqq ze*IYS0@m{$L><%EpIul0fevu0n{Kuuhk@mLv}AAet{hU{y|=bXr(ce#iQYHxtnXt< z46FH8XYVB7j#_fgtEZz;)i%Gwl~iZ%)pp3XAuCL@`CXr_Iw52(1*T`tci&Om2a<0h zSPosfE6o-)4_drfR)5j9X;_%u_YPdzN9pCX%6vMzHE7lw!xSD?#TBYfkGaM_kYhso zakH3(MB)*ADd%-TEw7+Z1mN^yD!^PuvsEA2(;w;V{iygRtQ7i^Bk{^gaaL>==G=5a z4Arm4%TZJ;LyPMa^*Q4b@mu|rW&QBx+dmet!5*ou91Uw6C%t;62&THa9+ zH3&N1aO!L3uSadMgXPUcNQ0zWZO>j<)vAD&{ObmaFH3>prPo4!X+|LEezr{I%I&f! z^CkXahYh0V5#zSe6Cq8?vi8tVXjnFsGDcnM$#_#qEQlXf#5Qq=k`#vhs~Sn^N4I@) zc8Xh!9v$1M8asc8Q3fw0SNk20{BHwt2CU&g3Y{YSq3B9z^%3@ z?xskA7Noz|iwPB4-$nk%FFXNCjPhL<1fd@62w4W~pcQjSza+`id!P9D#O{+s3tcO# zKEVn|#F;28Qw0Gq`PeuMJpYEXBOSD&54qc8Azp3@lcZ!zNe;T6sjJK*vTN3+fyM0F zMd;Y#ytulbfudR=oAiVMYmYZd-rjdTtw*{AyJm0H7ygE=a+B5J+JHlx0m2~COZLJF z$9*+@itMJnLqpu|!Tyk0eUyvif~diV?z_pWdLci5l|QUFdrf{eu{FnX z-Km_R-iKOiipCU+jrmczH6vTTFJq@)XIxF5w|Pv%co=Do_i_7ZA$c=U zixDv(2r{VEw@Y2!kALrUsL~mQ$@pN}?BLn_U_uN+Y`@!#Xtci!PGudzeYFKBk}69F zJhO&x5AO)p?)sGWDYYa+7dnn0`i;4OuMHO4~SZR7pu*0}2Hd$^GHoH_?!*_}DLQb%d3r zd}=Eh?$MYaV~j|+5-436Z+$9Gv>7oGx(>rgU-12T% zC8JoO#k-zODUQpI4LjM7sq@D!cTYaoEhSrI0$#Tvz+8sn*ZrQ(FW!6N6I|cVj<4^w zVh$uwPCB=py3L=eq|e2>uGGng(>Jn(ax(-$2lxETR$%ywrQ78Q1Z`w$X=&-1ZftNV zCMI^8B{p)95OI>kHAalW962WXPQcosgx;8;Y@ojhyz*TpF-2KUwPMhFI>4^yLjPaK zm~dRn&!ti8B{jFMN`b6X?vY;_H$x-GJyWj4L?e-wJ}n(MuGPASN2gbFz=y z{>;8WkKvhiYrtw6%{uw@4-h2UdN zroy3lo5$hqthN%n#_ziS=68i)6dogE+0G($4sK%5hGn@pogQpB1BBb+GI@7r1e+>btdv0r`_Mk07S~ zu+jLe(JaZWVIk3qDb3v-*Xxa5$<~?Xo?#`x#BF#@lOAgrlO3*QZZ{8{$-q$`1L4M6 zu{*I}@;dwpU9=%H)*d=bRdNzOANI=H8#s6ykeRahtgU|V1jjG4eZlerc#j2>zZq@I zll{QU{kj#biIPEoKNXk(*3#zeC9Pc)cwz;Ri~#KP=R`# zwblRFeMf)k-G?5y3m5#p$>X}X3B=p@?A0AMZ^5ZNmCwL{j%aDWz6bYvDsJY$i91#@ zeBOZd+|A3bNxPEQ3YUP0Ln*V*Cbt3p1Kr@RFW{(L z|Hy@!lZzu~_uP=GoZIP7GWv+NZByhru;WaVfv%*u%6m>X&q7yge*MxTmM!>g{fs2H zQ6!X{C=Vw8ZzWnR51QD}?DlpXUY8T4cO>~@hE4oc!+}#9^8OWOR_|6~T2ND9J2&i# z#u*PIA6(p*4`PUgk{K}-wLkg7c!O7f?vYk%>O`Y64&m1iU7e@`UZ)}Ao{5j?|MV{` zQSk50*OQNjZkue{G0%GG^;o9*pIY&91M46T*R=RwX$Y&kQtnhma{o1+85+vHLB5=$ zyix=b<9mQ3#w_r19+M^$XH{Ck?z=6{r^UebYh~m5ZkQ@`+yL%d;g4^23>D-4z~s+( z`h?)9JHM}t+hx;mUS2EWxaBt6W$Pm_cac|2U5QerOXvVEHN;o?2VcYh{h86s7x_RS zz4_X5@hlP-T2?8KJHqIgEgnyS(-^3z^70y8cR9a;UtjH>55$}^5WPiC(ZikK8I#7g zmiJNY&X>(=37p4gW}?-dUW5_C8Qe1bK4;q>9n!6Z+@9tXJhC?Pkl>kfjo+--FN&k? z2=n2qYy){_0tmC(*Vs*ZSuvTgp$PxsG_d&|I5&cq8+Eg~YM`7j9tC z4Dx#vC;N6n@9<4zqKnVIrK}78)p3OuQg;V&ag~IPJNhj-w%?OxFk+|he?ZQyEhVg) z*GwyFzW_!@gIOmicL}ahh18MZ zBV_FM&fr9`*GI^308Pb&8RCG^JC184+@rKeq-0eA%0!q-=8MUAz==U6)e%rU+~-EZ<{e(HzZ9fEWxEZ~9F9`kWbzK<_Vf+^qF=U7-iVo?XmM zmHXFMAQvn*Pr$dgzY)kp**=`@G%3x!XU2{$ymQ_NLj^|dtZaNV=UG_uNl;$n&Y zR`d%_-u;zx#8xWgQ=xU+s(yGZp$i2R@+Hg*HdYXe2J0`q=NPm>&3aNYL4??E0>=+25E6SH5 z%7EVc*%n7Q8?|c#E-dGpQRaWEC4oObuve@H+Y%Z-f{TNb;-}$FMWq`iHfE6r zF#(Z~oGW#oghW9X`M8MimuKmC~m8<+PAb=lbGX3zsp_}S}?(sESj zlKF~~R2Y>@>5_Rr?OOQf>ulSr| z5DjCA==>F(5SsYld;u7Y^j8hSz~OvtX0`Y>t-GyoGwpL0>aFeC=cRxalffzZvrf5k zI|SV=FX_R-D)S-LM*b5G1WI)rl|ZvQxK}nM@LIx_I7oa= z|Cw4z?m!GR6k^6}zNJT(F3gjl=$(?2eyCPXnjoF5#Xqu>U#8xk{nb4(<)bzm4@WQl z(Jpvp#f;-21KaT5s)c|5!hlU)uMTyz>MDt6oqIm;<4xD(x*ZRoDeAmV95QIs@*5xO z2}=@)#++2zV8srHY>Bw;Qt)}%$>BNf1G)rS|kS%G&)?_+x3H)4gh?*rMdhUnMMJzSIbp zmuC#zwab1}y|c<*lyQ}Z#s@AsrbN1s zYw(-n;zn&tBoF4qBxzwuN>FO3OH}k04T@#PL4WyMEjTN1ToJsu@Yz$rp7zo zG?TbyH8xJ~MF?nfJHlg#ze?jj|A(LyTA$W!D~fAGFJkPp?YaJ*p3CJ@E1CM&m(i3C zM~+eWznZRz03ij1D)^b7p%MyhHekF5A@wl%`3}5OgrK=qJ^9e{2{PHh3j!b7W*`y= z4;^=%b$pjTbi4bTY=n%+13zcUyNgv3k_vm@Ai zjlP!Bk*qjf8>pPqGqflKy;OP9Z@Lyx)=}(T$7(c8xQ)<-cr*caX3|12ZPr3?T+=zY!X>q25b6CwK_+#(mGRL-z3~ z<8q@gpd3=hk_ zVMF{)2AA#Ti2(gNE=sh4lNl~i46$qw{J?v$_efg!3QaapqZuA3o#)gWoO=uYtCUZE z@3y}Hcaa=BqRagEl;rR@A)pJKSX(LUiU(O)bnWbv!G_cjgwsA`e~473Luwxj`DR8K z=JxI_1wVRN7r_}BI@_S-2gUQ>76q6fO2q-G3I>fVmfXTZ%v{56ToODnHnf1DE!GD= zB)BbgF)^`9f@}0Nkv){mxsdZJ)>`eR?}d3UG=bSTKVJLTd7}Dv ze1h%L+)8&{Wd-~JHEWB#qHHfdzEmM0EHE z>5Eyu3I!vbc|6lFFtFSp(drB9>yxF{pLFfrg*MGmBI+A9EUn*o02(8Bpa3{~@S3l? zMFpftKldpgJUtWMrftU1`oV?-ed2xqCQ9E|{FME(aVG8XuRBpmFFOx!itXsUy}^y% z&j-q8Nji_nSso%_c(P5G=KsUnTSrCxwQb)jU6Rs*lpx(8DUE=HNJ)c)bazNMh=71J zNJ)!y$pC{=0}=xcHH?IGcf8x{cU^b=?)!P4wVvmF|8XJ9{5mq-D37^X*wdnrW-3;CQx6j19`Sr^HYo^Axyo`8noW>u!o9Ii}y6kNIhR&qy z6fF<193CBmt3=w@S}L&ZKA`NK_B9`GcF=F4dX(K`&o_G<(b|5*+HG@uw`Q8Q>Db953-M20av2q%Dg_LR++& zME0(n85&x|_(i`MWOyLEa|{PI2qQ>^OXYC5*zno0$)4fH;Km|7T81Pac3_UVtAXcK zW86_|R)9f8z1hDu`u6;O9JDsDpRS1hbn^4R%Id#{XW&oBOT}Jtyf@}pvhUwwKxXSQ zr`75kydJr*=6Sc@kCMa3w-kRWx49wleiByuYJ@lQOOiYX-97=skC)HdU&ct0b5;3WyrNwu7ednG<>DIL| zbAs@*BsT6Q(g+L%N^0t_nc6$Z?7fyTH{xU$eP44%GTb`XCK^XZvTW0`JT)KskEI!R zis);1{I71K--%dx`JYd^KQ&}S9O$b*0V8-?x|8026D3%F3kd&!e0qJ2P$8@cE*ou+gP*MBW1RM8$R znNUOcOHJEUB~skPqEWW2N!42gZ_Od!dRib7v!kbUx!9Iw`3q{9BMDQ3lp-VFH;ytN zLG0e-YPX6bT(^Ju`}o}CX5voAH_nca#c-sLfPJ!_QsgJ^g+*!I*7WFux4DN75dXCC zX|MkItFr3MnWIUE7)r-yc)!++!|t&C{c|o`ySNZZpN}Q&vIg(7o^~u;NFEJamGEGK zvgej16O*lTTh!7!ejs4PJ7m)|(Y;I4$1Y4G_LJVs<%w)$rLLct_~Nk-xIYf1&Y%d@ zMkewyqV$=PqmlDDG=GGz%CG#eNlV9L60#ce?XEB%!z?uIr$rL>#G)J=I7CU?*8*y zkv{jT6~ZklaAGO%kg-tFSA27RWlO2Yog-(e(UiF#9=lFJYl3uB$Blp_*OFj4F0?2e z#YHUfod-NMnE4n*P}G$`ef9d44}WF!-+-<8fD6QeqN*z1`NhTLFZ&?(%-?!7 zCPGcw(%{KFKno0{q@xNCq{CcUz2DXoV#XG}SEqG&>``#VkkAFOE3P;oR>Z@sEyp-y`o*kC9O>3JT>Nyc#T<6sGwr{I?X@i(y|M*v%`G@ga#yw; zZVb+p`PCy{AK#_W-KJHinB^9U{XGml`dE{cfDfjS2sZYBB@9aiGu56Q4*BupITd`1 zq6SH{sGbu1Wym@MU0k_vr{$^%t*G0b2xx;<^xH7#4w#U4L!UikV`t|(hol%@RN3nh z^Pj`zZD-f)rS7#p%2Z(_i7~s_4g~e_)U4aFXnb8(bG%eti*MV$id+);CJ(;OyQ+@A zYkVa*MsmcXycYt!2kHYKs@?pdyMT@^^U*<%ZhgVa5@DXV9au>PwPm(4kxQ%hYT!wl zw)hmVTv>jGqo$vaulM^kUp)UKR@G-LLC2jMWfVMIr#idbauEX(;gIc-C~OV26BU^- zzJykFRt&P&)AzlEc3X_;Di>;HeB}yUy++)tUapM!GA58Jk2LmWTw&e3tP z!}WSrPndF)mo76?C@I%+BsA%cX+^{LKdUs)n#3pKvujXhZlx~IcAOB!4h|3{@dbps z29;FJ_;qHEjz0;&>ERmfiQX5qnCJ$4!J&ue14>%ZIe zyo(iooWh&+;n`d;AWars{asdmwfW2*G1HPtsx!wsR)|cP_2;5tNA)O|YJUp+Q8Cn_ zy;HIKxW0SaWoZnKD4mFQ%m#X2{CnO|fOw0BCn#V&|G_t8E31uW^ zsm?gOv-Es{->J%p?NdQ1EgHD1Ec@C0<}JBLz&Y+p^92BUW7+NABx^56Y1rZ5)K_Xj_j zqMJ+A-X}ObUi2F*Zr>WG$1Z!z^fdCK*2l;^4|J&HdO4SvIn+z>u0wAzB6(F*25RjW zK6=MHjA}y@ra0EN9YnPMzVzNlI#|Tr>`7l^`T6+`6=xcB1xa2*7fxwbevpD%%7qawmh4cdB1pNg7+LRm)Z^`mt_;G(APvpwRHvzqjq5OIK9 zhxON*SKJaC~_nDC}Hj&zqiW%`J-u*#gB9FEMq0ztq{d==BoEbc4V2 z2k&i}XIqNy6|CW`vY?nS2!ui@KQL6GQ+PYif8AYtyFWcvTTG=hDTIyD&nGB>Zum1^ zoDti-cZXonwV!F$wnM@ak&7L{I|?tAsL(HGTNG~f;vVOM@Q zHMlrwLyC+D-3EKDTEDBrlWn| z!y}I@dw{k|>O1`WjNvlPYk~iKQmA3N-HJol$*C9g5yz(6hfgg%p^EQ9UgZri%`>=dP%K66Q&#O|IpGyTy8zWT{okAn~z;6H!4KTUYVH?_ntIf&jJ;mdb3AFyG7O`$at(`+vv4eBSr2tUU{=Mi?gZ zGRC1Bm+s626LF_gguJ0I*hMGtwZ4(6@sSKtL+{^R)1r|r;EPX6`~V(ZWKzaQ(##?IAaW(tItMasp`YY|)Q=vwBk zj|#`4ff90vE`87uRMeEz>-`;uB5##{b?pF>e{;H?{%$Fn@fP9O0-_XM`orga6|e!6 zNPtSwKVuyA{LJ0g!GqEXMb|I2<<|OEg>?)*9yWSPSqKeN2DfZ87gu@hf0e?V1YJjl zru`vk7kj{XA@dO|lKy%(YW>21UXKVJ>HCVoayt(c3+or|HC@%680K8NnR!?E*UMd} zdWsj<&OR4aO~Vtw^TinTp3CPTLBw_a@R5KHQTWU|uJ~^VXIMu~*B+E+rG{0RGT8>3 zpv^|gkKRVTGY%nA!@*=HV_w&yyXzNdmLJ|7Ligt`ncIIKRQ*MOkF(h6E}Cxl#9~aY z%{-4+E=ATBYw2pee#l9XJtGZwVa8YZ;dSz!Util+1{{M$pFh70Cx^7h^jj)3Mf^NZ z(6{+gnh5|zm$OSMFyOr1D)zG!hik2%u-aT;eZ7g&Q7|T^b}ZOYc)55H|=Dj^DV`!LlzT);UK+At+i0bH> zZS%_U<(I}r^o$k8RYt=Z_sOVx_K){-292f+zDsBXc^K&HzJIKjvk~Z?7Rb^gES%n$N?;Ii2dui5Dqc5GgWnRJu6^mS1hqWfy%dmI=V|bm^6#EPmjoW6b&2!Tv!IB&4TW4Gw`0AbW{qIv=xsw@Om9&S`pN$;f zY)$;cv=Numn)TS6t~0>l`ka6hTC1;**nQd6#SJiP{Z~tMls~r@y8FiI3%c6yoK6m> zPhm{>6h9Ug;#5~Pik9~=tTsuf=(yAI44ZZ!Aw@hE#*>)gaxx#ODi*2Usj(!hBmP{@ zHs^z}BO(;o4@2OqB25`I_@z&f6VJ68g3x4<#Rp#*B%}de1eSJU;Sz}eiwN2CS4&41 zdyoq0ko^G_%l07rtUaFG=z>wxTScmW*nyA`sV^pvlPbVXb)eXtvHGvB!n1CQ!@R3L z*b?mKlBf3d_(O09s2~obm2|_mwEVw@jSzVBDJW3V=UtzCD-Al=KJB^Lk1`lEw>qhw z(?-;(&8nwAGQFPprh6Q4RDf&%w&b1hU6+G5MU5z-i?psQj`h<6lauQ?t(U&2 zZs}t_gHk3|Y;A36`|e5|PA*)2YB|P{K1z`;o?kUEN334el!|*#uSWc;`QDHisYp%h zIe$6Z;ZLDw_;MFt5vDy`cM^PW!W=oVI1;wvT53u(Xk+4^#}EjU}5_xImEAMUFUFM2xoK>+9=p2Df;%bEWTG-x0m9J`3tMtR`nhh`|rYhu&o` z%Z)_IGRNs~9|^lJH_Hbv-zl>Y;U`!I>JZ$$?@t_+)ERBb(;3RtZ>k9J_REkrEmlsV zJ;4_v9X`KNd4D?BA)xVB9!QY_St3Ct72+0DnpWgO&_N)|1=Efi^V1z7)pJ6g1g-WY>27^Jn>1Gl8iCA7H(t2~KW?N`oVhP7!EFhic_J60!4y#2`BweU-_DOp;gVNdiGfQYCc#{JNJ)Bg7F|TJTUA?^3|;W(ZQ{a+>@M< zMD>OtsZSS3wZNRCZ=L;~v(Sx9Dc{tK4Jn(s^xv(7>vgL1DTB0GnN31BLzedYlH$J% z(+Q>WI!@*$Tux9)Eg|+G=BDPSkJ7O3)b* zv%jw*N{dJOTqjlUE7I+QYG|#?yYJ`$QZ@T7TKW=Ayt?>~wPGAFbeK^xRzot+B&>GWA9-;4D;?hC>_8aFzC*<(g;HXI7b}b zKX48a5fRidPmmUs-D5S-B7DHtJkZv$158R%Iqmq7#bc5sId~Njh z+3{GdlW(<=hHDym@-IX>itwUnB&vQG=YkuS#rS5(HSBDRBWYx3&U+z81*WIiw0H7a zOY8p|qN8*Cixj>7_er>~Rw$jpixh8x+vBz6L+>hd1L}GLC_0iS4KCz`Y>UQQX_|BDVuvOPnS0;cBF2FRE&w z?@PA+wD>;Rucs;z+;RqrGBm;$PR!DKWu`_A_YKz%6+sdKVyB7lDdBVDE*VY0djHl2jgtCTE1y z@M7*D_Q!-;LAAZUd#0D;Pb`X?YLt9UYu~ldkMa1YTj=tbz8HU7DycvErXm5(iDxra zS8dCDGoW{UroEa;U{BXFAcZ*p_At>b8jF9yQ=ofeFnvx}Zr{hn2uIPU17`!eo@x0{ zfTOLTKrKae!ZKoGn%;I|9G-zGJVLgz9}vMVNT&Hsrm}v8?FCZRcy9aj86VW)o0pVe zYOVA7MmK*wp~0Y9Pt>+HKr$o=gs}+eAj5_tlVaO&1iVK6$z@f9pkP3)$Foeq{!<5b=~>Q_}~b%_};HLLi(C2e@3;;YE;h66#=n0mm~z zD3h13XK6fqr`4s;cbR%ob(NNg=RIztW+Mla0Ab1%k6=AF>2?2ts~P!UY|=q;qH8=-sn(XFs+xQunL1bl;TKB)9@o7JON9-@vkK>HOTj( zDUjh$S5_9*eKxJBodoJBRG*&7pD}BKqjz~Nb1@W+ zTrL+NiE=z-eO7(z5pW~(i>}~{$bCCLv&%8gf6VfB+rOqi4c^VWF|(Uu?P?kFfc!6@ zjb-;L9(5O1QN0Z`S<+}+HGGo#lCn?)42$nlme*i?IfgZ zW%ZYOnWQ_FXe_mSLH2TUdcmj)6~UgvOl!{-#)A(q-OG1Rs}GRz6FiqF9<{W*>ZSu@ zcaGK$-kPPQ?^KBOCfDn5#}v4@;eDGaNm$C(G<)o*i?~xBUZ-V|`8e)Ij3Q&BP-G_H z^IOSaO&Y?@RYB?L&Zh5m@N{j>ti&R${4(`nSw{*x_?c(PEkK(b3QxXLi=&LDvpEVh zduVI>5jib(kx3WfbM+;}mtjZ<;6?~`p8-(2G+-;d-c$lt0qI9*4&X&j^tnInZ5`H7 zlM-;@>aa3hY`(CP(GS+@WsbP_V*k#yJ`T5suV|2)|2$B_qE5xrZ6eOT^64g>(2_n{ z8Gz68!*V=(&L>X@%{?KjdRvbf7Y-7R&g-3j6VW?}2V4&-Rj)EaR`EL$*H(YGNKoh_ zrOt8zt5$~;kiE&U1IP%dfFo9_s&*GkNJywf@no1F#70T`-V;OJ+-B8pcm;< zSk^2*9ABdU@#Dt{pV3|Fu8v*bE9h@Z)>m&IyZv@wBFC#Xc=z zBKvI>W@_m4x3^=gp`UhMR4%-E_n9BP9$So@hAt`a{i;BgJINHLQxeVG{riep{!2Ml zjm%4~63yN;dfeGE`cT(@43cu0Y`-8kg|GNy7L2BraHxsS-f7c#@)O+4eC4FUmXW`4 z;=ofS$}uM;|AFh!oxtbaXn8lZAz#D=OIU_2 zdu2K1a96hETx&Y?Y;+R_^ORg1sWJ3AL=ZD0&h%>vu78n`ysjbmxm#c(deh4qeCOW1 zv`@x%C#OIC<*e`9^N+XGkWlDDNQcR-;tfOs6*)E(nhcNiaw!PnHhX}XX@+ZF01z4z zbY&+PY8w^>xvTwhv$RBgG5Gbt;Vd~K)wL?cm)_j4P&t9Y=L@k${}wE}<5|Z0M;}m> z8a!k_iImMr`b`qM-S4Rm3*CS=5|+D|Ff841VEw6b3aGFZl0@>(e`}OGbGu&_pF~rr zx0j*cIjBk+;+tyC_La7tv#*OfIvulBON%iHZdUuUnCh4jN}Je&Km0MGQdMT<%C5vF zbI5(wCsp+cYo!z$wpG^X$(E7J=6U+flIbHEE(8JM(`3EE!!y7Z$px%=Y*4mjz%W4R zu;%}{;TfI)lSLfML%KMIv=8_+U-i#{T(A$Cq=sIKjt8U8a-ErjhCO%HisA3&Z@-Ok zPwM8^P!Pn&PSQB1+2fe3+C(a8a22))nMrB(`(4R*Dy{hR^&<&xLTJC@qEM$${CZv^ z7t9xD5Ur!JdA9ng))+f;uCm!HAN>d!U^p9v*pXu<5r&Tt_;s0mi;xd!?T>xo_uNQl zkw-8w<%tiS;%-ZR?{mc)y8HKKO`X$8!bKCLxFqPqd(2bQ^~^7}J9d3Ktk-9w`%x=A z|5%^lt7z10UpO2fJL~IqR=X(GF*P(X0$f27xA)uy$TtXqJO_lpv;JvVz-t92beq+6 zUNVWsyZ&#Tr5#^P(L>Wqnh0X~D;bkop1=q^;<6ossizJHo16g#^2tG-25xOhJL&t2 zI=4!D0sGBNQaLvAkQOqbz=oK^o&V_E`4{fn&8&#}Zj*R5Cmv9TL`rN&d{!H+z zmy#v5O_No1J!H$4(xgo3&J@$dJ7MS^!fws-@uPJ!gH!Vs{ngC1gM!;(%NB@S0tvzq zkL6>JqhSeK%AmbI3Rlz$fso|~zUzhSldg)!NzcmuJ5zfioqGwTKb|(eC8`fWXiHcm z(8K(`lgox+YEmmXgq{F&t|xqjz9@ON4mUD>uSoev$4_Ij%IG5J}u8vUS=== zAaPF$l60COeiL*Nhf4ihrF==A-g`?dI_WPDQ(xOoDLQvZD?F$5e~bzH#T5o})t3&w z-!#ClU(Q<^9KIHg=DEVAHx&!zRDLzM9gS8IUg^anPIEu; zllrR$dM|~Y=i|$?riN^A68i&`GXIwZ2*3Lyk=9{*9&WO><$Z^4FR856LNy;#!^+h= zGWzU3g!vhK0z*Z-0-zSKz{ETsogBk#8jmS_$L~;9u1&}NhcB)zo1R^t0pr(%D0+%> zKYA3jp`sZi13P-}ERKcwukHK>iOc-;M5z@O6edC3 zE#S04W3@K>{~`r)dJ*{-1`?-GeO?Oz{Kvz8@E?dVvx=T~L*8?;W@o4G=Ba!9TM7!| zww~v0z=IC#Mg5PTwtZyC{+)T0AHmuV6?{2Lq|zPQxpK*yvlY4}S4!+yTP(Wr4cRje zc{zkR#e_(4IuNw}W7c7x7j2c{O94(;h~*x$xL=_U|;6yu~#3%=@U2z zDP*m{!Vj{xJ8?HJKVUuNOdITZ0^m-n*ju8HBN=ZK?1+;IYc>n!ooBorTAsGKfAdIj zvAHa%I6@0vv!J;Ua9qG@?$`XlVNgsE?ZE6Y#euIm!|rU?*~LP3tJ3Fy_NbcFeH`~F z7`8)Ed+w!v9_*m|i0pjbpZMV0>P+ZK^&b*{G0>3#hM~K15zm4xAj4;59C-DmQ8Me8 z>sI3jf=Lg>2b_E~b{nG;?Re@iBBt0>-Nn^6|0VaECrJ*q{l;%YaF}*|eS(0>w!2GNmf8sM7r8Jm!K)FeAqGX>5+I*X{ZS*WG zRzP1UtQ}!An(|D>oY>(t4Kx&(ZgL8fY(eSiRkgjzAVzHgchS($>}FOEEO(GaE}84@J?+eC#Y>8JRRsfN$R z)}?HPL;D_d95R-0u+i9 zKA|`n94lqp9%UdrR9e#e=f8&x*j$~rL{xp)IM(g0?-MX{KMEhwbJ*nZ$-jrGU zJ82;dBmbiw8vXIZf_oU`%lhxeXaqov{6c*i^%?LFJ($Q7zAmrO#|n!kNKz(Rcaya40r!xZ2-@xnw~OZl+D)NhZ(o;Y@^9iPyTS zq9!QEuXpLVbELyIxY8$u@X5$NdC0m(!q@6)vo1qIzss9Xc5A9TdOOFB%Kmex8?J+; zaBp~cSUZ>b)G(aq6Z5^Bx(-YJ22~bu+zTfv{GNkK#@L8;ufoMl}(D7tv3E0xGadYbo z#^K1N$0rbQ)QwNwZ+k)QObw76$vNX@@MgCDq%XGucA1^IbhGVKp@vm@eEfp>63o~Y zctB=5hGYPa2E$~3*MhA^0gGZ<>7ZGo0hlUJNBI7}oBQkS=;tR3d+Xpk{D0t)(UUZPqH(`D^lZ-L5>l5Ra}a7%YEj-ZDE z<4yz{7f1hmn9||_)(byTiI6OK_2N=y3aBwg~CicF4I)@$QZXRsdzI zZ3%!FSn`SgCS35Ldkg|Z{~%);GfVvD=lxR0V7~A2RV|Yqe3Q__V+mmBO)Fe_zmLUg z_xxc(Zt^br50|f~0=%0(hBTE=L@cmS<#0tr#XwsGVoO0ouT+H)qdyIsi3}HcP2=Y{&jgrltJ=Tj4T0E@@k%$m?wXG=$nBq{-`C~9Ds zoa4G_%XudqVddaXUR0zZFTA;cL8dY7Fd(2<$7iAdF=zR*M3kc38((Mr{Fg!vE)Z*{ zZHVNXt1^+)HRHZ!gzg3 zF4JiC9P03A+XB(bU*W2k5==H6X>(sGDMs$qZdE5cMfK#)6@Pblw2P7Ix&;Qm%8Yb+ z^^5+k^c)2kuC3YZ*-w|x*&8@3={`;AS*jighs%*jy?U+OV}6*lvelLb$N4ciBg2Ju z2P1BWIMf0wR`g-0W!a~4ZHt)C`?wQA4t&+X!dS#XmYG}^p_Nf*h44B>OR*$1zgeLa z;+J@JcyM>Nbv`tTaJz8TmBP=zl~;5$sh~TkAt=B>ErRW}bDK@P9AW7)6DPqT+Yd{l zsE})^2DK#eXX0LrX)0x->i^o${)2#gX^D-U^YYV~p^xHdpLmDCX?xJb)KvG@aeir= zY84I5eXaUgdplvq(_`aqV&}uh$W@&00 z*0itlP9#NIlmjzN5YAlC{E^bDR6C*!^hj37>ungxULcb*^5&2)a(Tl0dVYI!ukInY zt2O|<<^3tBX?waD62(jkVuieE>U@pF|Na%H4beEazXodWpp&hpVbc~MRT;!KKHm}d zp~X;$@Y%`fdcJ)sv{7MSYk6`zoJj*ezdoY=2k9Q=NY3@BngO-wMQ&s#m>4xvlJ{*v z*VeG1ijjaKv)%NfHlQG0%`{B`>9^}{R4lE#W z{M1W47)9Weq#A)%C=w?w@-o5IF37R)^C#R5I6S|y5V!7hDOQ;rE%qs!VrI=($H%)D zSJ)ciV_r9jtx~#o^L+XaZIhu9_4Ev4u#JD&9Q?oG09Mwj<6c5p9jGxhfn^+j!uyJ^ zT`>yX1=U*TOb)#oP*cP9)&onBw^+d9UrXCKuJ9en#{_aRjb5TSd2@GBB5L}c(=}`{ zaXP?Hn0xqOkF5;|RO8MRl%|21vg|%pWWH~%t7wjLUkX5C#m@cwhhF3ZBiBEpftcL^ zY}E7TMq-ben>~$vS2GFkMv-PU3Klg6F%`ybHdr!}zd(VMSzT&~LBqi-;cX54bsjT?l6{wZ>=o&Qg;#)I@6#rPd zM_4Ug&t(DA-j5qdre+EEq=ubZM6w$9u*2!+SQXmG*SNw$Lgqd`w{~t$u}*jA=q(%^ zjC|{(6&PLoCG6UA+6WiFB1r+T_2vT=Pi4Sb&PU%1b)R-Aa9Y^`8UByPFJl^aEymv~ z3f#j^Okfz%l;r^4R^~4p%j9Hal7X?kD7S(ovCq|@G@Ygy()~j7xzU|q8HPwqETDDt zr`+7og2dSnbf7PXnp>^mlvmV~f<~KY@VQ*}^_uZ)yBAAoe=I2c`1og&kOk(z-2HE_ zE$8i}84Cs&xg8baGc$Ya&wLe|_Z3xNwW?T%dmfhC1x*@mItAi2Gh@;j+#BRC`Dq zc?gI5RP!y6MS%Rar^g2zi%PIzB*#T@HX5I#WO;~`OnhdH>Mxs(>Eda&mi8mul}lHg z+fT6WOxN!awO`+nFVcYCN$QW1XKefkxfO|9u!`%qq6}S9E+MfEKE3tSvMg2sqQa|~ z#CSnSr(l~qFTR4SK!5m9fEbru<4KU|*R|jxl?jN8CK*a%dtKgHgB98jHLIU_TOwXy z@FbaL!^2l@?7w+B1cO^Mvc2RSlzvnIj!b*n9q#Cq{@wcWAF4+SJ^>bKlRSFy<4q7m zS^l!5;`{~w?WF#&3vXxC{1y#+VB_f(1`zEnt;MACN=cQ-K5sVWwmNL{J`jT-c_X8+ zhN~jdWM992oY;AZs~Dx=P)7?0(}Lvz-$RM*=YxiSi4u#tBxrhqx!IocDq?)^Bc`msEa@jK)eP$z_7|S=~OXbVRs_&Y&2HLJbe;AZ_WA>0aw_1I_cH8 z1xoM!ekIq{6@qw5RKegf6zBve>UxkkUyNGK@K=OcdjDCu{>M|l1Ta?N+2D3@M|y4x zre!M=5ORxss!Al?y5u!N7(~)=z(_B{Swme!X({RNgLITxn&07d!NH~?FRP6NgEY!U z8OijSNuN5*bdrjn&_0=iV!GR#7xM}W$M$b+?LMVUwql^gVG@*b;=WC|Jr7x1Bf7-E zupX!f_U_%Nqs8qlnmEQU5AXwBtCmTmF2@K*{eDYS8%cz1SF88Bhxh7pu5nrPibe&@ z3ot5DwTjU_N|L?X)}v+|5MUw=aG^hvG!U_{=Yzks<;cci9Mv6idpShz-|O*z|IRr` zi47~wXt_&qS$OFwBh3KQ2Cj-3k6Msw+o4bR7{`7`s#9NYFSJFN?Z)hRSA(x8yni*v zV+5W732LE4q1#b&>py}z$E$}`rWK@7`b2bWAAmeKO#>si|?3?PfW~5P%>FS zGoEPaPEfMGzZ3a;Q4~HiABlCclTqG+Z1yZ#CIP_a{%HL)&@6&ZKKRWfrA=P8yXUj} zc6KyC$W!nd;RU*z8TSA2%l+%;@U+NiE?r*2oduox+K%ftnf(6G%RlZrX}x^Epug%N zR#)ztc!IV;F3{JGYJ1f16CBe}ibPj2YBv!%c>(oth{>MnfJ)95dOE^%9$T3EQy z7vc0mw@L}Hd7>_Bl*e?Ug^-unF!GVLrnXnM`gcL$kIQ9&$1f!e9EmAX7a^-z7y7kC zqEfq-_s}`-9SV25+Slz-S<=XPW{V#&R5zLE-g!Usr$jk`O2z0KMOeKw`Y~Wh)UWhR z%k`1hmgJkz&^z%|%L!`o@#0?&<^G#(iVIk6`vgi^J^AQ;7rf&j z{Xm&HUS1;cjaK6N2R|YEc9aawbK%wm=C9YoLdV9m znvI;?Un6}wqz*kjkpmI#*uy;yG433lK;sH z@wt?mcD#FU+x(%eAZuUoa#^|a6RTxEP*}>&K@-ZV5S93?<*!I$etF1!LTp72ZuC^y zbK#K~f|?5%k#vO)G~k+sT`}Z}%jIDpdMO$$N+Z9ddPJ1RZ$Y^S`D&UB%fX9A7R3-x zKnSWZwy@PFraT~+hu>>c$}BaI2|`M$?TZr^H)pQo=qULd+!7ciRKXh^8>dPf*T+kY z`=LC=QieT8UPov6T^zTOIz_eOEGt10B2LRPzB%xK znq+UrxBeSu&Fv1$%8HjswudpSu@PSnIE0`Iv4c>>D4mxBWfpCGitkf(^1GU72)E~Q z8z>S31cjXY6D6@UwOU3fFGMVDYlF4+@BQsP(s!EoK|MQwFCDZwcR5}UBve_;9SM9c z#K8*@$d@$X85o5B$w#3Pc9OMqaG1h$Z5ytRUlZIOM(-o07|D|jKCu+A3exO{)a>W$XmoUFh!TfPvD5G(2X|Wo zDJj>16#^l^lBL88A^=j1b4(}IYNkPb{p5CJ!rqGF;Jsx&n}Sg}*u0z)`CLyFY_)$< zb+yE|Hh+!tah$84@My*8ZA&9hF=M;Tr3P@E199lb_y5-O`M1ZUEAWq2T^tO0E_R^j z1ne_#3p5KV-R=uJ&m=-1ca}3P_^du*;7Mn z13>q^XFCv!Pqnz?XZRfCF>zAR`t++5^KM>T_80>*?#<$m)E zv7k#YqpupUVj~?EN5O+k5Lw{W)+OI`w;9RqjzO^wfku!nDVUh_jjsJ%K!hFGNcGNW z@1S%ybeMskI3n(i^qZw65-Zy{c~)M4yrKhN{QlXC*Oanfdx-7?cCbC-Q1De?`D72S zex6v3&I<{EW7AX zrJd z(dt^)8#i7GeD@sD-OovHpgkM0;@+rymCGvKn$1Z#D5O2(mIGIbbadc$d_>dkH02(= z)c~Kc5$g8pJ~r>TmZ-6jvA)8A5l&si9;M9CSyNk9qU@`$D-k{`feNLo_F;J6^M1W7 z?bpp|y52SFI)rtmy5HZhta|4tvFK*qVc5StDY`ZC;=z>WCzDpgM=B#fJ_qC z;3Vd>dX=L~BWirrB=~-R;{BfT@zSBx*;h2AK#Wk^h-?T7HdX_#v0}8ET7E_S{Z;kg zXb>^WF0u#K>EaJCyLAEIN}hC;btNI;-LI%jDQ%M;1BBpZn$8O|Smz&FQPgX5zQ!7^ z2NwZkIGWdv^cxU>LxrdmI3bxLxtFHH##8ZxS;D*od+;g1+=0ysxWIi_kqMb60vzXX zaf{4tU2}83!aYhcF}i9|Xa4RzR}c_|CuRB-AOQXKBT6U0c9lxP&&B!a&+X|oZ1vz> zZth&kVu?3jDD#j7w}Cx9Fi*8}5(<7^&Rm!r-8zMjs@KQAd-%ZdSB?s+OsP^+jd9Og zEvLWg3FPblF%-ev!2v(mys}gaHK}LXz0q~p`qSoQdyah$*k_aWn|@92+P7-h61naX z*)0c22dUjpx_FmcMY>KO9&gVGSiKo&%8MK%Ake^Ts4w`Zx}6XlaRKY4(h<^^Ji!?a zw7On9KP4OP12+nf%>89&mW9Xm`#BUf!|7dzR+r1B*Ys&vH8X$W1hx9}c3K_6Wf^oj z9hT!2im=h|oNnY@e|g!s?=F3Ez{aMZA!?{EW&6#nZ8T6L`2750xv#$V<3Dl`;_v_G z9E8pPCI_Ls^xfta>}KW{btLrSUov-^1{(me4zPbvVVxwIcOOa2I24TAMo8ULc=FGM2!sVvNU6#URtkvSnQR#3DEN&<7uEzUL$QOkuKO{ z%9Pz^M8(U?;6&y>A)3Mk!?IfUh1;l?aibQ+Zvi|J-CyUbO$sW^=r`9)KQZNHk>81k z>wyEtix|P_8pQTocf>e7JC86&GDyE-pv8qO=g!0>4x1~9lE{3c%zFQ>mXG}S*nhzCfmk%xY>9QZ3Z+qW3{Omjz zK{nF2-*npXFdqa6p8e>$x!S34Tc<)w*if$p9qn9wvZI)dT1GYkox7%Nj_Jikm-Pzo zjBZtZx##s%D>CZBUf-!z;AX0+Q^-*|N6-3-xEhYIp33yhITAfPMtW5m8hdTjDOU#? zNN4tsdX}c2eGk9*eQE7(VgwVjpgQtfF&~cVf{T%{v>%L!+g*;;CW=OSeQC;iG>$wS z+B1@~ltg^#R1EiAJ@Oevh+oYSbueg-67fO5|8L|S_`dOkU8vhAmAeZTU|tKS~8Mxl{h?v_z=8OC-m1VgOvxH_umO*QDfkAUh#3} zqLH3~a+`a0+dP-bvJ=%c$eZ-uo_<`_vEj;5&$ZT=WUEl-MfV!%U-mkHz8K6 z+0{^k>ls|(pWd^Z|e$+i*Wq0X?y zpWqoi8=jd2roP^D0k*GO#Ae9n11x%1;@wvs+XcKQohqJ;>#wv1S#leqw-5JFkmXYPoC?(Xu|0#T*(DEK;Qv8Bd=%QwR<*R0Uc0Tgz$KcrAaa z_4~cO{=^1>cKYi0B9@svi2-QQz^rRPRl%0A41Y~`+WS#{;hh{h5XheIYK(B*T4z}v zwqU{INikIiJzs)bGJIkOG=TMLsfIZV%1HF9i(J?I2-4je`}vP44}=)MKOhtX?zOuY;V zzN5NbS#Xg@4=ZUZ;EBufG(=wt-fu-l@;~F&O1f8V8Jw@BVQNV|EvlU{cyRC2sOA#} zth$j8MVb*jo}O(ekv__L2E^H@CZw~x25WFg>J^s&0e!1R9lpbf;54m-54MQ&+>4E7 zQ)kmI670Pu@*ktS-Ch+4_NFTcMJKP$$&~OAf34%%{@8sf0`c(v!NZqDWAHa{_4Je@ zh+pAYTA&g<&$=W~5N!7FpW@vMSK@iFV2L7CaUu9^&=BkQEb2@xI&F(&aWxJ*qE~J2)nZo= zn#jcxW9MlJNUHDV79a!=A(LTQlWjEp_vTZCru>sTyR7}W2QVX^1?aMKPIa@(xJX*0cd(equp7vNo6N zUrNm`$IMO(t%)JmnREQrf`wzeicw0|WL$thKMgRM-Wqflw=84vLjuF@Pr#&yK^A4H z=o{}=%EcIOAX`IcbuW&U&Kx`W-ICkKA786Bs+t3~v&Y{4z$POvOyp^v`?2s>g8|$0 z;Z=9=by&GU-sKAaIF9M`IIp?Ty30z}Wb`vjjQ@wX_Y8{aTep5qNCwFnR3t~q5+$R8 zfaEM9nI=fiA~`fj77!4SAUQS}6oi%xl4*kE&@`DQ!=3EC|9juMd!KsGdF#|&A1tc; zGJCDL=6dEce`5@2)guJ@rxz`k;g{W{5G)R#l3+RL}DWq^X(act3`bwA0=dVpfZ#Vo^m z>1%B4c$%vsW24sB%IO^p|5C570pWMWLvSk^e)r#%z$qt4_}+P3g70c_0WD)U#T&Lv z9ZiYsMe`c$zF@BJ5B2BppJ(tlEj)K=PTx*77(xYml2NGkPiVJ7_gU;}n`S3BM5?wt zGwc?%)q_G1PG`W#{8@V*8Hn7Fv$MtH|KVoi%9i1fY3FFLCA){}skHflgI}ziU#`qU zg7mCvSxbMwFU2>`C#kx27DoQ~o<#q~*>~lC1{2)7Hu=MZ3GRJO*zZ`BbcD|{~Jt@|F2+zppKA%1JV)x zud~lj(kyZr-{4Azvw+5a;p8?*@rLK_=M%*Q5$&jYHT?RCLVr&hKkS%h<7OkPMRU9l z55NCrce4IIX;P>hJ9d5#w8X%j>IK_!#rw;9olx6xn}hkt)t8H7HAQRN*G7|SXT{pA z`dG*NF}N=q+mCNQt}LE+@M>(l7pa0yt9DYELToXbCUh-3{n*C+KL4pXInqTGGX05S zdrWzoS;v6;K6&_eNOfAY;?ZsngAW6jPCtj~=&UbhMN8h;ap0GUY1zLWsmz}QDbV!W z5A(zy_nC8Le7PCR^Q16|p0~~@I8_QzjcUl; zXjxn4lc$=R5Y?$;u%sLAK-)o0IY}&k^pA?9B0nE(&WIuREB`}m0bd#2yldXg-9wYp z&#`kAWP-PQy-FYLiw;@!IGdd~*UwlOhsu9RHaWwisgAlpyyNekp2<4F8o>==xEwbyYI>O_U)q(#pr=GNE}C*g1Y^P( zqWqvpv+FW_**l2{vQEi<5}kD*lZ78Z%IxH`EF$)Qm0NIRGuBM*tsBDt?bJ+JI}GiS z!+kj!!uD%kq<2tR|5pR)ThMgyO6n4Kk5;U|yY~+dIeXJM3Ei49z>T59gULFx%w5grTo#g&ZdEnA!mr<4 zaOh)nE?|==ka|$(cuCry?!y3H4_Q8LrdxbxjsxBAFy+Q`BfS{h z7iJhPnLFDTi1TvUJSWpjIt9^<6SmlC^ zk2#%j@)nU{E!yd~@`8i<0eCKl&tawgu%$|eia*SBa-{yFSnrheU+ z^B7u%;2YPQcN4(l8DYGMjP-p+vv>>RQfuUT#>tuY7P)-dApDho}lz{gF~S zol)A7f{EYG({lXKe!3~kLYcqw3UPJmJ_>7yKGgj#df5s1c1_VPa^g2aj@}W9#k-4o zJd-l4gEyWpt^uo;;-jvmQz#Ap7MQ#Tn}DG!@Iwlj7#Q%^K)1F*n51a-7xNZ#ANntY zaCSpe37Z(1)0{>0@F#dfqsMMs;R`OWZUF(?oZ8vUhiuVhw3e28Nk7C7@pey^uBL4L zxwb1xPU4l-;}d<5W9&_rq&IyQNHRYOMROj^#yj*bAATL@Mjj8Gg&*qD+Sb}bLg0(q z=5PGcgdG${SZ!CT?!e8aNGq|+l5Qs@t`;Kr2Vy_u*?o9y>iXUGTN%r|uDZUq1^2Q- zttYA@_)V>02G>Nt<-TD8_O@;0;q?s0*uF{1zk<8WdcC=m(N>6(>K2{aDsp7>6Lj_? zPVNZ?-H1o=&-l&lC+vhoXbFHPU{-b|j`tD6_oO_FI&ot>LOk|Zd5uMF;3#p=Ahni* zhq|rG%*Tfm9G3(m=7R>1{2IZDVemRh(3xeg#*(#ui++X{L}zZ`*AyToK#T8aVFI@- z+Zz57@JYt7avJA=)zQ&O0t0$Q(F$E<=(C<@9uK3kviuHZI0S?&43quj7>VTCOv&1o z#}3Jj?>QsS%je|V>Jx{Ze<1f&p;?4m)4*!_=MOU$$IV>Tg5AXK^)ExKjPp*U$w_UQ zi!oS#uZ>r4dT|WeA6x6zG-UK!jLg4KZ|KOIPemBCzW}paLB3_PCWP-#Xs6N}!HvBM zPTc)e>sG^^^FN$s$coB(6ZEN%jW*x70n&zhNpyAcU+}x<;OipU zn7_gAlPCXo@Vn#x5q>{Kge-xCIlEB^G*irdYY9cu0BHf?b-)wmSq!Csh3$inf^ToN zu4602VA%DLbk2pP{QpV6uVtnFx9ImHo&Oj8zIxgOWXJy}`u!&Ie?Y%S(h$n%YG^tX z{3!JeO@!kv?0W3{*`lkKYAQ=wy`@zK?L&kgoC#Eqq1g^Mh7!WR!I zk-v9N#3`w1fA-nxfYj^vGxi#tvJl;6<#*IkHA55206C6$(Y;%M+Num8(?x-^r7Rfi zrWTD5s~N0(uN(ogj8f0DSD@Q zd9ZV`$+}x&ibgHExrm3iv;F-rSXsvOHa=~Y?}_9%D*0B6$1<)3bxNkNSwcBlw^Xu& zqKA}0Z(iA_C`vUzz~-8=Nec6UsOb@ zW!(t)5UafQ?85^EN|@P`tgs)8`$diq0O|?a#Zy}|9RN#)KIX~phKw21K`cSd^xNb)B;K(ftH49;iDsS_EuDjrnP}wJety(m_KNYr_5i_Ymb*;pAuf>?v z>LF@tx&GkctstpCiURbZbV5uM_ir*1HYgVr7q;b`xjTUlw>qrLwe6gZlf7-LIW$o* zUdhgtYAusxjVvHL*N&cqZ`boS@Q)<8@KtR*H0%OcqH=R}o-i#wVwnr1D@Fw{T1Bal zWPPb$nRMQnh-Bqv>i`}_Z(Lk{D)+qv2EYOkM6i+oUMA1`*epMQ!Qz^kogAfc9iS_Y z{t!J{cxG7dp%6YLKpL_+>y6csYrb(5%+Js^??%;{uGC3FNw05A_~0Lm!hP{MUc8&l zmAp}0Sv@`to|#=3b$^*{4zPfmr8^||(A2QmkziHTKgiqNp=gjUTn?{>ruKCYEWKMz ziM4a0dHaU3&k2c$%O(>rW5df`PPCyrn*7~_Ptd>8ufUEUv#aPbWfgrAME)rDIqMI_ z5!PgK{f~okN>pizAt7q7j0r4D&9I%{_}JlrGM|mHyr;ft_VyU{Cck_K6F8*>l9noB z{f~0&rKL!lMJGj?=~)(IZAzhEsDt~Yv~XB@W5w$C2V?^-Prl^i#PkGKKfXIU=J1N% zbMJ>ED}5$~WZ4{L)mJNQA~E~0`@~uXS7w_$OYL3<$P4jb&2ySo z59)-g>(vt|MzF(n@5{FLwkvwt(Zk94U@lrHcr?g(1K4`#kIE!xwL(m^#*7fUCCBVf|<) zIDKPgmeI(P{lM5>_inv-um5Rm-~h?f_M{SxTjiF|?%z{eRC!1)>uQwFt|-as2Er16 z)9>|xV&T3%Cw1*MSb^Iyw=eIny0-WqF@wc1Q1@ZshQq*YU_sGb_8mLm%(tTb&pYwY zKV&4Ye|&h$7B@HzYDexr5GM)&Cc&Z*S#fIlvq0}U*Jh0IQp2YYsdTDpBVY8W8yZGC zKB|2j%fI(TOoG_xb2-D15@}i*Z2tH~=F{P^bXIn5!Evm8^S2&K!PZ2qu$`=?CSv<> z5+2GseipzSpoj=NM~t4*bd56n6ex6a#G1w~?1yz{nPf3MuQ0 z%-w${xz1&aRN?MjHADRmZP^c%?*wAqg)>8a*j`T7QXv%Yg-asz4h|f_E~lu{&VDxH z6q@#jvC*4#F-N)f~Y8hqLvE%tdH~E9aSP{ zLya0)YBGz`a_#YEcmq%w4zCuEq$mQy`RNqGp_$QdGJ&8WMApy9K>LCst@<%~ro~kS z_^-=LOFuwwO1zCin6p13ZBDl`y^9DNSX=C1iX@r+4@U4@ph;jl8`MtH4ZSK!D)JaX z-;j_nVowk0wB<_v!?RPkyd0E;X(J@`rMh}rnP{a4pjJEOC`no&%yZ*bkTpQ=xr+FiS8Z`>G>^+Q@Doqhx| z6_t7l-SNtt5z&36U)ZF%lmjSi1(wcc#JJP$k|HJ5W?;|yhvBWK($Y8218&UV|2uJv z#eW}+Ui#~>wYXhl=orT;QHBTc-LGXwk3l0s>sRnHGcC@wcA~&x!Y&VMA1Fu`09sn- zTSeBM)4p?(v^CXW$h|DzzPS6Pyd2B;Xb;z2n;)6}`r9HgjW4uYR-_lz!va$jr;R zAbQz)#aKPl8W|h=;3u@<`BxIhdWkj9b4o^8S$3npzFB`ihPnRtS4>Vp`A*S_gS4*Z z?{5Nywzfnu@V)r36R(VM1a>0l&K(l+r$VnwEY`i&F6IP-d;J@u*(*D zfMWoilF+N)O1Tu0WEoiuKJ+{fNlc@lctsy6Kne<0s7x5mIL|%Sr|cL$n21*BuH8Pq~qvo*P8rJTAQv#Xx0lP(q z)K>D$Io~q~fST+CX$m_`>&hQp`{+SwYVXtfF6_Rk&mtNDLW9M<`yxa^GxmW9lr&#T z+r-)p`swCSKp_AgmKk{U<~SkUwDJWGEEZfu0GK?#k2wPRk|0q-$zXx>j*s7+#P>NA zpfm|nXbY3iqzn`U1bmjMGs(jqD4uu2CcN(f^8@zJ zIL(@lPlzJt_d58oF!m$GS*r{5Tcx3)C_+T9=HGWzHPZWIkd?n{6Seii1PDH!hl+v8WKs?eS$Tdr#9F+xVPvgC zJQFPa89pYSqyIkTb#29Mws}Ex0_Y1RCH6u4CaUYPNjSvC6`h>06}Upy06-5cVn1xb z>AE{wc=?0nxssi#RVq#k9wVb_Xb2l8r%*J}k6dRKB3cH1jeq}W zjDgUadt;n{im32iHC8TuJwW~$(o%2DA&Nlon)W|;7fEMjW&L@`K`}UVsg#Rd6{ujD zHWOm?c3sAom-B9TN463(OS7J4u|dpCBjH2y7c}d{7C|1<#^QC}G^m)ZG`6-kuk^K} zn=zyB2Ma7zeA-(f#tGK+J#ul)&dVbJsxSFpv^rruTi+-78NR7K!Oi;m74M9IPJU$V zb_%cNZ#iDD43x6}i2th^{O5PSP2U`Z%z)UGd*o!H?cuIkG#{0KV*1`e(8rgEFVhb{ zf$SmBQ%FeANo8xZ%ewJ~Etov$0nzag$YU5B2Y}nlHdFr6+#4XmV+)R2+w`!?!;0+N z8N3gIckZd@aETgmgX3<}J2>U_PBa_TLODf6w?TSH_Lncerf=_1j(1r4tlVxtBqb*U z;w=K;?1Q!I;l{&#kTEnm3OtDawOamTG6gYRzbn}q#>N4%imG3VD{ock_9`2t49@t8 z(|5>)7+hHiWRE?b4lWl32E;`AKa4dq$c)PfFPbHQM>)l}5fbT$^5dX2>Fh&x@s|`I zVGn5Wiv}O!1GoII)p$m9F&~wg6W|nauv`#pBC(0CpYdX=6!AEqBw+BqNds*{5wN^k z-y9dBk12wP)0h1R%j)}_7+^AxlTj0;rMiD#-hF82l-c?UTlLQ4iE&$Q6*zJ?tFlnP zewjjB68MZ_-NEV2T_prE(Y9>j>e?AN)Rqe@TLh0Ea7uz)__{GKjF+_<*tCFz)?|l* z?cH^R3?Lc{%O5c1E@NTH79g6aFoHW)X6sG8OACrWj3a@`H$JT!MO!RZ+x$o3z~zS- zVIYa_7D%N5Nf7`MT`7Aek|gYafGlZP>02RDzuB*A8N=+%lr(;XM@}o;`{O z$uB7{hM#?107jKS*`Nht5}q@wsbPKX3tq*GK@>IV8j79~ZOt_Y%e^rV-PW@O*#C9P zR4kt?;_GiV5n65#Ec7M&O}b4|b4=r({nJ11Jk@HgtERXqK+*$PTflr}XuoV%tZ-Vi z__^Y!Vit=9R{Qov--VeEv%Da1>2(jW4Se-zaWIyon0vGW0femlV5oLs`qThsMR+Z9C9;(!~>QX)BlTF zaA!bYUK=eF3AQt;cLM4wGy?gVmBUkbkNF&I>;fpHE~%qic5nc*7gQqVX6g*uffF@^ zm@&;*4&U>mbJ@7LWO1zPqI@|D$I`z2^R4{X9}304z|TlNG)RRN>J1MG61Tj6aFZT3 zBkKS#XnEbCN5f%ovz4|fxWzdKCu`dbsHZMA%z=tX%5FeEzv$ut@ov6^n%esnLeeh{ z4R_lEFDPl~9*@5bZOf_;<0ux{BnV<=cDx+Htef=00Ez|Bei!Oog$`?Kp$1?oJI({W(eTt@oqFe*9Ho77C{*QNH~g^M^VQ^jG57OW7dTVspxWkkVNO%;@>L(V59;;NASq-2eXj zWRnZqI7hyj z#E-|y{2Ubib=Uu~Ocry~*SLQIb<5wa62dHTO@EM*QGmDUO`j*3S|?m!piGWRO4wmC zgi8fcvHj;Uh})1`ZeRy;+g5pEEl zAOU1L;c~YK8K$LOUDGSJNr*H|)gO<6)F32`PUPK!dDHO*i_>O@4oDlNceVTX6?7GY z$N&qsZOidBGJ3{QWIRtXKvOi=;){lo%x!nycJk{^w&$7swZ0M)5WePGHL==uTMsxf z{mSO*wD)lv%cpiuZc$QGKGm^oOnF%R2tc7z470M1E_iN;1A|RDt6TVKG)~9IxQ-&9 zEjEU)h2GxYG+?jZmoPc+RzI}6BYD@$dz7zTbaZ62sGLa!;a0f2ag1BG04(94PDMCo zi|w5gXqO2R6~sj&fR=CnG*g9rEB)57n=Bb3YR0LIc>mgQTB*j=dEd=$LQSe({Vr!{ zd!5c-i&^>k`Iv(*oz(d}VPCE#W=uUT9Ow`{==FYmIs@ho#<idCExbQjN14+6KKoy{4ENnS9CzBBc>Gz^w_CYO1@;*5d$_hV z#>k`b4mt3V_)wAiij}M6skCWU%HBEn{PPM)egMw1U}A-aaP{e$XcRS>h@{tBmI9yy zSR%mFWB%;+_wzPSl_O|bIoV}QOoX{Jo`hG#nmR+vUu6l0&(HtJzk~INIue}SaNEt* zQy7=cDW|^_p;ge)5u-&<&g88>c}NarR~1kFy@$i(@#$yYSOu4amm^`0vz08V#@a5Y zdDKzhg>RkPA+Z;|2Ht{e*MMd)4Q28 z6CV=qqsZy+1IrOn4y?_SG$%v{yj{mXAC9mz1;?3C_ZyT|s zaKt*F(^)5%foAiL##>qz1n#`g>LKCfkd)?OUQdND0-fKVGQQGda>{qP$8!}k6+OPG zbBQi1*iXBLO0qF}zVy5)A(0Hkymj;ZP}N_b%iyFw^URZ!a-a)P6Crpo+!=+#{IXUP zV{zOU-8y_zv~YMZgcJa`Wpjs7MslHqqK+-g(m+opQ4r251B+z1j3 z$vkS!*s|wewkD5jWgZu$rnYt*@!WSl+A=bPSpRUiYMkq@=ia|;OsaEPuWTsO|Ia?; z+MQF03N4oLK1jZK-xS{v2;&@oSh>*r#82-dVgIW%4YND&!rs-B+?Azo8XEA`mQH7Pk*idnJN8R^|h}*?nZy)x%RN-5kBA*E|kx9Bog_aKg~dzlt%| z%(GEj5VEO2W0vAalnspLvVEO*1?*?;dJ{;?3($rjkdH4tO4YL7eI^JccDQq{+Nx}- zln=~roUtA2XA1cDfcu6P)wv%7PDBJq3H;tKapoK?PZ~i+o?PI!L`X{MU)>tj4mW9= zm4y#ZG~EWmgq5VHK(yOLpShPR9YYtaaH&OOqh4Q%gP%qX6~&@K2^PXsXs+6_?ky;s zaTOWH&@~>tISODDIc@8CUaYMt-m0d|*`DDW>U7+pld$>^cJJhsmc+?tXY_Q6^_*z> z4%2Y>B78^Z>ZojF`!*(e5!rfi_*nrTiC&`cn_tb3lD1UM)KWMvbVZK39oE!nAe?Ag zCf-~=8V5NDS1GDjc>4PKeF^8hJUFtfNxzo%Gq1#F{g9BuG=!_WJI5k^MSu3$)Od>! zkQ9Kp&aZwXNoT-JTj#Ki(BGCZRxrkARUYKnya+-7@>f~RQsy=Zl>O?=drqV0+=8C8 z4xDi+mvc4={euE8O$^~-_w4`Qp}@y8t|{;pKkdi({`^qnr*ZezGs|K0Xe)N@#h;5K zt+R(It2tfCmlxaqCW#sYSgTKlpB@$YZ|i6^f}ncB+Gda455ybiQ*&2>{GnZvR_Q7w z`?X{EQqv~w?}pP){+FE4Q>b~ckzq&BX!Pa-izkxK;^U6u=4oT&VdYy*^n_l0YG0}U z2R`V{vHt}HeyE(;+xcH%;9wQbPyyPBP`|tL{1~R5{BUpE$>S~|H|!!@$@sncSM3$u zr^PMK@P2EQQH((fM7kE$>m6&)IOa`((B`gIi@r$qthg{o#GI^~Cz+RCTj5eVHZ9Lt zQA-{*7;ahnli*Ggftum92!DNX<(qdQdu_~YW%|TjBAtObSfR3?uvA%fE@*?gp`rB) zzxj^OZ-PVpPOwwR&MP(U+ao8>gwxT1EK1m};*Tlfny(txQFsKV4+W^`WpwF46}Y&O zi>q+uKjkgYm-roQ=i3%ueI1_EvN6laxi-^i1GtxC^I;{iCf?y8jlW3kw|g(~NMvFN z4n*elqr~Z_- zx{3}}DW2R)Zngg7xtMuAY|SHGqFX!glYQ%tLrAXA@lMurMuDWa)TLprQuxhJtKHoe zW}Cf%iN<%cecF>aE{3uFk+TEp0c+~ZjCCfX70)5>_vE}gOz%8BJF3O8|2v-SWugBa zG96VCgdn>3J(ue5?94xVzCe+fl~mRDq>4WcP9YRnT-+hz1|J-MMR8kDwDmeUj$Oip zYF(wGpg;{IgnzvkW)^5{kukQfXIl=fD6w{;RKHjPVwl$B*{g1ju=2LuzKz}Yt_lOn z{^#&3EiRsf`X#AxGYz|U8wV-hno5=oYLkAUquRXjg72IfcU1%)=_B_85)FOR#~Fba z<>SZ;qZl6A?L$t>==sy*Q^`{J?F+jGa~nfs&lP7S8s7Rdn()u z%KhLktbV|ava`7EVPG{t=YT5)4o-x5r!ToKOP3}w;K4{p9vn7b4LS)3Zu8pzws+<* ztpExO562@RuLiOCqZ0fd!HDIyKTmlY7*yGZgGW1_ngGLvhUjZS=rT4zG70FbKj{Dx z_|32&mcf}(>*{sx&t6yX=Puw-l7suRM7XUEcR@0@?1e8oCl&^|HhoRa{Cs+v0?i() z`dx{fW2n@_h21-2<0Bv(JK%u~FiV4iV97rl%T;TF(P#5#Qf>A83=5mz2pxCNpG~*= zB3K=sLl|)GUR`ZoU{}*Ed#;{IS!M_lTD^_CqomZE`n`gLhFErPLL^*oyiTW)jwO1S zj(CX%;cm{$+yzPFj10n?&@-$}|71KK9_n_MDH0I&(tCx$_g@(UR@QrS4(3`# z4{4k8CmPX{mV+rR3}Y*s)b98W&02-4-)c8EC#$qy87An#jnt)TT84&ZiAG&7vRpN1 zCT52$Ts4>xm1M$GbW;BLeI_2}ttR-{Ixt$#Gl-be`KK9|9-A~ia~ttHH*S2nA}!E6 z`qRLAJrjNS8WuR+ZiZ6OW5cL+P9-1PDxbE zyHu;)v(65g>y+S_b>h!d6+P#-$KaLRZvG;AP=IgH^u+3F!@`|X$==Q;D$c07RUSzK z)8va2fBz>yA7X;hZCLs><73FW$IjSuxtl@~Y{gpv%!RCKU*rg|GgCFPBkVU$FUL%n z%nlS`hw5MC;Cb7GTvgrrb-g$~9+Sg-1=Ad_oqM=yr%HQUT?Lef>BRgVvJaeYg$v;L ztmz(_sVz$Ge81g{kQ5iH!DFXs@v$K=37{L=W-=&oY9XxN_IXlcRGm)h(w8)t;6R-Z zK_aFMSdO74SDL5W7y%}bxrpA@7d7}JboQ+uZ&l8pS3?CdeR?K_h9(=gN#(|n0&VvA z+uIxooexJj3Qf)@NJjfMR?oN?RIPUNi?oC^S2sS*))cMI?FFj;I>)_$jMhJg^&~z0 zCW}tu!T(rdPh+o7fYDpi!d<*wv-Mnj*Ex3VvGVI56FI&GZ|@8VzOC%Q zPUmkDFQN_NstYb@{AN7#WHNa5p;W6yBX_q#xJrX|s!(&jc||qygPMOC(fj%A{o)NZ zo--xIN{qYa8zWTeJ@|BV5GRJO>Kdo{FVo8>omVIK(zGpJR!*w6QHn@3xB73VrJ#J+ zy?onrwGB1xC?bkgBQYqwqZuULG{RcwYpim#SwB~viA@lx z-tVSDd@l3Vf6J`-tmv|KpDQ?7KReKmuO+1WmB7{<@%51x6h6&a@>D?RbCoP6+VT=T zEuwiVge9=rV&!TqLpa;Bex?yN~7!@Q126h!3_uJf5KK?VbFzZ(e)@=4mfmv(lQa%lN3U`gHn; zk)0J%4>Fg8t9%W7_YLNvZrS5xY-qV<*>yeQMtH4QUn}#*l?y(Hs6^ze z#6vqr1>%HCl153iNndOEGbMS}1|dsOxtJJn`|&c#P7inY!&n}NZRkB?E?LfgnsW<2 zKRjTA|Lknwc5k5i8kp@U-g!1Q$b`q&uL5+6>=b_D@;4`XpXjXWp)l#hE{N!naYE@E z7NbTl;jj(yQQ!G(9s}5j-(Ih3b`Y)!{b(k&$v7L%#J9^sK5;`$xR-C4sCt*7^)gre z)|Ajxi{Itle2M+$ z)NX^TOEuw|J2mydL>#izTSrFURRto@+Py*DcrrFBWVT{w;MdNj{YpPhugrZjCEt&> zhWwSG;Ts(uJ!&Z7^#sP5T3Z)tP5IiofnLJKxaS%_94OlLRQ}aFAN4l@seS`)!_UV> z=7%S71WxfM4TsmmdncxNHvRcACSxrs;abcLJEOrH=38geC5%=Oh6b{1 z9~d1GwCPkTl^*Wp4N813fPBfvBpXzn{0Rmh9Ei^GAE{HUbF!+fHt~`+c|Q{X|8VKP%o+JNt3ElY7!+SfL9e+$>8f4xVV$ z=utnqTX^{DwK{yKGWW&)%XsFwYMk>8>uJyZRrxtBmO}5LYUys}q#OTOlot1Q@ZVd9sJFiT{dvQqMrJR@bZG{;O~KmnC23#!d^B zgSoKlt4$XZ$AyokeN_*1W(xgBy?&x>x5J3<+-;DEbG4gDZ;~8>9led&IYJ=Bvdv!= zNo|m;ifB=3%S3OOHm5#Yy_$~`H(72>dRE%Fkzl{7C#e=BGaUfh1v9q?XuuU#2 zXBy|~vCHYw*4MYFEpC$77jvJ26pc-7dhVmfYNRarEln&~V(4pp8{PE`3{>~RjaB)q zr!)=xdP;`+#BSVp??d`!C$C)If3-J-1moOALxAe3&Qs}eDzE1{q#}dIsj9Hu(Sf;& z%qHvH`#~A~hvRB%wHGy**2A7^lTu!-)%pmvJ(*8S>R2_?Uw($z4Re&Q2+w7BEQDK4 z{tUF8($-f{DSQ8Vz-3IrPX|-kw=29y$uSl88-6J%|r+i4Q=YEov zf!A*hzQIjthfL#VuS6Zz&ST4J@cM=`?=k#3-)=xsX!whLZhaJ=Dr4Q=$$|1`y4eIo z?%NtMc;Y9lpNe6VLNc%?&3^wqYc^A#DdK zRd#4QiHeEZCO0>iiGW(PeA#`r?sFZinh22SZSK6nU43-k#xq5x!&5m9v#Zo#iMAks zF0c-5qfT$57o4SPbd0C&HQ!>=Y_*J0NfT&KGWIuHVYo>AR`%%TjT>sV7_)e-w~9=M zhbKRXHn0_1RFKt;9nT|~DxqaxvhC3!WqgB*Ka{Wo8%`lykt>M~4TdiJNA;GODEy3r z(7YkOHMYf_+DgIJVx*=-V)6VujQB#!(V+cMomY_R;|l|xIT+4&FaKvSxi7m1r?D|U zOS4wA(Cso!s_Q9!`CH|5hi;ZpC4f8eg~@nm>p?kW%B8}P{a)#17wS(q%alKkKI^@W zvk|zCexmM+1H^LsduOE3i=%(qpSDE#?bF2ihkVO&yrkc~sw-1d%2(wL;4bjoJ}tdGWesOE zd5U1F&CK)mMUKsiKF4P8KehBHzKBK#UxjRBJ4l@ns$W%G?{x{6T(V;oz02C3>c^pc z24iuF-#4g#XD%@NI>||VSW@SAc%0>3nP;k|xRj?$97n;FTPKnFN!_DuPp8Uvm7m>c z*v@`*Gk-stn8u})?ic!(&T8QnF4CWgvB3CXZtrISotT?~zbh)|?1|01jAqisC|-Rj zwnD_%#cr9ztatRt-a4(MeiC8uu;7R80(8FQ{Glf`zRp5bW~4w&brP4$R=1l`g2HOe z4?~KeyIxR?rJT2Q7`PN@HpB(n94|+zuzNqHgB1f~iFV57IA>MYaGoXimi}T3tEQ`K z4V~{Q9iqbZ#WZH1mb#v`@N{*z4a=y$Ei#uYjo-r9LW5bgicyiU8JXU3p`~GDmam## z4yOE@nHeJ|lPF9I$v{m zv2yEbsmsi5W#pNd^QoqI^3YNq(^(&ZaA;6ytLPgys)scQ$LMn z6IDxSa1r3E-r5zPuj{QCT2ou2z-7HuxzvD!?8YHCNBhz?BZ?>xr6pyPDf~GOXE$%W zA5y`-f#Y~^wBnt$NQgP(F^X@2k;0xoQ*SYvTz!HYWztr zEP9LEcH1f@jyHj`+^Xw$?{R##T=tMA_w4j;1Ilk7T35u=tpE1(z*_rN(v^rNl0u72 zOIx3~DYfwUL;4f%JmDdk{&X>#8sfMls|StlklK9z^LEzQ5=IRM&K5VlYLtBgM9U)O z^lH}f#tmL4Hfw3sx}(}>XEJaGZktP8)gGdIox1r!n1W7H#PEbTvGYXC%lV7Z>w6(n zZ5QxBLr)JT?b67bs9dg{2+pq18BI(|n5eI^ zgdmG};J&=GYlruj$r9CZrH3thtGf$RS;L=V-yC(V5%S$owzaVd+ZfrOSuJ^9M&0e> zU~f|qjn)=(*(q6by$^vvc4_-;Y;5`Wt*WvgR+W~Pt_j;9nJqiTNbtuw1QVKKIfx3X zi^aW~htvuR3d#{xN{{6-l zVh^j_w(zXbw^RbyjKalZMSKLI20Nh8*@zmHW{LgWxr_a zb@N?W5E)$+r5yRFyuS_pdjCGw%}4D&NM=i6RkTw^cGf{lwdMzr%gw&4L<-u+8Mx=iwBBg4%ipwoKY~Oic3H zT1J-3DVJ`SJ|m)?8N%*Uy?RxsRHU}97DOe_y;jhoyMIi_q@rf~1jF2QqMo0H|6%|! zvd+≺1onkx(@wBO^1nvt)#Fxo`BcD%H}7SdsqnOm!9m2g zDoa&84cVN&RN;XQ8)kVfx4Ml&c5v_CqvrD8Mr2$LTl7|&_c&}w*w^42`!6$zc`nRs zUvVW6tF82#Sm|)pce>g8&e+%OYJ1OHUfDyEk6mT2@7DG8`VS}@>zw;4$%MT74UwCa zsVq4x5#VK==%Fzw*O0xZ^iv*3_iB3JDqBz}J@PDyD>s)3W{X6+?Je!r5q=rt*svQb z?%6!vWmM-NXG(eZZn#iT+d#_}iod!!Jvlr!GV$qT_O%XAi;&k$=hC;~&7a|nZYu|D zw&LDGUWr}TAIz<$V4yXCE3eLR)x){*$4_*?x0n~Us%ufJYqiko}8L1;8_DYDJe zgnTV5BRkj}j7?3GHm{h~siX>YfJs}NXCF5@ zGBN=g9yyO_5IyyRSV`G~tivef`r9wkQ#B(vf zB|0&W9WJC5!+HGDT2WEaa3M!gjt=qKneH&CPQZ&_p0~nm3t7j`zCF1%`oPqduulbl zs7RE%b%ULw@{O3^rjq#2;_BjFd!v1N`7g zv)rV5d1t+!idp{pNuR>#eH@L>A!`>MIWe7c?{ds>@gmpxEfIn*lBu8qUpaWns)zGq z5LLdr4#4-Q8V0e*iW!HOW>dcQ8QzGqt7$kYl!Uc6pVMb5wL*{A{gDPd+4mRAWUsz2uXc$)7W-BfrLTjDuzmaY9bn%*0}F*ikV z#52vs;ZVz_kw2M-KcKI%Ajo2U;1#>IwN+VSc z2$>#opM|X?F>`>b`0T!>v9bLbx=A{_gGo(O^KEXfxf$P(%=7Nb_nw!G^8^fVgRrzIlD=wY(V*YkT;Hl~VDcN+Z2hY*>hi?5fm;(wfgV(x!2IYgLjhD=}_Vhmd+l$XUJ%iIFUE5|S zE*o5=~5{d>m{XHRxy|4jzu$jRsL$dzDi@1%z9A=0K!84;2eNkF3bb0r0BkoMg&-4?$6gmKpP$5|U zMbcCoM;T1pn1vW5wAFOxDIgj=<7;5mKYbq?=JkC7>uu9yzk6nF=~h53!Q%yP!}4UI z^WFwr!_dmTca5%n1M*y0o3o%K@V9jkzq8i*3@oXAwWVFOvNI{!9<%+HlJ%Ne+K7~@ ze8`z?ncOp($%5c0gmx?Zc~5utVr6l4ukq}$Pu|NV@xNx*jnmNau-DU|ekr@IqJ9YK zS{PI#Xb{GXLkq;LWd-H(kx3I69Mp(#aw;50%gedpA=ObqLDa?A#nRTl+@e!pX_Z6W!3gY=~wv+kQFRZ-u25-5Z6oi0zd1q(NS}znl`UfdNE`?N<5vFc0%eZ+h!@ zazj7YR{ivX;)3eaz_XJ2dbX{2BYFAY#AKaLqvwpG4otb`LY{jGb)c*D_v`zb0vM8! zyL&AP(JW@8Z`^g4BqaljhmE@;`{tc~^*X)ezM6&KyRn99DNp>myE#Cw*`mLNlV2sc zM!-nfg}pzaS!N|5e7+l0qN!qjKUVq;UIUBUT44TX;MT6_tT-NE!F(-0_HnNv_&bn1S|;DZix=`4OE_wIO(UppE|= zs~l*abBBjGTiWfv;F&nt;w~yI4nKRT+yS18VQ-c@n{tNeXu~UGb6yKWUR!Is>eABw zI>m+}3KPq5Zll@w5t7xz1kz-E)Dl}Y?R!abW6v6{7K;=?K|$RY)9>UhE%S|jC8WuZ zb644x){ixaiSl=_`hS=>*`EQ;L29PE%NoY7Y;vXdjBITq1uZ2}=_t45Y^Iz_j3i`| zai$*3c7gk^vGNWP?RGFZZ!BRWE>^gUq{_#iM?5cf`Own;R28bDGu~-L$<1%kTlp-W zSutR-qBJ}EcQm~xyy4YYZe?YsMSm)U!`|2$x3sCdp`npKv(%$N4+2S7DJ`msM#Jg| znfaI&423L9xs2Qb1%(7BFw76`G>A49pZV0*z-siI4SE_wEQe=j?VVTpYYntZD=>5n zQ}|6~xL)^u5*$xWo4qI`GD>i%c9-LN2o=hInbAEmm+M6F*XTd3fzpP_b>rt_M5A{y z#QTEG*3PPWYU&xu*62ezI@H+jy{-F2GJf$FmcesT}4%80r&lD z%-`j}Ojh^_s`5=JT^Yi*3_SjRf}+wwSlq(y-0xuG7eL6MxU7L#>|0{fDE|6(Q!=d z-3hThWlg{B{kM50mUTEI^d;4C$z@UJ!TV!_9$>5U8Pa24H@RZs7YvT_s#i4h^={<&0<&~%YgK88R_+!l`2z0HSl zVW^ruZB4_sU~{=UxcjX*yKM>~w!n>-AKm|wgM-F<+4|K?0_*PDnph}m87fs(Qr1jd z^E?)64Cl3+y@l-6$m`}u%umGDmekZRZ3Tv}{Xf*bXIPV4*YAtE)Fl=yAPOQD5CtiV zs&oq=LArn>6cv#gP$2XW8?r!(QWXT0-U3n*AP_)NkY1BO0z^PsLO@Cg5C~^xt!J(0 zdE0*9efGJobM5aj2=b5ywz-FK^OoU z=-|dqtAXX?<+BAkq=9}Hg`#o=mZ#K(EFA9KoRIB^rcXCC+2!r8e?9eA?oUj$(ds9( ze7|7pv4c2ORdhj_d_v-(yqfEssh1rD-Q6)`CT}mWLAu~j0w3WQKc%Gn?q%5h z+%KuUWo3DxPZblClzdlaXR7udAymwi7nNrYLn*M?p=ty3lNpvWovG!QmyVJnQamtg zN%oEmk@=7g!@Rt2MYXOQX@4)_4XfH<07NO|8V@D{y(&LWq6mjmol~o;z+eX!9Ol2+ z9y3BqcleGC{3az;@;f`y&M`Y1%!d4hD7P5KAighINOgOi zq;ZUO+}5WZK2+61EVdSAZIesn{*-!q1YPErL<=KcLS}=l{P<5bXZH*Z-S;HTSAv=9 zD^fS9HKJfzX)ia2n6I_<6qMmV`KwmYdPM^NL~*M@gh5dqM|&tV{C#chP(guf5!NHt z)^9TkI}I`o&91@+x^Z*h;pXR62z%N(8YC8fJ5g^wb{brJqk)RO-~0%i&6($gPo6fuBlj9cHb?xC6#!2F^Lusb~I;l0ZRnLqp*J9}_W04xw(@0Nz zExAK7_wMmo&&}lp_IxFw&WI^)(tIsn|UCf9Rb&JC{3pVSD>%~( zc=7ut_6WC4^_)D(?k57=uwU=4Zuc{Vh7zHuGEbrqKj zTNX|4*UmPa>PLPRu=-*sM}tg-lq55M157E3f|EWB6oW z!d|VF4eyOFdpy(~ZX-{dPTrbN*F-kevGDUv4$C(R9d3mYNhDV1wW$wbb;~B|%Ncx} z-reY;qKk914`n4w>9i@ET?(iqw>R6PcrUHjGJy~ngResrYAjC0{5X-Qz7;J2!`8aK zEUr^kMO9lXIFTz{`rHZ07LP>B*Y-|QMv&}vfg%xjZ?R$T3-OuSA_rZ^#*!<)LX1xo zr1;E*Y`Dd+h=&RaV@XSmjL`kUfhc=sT(O!gQ=VtXhjna5?bAgy9x>RRTduC|6|u1k z=IT;X1&r@ckiLswN~`!}5+-wUK;gc%wV_3PIiD8tVneS^&*ue1bcnK|jqZAa4u9~r|SxB_-ZS1HVR3b^ov<3$01ud&a6S2hK7HF?* z$ntc#3*~7F4>}{*`(!cdKAeq!nvgX#b`?Z^Wd*7yL3-0vGwA(552b>yDDASJm&LVI z_;$Fm7wS2e)t3qcAeU^qddfNXy-dkC#hJBE(ixY2r&aH#9+fE! zORoQs-089&q_upPf*M1tLV}(4d*tc$>xAi+v9B)$DGWD~Zlj`6)jZQ`m_tc6+ID!VMOi2(0LiMM z(iPAs!6^1nd6%xEaV&kjcYSMGPb(s^Fa1}Ns+2ZshPvT%OGYs&QE%L1WCIePw*<`l zZ>oo-ImiVklcz*IgprE)KCi;dOA=}R8C^b_B|lb<>}NfSqg*_3lw(9z6f&j|lQcG@ zTa?gP<3*KVN+yaim9dVW+I$ynemIJ$`{lb&jD>rthA7D<)Vue&gp8maFDwI0fw#bu>1muxA1Nza z)Z99!>&tyfXwGisvF%sX?R*fGl>E5naTyy|Pf=BF1`|`G8`HTWlTz~?B6UH!Rv?K6 zcmb~k%!BOeI3<~Z05uzw+}vk>Q&1J~p6sZkd)5*Xoits0?zQ&25C;h^Q62k zzTM9HQFD1o7A&B-O~@B9howh`FvCXanjT5^_%BCgtIq{W?*$q4Ro>l*b;jKW_ zLarWShZR-ed%#aWR7sa%x5=dtvo}K@<|p0;h+KNOz(nyTitVsEY%~?ZuIC6AY6TCh z%nb{(jti~B(U~4)*)1v~rQ>>;qb-O-!xvW=Qz{s?)Z3yD^?^8O_`w|_$_HVUbtC3S ziMIRh(ZjtvmTV>!Vk>%k z))^ttHlE+>2ov4Ib`zhgdcLO!XT%j&WWL-&ziL)_Qr^Cpg{h zElCTf8JKLdM5+R+3vE~#(z!74`eRyNVId}Tub^(@vKSU>*yH(t5(2f`&$6_vKvtwy z;A7d%_9Cy8qx!G}oNHBVj(WHl97@nCNDtNwB-`B5a=|D3@~VhWQ47;Lz7#b1)+vyk zEA0>vU_Dt$%eX6<1o_3xE6&d?ZFD_SMbbgiE$zg)o=1xx_$YiKt6Jtq&Ri{^em=@q z(a|s82hehsDeI1a{MJjJ2O zGweg_*Kf7f;)Znj7|hoQnaH~DtJ=V0=K3cbmRL%N-17HQ^}c#3@W)3BCzOOZzM=kOtWUR9To(Cj9?W>b9xWBLQ@K)? z5dKVVVU3h)%e`8&wiB+<3dJS9l(Dhcs`;O$ZbBuVAuXM0s*YARh$!3g*%$5D&XL&* zV6bcbO;I+~b3=;n&##CK`$IoIyxWgXd5^mrG>joJ_f$>sZVxzU`Q*ZIRc{n(=Z&in z6BGL04?ldyRD#0B^X-Q7EKha8KAP~5o{>I0R7V%qxece*(VHrtFa4U*+QkfvR~(Ez zyBx6_D6qj5!MH(@U9rLnTa#vGFH6dIr{J?=U;o(l3txZ1(0P+dFLCB`#hcB~o(9?_ z3f$?7`%F9OoDs2or{s>qno7CX1%~^XUb*#{a#`atB`sJztA(dPKX zD~`9frNBI@3BLGJDWRO1Xc4VL;yN=m620etesCbfT!~^g?BHAWVE-KGm(O!wUCh56 zywmr3eUdw-X-%`cZfT<5x5wA4+k&aHnBN%OcL@%o0%7)(=f-+&FG}{;4Oh11{b*14 z4n!D5HtVtbB`x^b4hgC}P3dage?d!D|0^x&Bh&L6-i=h8N4>-U$B0GDEzc;FojaJd zAMA2DviN1!Cg6P>>?zvKck3SC#{M~End|0zj@j)(Xog3#ZVn4_>Y@jay!D=GZ?FE8 zq&Km=magHMnkr&V$ByPqbYnt^q);ZFXd5mOBGaq-V$a26K^1%nk*9EJ#@I_Ayk8_a zB|Q7Mv+^TBnINSqQS;O0#}vt(q%(NFRG$Rt%VAYqO!T!qNSjyME@$JDW+6gz6rJHl z#J6r`@lYDucG|S&;oaG~tJ?+hnQ?9xhWc(FnTcenUK z`{sjM^H-+yB6!BBpf_3ay*|&htkz5(>u*!X%ZRx{fGB$YJNp(@!z6bT{alpU#k%Dr z)8g>HzC~8Qny6=-rTJ5hZ&{{3dBlh^by`+7ne?MY!`NMqsz8@jwZzny!^eMMNrAMg z194~GHTA7lPaiY8qmaeOI`z6W*-qhumyq&>G-X3&AyN#X!Ua>5_A!H}a9ygjy++)| z6E2JCeDyA!9~XHfd?hnl!T8=m)R-o045rMhDEaV&=4KJ`RmGNigZi=1&iZcZfg@?L zy)UBlAdtRCSze>f=KPQ0u91hMD@1)}m-YOM49GqODUFGhKJJB`=3vZm${YR-VI2!EaZ(z-~6BlbS8iK=ZyPKq0JZW z#WTy-CuiH4uOoL%@|Jn)LnX8)u{sf=`8L%M^^E%AXA_oFKzTO4 zLnJXvV$Y_)?m$CbtZ+2Bi}%#XR%wjWWM$wjjcrGZ3&oxd@RD7JD>kZ=hb^tG=x6JU znLV0BP3ERXd`F2y+tt&KXDRE?+1*;zhr??LyZC}vk93MwE$uL+$Eq6P1A;yAr>moE z%j$EYV)s5J9bsDWN9wEh6fnjnESob$x2My=J%^B*iHbRCu42hUt!;BG8O@Xd=7UtbHb<=H2wB@yN*vUT2w;*Py1$&}%~a*#RzQMTy|{UQSWxCR+_vk;{UpfZ1#=+BYF^MD zHN5+h)A?3Gf_HT$$65YyG1w^a`TqvcXQulPpzp!!a>J5_WNNU1uxu711F;}c-Waga zr-iKa3j&Kz6gKQX5`1NJ4VI+fNq%7$UZ2qUv!oTvj|##GOu+C-`u)xDncwmMD1F#j zt>B`+oDr%~J3Y}{Uj%v-Sz$w-)UVUzz2jVc>jC>3{ey(9QeE;oQJw!--FUQ``&4mi z&yl{s=B-TBnqW^=T@+rXTRCL5w0VSJUxq)Np`}{fF>DD>&}_q@?*>fQy^ zJ~0Mh2j(jRg(`EfokwM%{79C(7K&3l@@T`q3%fzqg*YFdmN)tZvb^VrRfS07b!8+N zWW19u6!=K3I5{zGIewpFP&XylDmK1TSQYidP5Ro>vc#9&@>?}?>tFk+2c~3OvU0dF zAB1hM&ohtOVzc|tKGR@j5vs}Qt{ADJErjMClmUXFM7mfS5wYm}RtiQeK;M3+YWl?c`%R<%Iurgt717PzD_B(Hwp{s(skJqbC9{cd*235$wraBzf~W^! z2j(hsnqEvN2r%I4`!$l^RqnNfj<9UMokdqweZkf2m8HYc=*!O<0KU|t^+GPhCSW3? zeXE&Mn6S$LK_k2@!OZlrx9$t`@Mxp*Fxx#}*gqkBoSAV4K^wnC`2eqt+s04k;lU;= z6H}F-Myun~nRl|DU$Nc9Ch9D;s@Tfl*0{;-$}Z#eYkkhgm*XF;!dfPimZEY~hDMC9 z%xG%XW8LWUCHXQD z$W;SAN{*pmTlV%*TKdodkoQV-VYCE(wfOuLhYV(tIK&WE$k;ZR_+E4^1FKnrndakW zopzG~?E|1_puT+1EHZH-g}R;tr`F-8K1D>@(BpzJ9dpAq<}v%VPJ;Afgs3slcjm>@ z!L;xEb@EqGgwHQYJ0<(1rP1@Wl9<>_i#sc9z1S|Qc-Q8bw?7AXV=jvra65D|I4*rZ z;yj_71mtedfGZU1ZD(6no_lzONLdv}HVL=OM>~4SUK&&p7-VD3XsDORp-x_UI{nYF?e!~WSA8@doHJf~Vck<(?d|_TOE(o% z-CekvHbW#+$@;^$f`WqC)N8vLj7BDL;GxW1Opp8I>}Bjm6AX<}Vtwt+HUY{e0#Iw- z4$lCRLZvCB&uxcY>~?eYz#$SqQJcKBS1?W~V%gsGHNJMi39s@_4x67H3nSG^1mb&v z-u8$ZUYJqz8Je8pPN%1!qlhpbo(A#vUv}-hv>vpC?_LOd=21)ARsOX7i1e}01*fd& z3&Xc9%}j3?kA*$a<<{cQ((i2k#NYkC7`k`Nv$_YoBH|hht>p5@1%(Bf*I%mmdYtXK zx6j4R1-mqS_E=G!2|wN=r?9-y*Mo9T7Qgxqh|k8K!jJY62rglKq7{3mx+oPu4JoSq zOmmfRoFusHmR}O{krX$6#C4FshI^jdvzd{R;(ROdey)GFlIa3^=i= zWVQFdymXf=EO4JJYIAR0p7DJ+f6~p}{k=`J0wB-Z`ol>uM!XBLzrSza*=210-j&v- zDRg1E!W@@@xl`2V_G`bSfwi@DKlMQq{bb=l0_5CNNgYJ-CD1Ux|Ah;V(I~tqeTJj~N*mRc=1{=VdE<%X+K!I&>_I z>lL{_U$M8g4jo)O6dbjuDJ!Q*R}D$~CH&}<*s)mWnpe);%lzZe<>g){u0|HflG7K{ zh6QnGoUa*x@^cDnC{P%Atk{4)l&?_n`_rc){%$2o?=Hi|zlsG^(+Y&>v(vx-Ei?1T zXaL+zl0YPUrRt_HP08MNGw=pqGr8Pys%X}pI*S9}5C~+Pcx-2+0 z-;h@drU`iG#u{;;`ylIh09bNX$Wp?Lp+SX5qLBy;2H`s{U3fF$``X@XR99^{Lo6tl z^PVxlaUI%y>yU+ieBs^ym51k4y*SB681*O7HQv!@tR;dH z4os4@If!bDy1zFPLZbQ<8m6ifaGie5NL|YS>(EpU?^bNxdKq}FPAjCfzg6o3ib)gb z!w><5G)G5A;t1I_Xk@@8*El_ry?uu{%*sh+7~6!y;l?zNm;*QogTV|;8p?k87Y!Qm zkz)dwE2hNY)0J<(NdkN+IUzE7%o=Lu3KC`Cjp;*&rJFvCH%AYC*kq%NYSrfy{IkWy zO{)XENxp}r<-~vp$ryUuXF4b(qq?iL4e%!!t&&oOXvwAH@K%L3{~tep+Fts5%r6Ua z$9yy%IRL6iW5ut{&CFcIzlvkMDTTg2M79TyoBH`B;Wt-KOGyhQpYpY^Fno|EI6Gk| zJ20qljRM_u4vSsE-o#&8%{nE1k>81ii5UD{xh#5*%}*MJum?{=YO^3Y^u6 z_FYbGR1RqEpGK%v#G{h&FC+ZXNC8 zy`;7YfeA~Wkqoh%C&gNSUEMKz-F2li+`_Mz2AQpqxObAv~P@m$Ny!4d(U_&|G)b3#G_XgYHQ z$X>O>sl#hgpom zii-XbO&d>%=-2MQ9rE$>)5F}g4saZjFyGbM>b{tD!P3UYeX27Jo0GFk&3E=j{F@Ko zz51$mso88LGW<6!D2t1_TxQF*O8eTCV}VP8b{>5>U05tO5vUAbb-r4fnhJ=UR46Nf z++3n4zw{G$HH$FSgMg%=_vEE|%6@gyc+LyW4g#Nm#)7Ra?1;we;i2w3 z69NLtj^us7;UDl?M)YagM+Z+)?6BwTDSyo;fG;f5A=$WjPfAC&ep)!|N$EKoh6Yt7 z5YCL326AgyeypGBEqr1iB^)G>E=I+EA*-ntoj11<5ERgnE>u)}SGpO*BKP>cD0zF) z3e3b(mP4-If-)7L`G6neTM9r;h0V62>V34!m+Iom zsQ+}fY4T;|oSUgfF&kdPWx_?-`Ql6XZxIkkAoTa+XIw2NCqR1u2$uj!03=8VY-vP| zan&!0AUfa#cyhG@=&}_egWGSI6mF|T*J<#M?5_k<5@lm?ms-%e55P8cwZv^A z@3*N1CcHQ-D=8^COH`U~xflZobIPk)qpX6Qrjdd50=#$l5&d;KZbF4TJLp}6#}C_W z3>uHs{dJP>X2LV~UyiNH%DKiTChB$&?0E$v+KXX<&kWznD}m4`lX|0m><0RFMP;S+ zwZ_ZrnZB)iOiu;|;C=qn4TfpzgaddcG0(8#73fCNnaW$iT7u~ltQP+`!{hK5;8Ck8 zArK&eO}gr4@Y3+@Z;h=|l4F`YkFQQE2|0D9VKS=oGWOUgDgoxZ|B~+D4aB*~; z(RYL7e9OtI`qB!4pn*~_5|BG0)R`6@7HKrqefwzQrNLZ45PXR% zotO?J*@p5^(fqhn)3T!vMKid<$ekKfRmCfjIi*t>Lt(9?+1LdYR=oY zR#6@8Bs<=+6u~lJ+IMwP;ID{HdBnnJA7`oQ+N>Z!Sr$4{togpY`HTPKyG+daaMAt{~t z>3+b_E>03$`O_!j2pm)di>!!qW& zOEy|d9u&v8jmtzT;i`*3u{aGCoqp-Jxg9mftnF{aUna0Ya8^2xoUd6prqN3~Mkrx2 znfRsdfawpi8vK0t>1XxJSEQuq6x_$wx=vKVGw@+``TBE3$o3_Kjx{i$S;g=v$#*qpUBS zn6*?EeLP`*{jSsJH6G=8^j5REJ!>$%ykdx57hk2IvitNVl3IhwUh37ifS8Zc6*NbcR0e{{@{< z{@>6UuKz8au?)%ZzuUNE>UV=qB95d9$(cRYzml-UY!uZUUN3}a{*v_MKwC2_%JWFT zQpYf!KE)5TihqGKa9;m}GqV3nIHN`3e+_4ZU;4iT&e;5qaE8O9^pmdpuk6|X=WrK? z-;O0(jB^*P0`e8rXp+BZExEY7djMmuS zcPT+20U$2PBQezvp-h%TH(h4S5K-tstZiJAKvA-7Q?m9OjFV15ZXS~MEUV*7GE8?z z2sR}uydA$vYBNGu_-jfc-}2SGPphA-}EQ ztB0}m>k;_%#dCnK?jl272-|sf6#}{2C{_Id#g5_*3hi#P_@6}#e`Gm+ad8)=dK?k7 zmOZ7g_5Jc)_K5#kh!3SaC=5)hU(91dKzMn#atKQV5PbrsvQl>wK#<)23CRLUMid;z z_)?l_iUL#Z$_cgJBR>}&*K9F4W5zMGUBz`$4NKqWId{`;$daqRMr~7A;!Qtk z_EGG3RqR6mU~Vz%Z*Pt^Vgch=)z#hY=_VpzV-)9E>(Csd+ZacWjqwm;W0}GuAMRg$ z!J*B#ieCjqPi^<%^+03m+kU_Oj+W?D>Uv$LpASEY9b0I&-*A9oXk+Hxb`LgZ42Eq8 zQ)<+;=JUT6#S&`enAJ1ndfskVT#{W# zb*1?6o%=OIwotQ3NsDkbDa(s7xsW6{Qf#&a(T#iV2tj{#rZ`vY=$ozEiZuF-1UU6) zv`BFJBr-NHLb?}_#g2Ac)9ceNULE%1X_|-vKg#*b%}IJ-2j1dh;!zo!WBdE!23(bN z>fgfIE&)nIFzcR`9^c*-$ebt&p-omaqFB-kMj^?IVzCu27F&5Ci)+&^-lm&bOv}UC zWt!a^{gN?V^KYHfW*F(%$cYKZx731{FY;|958Y@n96<-Xpeu~zMdlX;c)hva+!Chg zuC+S4b<^pPi@d<#`;Klua(GL{X9v+PIOi26;yHmR670L!~Ew=e4;h_ zR9>i*Gz`16qv@!vH$7PuW}ueg-O41{i>CG=M)trY%n$3%KYDek{`u4yTUcJ?{Tdla z`6}&eK*`>#p*ClEjs<{Vq5m?fPAU+h+DzZv+e;X9NqrlDUu*KElr8L}Y&IQGyM^io z&Jf+Is_QJi!#vt|aWy#kt)E&>VG2xiUE7Sg1e{H@Vl;3xxa@Qu^|pLKt73{e0=mo( zy1S&hHg-(y4_c^pD&l;v%S!+mfSmFLlk&Mw2veRLpOAlmK0`FvGbc8HQ$Zv@%-8IX*V((!lEs- zc7aHqPrbW_(db~__P%ViEqC&#z`&tRyE1~%6kD6!nPg7Uq3B<+A_&%P+SIwc!=gRi zJX61`glwA6)C>L+f zc?R5j#-aHWN=xAH$4wAn031n-Efb-WMO_fZq;yEbPx-theVOw2;4F< zIo!O!tb3AEbVvWHylCdS z9U>#Py0;bPHH?8*AU8Lj00bu+mzGpPPkFe-Mxc{KY`3yo5Vm5t&YyS3NG+kjUO~~2 zthD{{Yp&cVqH%m^r01xgKyhttFOY)(0NoC0gD7nAq^%d{J_kI1i3dQ%0tgJ{Ezm=U z#dgZ1sC7-Yr+8Y)Ku^T{7T8heo`$X-7j$2b9DIwqL(rXyPjptqO~)r zuR4@c!7HK>vcj@??KJ#YRduq~`UMr_1S{n-lw(-Lm@cBUb8k6en zKh+kmpZVV9QmW}2*YXT!TGI$W`!l#Fnf92`QU%xBKH0}E`sHU zI&xO*KLsO{9h%ywFEJ+<@XQxKlzm$`$;uF!U+s+h?M>y*EnF|ezD$CNgh6F@9!0pz zz;KH5iY|+Wg$*TXO{ppZhBR!Bt36*?%M#Tuo%XOmzUcW0LSvv(oJ84y zupeuZ_VUebJsz$aH?+NGN4hhOCZEAkNc%;GV;8o+Pb+_}& z6b|`W#f*C1tSH_diiV%RaQ5cn`R7m%lk#taIaYT%cHDCr53R7Rkm20-y%eLkwQNjf z3=6iv3nlmkx>=Sw8;Jd*QVP3N-Q_BR1H168p}W88CU3VLWq-pM3e2|aI%>drAMfs) zV^1UJg^u?6^X}ur>THMWF+BO2W;~Bg_jyU?Uu(;VNi?9Sw~+L<|D zc#?aGi3!iGPd#x?M$Dk(ED<%o$y7_@abiDla7^cA#=PAmXmTT|MT^c4CfZYO?2+DK z+Z3)Hu6cJX0_*VRTTV=UrTr&$cuhx2<#kGLTw3gt2Yi9-Wk_sqz_qEEV6>xi8t3_{ z_9TjATmNRAGP)uDwx1sY2As>5)SmCa!Woqwc>m*6T7{|=+Z^p1%B=5{81>9A#!n`T zgJSMU>9|Qhf`yfJ&;#o@(ys+EdbETygU;5NV!Jd=lmd3MrKp9`#sS;f;QxWhTYEfYr)6VKZuw4x zkNK^Rds3hb)<`nAFKmBBXLxqMz2p0sr>_t1LNF=Nqa9LIpX%w!dG9Vwim>_&pJAqB zw|Ud3r+A8er%IZKSCH1u?5*W4j+m#JZmb>YJNwKK_B3M$-g4rsXtj!v@irJLyHz`E z|BFOpm6=9A{}@HMA6)G}vlt3ov|*b+F%iF*M*${73{QsNe=r&9FP(C<`xJ?WRerrD zd+w{Vb=?};ll-^MkeEFjnCs8=J2b{LGh>P?5qv8Zzkj%cmADjIa_N31$@HBaIKD~1#MsTCkIGzk9JKFvAK-j> z38VZd-+5Sci#(2>x*?t3IhyIXW^&2)Y+j@*iWWx~lGkrcSe>0Z({UEce#yz&sWCc2J;&H9f~v|} zbI_31(>~^qdiZ4jm(3d|%pr3>txm2=1WTxKYvJ8oq3E)=;D96WIelHpHwaoytqrz; ztrV<4C%;0jJ8;rDa%#upL$^SY*==rhCw+FV0_izh(bVJ(q`}Jo;{9RIxCQi@xLl)B zU=xvQ-3g^nPk-bZ>txjS7FB&y*4Vn~`SJw!Y%=@tFSOBR@d*h!!>;o79ko+#+qwVI z@I|p#8ukYjUsgt*l)3H9ke2pkL|-*1T0{B_P#8{foh5KJE{FDTZx0-gOYdaGNk@#=H{|v9^mw2dub9Ai;C=cGepJb2u=1~=pZCmy56PY4=&YCM_*>>Cy za%iSwr=mpusboIpaOYp6N00KQtHvO7b*c!f#rTQ>uuO>HZ09)zatY8C{$L^jxGGwU zVD6j3U~U~z`&YdV%~6pe zE&hK42tboM-g*MC=B1K~N)vKXN=6df3Y=S{q$>?&H~Ik;Aiy=g`0I!i6oc_t$0sHX zGW<4b5k7ujk-Q3yy|;omPFtOEZQMVTdm>#uNnREH<0HpB(?Zr~Rw>;8;BWv|k{C2@ z6HgrJImwz4#Y298=5gQE1{jwH1(c`|-?oSOH`4>&Vic8bySV{-vcFEta|{ZA9GyoS zg2yaW)ztPHRlLd=JFMn&C!Im5Nx8oF&M#a_)Dn#!=IZFcAc9>4S`)dgcmFsdMY$pc z4Tuz(^C!xG8q+_&6U|nzk^9 zIk}B2EfI%?_*pIJ^Go*DI&T@&8d5aq2Tm0cSvbg(6l=Hb7SzsT*w)rGL&x0V8rM1d zAICA(THRm1eaNnESz&}Uf*#>9&1wt6Ey~Q1W^~Bb$Q5xYzhF`mm1o~|uE|20ny^T{ z81%0X^W3RD1I85*Gyu78)eVD7xbszKMhAn(bhx@o0D8%KD0d5V;5!0sgnU%Gy3+$i zWixPe&)?HJ|M?7gP6-3RrvRYcQ15G*K*VZ7meDn-B6!~)WZ=pc5D+k=QZH3(<6c=@ z*C>;s)m038lxcD6)?fl~9t4b%|GvMkhlgifl4~&+x~e883BGBNsWRjWH0qDo6=nLY zb4=LsdElgxoD7wck}cmW*hv`~_9UmMfyK2C{554voHY2_?|@E=P$2V)_heu1(22ht zalko_!4D8cBkK3#+XQ8Pub;shQi=WIaBCNuyJ|EJ4f>zqsrb@#A%?sTbfzk zL!+gAM}U8iR9Qg;1c?6-MfG%SyAQ>V>JB{HDxa}ggJ7qT8x{X@16kmSI(!CCbT)f` z7g;TgjxNg>deDUfg2!!Vj1utM0dJ`5qsjgYz`8EJBUz0)DP48O74y$A#q;<>6Hv=@ z_yq(&oAKURoUr9>_%OelCmb_2c8?BP>?RXmN}KiHvVfVJmy2jtP=$m#p^eqvtpmS@ z{ma)h$=jXX&aW+PQ@iAg*VvlhqSyt^=m2Y)iq2>mps`0bPxlOw@9BK~ioHMMRRg92 zcP3*Vlj315!1pJ}^v1t#W1?ih+*m`v&sKH4mc~j zr1Z*n-0pGB%$L#CQNk)@vXUDhSeg!lQE?7beg{8ovcbfcR!UOwteDIJ@Wch~PgsZs z_LdU~mZrcB|9KCQ>`Hjc2}Iw}fAGhW!xQVXgka4LV^Le2X-{lQDbBP|_`|vsU}J-k zSU819p@xo!Es^y4UhwlT+`aqiEY-)TPtYsQvi`M=v2-r+EXC{jVw7O9LEW907fuvk z894s)#0^-|)fb_$^!%8T!bH8c1kXV)cw^5^$D&td@lh+VsyV-5gw^tKgV^RY&9&Ag z6MYY@n0@s5JnPX`sdB4Fn z`zN3^P5iuS!Vs+6Mcz8}Y_AWCuj7?(mL;SbSU5Q>|HL_FwLWfjxxI@G(?V`=*l;F| zfF1q1AGo)a5%x5gEV}KZb#u5A8`R1w7vKh8ls$t-?EF`#jBLS>2VB<&iRhE1eNM*Y zHsQ4LB>8j@8BteSa{#hjqn7rEb;9G5xGN~C-h4S=sCWBLBv|R92qL?FyH98(5WBnY zXnosfWipPO4=NenDrIN7B+A;KWb%cMm)LsOAUS)}W15h&B`3>+=BjH{?tE9dspLNF zL>k;LWx2fTeQ%C8t!^v=IM?`uECK37pExkU&tg0R8SsD#hpkd3qjw&zj&93puf^Cd z_pscTex{7>-ycQn>8Zp(lCXAUmGrHlDMtF%ntjGZwyVqg z#Asy~(m9t#fRGb^%Pbouo%$tP;sC)=)lZ9qX%3?QO0a05uZ^yJez6~4U$U-GN=*tp z{`iSm>e|nwlh_@*4}3v(bC-{yODIn8kx++XCPOQ1hU;53BTe$bb?ql$sz?*9Ez(h5?Z8jBB24es+uFGZA^b4@6-V#v3yR z3}NJ4&3vYE(29G|B1(NwBD|@&Pf_MweJtQ?n1wxYpwU|vOCc3Uy>NN=kO~aEH!GD= zw~HB33C4|zCG#PyAY=}6KI2h((8^$5?F}!a4RlL%b6T&*YyHS5)M@9m=4MKIbZcl% z&!Y2CM~Z#;VT9%qEIoXx+uX7-Hy_Cv#rEj+sYzERE1<^0CDw0FEkQiAdLD|ZRCj#7 zJ360bn7L2^M-DbpV{Q6e*g`PG`yo6(u#nmF^9K%){&-*?AlL2r zo?enxYR7V-=bR(=toPC+L@`W};Zj?;SO4?hU(qT*e%%3Az_c%;JvWj48n;8+LC>INSqpGWS?N@ZS9Vu#@r}yx zzWJs-50?pe{4VB|^Q6+^&DWMw1)aSMbIg~tAQZ$NQMFZPpYD(RPSSSFc0^A8f2`g8 zF`gdpF?^DY;46N)T^sVQ+a3|N?VVg+=Htz$p?fnuhJPXKr_hV>#l{U9RtLX5`^bB9 zW>>z)hLrYUv!_p?_P>hf9;qKxJ7LVE>0-7Aj64n9UUjneK6F@V-N}}4Pg}g56K1_5c#K(P|(=AUw#+zjQgikA{ zVxMFq@4%2(8yZWGvh9&G^qXA`KYsy2)p)J@gioZ<&hl?DO}@y{Wbo&Nx%VpX?C&A6 zgRW6a$oI&pwtPkgBkO%3Z7(%Mh6*%ZVkM^1=%;W!Cx4l`cY8g#PT=i0jG{d}y0Z7e zDdA3I%8jL#%E-X4ujbWuzGkXMeS|f#*}U1MH<%GLL9LbRh~o9NkhbO{(2W__g#D=o zJ~!vd7%7^{u|G#fsv1~Ki}w5iG+p76O7+q!C`2u7fTZ00C=Yk7Ia<^}|9`&qOF!8M zi-T9WT;`V}t>Zq{k#JHAU%GUl&2mq6I>fAeh&^AA~0Hx z;O>?*TtC*|6SsBuAnX(GPA757>S0c_gvfdSlwd}-M^50=r}zKUy-*B`7f!B^UF*RG zy%Ytp$~@$RejgQVBGG#-Br^yY-}IQr(CcxUP{Cn2D}~9HQ@Kwgp-$2@|J?b6V)}1) zKAAU1vb0lIDi1sKYf;TptHolTaL(0>O+ZC8UavRI1Nn5rHBb$n9#&iHY!@fNQZE%j zb`{l6-zIQ6u~BgpJ9_@O>dlCULdN4$84fp|biBgGJ-sgJ7TEE;)n(xSVeZW1p=|>{?pLf#a8teq{uquZ4AF?Y;4et@v)hRGwHvqUiNiH!a+Z!lAcMsj*eElf zlkEDNYuTjUP4Oh&xto~6*s-xx@%{zRz96M(C0@H`XC%BEi&;O^$YBuc(R#uHDLO_% z7EKjystk5xz_0a@a;XbcY#crb`k$O{-tI{^__l@r{W5TqS#o50p98Rq#0lc^&5nP= z+N*ewCo*y(!GS|ds=D@Il+LJ5iDnzSg3x*!03 z)aH?^B3gm5u(I<+Mh#j}>Jl-cT% z^xJLo^7D>Zp|kMjY*tBl66>FJf@m^Jtc-!KLB4d*41@wAs4vV#wUpOL1u~DOO0%9Pu*%JEX z7&FzPXU&Y^)Q6`JfX0A=74J#b!|gxaFk-pG8rp-t+?6$@eqW)}9xkHGZ?k?8%mzLE ze|N{|K44rE0b8AZoh5xv>ctk?87YuSa=8Xk*3(}rIAI-q zB=tN4Apf|oxT%+GRao&TNJBkZp*4NWz`0MOKT)TDQrK^P;-yE%Z4q5fSYE6dEbZj$ zV)jsD>#o`jB6lut=Dqk+u2a*dqk8tL#d-xXeCizpM}z3}^&u4l1~NwP+wi@&oQxJw zYgQg@(rZ)4Cw83b?N(M54uJt2IvTLROB*i=dgl^RFX$5~N_i#5-ab1k9ic+6o~hJ$ zM5iRd+HNIX8sIeD1f32k)+9TU^`Ox#0s2Bput0g}{4J7ujE;_O&aJfG^8@)jX z_e}xSI)I;#B_gs-bM*PB0N6-p^ntFy!PD$Vt|hoe4%~Y^2Xbzb4-+; z(6ZC}Z(Q_YG~d-OFBku#68G&GI)5wPc?8`I^q`TEmHsjhATw&16Fy)G%>cC7dCjOT z%V|k4?U&t0aAdx;9rSznBdr14bUAZ{39v%^`0^D5(i_Q1z0anixqARToNF(^`ODp} zo&%$JjSEn}E7lnRV5SyIxf}+k7ackETk-m?EFfNswZ)ac2mIq=Re*8)t*Pj+b%{W{ z6(At?yJ4**epP+RjL!d%ILDL|#77>r)wTihf-zuAFAs3cvf0tA+Esz=6@zvO(SRyF zUi2HG{KA+KF$K`QtGveiHuY?QCoTd+-zuB-MPS3%W(1H#0St4A>nLmOe!BOc0FCWo zyK#C+>f?-t&78Ug%k3xR^{O7(3?F*04Fs|Fp61oce@lieFaiyESOBmt zseI|ymvDZ6s-x^kH8$`maHBqIIIF$vYg!yu?wlz%^CIr?2vBQOFncxTVr#Zk1)xLT z`JE2Qkss*D(rMTjHABCgq5|=(uuth!j52hE>bZ-gMc+d*=EMBPa(nphtS2V6MQz!h+{a3V!2vu?XIfDv#{13)`+6 zpI!pAS?Wh5e&l6f+WmOLeWApxlNIO&()66{WNQ|?GDh?@X=R+opX z7(lBN*=z-@2f7G^+$5(F_ng>$jEDQm>8I$U(fi(AY(ABz1%vO}{fB^x!OJ1@ZBfyCSI1f5fg zxsC75k}}<;jN%Jc!_SDFq_Df_70ho_eR&`)qSh?F32>7>wy(K@(p#9KlfC~~QK%zF zjgydH!u38qIe1Alh-AsC^mvasc4@Q?6nt@_;;lw zX?%A?>eL432T9}E9>msMw!S$NUqs_b^%j&%b>=Dp6X$kJvdL&usH{_ZSOjnGku}v{ z)BazANS4>q*<45vJ@ySENzC^c%8}BD!+KvFa)Hv*1MZBXcOaUwfaGTZ@Vk<6twz%V zfHYlNz=X5g!P|{XF=S9PgCda^#YIYMfYChSY1<1&y3een)T@?d$%%<`hsC z_QmoU^k-Fj)<7>EHH1gaoENw-R&mFamjM*rvzq6gvklaeuCLqj-AO?ney^h9od@w0 zH^9X}p|~wk!Qv`lA7(-eVYT<7i2SQ@?6%?SZg5lq*4mD^mP1OS=7e%r6W7xq0wKz?i}0;rGM z3lZ!lxSW%S)^yo@J<}e=SM@>!Qg1x@4eOCWn858cjb`0PtVf`W=y_wB)G}J(QYW!U zadQKS=jScy)7ts zsD}zoDPFYb$t3}`-|O8y)2VpH1=vO3hczi%IT)rS^wmy@9+b4r>DJcPD+mn+YPAaW z^DpKPE+5ltI31zhsNOFjb~klmQicuAw!H$$uAbumIiJ`mtYco`^$_{9}DGkf8?PQ{iaH+f^I^d_?@OIq(JU6k=v|q zj70G99>+WZ?+4nOFmaFq#}64N`*FID%KVZ~6_i>JcF-{DIkm&A=B@b_pLcL0!4Pk! zdq{Uq>x8?Cj5SR+$G1-=hB(=zT!{o!ruOkXhM5}v!}Jbe0B?#|rKq?ZU9!!uSp2cV zaV9lWLESjVy#$BYA!0w@5g3eRB}I;S<0P^3d4)q@VjozJDEg2m2(jIY2)*Lsx-@K2 zSc82{99ppFVu8xgKB*zVwfPU>vGsGXTkQc|0=b@>oL3VbOh=!0h6K{cgq zNdjPJ)r_kHnnHV1kN2CIH`*%?A?5a+WxqFDSXobY50JLPvVb-=`H{*axy_>M?8OlSL4YTbs64&v1fk>{fkkq)yXrQC-ctD?(*3v&L@jcq|?ORpw)2d>}ZwS?0s`m z!$}Q^EB~G}Xo>p+y@0QIm?zwUdxA|6$byFe zs#rm;KqQD|I=;~Yg@4)E>2F^rGHNw z&3jm7{b$nXD}l2yi`q!i?L5aC5>Wgcdoux)Iw7fs^G6h#U}dNE#jiTr0<=9bZ<1N3 zo|&0K|DVaC3Q%Qq$9KkKz};UNkEZZF#-nkF)mX)+&ceZhkYd#bQ3cRU;C(wJ1HfeXao{#~?vjd77KFhq8H>U6{ z&G6PfJ%mpUar7z8P__H|*I?elw`*$-ghtU?XLCY#mZUeuJ+MVtvIS@(|H#Uk6b%Odp6P`EQ=XM zslKV^iBE*No7!BJe3@l06fsieX~>q$++lfMN9ZnyEw}IKWE5mjw{?Yi1lWlTOZ3p+ z>BDp@d;Y514xxuQD2oG|IWH)SZaP9~C|=RMSG#|AAlgO5QuPMv1{)yUj>v$$xRf?k zcf3H((~%Mf@$uV{(N^9Y@B8;7)^9AY<;^XYdb6&rrMfF84zD-3Y)F=nQcW}n*HI$( zY&~IF;Q+h)g9XsJ6yg`(+;0H1wqLxj(<5UAAnT*XEqWfN*$aoIE9aSFp3zfi_kn{< zNBPD)tUPm^117iAyG-BQE@g9m<9_n#CM|C8B)WJNf6WW813PE2KznKA(gy|8dd zumhjy5z*0^6St>6L}YQ1p?VqF&sa#$4$MWYXvdb$sfz~k+06}TCS+9#Y!gjeV}?M9 zTZ++-$6C|yY7-0Ma{I3LAq)coL*}&$mo+$f;&@@z>_`KYJPO&##u)EpkZW~Yv8wh6 z4gp4b{8YA;QATdyaj}LuqPisIt3$hEFEcZf>-6}}w)74Nz)(Dc5o&hXR(2@At##{< z7~Ze+2A9+|hr&chfoiTqVcsiMB)lnhJVaoKW!W7h6p_=DIRtE!rnTXKNwECjLjath z3BY`IkUJR2V3PFOa}Be~J3yYksHocoQGx1sBWW@+GLtskY3yY6}flvtvc;+1<7^iTzq=kv8e~1tUwO zr!YAQDz)5gmljOlYnKKf-hb9Etw+=24|-W;y&kn|2ac79$iBo~cdziv>e)m@xwPJ` zcszU5m^w`!JtfTn9zn$!>I7*@IeVbLP$IV5Nbh2oi@MH=(Hm006Dhtd&e7Slsm~&y zHH>OSk3&uyHn3j?RB7oYjDfjxUG{2XaUJL|xSqzDi3#6P*jW=uwfAQBG)T7D9x#ch z$wNH!WS51Qd$C76TaG}ws3t(IB^8=p_@!}nzM01fDPDJ3YP$}LOtZ9HuwG4->vk1b zU!Un*U}=iLS+^G2q(6&!!apIK>>+ShzuQIq%Y}R#@ed%#yzqXayM@jFQMRs^ zn;~PrdaQ|;r>W{rr1fgU4&m9ZQvu)94B3<>JtZz@?UWPirMI7!m6mENC2yKc!1(JlXC8|A=_(PjJxE&%ygwL^vXt#s4!-gO>L%J8_;dWY% z(D!i0i2+h|2X{f|Dbeq`hin;j8rO zz3rnb8VB)QjNHa5S_qhFclDZbY=|vM3iq|7rY?%qC8T>$()0{Tvv_ODYr?+}+NFR- zO1>-T414Gee)rgT`PvwE-6oGLpCNeh2MSv9GHv2K1k*`%0fl)@)dV6lDXHV*~K^1o!mRS(R91MGSNGYBw zN~*kVcfTm|MpoJ0Z{dfZYUoOvo4b1ev#zBA+oDdFya~;a=lCq;C{V2hM(d{b?>Lbj z&ZU2eiA*&tICT)%Br#JWpZ)qZH1fckj_XR+D&wDTz!hr6wVc7)JG`gQNo09Gh}ONx zU_fwkDplaqf8J7zcztud%VFBeX8eA4<(}!Q^QEp-LcK!kTFT=}d6m(6)#v{Un!0EVRGsc~ z)MoSKx!qxNVdfWUxSB0YLjN=J`M1kiD7}(y7wr8QQ(Lp$!VCAr*?K-6c?!6nfBo|9 zUX0|>%YQd^&~x&obh%lQcZUz59D;guH;MJPdOR5;bMSO~g5x=ol(o;;45W^g6cuQ* zG+d#nt`0aAy9Wm?fISa;PbcDcrk-z|o%TMN1SOUNet2yiozuV5qm$1bTA=xe4lsm7^6?K^$pXz{*2n?_?57J6vPoDh z*6jxm3wWmY1NMrMd_F4xVFp${`T$Tj%Doq@z(90r?*L_CkneHYK7CDnbrQW+aEGsOP0co~@rwgp1giwC* zX%X9Db1P(i7=euO&UY!FHqo|rX|x7~T}HDJ+g+||ids5fP>0Apu?j2f1iZZ-gsR8e zk4bp*p%;GVr7lr9OvVHKG`DO&&x-=q-Kk!WhkD^EwW}YT6^~-6ToUSkW9tQ$ge7p- z0-L3t>7jtMIJoPcppN>Dpq?USG3Cz1Ue3l5zEXYCCvxf>n1!~#@Eg=fyq}N-t*dJT zJ5aAz_RTD^!4_tGb{xe5Ej&ZD2Iu!XbC!E*yGDEz*D5vSVc=l{yb~Ao1}oH^MdWD; z_2hG@vfl)lzC~bqnwAl0%|b&PpvB@iu9;6Sfs6|JmMQ|bzMum5!}m_>UGx75i!N(& zyo5!hu!zV-;E91A%*3)o={>2K>+S5Y%z6Df;B?w5T@6Y2-U=O>76^kgkq3$ zXPq+*!#w-e8mJ*pn`(u>VOd<%R8uoSY^Tu3jii9Lpy0Bhp&@|08Ag7Zhr#d|@pnB> zhZ29^^926Oo+oto1%+{`Wsz4~Rr>XG=IZaeXJ7zK$nz@(rnmS~8gg;w?c|oL#9;B1 zhMp6quY0St{k0eX6N-P7*PkCuc-0QRjK(gZkcCEz=23f9H~*$!{{6ak*ZhA^66c%| z9B@7btV`9mz|z}5g$IHO^vzf+kX0B_y*0fwI^|NSn)5qj?a;5rTH${**2Zh6lB5zd z?Z>t;7w7PWKEfWwZmZ)TT?j*E-Iv2?W7vST(hfZHXq3f<0a57gI)2F&fi%{SCvCwx8ysiF4*q{K z)-K3)i`-}N$gY)I>WQ5<>+88!=K-}qE2P?J>8Khvg|mbZ0Di(@C3ExE-lz(yN2J|N zlZ9OS9c8`FEC;zE~ASI7PCzNTk$

4nAD7R;XzmIHi>0)3xC?}zlwf!UU&4NHyeMv z)ZjdSD4*GtCjSDKg!$YRUGKrqrrs@8NWJFbFQ(Vs`PZ(TOsrCeJFLozu^?W@wt(St zLek6q#dIEk=t$95j(2_4<7}s+#pBk8{`YP7l zKs+h<>l!1zzfoi4`xKk@i_dl^lKl>l7LaD9u*8&BBz|q{9}nSDNhX73dd^M7dg?{0 zc76H3BW}+FzN`5?aoa@Whq&$kGjTgIzFKdc3TalYdRk3qee!ZpcodEIfX_<(PTcF` zC+-tZ!QGN=GGpRuF)&0#<)OS6TMT%VlE~o7c;l#hATYz^94t_E3RgY33n|7tD^~O9l7;H98rJqpR3yot^ba?JqI9Wqf2}kUp_p#$f$83 zmurJY5W@8BL+Q(Xwd6-5PZv_jUYz9I&>Ar&EU*I#o&e$ei^()clA0+1P zD}gYV(2F!@-I6s?Do?J&^477Z8;i4+vejJTeV@tc-zV86OHV;rt^W+v&aEmZ>Rcl+ zR~RXX2MRQ}R8mcPaDg#8Q{4KGD5R>rEKaK@(!Z^kiqW${GFPPIZfg&u7%_59;yRi_$ zL&W*LFNE94$;p*c_p;a`UXT}$ZI^}#C3&?DbaxL{{hb~m^}_kT3$wWlzHtfl&6({% z%sD_M@KiiWw#hRSuw{aqz6P~bI6ayk{?eM}fZy&+Ebr(D&v!;W?s4EUD!@1!dlx!u zjRz%#l!o)f*Cq&J&DnTP-*l2pvbMi9LnYA3bI7>W+BnZ9SIg<1%ij{20R;TsH0D*8 z)780Oi8S*9KQrO-bGhZ+ki9LchIyFSDw5zMBkI{>XnN)N>%!OU{b44MTT=1*6LXDl za{8fg{H*8NBis$7ShO{t%(gu4Mxbe07Aq3s?CsQJDB9K+>VD-@&e=3Ps!|BaHHvHMKTh?bm>+!^*2WLJJWctrf`iZ5Z5L9;_ehnY=~~Lb0hJyLA{53 zW}b{rY4xBi2ojT1a_g@pDrSNfXFVSg<)$=$D7h_eujs~v5*s_^>Xa!&WQOihp3KRg z6Q=!ll-&6S>uRZ83$E4ef7ODUTlFT~rq4Z>@Bs~mTjvlb2$*_Lq)}*{a8>q9e@!}C7{A{!8BCq#`H&;9u#BpmwRPa_Y z4D^nM7{&YYlb+4W`#|!5wI|o5jdtbJmVD8OWtiy2@}fIfWT~pd%@vPSQm~(35T|aL zLG|$bwO$YIx7j9+gP$|pvlM~42?`&K&{Fl*dg^j6ZC{OfcdFFS_0za6j``TT0cw)@ znp_gcvl}iZh&qwDgmiMdwxlt=2znsp0*2V`<|F!XAboYHBX%a+KlIY*(MDL5BPl$zKBFCS&PX;=9h=;dG9FQ$Jmc0=iWY#$TFc9A=WY0zmfePvO);@c zJ)a_eeP91$nUm`mnbY!=7;1wuf2+M*eX884`w+U4)@}Rp5EISdT zDX{DWUIbft1GQPy#OkR9X~rr&Cv|Nqu^vIQ6)vWV^A381|J(gG^qYqlydic7KldRQ zpanVzp1~=}zP~-!lh`+k=TcPK)zH_#+~-t8v*3xMdIv zFZ%9oDtphrtV{I#Jg+aE75Enf7h&()n4*G1#q5S*2l(>(`&vu-RgWkSo@~4N}R|=o@)DaDpB>0WcKyuH8nr z)T}5*sSxCO#yvfQe&UtfxsQtI-}P^fEwC4d6(*IFi;v1dc3X5Jle<>^qSmD2p)?CL7tQ1#}x-qJQ8b;c6)}Y6f;J9Rj<=Dps za_H1gyt%*A71bI3Qdj(^{WE`GSnS>1@Iq8#=Vr|#bl)9^nnHx1PNz(@A%_|=Qk@~Y zEyal!%Dlt_BVwjx#+<^EujCSQKyKcN^7YUIKc%Z|ah-TOKCB|Gh z8(MVl2#w{q&&6o&#%-M!)@kqv(EyR)Pi z=HET9(OofZ2p4cCKFYezO7^$E;eXA-`nO)d-}cXP_yV2)UTm)#=%YbwxR2vS9|kgx z)VkgZpkt|dc7G@*&S%mPRqY-k`EIEWD6>vAv7KlPgS)g3y`%9h0!-3-zs}{cx#Co$nrJc1_1e9mO1dkTqV*4YM=rd!iYJs-z{kup zZ47Sfw8&2h>f@@GDtYmt?9EqlJ8wLV^#_8wch88EK3tjkMkaqY6RqD=61)14I8W?p z`2yJADgxX`=GUMR z_x$oP^ObMga(pCyAGha+{q4AYMuGzC*17`TJN)#&Wq+-dijR&9NZx2jsZ^XS$ z>{wDNdE6zXhYbhbrr>ZI(sPyT_XYM}R>{4}2I%!JU*11?M}vR*ee|ZZCtkgdubRsU z^Co#fx|KhdS!tpob}&udxOltT=GwK}AitX;W1DMM2y9+WU9z%(ZLr^FiJ8Hvu=2;G z?a@`CaN9OZQlyo5*4#3&E6`@4-^M=4>2>T$ndnb1HgZ7TEvyDR<{JhREMg89DMxQ_ z(isf7og3LG$j^R@ATA(+D(l^Wh?3v)U4#9y-NUrs=I7T{{911WPNhxt)gD1&+C^P) zOT1a{Uyz%i%IzWup=W6BZ}mX0KDrBVP`ad6vjocQHY%2DBY-l7lEvno)rWQug75^l z*Ny(`$f)$6^0=Ehp_q{*rM~J~!pJfvt{)N7=)E*(mNs$Yf4M9DKwqFCI2iu2gE?@1 zVM59~XGvXhkuG2Bo5?jdDdH#Td0~l&XS?D`v(-r!=AlslVZS74XZf>|bY32SKOj`Y z<~UY5zuc6JG$6&#YmVf*2d;xiaJ8+DJ-c;SL8lMC$1JUZu6vDRf$(^6qgm6{*jg+~ zjNi#%PF>3%IS=%0E~t&xj4H)Y2%wrBU&g*%8O|t%hH$pbZT3~GlK>mjmV0?jMi*es z%Fc$;_f^a=F^x;j()_E^9?Fm zo4(u-&`r-cOqPJNqejxQ*9=?Q+3ZBhel;xRHLm9~Kpz!)gJuTtu=%9kKTxoNRP>F! zIYW=FsnM8+bV8e(#GN8sPVe&egsb((;Hg#hIe<0%j97L|mw_hrxvqaVyxSopGJT^; zJYczcy(3#L3bdUCk|pRwCr=RcTdRR-TX)aof5X2ze@){T|LTPH0&GH5ht1r_vZiqc z*LJmY0}Ik?Tw5z{v+I+qSLcTwPM_ph?w6>?oVNQH46H6g?&*k`S4I4LMdeBtR~}0D zv6z}pc^A;!`lGyu-;?(wmj1cC_ph5*jV8Ybc7SZOWxwP*eo8X#cZG=gWBacet0?Rv z{AwOW8h9Ec`Fa+deR0T`{?%vd`y-oLz89UoZgyv5{8b#pSL18ySJew`)p=jc!0vGQ zF4QfkI7npK2m%*>sV7O+>$eMH{n&sd$3jgGEW%GoiRXyvo$xMRRv?16)-68w$d&Q7 zt+i!nq(Lb{Zh;p5-8O0i{?#_BqSDz~Om6LQUwdS~vbt*WdoXp{E~c7b7{rrxFX1a6 z2%q;bl=KNMMHxLiut7{Q)zmrqBUs=0SHb$9D|>%*k9rX*{=6VuU0wDM!Fm>!gc`y< z=ODwZ6E0S65O9jnsT@O9;&@YHc87*E+HTA3R*19#tT;tnt7)SEsC4srs=7-{U$mY% zvAg9XRDh(b508d-P|a`nLZhR1YJiGGi(40(J6|TWo-R zEnnraW^tIn*s|N_Cw}FWvd^5ZYJjFItb67}ok~O(H8}RCY~|`a7`cY!oGfV;HDt{0 zU`Kf>@O;W9!gdR};geA> zQ<=9bS^~-MQhu3pJ~yaKb0kM@pPhv)(8!JJVqgo#hT&&CbFaou3U;9dk2)2q_cjY;)#0`7TfxC!|H$9 z$*t9Md#F@b6Qr%`t3iZnPmi1|D2K=Dn%(XIQ3Cu{S%PX)9H-!OY5OF;RX*nLvHJ1X z*rY?R4yASNYW@~8FG+7q8fpLSSbgO^)z44=^GCO(Hkrv`iMH!x6@Mb*1yNYy ziMxRoSBi0ry2qvyoIK1&Mg-~Pao!R8b+9Igtg<`LmR-Q@ZJEmJdmxs)pvBTJvbC#D zC1R+&1Gg&r?|`a!-Fn#mAm#lL{LHEPFx`KFr}-@053Vc92Pt?|uF>E3tgLZ8BJqsI zR<8m&uy_me@VqRr3HC3LpPxh0j{g<-*+j2t^ShP@L+(8LxskBz<%KmDl#VmbVsG~s8N06G zWl^J1k{{4^cFWIW6k()nJ&7@OQ|%*Sxq%o}|zL zNrkp=0{Fkkj@clKnu(om#CC|eKDyD6!JJtdJ7BUrFED6$q??TiJSFV~sfGhEW-czW z+%L1uSF`Yv%Adm%uCLz%s?V+d+LS1pblF}GrCL}0b`*!h^1jNlDR*CwG1v3>tahdA z>rK1AvLsH5N8J7|wNv+E}BjNwt7f1@tI(74N zB2|02A!Rl9jRMXjjOq=M(}#PjG5Bw)oi2qn5z4clMTBt(T&c)bTki=tP%|9n7Vx|L zGUa&wm^&07`lKsZBvxfnhBreVLpFa{0dY~0{+gpMdPzv#jlkUk906v^N7f^ie5@XV z-14n!?RMThyV*TSdY+1Y1rQv+n$h`ZRnfYl-ZVc%I~K%`uIR|AYq68q9;ZUPks&<= z?y(8b&R0+>y1RA-tzxjT$hmWFK1oDbYAdr3OkrFzMPXw`5qc3tTiLt?)33O~WOups zTA~GjE|G1%x<4g7>n#P9_ZpONiwd{Rz9pCr2dR2d=i^RMoIkyVsCCmFx^7VQ9V6ZdZa_D?AHuZBFgu;04x{{3Y6-jV;AuK2fQxxJ(P8f$-l zVC6q6CH$6x;E)*c8maLtUqmCM@$rj~@@;$P<+Dk_fQcBKWP^fZu&!g9fE}p2^c;np zmp0?%Cs81}>pz^{XLk{))|!L)1V57kY{!hOC-?tg zd*GKH^r-iHJB_}G{nF2U_sa#Gmuax!c@nVezd~Mstr&4lBxW6aE|YAt@RVGlGe4==;}lyZq%{KamJk==hYzwymxQ4 zLl`zZeQY{6Iw6KpntC>6+oFxUM+HClwjat|ooLFkn$J{7X^heHky1if>^qb7>X{wDhVb0KmR4Xt13X!aN+V6xPll@O(nfK0P*RCJ7=XDd@Gy8LsR|z%G25W8^lGsh9`GF!6!Nyb$L;fabRl~HYnfCHgOAJNTCG92+1IL%r;VcAO zpx`erSnQEGPef4l22hun16J5Rmf+RW{INF?4Dox^~rD zi}}Iy9E-kjSFxqIcOv7bA8b{c(kTf@owo}{FQG|G~kFA)d{1n7cE=$S_nK8{~rVC^lUR9=PY!rxw=vsYvBII=pK4`UtF-#rGv^q~XFL9P zmm{Q~*S#BhUIrz9e#(senJpMWyOJYj!n*ul^m z&4XkUR_v5o$k#7%gO&9w=~1!1$@(Y(osl9nx^0aV>6<1iQz_`)4RHqWKYb;a^o|9- z!i{<^HREn(k0#w$o7)Z0j&>BwyM1+}>tfj$dAjC&qO}3rP+cD&`Fg+eG16$=N2W)^ zPoZTwtr#uV_|1m3jDaQdj_nA@_Qa)D=t8cP&$-OlbxpRC77Hl4r}v5=_zcPc#f#t- zf?J_Zy_FH{woMP+6RvnQTgswE_zd3ExEXWlxY#U=zK z^in?{A^#k(wqgH!9viObqOa z!lnB8g=Zpcaxka&O~;sPc$)bmp(Jv-FGo65_z-{N}g2wzGho5Gq4zIUj067 zjO&Zo+RBAT?niWU97vYXIu^mik-G63sEi!cZotq1%}MdDErm z%i-RkAEq*egu!$trLH|RkGe^ll0pn-Xr3zK1G{PE9{cnhp;{$Qe(sU$&{syO?V!`h z52{y>7Ns@1=R4j+q=!1H4F)#_aVESvNcBqRXl3=I)}h!{2Vp7T&q|K}K$vcwYO7Q@ zgl-(l7xru|12TnAqlirN*{s)BVJ>S=dt@fVSNrT5LiGl7tK{~l3mCp;*_66kf>&Ct z=KPeFej*;XtaYicGyuz~p4lYTP^)gJ*3EPGO#Hyo@tgNoYwT(40D6CgT$J6?PPX^A@-2F4C0pu&zn`)-V71dfBy_vSuDiX78SjVNpiQ#8` z=eN)HGr*A13snmRRr5XZLyZ8@w$B^s;I6A5d*U!%o${1heu)DF;3+kZ>+(LWzf}uz z85A~fTtvL4dY(ad*Ebr zozF|xQY)lS47yt>Y-GV+>UE3bh0b6?O&j<;LcnTHfz{9lvUS~X`q0!>l`3{rdoiie zhju!)Wm^g^rhD`Gse%V6CcL*%_sP!T)w?4qcdnoFQ4<+3db%CYintDiMadnPCwi-3 z2=}-2=sHi?hY4-y_ePiXYv&El_$if1Tp&A|_{(@ZMIo%f;;zn57W{#@$vgq2xCZqX zS2aQ?B}utU82U9HMS)<1939GGX5IrlM~%~rcnn`OhU{>i%@LYz7j;-T3eAl@I@LPr zu9_!msIG9+aL`YV?n{h65}G^1`>|+ts0?+9LYf+umO{+6mPe%U%iofzJJJ17=GBNr zdyviZ*byj2^D@Xy`cPHF*0CaKC?E9FZPR_XbX1s|L@8U8!YDB6!4~$?vMGk{d-gaGgI*J@eBojx_4ZRCvrXK=lM>4VRtX@eY5*GyY_@s14cicVRoVyr!SL;jyrxz?bc zz%8BvvWd(8|_z1>sf~)`s6@B>@oFHzJ(hMo`!C?VKD7m~xyQ^a=H<=o0cB zZi2DFo6%ii`1(|hIxNLgvO_`5-8K#)PbTk9-MFk+i(Xi(ZCQ@+#KJ1kpXnETm|GTu z7B)zPB@lozwYY2-k9=@_eCr&xTs;omRIBhs5f~~2?bGi+q;hr`AGq+$EwRwn{=CoC zmIbkbr!6sqJbE@EUhFQ^fh}pLz5}>R)CNw*z~5e3DZ!a8c`XIAs3DHYnx&@~~@3g4%>zVQ~n7?D{X zFFpfpSzzz)%jpSaLb<=Q-H{p2v#(_qZ|rN5!d_ikXi0v4zl~vCl!H<<&8X!5nJli0 z!B%{ganBb@ixpQhV=QjBF}FU;j0v;h+pn4GEByJw+x#;$Py$O6udZ3PAvoKanSs-u zbwY~wDdR1jiQ1y=VqH2R`8s>k#Tj#I?hdfddkIcUgYOp;A7CPNSSf_SRS>e~(?ao< zcC>S!f<5c_s6|kVr=(Ds{$x9p&+cOli@V{ZHx!K^;TJNlFIQeYq#uo<-7;%q>*PMM zaeT|pow}3vWmC+S_hitCw!U7BX3es__4sBCg6-1l@d}~D85y-sQRoc9tAMXC!Hs04 zWYQ^jF7axMMT*zGf~kt+`rN`5JH`G2I8DJKK1tqgW-Y zGC5Tjvwe>IXzCp9X{~1$C*^pWriba`S1$8Q;7=lO{oYT2i^tRZ?2YQ#u+_tcTu1e+ z=v(Dr6Xp-9ay|r2Plv>|Q#-S(TNqHQqK&N|RtFO_`7BSy7@Uz6Jxy(6 z^=5|a#<1D4_d>tu+gj|zhhzt^jPp4cx}nC}k66+EuP*uv-5+kZY5Am1o9id728~q= zZhK(1Y%Ppr&CMY^oyJ=hmtJIBm!(|VKnFyz-O$`-bR@5(1wm;0);Si>a*8@BG?IA{RBzFJm)(I;W%`-ZD}>T!-TgfF9|e0 z5L?FzMN7M{MOQ0#&x1k(uY3_I7(4ta$m?3=qhR!odj=ktTk$?|-aBGDyNFEul;nxy zOi0Ym z{J9Y}y(*#P#A1z?#Z>_<{8xb)%bVwmAwEkJmD!`q6zr6hJcJ7oCQSYb)InA?DalW+ zNvpns&mghe4W&wgU^=Q!i;x5MXC}O2{q0xFi<1T5SN+5v=#A5&=$oo_E2LF@PXKc? z>pKlTvdYL;(y#I1&a!nYW&n$5W8*4lhN-8!X-8}(A%2E0!ak0nK~QREdtLe^E7SbR zRQ3m?!>l=9rKQ5}$QW?R?lY$guO%*B=QGS4QUghkd@WXGb{!0F%_!^Fze*E}^jaRR znV;ca#s$Eo!&MKIwk?V9A3NWbb>%U8xCz~~#x%hcK~#Ok&}2LCwrQ>C($mD;qpw?U zEjw%-jtoYJZ4%83%0jixbY#3-`Vs9SD3PrZ=mHHeG@b!-UQK(_g~MM$z}w@Owm!Wf zVTGVGja#9bRXpoEo02)(1)r>tI%bQ#DKdm=<)Yd?EwH3=0jhuA?AfOX2KCtU)Im03 z-h72K15Jm`ExC+Bi)@Hy1$ZJf2}L6v9G*6oi=KPExnC`3D16^Ah00T`)f#t9J!ldib+?d)G9Ux6+EM zQ*NpVMz;{Yq~HSNCndmi12G1-h1-f)A8Lh0*MW^*Zlj|^i~ zkF(D8HKkBV1ihY7H9tX-a^mgriK*?EtTWd;JmXHakfRQt8uBV>e>B&h%07Oru|~^~ zS@jjLtbYDrzAgFHK#cUxROehXXHr|)Et%a<1ie-Quha#FaO<^EuH~kZPO@4G^h03kB!)^@}Px)W#P&J}s%1zO$scjcUOLU5Iq6S`n6pKiX zI-D5Ca$-Y$kX+vDb=8uUU?Gz2HJ-&{Ni?%8_^fY^TGsU0C-=9PWQ}AF@V9rYn)7#t zRTo~_i7%B9OW5OSd?8Buof+3v>K)4&3{qpyr3D{UTT@75uDQa?GwiQ#sR)F zo^3@H0bX}3b$1Vb(!W7<-Oa_aweG{kf+_Qi^OjHfmtZWwFOj6qVl8Odo4rv8A@Y_V z?z_J@RCWjOmRZe@c=p?#p!gPl4tX{ka8}neC^q4o;S2ez%k9GZ0N>=L#N4NROMqQr zqk$GgXTn!L7QmbdgAe60#^2lF7&w*>o3UlmpoUg#eFg`i7Drt1$RgvHCO zkOhoZ+IJ(iroSx@!a;N$dGy3gM4E_Z?r-O0_deY)KKQ_SSm|e_j|2JV zB{Ms@>%P-7Z{!s(!cjh{*IzP5Y*eHu7bZ$(GSu(>5Ug=%AzzPbS4V`kFP5VXsf3rh z71)$z0*@&JQ^fWsr-15`yYaS_7J_B=d03qcM$0#Qi-z4FHhQ^+&@$u;c#W+)#Fh?- z29lVsgID=V+OEi1_UN9pPGSDeUQN~rCJPZp>X&@{-C0OJxc6bQdn_``vp-JGfAwY~ z!N-lK%`#E8RWQbQ$oO@J1|0dN@ac=4H5&{(k?(!Zy373-Yd5IB=~%mGtM|tLv72v%4V5X+4G5%f zOu*&?Y7BrA=KC=mxp&@#hibq|%=vFVdyJ?JS=5~09TnQv-v)g4&4?+rA={A$=^e31 zP|iZ}$6ek2t@gLGpz?J8q4d&+@ek7PIbA63l>c};OoXM>w9@z!q(^2aL49Ydxf7yw zH{m)Q{r}o~&!{HXwp-MWYat*@1O)+w7ZD*KN|9~>Q4tVW0tQGB79~{aHN>)1AQVx0 zivl4c(xgd^C{05VLa#~-p#=yK2qf8eK-c^2ea<`f*yEf%#{RMM!yhp`d2&B@xvn|q zH7{4nmhh6F(d~+wrHa*#-cG-0^`gXq^Q;f6OWt)@WdYk_$+oNS9AM$A?c|LppL(Ao zn`+8yRnQZgYR~YB1eG_{ZWNT;mJHDb_0_pzd0nv-bSnFpaeaH7FLAndC}T^jT93i( zSg0w(l(KoEeQp=F;G%eqsR{0u0gEgrjqV~(=$6*wKoC{mi6JDJJIn9KE{uI_mc?q?*Hi;Cy+OQh5%)`?>*yXWd zu-a5xWCuo&|IW_Rf?AV(rRIx0tj@{X`;3PCSK-w4yk3U5;i&(2k}*sF0G5Oi zPJjHD&BiIe(RjM6`l~Ph{r5(PNI`mEAIqUGWi632X-#~#Qmb>Zol4FE;>9^K!BMZ! zxBDfomYhEf*&PevjwQ<*X5A?(yR88WH$7@8V#Y2cH3i`vV1SoM`>@08Ww4slm8 ze7E^x_GuT7ZtvlusAHH}Jyzf%FZPt+S}-))7zKZGD|&vuYN}GD#<<06xnBU6p8GDo7CF7NI(mHeOmDBb zz;Ss)7hM;_Np-8ryuR<63ck1WVzXDkcA zeDxTftznm59gOv#jqIiR@4Is=T|p}EgK>M8YeO7y+KiPz{A}S~n{F|3Y%xhrsqz+f zIk?H^j!5PV^-e$w;fH6sr>ISZxvniq5Nr=_J8R%u#DcKNK;_xzHUn868zxd5f63g5 zD7js=ChS>< z>?s}PBXXe6XXV1O7Ri*8p1+ZEy7vx$yzXnCeUD1q@qa=c7+lm6#|G=Ib(&}0+FDhJ zhVW8r8da5v9PdW3D8gx^-!uYgUx*n&=rboom-?;-)K1%H^qxghmm#HNUu!xizKBju z+E(Gc>VG3AND8M{1vj89 zo2(}pjVQiHy7z*re1&H$%BPFIzO6X=_j^;O{bT%d3+~V>QzOV;$Fe)2@s4g*cAP>* z`bG~l#)?kmAfFxIKSYqjUlG)Fx$c(s%0>7TN5tGl>yVvx%aIJ}u!F{-OV^{x^6(Z> z!ku!rZ?WYg{tyoCzspAh#WggxI)?0YN)itb7brM1#07!=omJf&<*C6v4TvYQ!=41r zA9DCjJEjnD0w4avBVFv6Sedx?x6f6S>LjI+YCEgHVhN3s@#yi6A$ixF<-R6K=nK&M z>{*D|!N2ZN>*{H)B`b+#e_E<_JZkK~r6yGMyivTLxiUkLo9HnY zJ1kZonDHd+piAhk#DkhrI^VAE3#eambxG=99U>Yk1i7}g27wgiRq}T9^5B}bE&u3{ zcjJBR+HlXUG!EfdEqTiv{oyO41MiOIbg(x%0lMz%MfRHQnZ+YAA-vkZFksmOQgxN@oFUx&p`PE_F1uVY5-NtT5oqeAj%@YEQv979c8h}fbj9d!w=Qh79%dj_IGsJLUa4t zZMo@A+<{USw{z~S7KML*dN3>W`_m7mJ-gqv+LG+WA}b}S@x!Rw|6L;Jao zrD3a83ij))S`=B4rhZ|t?ld?FBzD5U$n_yXsa2;}b&tuSsMyn*DBa|9%WLYEu95jt zT?zwe%d_qF52yUMlSkI9K5F`+E7J=8fOL9ru~i?aY3inHfeH9@}Cg= z$zVTjlykbDvrz^9$0zuf0!LBo;O(;I!<(>d%qD5JbK0n2Vk5UfCHxb!Zxl5| z_jgOmTvnf_)rewq<*LpIFwM}m0+;z{TFSLwE`>v*5PJ2@hLFa<4Cfbp%=M_{p=(e` zp5~t-xgXrd5*t0jd^A~ei@`EBX>z?*7wiZUkq}~RA`Dr3WuM{SQ~9lp3r9hu@;}7H zH(jp@TrH-&lk3gH*~%N+ZG;3(;Ky|>(^#fK$l#kzBjyocV0Yz(?*xN_^7n4ae|vE7 zy`#)Gu?URic8k-zsO|rJV2W@nap`aii#4T~2D!!|d@ur|2IS0R>1;J-71HxK`bx&P058;T|8=*w?6dhpxHMxfZ=hzSDs*|A@X&r`E zVVVCa7ipzw@k ze_UJIvad|V#Ebvo;xF};Z@iQ=G$2d-|P}!~}Z=ZY?!= znTg9)FJ7Uyy35`wANI8vuvz@hmVJ2ly?!<+dpSyFDpA3vK2#mj!%G+fUS~P1r$SRc zafpsb4N_Wa5|JlV&RYfc+mV|yqi#8*d)PDcOM9Tw98N>t)K>BaNjIBSwa!|8|6_BM z6%x4C@8EF5In3NahC1=maLPvuV6S8#o6z6OaY$zBI{EJ-2G>~|?WpCIb)kpil@dR5 z^#?r#+16-C`Ox{**lvq}xhZw5|wn}uVIE6LeH#O9cGoZE0Ewr;P( zKE*@FJ_Nv6&reP`;FVdk;XGV7p`wgcxS%}qA>R%e%#B9!yI)UGMN|k27Tu~D-aJB%R5Mr}% zZSwnL9s}?Ve)RQm1UZ^TYw`xxo}inn)36QK&xP`F%NI1P#9Fx30JtNkXC?lPRG-bq z2fGnZ4AMG5Z|AhfQct;pWH{7aYWwX~uAhQtg?>cSMuZX!)EFz?Q^y^$*gaLrq2kfE z{6>5nlGW`zVeNf>P1zQ1wJPP$jmSk!Pq7jSE-5{u){oU|m#ztsRAHH z7BCs--6F4x8{L{xCJ&Bko-BV}H1jq$yB##~L|6~gZPmbhUiKcy!A&BoHy7eLynp`O zUFiJeM-X<)fC;xtwQHpXQ?eJ@)M!Is)#18|%?e5Y?t`sGZuUgVVH%^5k{l*oXDg2! zzcAI>RRG7A3@%h*0qcY#r3)ohEjord)`>yihvpj`I3)PI98$R+`tf-@)U~@d=jtbA6m# z5z{`|Bjwu{@(cj>&%E0;Anx*F(8ADonI4$){18|3=8@AAvYJjyoh+CEShF`ZOkpa1 z$N$Laj&kg>SZp8D>{~3chj5pjsro%&{l_yR(4f6# zQh|0yqkLWv&B- ztf%A>qJds+fu?xk>&_a#(U$`yh?h$Je-RZxlM02unxETzeW%IvhbC(xp)-~=D_nY@ zlj_9ttM=Zm%YB6<%U_3y^w|PT)lo!#P;_Z8OgatO)4xFl6vladj1r_~tCLVccz%q< zq~S3kn^mJ&pI)nSSq9dd04dLsWKy+YiiS@SYMXNpE%{NKR&>Hw&$1lbNhE5 zQ*gZP*8c-Gad*2>F;L^fXOe&Y2 z&Jxuq)h{){&Vp+XnYy4e^KPMrQacpb_`9_C&CgG{2zgct6K!CNW@}q28p6O1Bke;O z(ZG%RkgUkVv_>pw@`Ak=%}qe)_d8}rdL~FL^@F?bOm@yoGEm)^Q21;5TUWv80W#PD z3{qSx5hBqm2d6(Qe&U>6n`}H0?D@T%=hkdqc}U>*ha8>2$BbAKttH#D9bK{?;kBRO zqTA83e&4|%r^a=U@y>@FB8jj-GS=p6^^wa036`EW-1Ntl1(>JP{Fng^d_Sk>t5Spq zfuFMq0M{z>covh~EFRUIXEnt7$e_x6vmsge-cTO8e^qtT0hi@2x;PIOGDBsRGOASr zSY&c`iu>8AUr07I)0FtWAx2j?i7g8wXGUw@EFTVZrjvh@oRHO;dXiULc!#@Wx+7DU zJ!6v3+uaNV^{2#wHdX0iu$MJh{=B72&RsK=yg&EuU5N=$ePywq|Fw(y`2XPemwl7} zDL}vc6FyEU`O+wa1sJ?6q-yTH&W`affE{Mfd5qO>Pvv{j8n7&d{DwMyEfr=HxjkV^ zu|~=1&zN7s{7rRbW>^jBg?G;)8n6OlIzRCHiT?qC9xVAaNYKpCFh_*DC|KBU8qOm* zvPG)4&gZ?Sz&p>5e)yNq=-S_1`6kgeXMcYFV}^4+hlNb>jC~IEqdQjFT@6wbNM@3| z@e2tf$d%46skb98$B+S;qQ9VsK}>dsnP`kAbFoHD5i3Qhj%^$Y zzByAnY>56f#~$bqExF333p)qMk69YA+4_va>q&^t+0Vp3^zv>;K!ST<4)fkC(IJU| z=UigX@_D3sWK(CS}{hM*RXc+ce4|B{2xF( zRp(T-zmfIrwG0&xa}-U7)f%(;6u$qE6+ zP`@-E<3Wjm9tbrrb)?*VbY*=!nzZ`s{_`yKY{WlVy7r6hfyB?Noh-d;^QDVqVV30v zzbKZsj3F@Vn$w$(*DJ6>Y6s4?!LddONNMC^=eL!G z&k0#(toMe=>z`^GQX@A(gyVTh`yzPGUb%eO5TO+UN>^P)j1~DY;#*sWEZo+vf{=w619?p9kV-f06Wa_pVf~RXS7e z!%)NiB!e_6+t--=x|Aqg$1hx2kP=AQ*j%9>9W^v*V#?w4Q_jo#Ni27)D=+&)n3OTJ z*X$oZ7C&>h=0X1kRVz3Qb7K8OC@;#4Tyqn7uD(qTrGjg6`2JwGO5UkqGniD(>Y7D^ z`M8*)c%{IvS^7qysg7T7buJ;0g7gsd*|>~Ywvgk?@oE}nEk!HX&BS&E#f=1PH3+a$ z9-lj_)p124Yw(=f)WyCGS}*H441EbL-_9>p?EZ0T?=p_> zGQX9o-j$6THRMNKEtEIvEldN=zX&#DR0SP~XBNdNN|TNA*3IYNK!gM1Hv>(JTh zLk1pzb600ysEXS^MI6>1V*g7d;I}brbl4HeY*q^YOQ?K05?4 zewaPvJLpP&ewF)%q1LK*pift>&RNKha^Izr59u_WQw5=<2kyb+LgXA=`c2!WD2TCz zXaJiQy)>)bTg7`^-SNJls<&exb0dZMz(i*4J~UtO5^l=ZIf9ia0WAPktc%Zoni_k?lvwzcxfwoay1GBN!Y7)P6o)$ ztw0I_0vWfn#?XB5?PQ$fmV(CC;^zv}doCoPxKE1Gq)*#K1!TT}pY*^hxgt3t%ZC|uwc5HDB^*blm*`CfI(p;iei?YRXvl`T<75zKiXC;G@` z4tAKKiTuF{Z$@DKk24|}YtoJUvPUEhZjsWx+*D_t=}xwfGMVKzUx&IqlI%>PMKorX z<0a6s@nM(HoG5C_N}hWNFxuVk+`!S-?G23OgCrbVz^& zB9fuy!pg(mwjx>}V_uYZh-}eFym`hFtE}<>d-pZJ zJ$1LR!NMJ%rdr~jur`XqTlU>`E$uedL$R7hiN)=jDV!RZ5IWhLj=+%+MvoB_%`xO~ z>HJ%4NWs%JN678NsopDcO)Lflg=3=$?V@tR?ElLafcc+7o5;*TsXrpgNbsy);mlYClpcA>C_Iqia$@rj z6hZJE*JOWOfcI7nC|vRkoLCh?27XTEMn68YPlnnwTY%Su02EAxC$z^W<2a*PQXC%< zd|?^;rbvVan~?Nqw**xt4aqYi0|RCHx}sj*>HM@IHWrpDLUVYR`EF8#_JjACXbet= zi?W_?ZYXnvy0ye&nq#z@f+vwdECvk+lvMZQ)!j#tG<_b8mD>zP(1Hp{VcpU!d@E~c zl;fFtB6IPX)2X-64JtJluz!Ra=1JenovZuX7^O4Yt@iY5;%H2aCeBez!H zYWh`XGB7@?DG$FO65kn<)cVLtEmE()^du!7S)K*JuqWasVGc2MnKJ}0p zPr_EPY~$J=kkU}F%DGNGuK}>OQcVHy;oYGlFgYt%E7^vy8!_5&>F!dAcJ1?OFTncF z4`4rYYq-Q$=OkCN&&&t=@1^gzsHQDck=szCfZuZ*Kj3^Z?}JUb!oo1EvmM2xu8fbP zQb#b0Ap;@L=84>DEiO>d;d^sJz%E*gi75fW=A-~~>B>@D)k2GY-a^@++eSmLlq4p# z$I>g(yRJa48S_Tid%{TfsPn@o#7znwehAwIoY!s6!0JO{oqv~on=v*2#%Oz~c9Jw{ z8>wYW*HW@T`3mmT)u&29cwh36%65`yhTpOig!@I5jrgW?Rp=#biLrpJ>1}}ov+Jc{ zHgauPQlGvEDnexXX)He)ITF&@Im>tBr4iNaLo%1i_-OC?w6~ z<{LN{6dS14%EHfb?oTFmx<;95@nfkYKrH3G)=$cM=+kunv!Qz;r&l_P`NX^Vl-6~C zQ`!u8wQG3Y^N?De8)dAOt3)pVi=_eEXpLog^_gaI6QIZ>9!-G9v}sYQORfwrJ!-ha zrw;RIIJ&_cMd0Lclwg_~B2uxZ`N>d>7F&9j1FEpdFZ5(@;4e~JRz^Pfp(RXaO#KWE zlGUY1ij+v91kR!Hik$If0=5?x1Yt}_HsRom88bwf#6Xrt?R#C>MNWcD@hw?CjrkIy zCsW<=`>T?sg(}kbC4%$;{uRRB8F-5UOsugpJQ^|r#%}n}+&%#x zPc@uq6s3d-V+M<(j@r#GqYq}FuXKFt^TjMt zFL>4pZp=ynJjb~R_-9Zif+f?1#6MD2J2JgyujDP2m*r5;m!}utm*Wbuto(*c7cR2o z7_SymwJ+TRNeI8QBg}-P5n_@|*YFrgS;JIP*2+2~0@ zEPk&e0|N!PKC6jdxDen1P@#Z}kDSW^G`{k2FHaU2{L>oLmSRLxn(x=$C%F)FsZCxc z>Spl}Gi_(Nju}0@<{NrRt?yMymYC<5t zqbuYYc0j-@%Ny(uSkQp++%W4Sa-*S(ofjw;XME|u@$xh_AAq%awd)O*pPko3C5aV4 z%&P^Y%LYjLyBA8M!NoTEAAyjN%&s7iy%Zt%z{tzD`P-?DCk&kOz`4;)r0M)i=H?j6 zWKd!dO!L|cYiZs$tZEN4ESu=@FsGc7x%YZFR?P~2>ks@p3FgcjGq2WGP&hQ!KLRbsvpuTJ!P9Ll)80M5cUgv_cQQiq}D#-EyH z@)}c*8+7{L>j!^@_Itp&j-UV6>TLPt0q266 zA8qtwdL#5vTc1T|smUKW)O;;ZYY7N@f4f}K@W|gSa6D4}LN=t>1tz=D1dQ+0wY)Sy zk`(|gudJ5;{V@2nl2y=fX+Rn--PcLhT&7{A8SehBisW9s^wgUQqM!WVdn`~4o2a{S zrR@YpB$QkZ%mM^~wV5Wj(esL>()EVi5EFvl-unlF45i@@UXE6hi zk*;b zp!uOaFdL0-n~?4Jbr5*Z5(MsW z*hUCxF^@bk(MOP#n4w+XoRC}fDS-hU!o~6-PrVTPnL)o&OGjo4P}2vzMOxCfs6RMF z`E4&yliySbw+`_D1?KSk_KDz9WAzIS#U@g}bDPbT8PAm7q$q$whLtPBe$UR-M_j2l z#?xGwW3!-NDJawO|a#x+;(7N8PL9-lKrdmwxOr?5;R>-Fa z{^QW)7SjVm*LoEhn>0OuU<;GOD%E8>;i8N{*lBI_vyMjw>cxs#@m?c`f6kn*VCEb& z3ZgDlQEsNVy}vOtoNE@7+{rGh1u(lBwrZhTx_2P>K7iG4x@H^}hmGjyXTB-@GvomG zi8rRa=n}ANL*~oDqWK`Rb*^!+VM?oV->ZDn`sh22c0}a}MG${zO)RW>qb*0boi)6i0y}#7&Kg8Rk zt}K1s3>ihPNlmS1y+Ohj-20OaOY9Fn`S7^xSgdoj7Ja%+OBJ9wbi!ls`&7nNQ*y1oTU|gU{gI*pHNxe4C&D6J#P(%6_@i4 zgxKmqG$=-e8dZ2nuDhviL02=d;h9mYXCnnyo!s(XSC}%KzDV!Pg2sxWQ+{^T$DjaR zz)Q2YShrmr6}s?Q%w0$;#J*S1E9IXEkHg|`Kt^jR>ki`D-|BpgNN_W{;M6(6YhMTu`y*-Z7G^JqHi_3;x0xQ%~#0*eFT?!bvR_ZRC% z+sBtgeA9e-ZU|W3zo$w|eL|9O8EQfT9Ul!ATt@$7s-gjXKMn9pD2lNPC_=3`cuV^i zhU$;UVHMxrdnL#sKm=|GNN0E@pyY@NWlUrG{jp~iH)MG>CwcvGOy3 zj%XOIDw!!Q34>rx)1@!7;_e0;U<^*pz%v}nsw*C)Ibej6MgmClCHGidUasvIpBkOn zjYhxWwVH}vBIAENC8vyT*~=D2xalx`K==sal9<|!Jolc-l<27|A2obgHy2)z0g7iR zz#@;?=ts_WAu1}XZJ=y|6F7Ri&MYS{G{k0W(B`~UC_{E6D^C$0Ky>3qj^-_Ik;0n1 z?#;r27LscHzFpoJiQZ%q;7m{XCP^Ri5HpCW8EsL$n$H zn_Ts}4K!%Jl$hj@9z)UsT_C-34?#ewQJ(mrV+tpG%c7H4jWUt+5<~^(gQqfI@uhLe zs&Zbl8>;y=c);DrJ_zv}3Mww~?|dGgPCEzY**y(@GC{{!x zFk87P;>&Qe0ye%nL!#Zq?xX8*7aPl@~F$KK5aymGq<`isfw zNm9wQ{prekP7%N6UhO`MdO|s%#>8lQt+pvJAb&`yEutuQ?jB|O27*a|mMRSs^mIt` z@y)-%$4JMl<`#Fx!~4$b`=ds>Qy*2#1CITR++%5-y2cpY6X~1LOeT#7v=T3eh3pP$ zrtzd>4H^3(mA|QuHH&-hx*80^pNNFTjyzp&i9eobeijjqCr(X-L_))j&K=J)NcHZ# z0g(B=vjTtA`-ub%6_FX0K9<2tlAIFaES0&!&z)9&qj78l1WqY7*wR((P_QzUs7!Q6 zZ4R!K;~5a2`2j@+9<*ibTnL&=Pl0Qdx?S92xTD(ZY}DooZRzx0S{rh({LfV-T@!K~ zn10M>qpVZC>mX;nn6ro|0?G&9%IC z(Q&WE%cF#cT)d%2cU!Y6r{JprEkWarIL;8{WkA(OcfQuTs35%j_$q+%lih!ticfLR zBdBGQ_AIj*p&HuA2b-Hj=3_YYAbDQ&`s%wpL%1SXznrwiGo@ z0Xz$!&Vi(PKVZOd^q~ZRo!l9<>6YbfOa`4)&H7SVeF1thkg?j^nZ{!JrL*1v&NlMc z(q98WBSPH*XMV3|xdDVXAdqk6S}mP;#GpBVR5z-2kpcMC_RS?AYf0gJAPxEVM5Nbv zP_V1L7Ft#yQ6;MZcCl)JZn76&^ty+t`D;G@Ha=RQHZ@Na@oAU#*vbe>aKHqdW^9oh z_`DSI-_k^N@vDk$Ac^0K4F&UGWh-;MKZQwV z-7&o@QR+IVq@Q|GUSsj&-U_{#=>fJ34&dGYu90~lC}Xts3kQF-|Nrj_j#ocxdGw({ zX+G#v+uzOx3LGZ9+WD_?UPC`-SCMSL{taqh(*K{|#;*(S+Qq3&;wm!`u3V97oDsP_ z!;H)BWjHsNd^tk=LpUDNXfJ!gmEP5r-TETn!$7^+GaL;bn00K2p-R+%f~qF|H=1f9 zDV1*3dh$xSje8)1e^8YaQG*g{S&FqGrcR@XNwJ*)vR-3X!Gs{21IFz{oR+ zZWm2t22Cy@zOE~yyEaJky7_0HZhvZ*eKg>rt!wYPwLV02TNz%Lv+@Z}UYX+5nb}&c z6B7UV3?B3o&pv{*T^w)m9(1MRZ!E62?O&?dRd{Bm(|xdnE`q})=3da zGaQN#fX6%klv_CY0FR($R+sD^Y1x{&_ck(E*RuZ8D1HfD5ud*VRXqO!^nSvO7FF6h zi@si$A(KD3EFvgxqdnkC8xEJ!H_WZ(7r*VfoFaEB(*%+{EXy~PIyGBHgWav-(GmuYpqmkG>D6^67g>s&I4txDQsH_ zn}~{2kA&GiLgc>jDE-{LGAM&>4@9p=YrgW}Em0(Y=9#6u21GyZG2ZV!I(vSjRD-C+ z0$tPjQMT%xf*c4OKm(andWU1b3WIf_fC&08b4g=1IcbVe0jf}>+3fvd>9Sd7IX%P ze=6tP6DCb%uh`{feC-itd*_6=0q>llvyE)@m7Rxao_qZs`xMl(Px_hlYQKGl<(p-P zLJoJ!PH@X_*R8T_@&Zve^|5de`~;{Gdem(&z$0bD`YY!BCS$VTLmB@OcrXxuTUOEv85O|KPU`o|AOwd$_ztl#z=qphAr*(vR8ySo{8*g9s!b<`LKx z(A!zys=nduNM;ao^V{dE4jV#bHkiNCT@WG>{p^F>V5u_(*PtOJw-l|m(5F7nmejE= zq4pl&Y999@bPo64Li(!9=J`$E0l?KDmc%SX1x`M_V4T3U-{Krel{TmpDHPzItm@$s zvxgJcY#|;US*=t*3K+Sm>ck!bcs|a^of)-|M5^O|CK}>D@YhTIP7n+w0YJzkOG$Pr zEC4*yaqoKG3!EK#M(b90XXk(h?$+J|Ey26*@P{UpK3N-fz-(1)ElYPM%G-8o22ozZ zt#ux*C4=p}$+q?|!L$IycD(`;yJrYs0MBNn40+Vot=;m(VX=46){p!<__zIMio2`_ z{4nlWZ0D$ef&W(n8vah&{GhTZaG*Ko|Lx;e&C+`}5W3_K;xapxX)Jr_+pEviHDFT> z_xJ6uR{|Yr`^irP;4QP!0Zp}314dDpp!ww5-<}qq*fLC@f&W5mW36r=J~J6qKPB%i zn;_f3cUn`?|F)xX1`l}0js|v@@Gi%0T*7f*X6!8aPvsM14GwdDn2{PP;oHrkT4BGT z*C9y1VIMPOpvhogEwZYT0+lsH&z|4&P-(y=K-DB8quIdJpvpAP(rhv0XP*johriK zAH7D^dCL63^XLR@LV}q87)Y@o#zOoL`Q;6P`voZP@Ex&B*eZYL!!MUDb}mCLy~^=>gmS->)}$#x7s^qUjq45*{MCeU*`eg@SDnqll3&6$d6B9 zhvWZk`O?7o1zf`jwRN)x|>q|n0N3fdr^tsH_cZdBamvZ^!?nw6v zG@a=o4k;NVoiAk$={#@hE26ZW7a@w9KYe1cuRAs`rryVNWb<_q!UF@U$c;7x!w|sM zLcGR!pN7si{Q#?a#y0>`()o?YC_~lPvJElur>nQj1wGmf$dQ|}2BN5o;&Nvqkz?6i zcV_up9%9X);-!=!=}6Ez0x+a7E{(m{5}Zri+SIrZ`t93@Y73I8-X|8jTL2XHwhV_W zoZbVmNe8F$P2NLBjQ4N(L7aIr*2XC{@zKHz}X&QR86Z#P1^F-zN-}E6ugU|!- zv~O!?X#wXdhX0!(%0*bmAJ?uBo9Gz}SQuU& zR{JMU3`slpV#lQ6aRp!p^Z-{)vZV`U>XHy%1dC|cokPe@wa@N1t>~2J1F{<8(GQ?L z3*}aUX1V+_VqZyFHzCMIn~uq9;`5%h?ab)okRtpMf_N%~OOJS7gJ*(^W_pc6nwdBtvl$KUk zyE>vW8baTvgfE-;mKx;&r;$UUp$QLv=vknoK=*W;eEB?RkvaLYQr zx;r#AaWe9)sodCySh*^KK;lxTe5Kr7RLyF#RklXLa=llx$ z{5;dV*Q-xd`mgcp+d0c}?H9gdfR4Aza8CJ}Fe5KQetl@+EH&e1oZL$LRzuQ;s`TbA zOm7AjUBn)kP3Pf9{Y30&8Dj3`BZ#^8pPH2V(PK2V5xNRR0b8m?VMk22t2X#uc)vbC z%OS~n#rrJl@9(=;@~>}VFeSFeZPf~@jphL2Ud*%H213Wo_XmgNN@2$p&-U`aO*fUA zN)bXT>eeAm^glKFUc0U9q8DsaHP!$v^+bsko+_LDP7$`eg@DfKmb^Pm)fG5d6!iwO zn$#YAT7%I-tXS*XJ*s*#&1)mU92w#o|SdCLrXRFw22J5T*MznJAm zfvr;6+J%k%h^vF5O=n<*Z3{~8r$fC0$HFA}ZKeE<@{NtSI6)`&dq84)uWdzEpIVqV zmwgm;wu+3nHAL`8i?ix(;jzVhQ1R)AJ6QahScx%w*;Jc+x@N-$oRsD7b1Rqc7FTkr zK_y9PPU!KSt+O<#ppO5w=69RfJR(oX;$!a#Ufro5>^bJ&@4bYPH2}G|1^2P_ekmAFFMGgH%pm%q^SayM z{0Umb_*F0$D&>PDpDKD{`khq5AM`O*8J)I@%ixO*rxqC@a2pi5d_NH*YJ z2j|3Zy150gCUvQ!lXSNitSfpx{nmpDrUGIzSH$p9_AG)!>sOK-RPMhHHG-Jy5KV4a z4DJR!f4sj)BuxB>KL9N`-ErlLw?41j@D$EJrks=xmu|E_26zev;qrsVcM8@8?5qUK zvf5;Y^EnQ@5U#>*~S1&$UEk|TseOlCS! z&$@iclW4xgJNuxw)<+8!?1mD5CU&oUeh&D#T_w$+yCv9mOD*ZvD_%M`hk0%e;}<)! ze)A#5w|;KTf!i-{=D0qK3itpN&!Si**Laym`@{_mAA(Hx$MYtVSf%-RAoDzvu;Kr; zzC?S|ZuveIVWOERQIo25D~0|;vPVEOUBM%sk!qKOFfmDyupeGnT$-q~H7UZx5pET1 zn&pIO3DnsV5ozsMWzlu#KpI)?S5n#YU(FW0#eZpU|5Fv#W2KtFwM5t%x0?$sA5o?o;)d?!+C-4Z4)G zX_gG56`UfTHoT?hZC-XPrJ|*T41T4O-qa7LBXHsL5fnMbW=A3ZGn;-z2NnJ^l}oa~ z6-1D;#PNE|VAqyw!rXJv!s~7h5*PPt()DNBfy5TX&ka{QJEaTKVAXR#e>5^vy84=3 z(?MQk=V3d)#|gLn(dpWT5JW|-5H6vB?h$jIQp0HOMl`h68vpkhb+7BoVUu1%N-V5$ zxrsdfMU*dxIx<0n8B#O@EacfA{5~4E&NGYkk9PSY^|9y@={U38}-9nwXU&ULP zbxTl+)Nta$T-l}@Q04MsuFDOB?SGZPEv%}*C8F>l@jQ_&$+{MGA_-q?oHWu``I&7t zss!mdGArF{6=DOAR-q?e!!;~DXt*(ii5%WL$v6sv)CjY))aVb<(s%MNXvWceD{k4& z{;hMl2`o&H_K~#4$ZGuchfiK^qf92PJBNTiuZz*-hkw%REjWfTz$u=q7*fm z8MB+87u{{pD>8!xU_*q*o1zWbQHQ)w_I&xE=C*50$|+dmcJd8k9swzgg5<26qSAcb zDW2?ydpUXv)HK_*Siyld>x(OBI5VRI!OjY8xW3UF(2LyjYF(oo9z1N7!-h^k@R$hG zVOWEg{bLg3I>z^Jwi|5R1$}=KsQ#rKBEf|rH6Hi|jpKwyI$(RV={_Qhd3)^xe(-Qs zNen>ZEI=y2hHT6)e%Z$4y4ANMhi@n9_*+9?{XOW8N5)$}I_Nu1tnv$7jWY|6y_@E> zra}e^0hvbQKz8xdGC>Z`T83z&|IqW9e%=^y+$5`|5ZGQ#2)F?kU0GvIgh7vJav6Rx?g}_>Vl#o7qqyUrxx%!z;gmvyEr=a<|Aj=dGO!QL_|~xqvw%;9=ZVzGrjS~ z==SkAcCNwBL>l@);>mU0WM=tq!2KyjH?ecs?A<9mE#rk}rold|;5Jc%n5i$)`CTS; zq5{o6zSC*!`Rf>EjXoV)w{McO;P7s)s`>ZMz%Lu6c>J(Y4()6WkyEZV(OKrno3xV2 zc#I*CK1l=w8+5;CLh)*k^hHjbF9{irOHMw3ez_nGbl!mG*fI`jnLd8`)+Bmq**$3_ zl?_(7saC$vnK4IAC{Nb#qcU|;KG5zNb=W<2CHC=_^V=3Kz97k_r}`z2?;s*hk08m1 z>-GUd*gLFG(%OE)G5mRYCE6uoMfX_D)#2x{t)EAbG!2j)rGG(qWyG)c(ua9nK##O? zdNOq9ZaxV34tYG==J1!A<)VN?&WSEQFb%-Wo)V7?i+BBc8Y`Xh)@@p1GsV5;&Y`+b z?&P?h>+@=~o8#$K1z>h3Y|m~Y-%jqKpk1gVp7GSkyVdA`{ND#%4tB`6=&?gB#CW9g zSN-Pr;pf5ZV9xXmP;mCCYwoxm*8KGA%>Fq@=;>%RI!SZ7ildvux`D8c4nY}JZiN%5 zdY}MsJO+lIPM1u65p^0XsRVjCw669+lq)FX|Nxfpm<*fZwH@? z0!THEXuD>(3W$*`car*kwM- z;s7{tGMc5kSIze%*Q%|R1B>Vi_c14ZeW1Sx7(I02;{AAN1aGK9;L0>TVQD+9{qd*T z)}D#p$glRa*HdL@-wHl6vB4Oi&MH-L1r`fGA+*3Aa{lQ z(jqjcnn&DG%1LR2Eliv%Zfip<(ST~s$%v)_oOulxl|7cWk@Q;p_>oo<3M@gnp=A2P zRtr3pEb>>(H}_o>RL+!aIDffD^A zOyzgicaC>Q4fc`dWyPL+MTUs(or?pfC-%E{QX~el+k~cpNgDg*ShMr)KBzYBlu2Wx z)X#$!n(#Bk*jtzg&hY#ktET)0^Wo^LAZA*M4MT*j5hi{(5pl>^c3FzM(9XYN{ph~|6j04~ literal 0 HcmV?d00001 diff --git a/Workbooks/Images/Preview/GSAEnrichedLogsWhite.png b/Workbooks/Images/Preview/GSAEnrichedLogsWhite.png new file mode 100644 index 0000000000000000000000000000000000000000..2874e26bdee26d0d43c5e935d6f781b22ae06999 GIT binary patch literal 181008 zcmdpdcTkht*Di`QX(~2Aid2!N^p1-3rl9m9(nKHuLJ<-`5kW;dgib`MQiAlFh#;LH zp-Bm$hfo3%AcR1;obUcT=iKj)J9FpG+&}J~VcvPOvw8Pk@7m9^)_Qi{JuuN_J71eK{_ErJd~oJdxU^^YaA(hU&GpP?dm1u$AYJoSRfPi~&Qz4Ztb|IUct^h(= z%Z~#R!cDhXIAy+j_s2Ke9hg|%cxPzQoq}2lC0;A(@pNh1e}yj4#(m?DW08bjS7b}^ zWwz{rVmySQP2kr;#@B90W(B2YIAOU=Qe(}V4Te3NdbcJ@g(f)45}Lp;=LxC3@#g86T#SwB&m$EC(@}-yWTcTUEI8^_k9+Ht|Er7 zu~PT5n)M4JP|@?O`K}8!V3AM$-Hn5y#tL_z|BfFXX85zt?#wa<{)^Jrf9zt(3$AYT zvF`fAMJ_+jSvX9#)I1t1vzO#!MNHRYk3Rv^43j8dLvVM|!ibiRAE^luWK2d}{#<#% z_*>3b>O%KRp8V!QJ8hlGsCFq4QW@3-vZqSb%5AkLwph`tBl%r!^+4Zk6f7;o2wNjl z5Oz&**}{Aop%N(>3-tQqAqD**4&322tpX!ZDM47;P@6ecCn-#P@v&{;UaC}ld@5Zj zNpIP6Cfp7q^(r9TN6}-Vvg%?Gd~IYmxxg~nDvEW>Mrv?+L@Nr}YNtS5LiJu+Dp+dI z1??Ceap6#@4wZyZ8TU~Y>*}Ww{w0g3`#W_eiHMx&bpG0uP(q8E3mFIN`}m4>X=|>X zaP5zI60W$a)8x4@DNjJGgk^C$jMBf5cM6ThMfxsW;B#zOWas>1C)SLeZMBPnXc*Gh z0r^ws=Y>!iz2jcup`!5#Yzp(v)MzRVBa%nf<)@G1t-I5^gNEquzUWeGRx#k-Lx(Sl zt2bH!?;lh=h9@WtWEu?5mN>Z%rKP@FaA>4|6@WYn-R|FSOsa9o-0@zdr{S>?YzJ}+ zl=?HiayDbaIm{~S4qgN{3DZ0!F6S#Q(mL)QAzDr!t|q8ocxco6Q#bPf zI~nH{<5dX+;iPYfHu9Z%ky0jU?~r+;^-Ci*S+q}f*jQ7LMvaYE?M9XYAc=a!px0w= zn##bilcp6NH}Q<;k169kt=aGVbmEwl-wmBs({?Ka2RI1#^_MXB7j5TE>g9yasQ?`% zj=oqXbE#mihD>k&XR9|hIZ0weP>+h7nDN`&H;*e%*>=|NNw3xG3AqMD>@;=Ohvjso zHG7it%d(t0n*fin>J_p-6ak{Goe~L>d7amNe#xByEaW>ys;a%RT)nJ+P4hvMoulJw z!`fJ}y`#;{?FWTrEd31OO`Ew3sPh@1dUYL7{a+GEzp$j%DX$4ngPTZ zs}R6dmz+neS6YJcdru#Ytc3e_>am;H#vY^@L{pPpM*%@}a4oRQM%hDjsXfO#_(sL1 zQ6|GtVMWr#pjtgIOiM^4kC|X7hQ)()Gh^OPe6JxhdWd&eIvLN7plTJgrF;hN`hSNu zH>>F`!X@m%b^b^t%jsws{fuECJTb#LL@!z-m!datfG)P@%czRX)CCG-^6 zA8g5b#g}DH>Z<(0JwCdO_H0S62V@1WF4M^z#$BfRchs*)eCB9Z=aU6t7>We%AAp6< z0Ngh{$5{-Sg|acD^$6Ko&TxNPhGQxP*oY%EFYQeM(~?b8^bhtnM2k`+#7J1IE%j(z zjd`et z+za10g&o(G2Ve5b9Qn0?>o?8iuG4w;eVZ|+jn@9vUNdg#81mJ4civ8MB$x6lUWzDmn}=v&Z$Bte<3 zz}PIwb#(nYI?wljs1GSa)C9jMldx*lHdA97S4$_pQ1uwnj9#53{6KFW1j>vwTCDrZ zv+t(obOE;p-rh69vnSJ=$8iiR7O$!o4h`KT>5RYCJTuq#IO+20S1Wq^F&p~UmOB>S zyVJUC8;OgfAeU#&%V^-keVsL*IGa{RXphV`GZ+}p|D&f*BxHsOr9J^VY6#A_T4ht% zJNbKKX>|srz>R?fj$!vRKzuDF@j_7p`8ib|!$J71{cAV}T%n}vYl*9KiyO`+GXSFm zwgIr-cX#eXyq+(icA-fj?e4oaToQRr!#I6M`kDw&1>cQ#l+fyJ8CH#ziOlgS|89e-o%tXatjBj^L8B7|5Pq8~6y| zZmjr}k?J7^0_*h^VI0`DEuqlR&Yo;xL*b!}WuvP?JSZki+i~`9=cOmrc{1)xCrmMx z5oHfp242HjHyQcaW*In2*>?@dQw;2s45Mn`>z*%7?Jp_uQmAw?kjkmPyLRTBGT=9m za>^l~RtTXkcZ*dlrU2_rD?C(Y_uytN-%Z&oO?aMhW3E&MPyOvF`vTk)A}FV?9yV*( zeyd)WNq5)@;e8?P#4tj&nv-BrI5S*?8m;Q#v6^RcA;HE?&z z0A0b}?rWFcPaf#&4IjeD`d(9G(0Z`JXOni9SE3*9aSvPwQA{k1mp1XdCLdU^`(@UZ zdqB!l@-vbd@T^b6`lfTO-&_AW;DKsD`2a`tqF^(|IMsDyU732=ePPh{$8}Lt_N#4m zMnC~kf zxZOx`$&hs`v|VO(Nf1jue}ZX`Hbl(()!ey$eapdjM};Kj*6Uv0yod;b8l@)cHh{ra z(PP~!b@r}>Q=WJ2B(aTC;O{GhG{eRRT76}F!mT=l6zJ>F-MP>84En=LLDt*XI5QJ2 z-@Nc7G=k;0vc>;4Dd&w0$j7|sVrUXJ%*tk3!D!4P2+oe%r_Ca#_4bcr*;h^p8jiQR zqG6d9Fn9J;D1oS(Pgpe1EI3_8%zZ;ig-*FURjxiEx zaxGSqbsmzja4!i(>|r>;EYY$vHd(~dUTmr!m^S7;*#!DS?I(z6OB3<=U{vyloar?i ze)Hv!OcOTAH04e5Oq17SNjdVAhLd$k&VT>!I$0sqTaZyPH3L=x575e!qEx zHacL3N7JeiAOpB>Te8Tb@Z|V3r#jkO?!Bj&vwM89L+s70&>yL#*S+ZnQ^k%!B&eFT z&Y<6*XmE_z*H|akDTAyp!Vp$hGP8l*K;0=1tE^l1mm9JkZ^{}jvjD_L`x^1y{xDGg zdGv_)x&arpstnDpZLp7iFs*=mcTs{cB_f4VhE^kv9KQ3dJ$PV{vR$@-8u$xZpAQ*j z$Y_>>eLVX*Yuv^kzl+iS5|}asaGvWI^%5*jRyXH^&J`9huc_f>P~JOek2wiW)rOdk zsZO|-r;8oQ{WSM+wV_3ym6>Z>eh*;5G28#D=E;O?6N>=Yg@T>OJFs zF=f8c=zS4}c^kG4O_mKNNKTkZS80v7UKAQ>RgYN2$M-2IeiR@a_{s!jZccBg=Xsd6 z>h41sdQXnIlw_dGt7EHECf>4Y0uD|FSf>ynRIQ>Ccmva%K>0|5xd`>hB& z3Fc{?&B-A41f9B}uFoM9sd?WAx|@5I=Wyg{YTa9McZjx7xD#?{m48| zfg`S_zVqmPeF~dmbL>O0K4CFk$8t6c2bC5AJ)J~`I8*z9Vc!>%iTtwP0j<;rkrm_O zfyrWEZTw0_qM}y@zMcq24#yyXK z2Kn81{Ib4X#-5bF9bPH%sHaN7H%>@R{lNid=w1cD%yD%`Z_UH0FD`*Ly(9l%!25MY ztCGjauf2#$?K+*{ZYwk&_PXSq&Z5YUarRVt)5h@)DU8?0NZtOW+`Pq~>QPGM%a)Uk zX#^|5chwv&`?DJ8r2`SafOZ?SXGQaSuT=ZJLhgd>k}H3uSJzi}x~GJvXH|#N9)3(9 z?N!!wQ>v%I=F~!&mBhYbdrc>Nb!i6cHJ=}f7sA7tZ3Ex%Qj7KjPC}U3BSD0dO{CUe z(X%;FV0%1qGBMMFPsDx504BBjK?)(AoDC4#0mO|D*4AIH#vu`U5fn*e&Q0X zzvd%T%)36%O9tVZSQ;OfosjGz%;k0LVTp}!Ie}-AUv?AmXjKj%i8)|Tj;zP&p+kxg z1nHH{Mt*U>LWh)u)!2I@csKcbxDvrtnX?yGXLxgQxpuqvN^&#m$)&khF7lr*c(B`D z4cj3VM3{YtRm7TD?`yd3Hj$VuVZ?^#qhI>A&I>M5XIhQVMNBq=ica9(x-&l9{{5AB zl}Mps1E_?UbEg`RT00rE!oM+DAB244@ORN7zbA_3Ok#wwYLmSlFtL%Z?EJ(bqF>Jb zB!y*D1b6akMqL7`J-U$ApLD%mK4BZ6YTp}_?D{iyw_u5*ubp%)0hgMfQ(qIntxoD5 z#}?4hrNGnoW`f!duXBkKDP6A_F*KJAI87Hc{fwT^-@&WB_$tJA;hpD*vCdjLN!%hP zjt{mI$$cv&nr96^_+gPwwxjbX1&HnrEmePffv?$^UJ^}UozH(r!nrPgFG#9+o>OLB zdoRk-*`l}R*bFiMD`0=?yt|47ra4IQE@KfatSQ^CSIn%z$0>;QkJlzxx*F0%?4A2r zQvferlr(oY_}-lSqov-e{Buo-o143S33_ST6crZaQU&{ct{0Xu_K`O*yeAh>GRPjn zfpB5}2eI7P`$q=pzi1DfgS}^F(IB}Cb^>#ti@xeo6 z){Z?E#9kLGK{Q?~yqWLXlA->ioTtG38B4{KqUbm4NlP+PW_E`;p_`^m>U9*U`ua$_ zW%VMcba}G8XS=EF=GN%1jtSZ6xd)jB$V8I9IS+9Lp}<$@uq@mNrGB<2h=E+XIRf9l zq(|?%)fc5{y_3Ot*HaZZ`9FgdQdgJe57qhhoAHDB&aDnE4q{^Ne1hi*J;4txDkuwW zidcx?5oI?OrxTaNz`G)dX+9z8KB)fn2=+e~Qxb78rHK%vF0&z`rc-)k4lg-^>^HLD zF?erMM8I%oslzUMIO(dVB5mz3*NA27PLuGY)49|Etj4i)J}^x!P-+O5ha^Ay~d&nm;@%1^gEvD*h=E}FrOq@bN3Bb@jqjHn?hH` zZ)ojPHXc(}e4Ul60Fw;MI46*B6W+TM5Wa3(yXuLb!kv;mqZP{~pMPRhKgZ1(bg4Ug z<1W+|^H=rzzuFxKsP`#Gv+`vBy4calk5FWZf8+Je^TmciDPcL&p+bX+fPtx=Eo)B~ zL%%8^)#1*LGx+gvza5}xS8b{T^~e}1RZh{nH&0&;Uo7`@SzeILf6c9SU7liybptSC zmU~dX7leF|c#pHXO2oKbmZz5x(q{KoNA~0k#}S`l9nA}&qUtjyDr)LlV}M#bk1(d9 zo;A)Fy*x)S!<2EhUJzcVOnSPYc9uk>$4s)X6I4f>HZn)8xssRpJFi69m9=F=ygLpzk0{Hu$~kPy51 zEPv>nd0L+is7$gd5CI|>+jRQ`sqM{69`tQk<9VFd{H$+<-+kMoJQn62d=hp(*UQ=? zOyNvs;s6^X^39loA2LmzAbfqdefE?=eZXq0ErFS$7t^e(9B|v(YzJaaN+;UfLd4eu zKm7{i*?8BEt?sYc5k-qGYA5+#7 zkMQj9DF2pWdM@Rqu&nY0KqD4o7cvn4`^DXWK-9hydadxl40munX~iKVRmC`gDd^E& z=)AJUV})AEgWhKM zkE>TH41v`{3I`P;nZkN`ejgh)i^6$^?%C`Ofg3k@pAnc)jq#|MuU9e<1n0#KR+k}` zjFRA*fUiaw+`AkKB3zKIZ%3pP=pQr~$iy{+v;hrysYbbK+L>~$Z_oYlv^ctnD=+zd z{dQS%d1-BGQVX@G2X7avKl#M+)tN^Ko)j5v+c%nKe=|0_#C6_+>Z8*vuN}U2{xSl>v|N+^$sa3^x_ZS{aO=73p(YSwORH! zW=5Yf9_+-Tc2-fEp`3Aa$yyF^BL^C8iIsbBA!+*Z15u1Kc10xB>vPfLpai3<52i@; zf!j|x-M35M_=6`D<6173NrsBDB~7+XZCFV$#Roy5%T~tu#y~IuB@#gC8*wuJQJ3u2 z+j|B-+N}E)&uP7$YcSSpl@Gzqq3bJbMM_NUtEcR-k2@t*?GNIbq=!!lPJI3-$EBpB z(x6@?D$TVv^21OVQDJ_?b6gQO>e+G4dadM4EC9c(SzinHhw7l3Y}}iTFW{%9_NLFb zHuTvXaQm8HW|LbA*~Q2XM^$yZP2^DZ=55#w#Dl_lg8I~NbN8wjqxQHH`I!+Q=F%sw z_*;H?{g8&cv%3k$e)y-&qnb53odJlEM$$;q3sGYxv|~u^mZSl^u4acJtUNIiWtu>CGu8FxTgzYh{zlIg(wmj|Puk9!RYs=3N6il6Y;Q0}+4KH~Gfi~T*UlqHX2ETQ{TxoPo9h5BhVdA*@u97XN3MxfhN zITbZ>EyOHs=M~$8n7C_McGH;a{Dlme23H%Z%G9IhzqEA*vu@g>^i^R7sj`pPo?5oN zV##j(u5WAm4sP@P%DGQF*}bFCLQHgT|EXNhiseul&?GnLE;4usk@SO32I`IOS@~&fXV(OWod_HkUclfFD-tNe?yMo@Q$iFryk zvP8~%g~Iqx|CSRY{kKUq>k#!ii|5#%W>P>aZG-fT@SZ3-bC>SQo~qlU{R!L0S;Bm~ z6?2r+{|vl!qOq2p2&BuIPE}(^Tn2VA=Vd&t4Bz!_qW<|3%~h5*8Y|z}d_xlSf}_02 zdoV4_`!4;0D0`P~RdFHTGi`r|w=^{8&Z_hOYv{}LA=-aEkLE4ssejFzhTrYX|N8Co zFaI@|<|&j+6Is65`#K0C97HZ+Si+PewDqN@g`F+-HFPg*ggDIAPe^TQWJ7ZquoDE- zplThG_;Gr7tJ%ch&yG6ze@YszQZ!CKt~Ra>4WL&?EtejvVjk-#G@oMB)j~7B7A~1t zpzhQp<*SYTMA|1IBm{A38R9^9nU#Od{H3$D$mw%QF8!qfL5NB7d5p5oQ7*a~K~Wy} zPTQDT5JH4;lA84nW6Om$Yl_ z{vDjt(7ar~5J2;NuY5|l!cLoH`=q_z;~V=&*27m?g41H~0{KE!M5w&}{6>`w$n`^W zS%0i4xjwk1v6^pCAuoM*^Fpv>!&iImb;k>MJfW{_LE$F@`_wsOcD5d(0tF2Qw!mM7 zYeQ^Q)`ZE!d^hxGaxHb{2dE3eh_U*l#X)iREZrQn7bC{7sp`n(HBS@3M5tzfa|R=B ze(E?U5K(AMq_%FLzY|FB)W!tQ{A0J-hKm6-_cHukg@V`INVYZ~zbyHdP@-YqqK;_dNZeA)At$)h_q|Z6>WxKgEB>y?HSQL-5t<&yj;}6D`#rQkWPGeBP*B!5!PE&p{Bjr=z0ZA}zThv=y_PM02`RYBUTKPb_(Tck6yThha`G~O0L+_T2CVfUw& zFjrdeL-Y{RXQuQQmNT_&j26lpiTt;`bsoIb&Uen5;a_gexqB-LUPO1i#YpgXF9!}( zUT|IQis|R(NYTLFVht>2MEc;KD!UR#N`rdIr%nm{MiWQ7XlZ5snHNp>b#k22^x(q@ zD(bac_bKGCZTG^mHzYCt3Lz=~0B$gN&~yhZ`@;BeVE=#~Ic50L+7y)rv}`tf4Q;KP zgrpEXmDluItS>hJ<1aZw)R`Ml$i8ZmpE4V@vtqJ4_nu6yE6l}}{GY<${~v>`5rS+akkRFJ4zkqa#mZ*Iqb`$Pl;%36 zOKEE%%=&OiqcP9zdhl%TJi%^}t~6Yoe=xMtFzi>@11aUAVwM&}O^QS&);`3m@u+s7 z>ghrl$#(gXw5{F@f+Rt*MSUUvR3Rk~2ANubG?m8_K}ReZty+NA#Yf8G1fd|p(C%`T zrVHA=c>rgd?H};m3JpQU)E$%KS<(^qIyKVb1@Eu;;COl3ma@+S)w?BOWfS6?p}T2i zlaOx^xc%44X{$|_#!oi4iATu!_||Bb<+SkLw5+|pdRw;4waVxCjHo%6B8*+nzqO-^NkHU5$#i30z&5y|+RSmaAlzh#0@HH}}x_I*U)z-e8N; zJ3HB~q@|o1u3xgD-J&Ad`(~|GUGVH+SK#X0%LOWU-$AXStlhO+sWc$_J$5y#iWR+PNe-6{%tX=HoDX;v( zYVqg!#PA%kS?otL*V`?eBE@CseXHO8mXmBjuKz__v-3~LQK5d=#d5RRNQl`=2gJ`H z@o;-9z`eU_mohCMXME++4I$yPF#b!Xs`^r29tq9ouVt^7mA0L2)PBw0)Y3F@<`U#* zQI)Eq@vB2}zWwVYnT=f8rE1uoK3v~6+q26)y-%*Z8gXbYrPBQNqW|h!lYqgSPfrW& z74R0^cb%Qrm;po{l5)pHROKb;>HyW!-~?~_LOXG##Obyq>2gsU|v!j4qiH& z@i8)({gKSnw9MWW<^93mS)zY~P)4G+q|@Y~-;EAr(GkeXMA@%Hap#^!V#+3|$Gwz9 zZoaRS_bg2L>r*HD_n-UE@EJ|sY@bS%w;v_>X{`OEJJ(*^u$y8<$$}qVvuozkc+R;V66o0GZ|v=ksgk6*`flC}chhOv6SQFAVNjQD!Y|nXn@-xb=G2UlRtE&HKwbtta5B`>K zDMeCMGBsM-OFB6$0LiNjJ6>egxH^Q$whJ+N=<%Sj_`|xDNr=g$KxmP7a+oB_XS`p- zR+2rl+(+x$38V*L#F^dUZRRi zgit@!7o>}Sk>5jB-=slnUHBVqPxD3GA`;Ws#SU^r+@cT$lt~f+8MubRiE`=O%|C9# zALQbBQl0gCQZ!6eml$?Gx*knc7oe~y!HU+CE@27Dg1T{Usg4>Oj{yn!x8KwncfV-2*2}UHY;a>S2i{X)7kYqU7_0}+1Pwas&CbP-WNY$vYCt*%4E1t z&mm9CDZ}Ur)A5D7N|PMl?JcuK_#o9? zIUGF04X_FK$AB5`9OqUgk_{&@6*mKsBfn-^PeGVSf|ryN9Y8KimgWWKZ@&H8;Epuk zof5+XROXpAUVxW3w>LGT|2nMa*O37^Zc^vFsB!mfiukkB>};ys*M?$cee{Ptm!iqA zGjd~xhr=p~e9Juorh*+~##xKgZk7hhBvpZ7oypwfy58!$Z48b_kUJqQjX%!t-G827 z1kcm4Ok9HMhK$mE5J4z>15NeQH)V%k&o|1{c~}a}tN7 zf?``X)*RWoPdHPr{YwVCwCn6faEGe)+F6{9UG?rqisaeJhU4K{w9#ppV=$_5bV-7= z@UY<38^!+Qb)tybQKWIXw!os;r>8Dud5PNF?h)QZhCtmYf*9VA$Wf&*u!JqxU30;&R& zRSoNUKatnaT-PFI(s%Yg&aOS2GY+;&D*!W(h9+x1p^6Mn9kl@+RhRdcHDhvB{JIW!O3ZF|q*FLc?7n>TI+hKJI%m}afYp@Qe?NlW zwkHkOHY&2b?vyvSsk4<*ElTGEIL#m5?EOwnT{0S+Iyfm(BFDp1qv4wEWyJaNrKOz< zbkhaOrtyxYPoJ0yjP_nk*~CP7hAudW@?4&8O62|=Mysi~a_)MF=?f}!TjYg+`~8z+ z+tJQ?EG=m+SbKq% zIM{dxFk|e$w_q(jOLl?T?^$W8iH@rhclX^|?*f|!+dja|5x5NCStIim_mX4IggDR# zih}+o3DU~7|F}WB@I#ZuGO}!G6YNIH7MD5Ja7S)9CS0LKAn|~|xxmk+u2#rHwwRu; zMUfaprtmoe8KQHJ#UFf4xOl^|TW-Z55n}f71045S5HQGq7~~|qFvHb$k2c6v=bvR*g)Y5sQb{;rts}qyDs~LOH=TkB%h!sy2~CH1Ytb5jhbL*Hv|++~%XxbvEw5DGFR(D9{jr>E`FugMBX$FU84 zn_STsjVGjmevI#uQl_dlH%7nai06abm8W;AssVs^Ze`>LXBSCyj~Anio6QQ`l(9dV zhl(xg9#q7=g9q&^E#ea|)1lzF|6?DAJ2_VFxj_P_r zexVP3TAExP{hGa#+wxe$nnQ*0y5q?BSNh&}a>%Oel;*0&w?r?d(A>NCX1Ha;P;`FV zgra3P`|4H=*s@|!t}4J`(mhRmtnt9;z$W+B;G?eTU;^k?2dLNFZ8=y3B|CzFlQamS z&^V8|d|WC^uL*1yr;yf}2j~&G^$?tRLo}ywm3lwZBcyOfoOA|){DJwyXEcj7Ud(rH z1guoHXcB|;k8GP2lmv9QW3peko$m>H8rEYegv_==yv?>Me2W)p8(({6Lcl$nXV1@; z16U03c~yF~F`&!v1p@AtX&@YmC_n3EBd%HVOe#%@uigamaJl}4M)_RF1j0PXv@&90 z+JTfF(5f(T=jF%S@WBmv0ZGP>L+a=$dMzQu4Z)=_PJ+ji#>H?_O!}NaU2lF`j(;4w zlgsjr?PBib+&gD?-*M;9vcI??>Tc!z?ZJh zLc&*?Wc!0kA7hgLir%Jyx|SzlE827WGUs?fgq@u*H1EpkO=d(%bbnCVBxMD&7iK?a z;1Na;nYdVWCGt6%l2J2zs}*|yJEdGa)QGq)8)7O#0C`l7`ZOnn~ zB%<+qsxidN&PD-i{3Lsr%k6j%fsCDhSWN7g%a?@J$qo;%U3CJtl%XSwEC!By8*wWRB9k^>eHrzOTT;fY@A`#{*246!n`{J zaO+jvU7*KSn>x@%caUK;zur9?0DNuMw5@d3|HT^=9Kfa;dKmh?xlr%2sz`T@iu)z# zk2M)hyH|i@?uFl;3(xaTi|TFM)$HE=te~_0Jd6T6?#6J`>$P`Ym$1USQL)oB`xj@n;v&l0t!SF3MILE6QASV86 z$o3J|2*ZT?!u4Zmh}*Dl8B0qWwPT|OxAQ;6xU4+7Za~UNeE987r_6CSvrE*CN^%&M z!HJgP-dRhx*xZzffn_pOn@d1zcs1<94X;dvo=Lv!?fSdt|7_OT;=Yq?cm&C=d@GXLxkM zB}@iC0p;cXK)>hgOl@taPgSJeKGiNBxxn=D!O0s#0+Nhz7HQS}X*;pcG>>acP#RN( zpE7rN1CU-#(l7c!j%jGlppqPA_SRPW`S+I?uXcs*x;bvO$sSuOWJTLEUbN%QWN-8a zZDW%T2AxVAOZ1xbxhKOxh0|kupUf9yUBkO!l+Uf_?gwtF3Q31=H`kN|RjG>NR=Bb1 znVlJPG;-zah}Hr7q?wZpd@&nMH{f$cu`5k(S5i@u>8XW_Z^4&FhND{c6ZpU!=9PG#y{DWcZI;(fKpeKxa_Ez`RTV8K6JXS=3WQ){#^ufi9f;BTW$2B z*Afqxn43@b*ll&bbYAv#mk^E0Mo-Sp!Nt6@Dx_#oY9$x%ZC@GMYzI$?KHOQOyefT z;lSP)5Il8xCaSg?m?$Q)bzO<^t}E7um|ZBJ=nM&arRAt_QnN2zr;hTA}TYqG;j!!dQQ(G_>~iR9zew3PDZcGB~$AB9IER&$>Wv=?VYe9waoy8$+^ zO<2|A+@_KboP^n3RdK!VNt%oACXhXj6n4WO=J6)%j9gYSPYwb(QikT{lT6fA^-XRj z3?5FEIO)5G1L~xfB$9;9y6PVg!_nd9Yl7nF@>JHHtw^(`-_7iqK_`v$NL8vXd%@fYf zi;mFyBvGx`e*1+a_r;2OnBfw^!9?XXEZ$^hq!nm>QT_5C;Cwlq^4DPqe%PY4<^63B z&(S|EaUQ>4?X=t~Z#!YcQP*5b=j!g~LFjF2{e9_FQACIXYOiJJ;AyHdHIKpH5%H2< zkw>vC6^uB04bXP$75ikjnJ%x%^v&eS<~3Dw(_oFmU%xW8mI{vwo%W|?=v*Il`ECDF zRW%x9Xa}HBv#)2r&R}MlCD}P#=1`lWex~r}ZZZDZ0h_nUu+Vl>FS20e&|%sl(zVyU z83WXHJic7i7lkz|z~xJx2jBat^PK0Na~}a&5Z)&{-Kbn@lW}jk+(%y0qyCXN4>fjw z)dXX6u%JNO0jqUeXs|FSQZQ(Hb&wPv#`&`70d{K3JCVySIng zkkJO$Kf}&m9G1O*BNI7U-SNv5qNTGate_-{Qzi|)q}0m3*=Ry$?o`MO+QSPzlqIQ? zbUp9H$Sy|nlx%++DaRAI9rkQSoOF4c2>w9;AzRm>!+`6rX?Gfznf*Y~E|uiUkBvkL zKTESVQs>oNP_NqBmlx3wf8yesZ)wf-d98Kqc@PO4gG3omBjDK?Tr_6$B=zKIm;Qsc z2}O&l^FEqgi&bLb-H9B;n28)F2_I^JhUd#y$BwKzTM~-8W4qTJr*l+eOO9O+3M&w; z4ktCVszBQ>7bOx*c|Gk_bio?k%r)Fp%WVAD6GG6%7NiH`(xipVp_|Ym;7w0NX(AsX zi70+CN#vx$wW)Hg{Un+1|4G}}Mk+j1u-@%E<#EDYM2lL4aCmp)gF5Q(c*shAXlAlo zs3D~%tGB!74YApFS;9MV^y_crfh*GPVR^dOG`U``+EzgLroVmKnUwzNyA4k!gRKEGVUL1{hcJHz9Iwbg8i z*qkPZ=BG{^9iPVM8L;b#cyVe7m#*7)9#Ei<~lE8{=*5?knC~6|(yb+oVfuM$RzV2cmxSwEXq+;Qwj~))SXs z($L&N^d*hx;A)8OH3H7aw!tTl@-JRuKT9%gBj`nIWTxKp*#Km%L}0S-wWyg4`0WBlkoqqo($c5 z+kTYo!F)w3(raU3Kqwwb%e&$<)>E349F(!MhE(?M7Nm92pBFgM zqVRQ1@!9!Z&p_>?6G?m->W=DexH#{_UD4{AT#ry9fbTghQ$&*3Kho!%C#CxdKMrAh zTrrfJRY6*p)f#Xg&;k#vrA!SHJ>trG|+$Yij{t z4~Yd%#M^>1YRmz#9$~+h4y^GiO%*wO*%r-evg6jbFk?`ye3{=BY34Oy!F@MHSCl6Y zSucB7E7{QJt(JtvFNL|e?rCrt)$eMgwfZ|`tz{jg;lIj&sT2CcPVm~vtA?yWbm0Wl)#u=KpPr`su0!&0oZIA1`h>4N-SE)_?vFJWU4unv?t(S; zA;wP@o>a%Y@6BR|-cAnNLk9$8J-Z}rV<%#iE7pg!5gm*-PAH0ILnUiwy4OF5&2spv zaE*sm94ejs+DA|2n^P>P;ITAE5q-R@L6&Qp{BsGQDcGEzol`^>OX(ir&Wg`? zT%-5Ux@Jeb8f#Gwgr>p5$L!}lKO6=xm{R3DW{O>kW>$Bf)ia~q%dt%m0=WA0X^yI1 zTagg^WsA>*-#1E0)!8oqDUy~NvxsK{p~pO87G(_-W21?wrXaZ&aQRjTnI==raB2K; z=DTHwB#vO)CL`+%;?RX~l}A1wA1KZ2tf`mi)=N=$f;T60ZMS3vMTal1l2dZR|A;}~ zzDk*%;fGZJe$wr9#Y7B>J-WC*f%f*F>Q^E5R~Pu>s|x2>PUORv7$gurJx#q#re=*! zpg(3zp;VfyJi2Q&j`p>NA5?w2sKYclx?qea<$CiAYA zSFiTM91B*J3D;a0SR;SZh_Jf!vb2hNoVyoD$MFYb<4l7EXq-?uFvj#%q2#3C;J|*n z(SdS`&y-s#qRp+DyAH^>nh)E6P&&Q0Ae6l<#3lD;Q}%J=YE(5w0NgCk7I64vZjUcJ zH~vb0ng$6g36rvU(nQM^W^RQX3_Z5TgB?jPorO0K2Ve@D3PahJN^{!}f{FKzN2Q|L z1HP66&0&vA-ampr9EOk-o~>$NGj2=TPYUwb9_3^{hfZyqhd}I2MS;BDQxI$Vph?L!v=EH^fB2z9~*I+}nOw zA3J-Eg1&K#*dT+)$9rrq&#k^xjLqvcNdv>#f#biL5K`412MeUd%H6>ENX!1)>%nJ+ z>8ltHSpAW23cH4hV=W`0+P&sS1a+7Xu5ocV{)pJRd&ACt3l;A5AY9heV?x{(+3Gd> z9#FdbaIK)w9Bfz_@Mzebczfil7ngq(4xX$y07b-Bv<5tT@`~Qm!y9Cn>k*`BzR(8K z4xFb@6QI~VHRw1~iqbL!PAcb{@rzA?aW>9>@jSc>beL?8q*r_M`Bb(6tW^On&nF-6 z)fBN-r8p2G6=G6n=MSb_J3C`SYzGugMK%Ha!;0Ob6utB6z7orQ`dU4H5`U80y3Sex zLgG~LIG^#y4J|`GW9(VdLu%OnkOjYVH^(VPN9v1jM=3MnAgY|XQeqveF7{xU-hrak zRG@iwjeWbW*=eH}(m7>rM4KHbUO}wM^7UpJ;(OhS`M8#^Ik|So1dmOf;DbD0#*n_f zK7~oQovi!>lv`6_z6`&mDG{xTu*^S-zq;2j(Fq8DJnSYj-HmIUl5j_?Z1XNU11e7WzprRlh0Yyqcr3)cQH3W!? zf{K7B9YT>VB}xk|;{009yb5=fZG_kGXrocU(f%=*^%&8(SOlRs#S zC&`ohzW2WNwfDZZir=~$$(KlycU74{Rev)GjhMC z@=B+#xsQKT(XM2U|D-3<_ERqXr(XT`XPLv4cS;Gn4k`H#+#0@;YXBRpT!y5MW*Bxt zk<*=arsP}0Jw_Rs|I*D z?cm4C(qs#PqC-tuI*Kl>zpyRPBFqUSfrMh_Lue*@gPSzshSLgJY6x{^Bd<)&>v~MG zm4k;-{IN^Z-YiU#lyBZH38g=(s9_{HV}3&woacF6>V@yG_)b%GR>e7DzMac^=gEiz zmu<7pSD;K1Q19nOBU?C-WeU2iL$^YnRAi<$eP|(Upz)~sPh*6%_ag(JKtB_L3*%{p zoO6begWYU@tY%AZSgHHspPz0CwI#DWKq)C@^O0aiJ~4MY2!SjnsC7CtW%xlhk=Cs_ z$7(ISoo9nTjCe_~hi#%NQCtwxb6Q_F7d@0p#1y-u$WNTny&Q)R!J|~im2B3$X4&Xz zZ+5+gY~zY{+SJp~o4Y|Sod=MzpD$zu_F$karOQwpJL~IY=`K6kGgg;l@w^7+!sE+( z6h>={gP9b2lE7P^(q>vwd~~N>Do#x{V74KT>$Dbvvyk*BHQrDN^$u(9)*bP$bT4r) zCC511jJNBLs_KsNseuUgtNr_PPy?~~Myt%L9GMT-Chh#Gvn)fxbwc;RBitECSYW4X9zeCxBZ+Gv-giL zpBWAO%hShi`)#Zll?cFC|Fq~*W}LBAA<<8h#G7-!LZr+@_Oc=BkgZ2n=4_S+d&cRK z(X~(eM(&l0ZLcc}7v$ZYR&QcoV@+jhw0cL~`&kSmI?vC9gDV+yKHo5_X{b_P0}cd{ z7z71%h`xHKUcitF}7F zkcpSiWNJ{t%mlrlgCiqP#g6Ul&pmp6{=6*@27{m8p=WV<_(^5UqQ)LC7GPx z&va%kZc6mZf2%PzGXY5=Mk|5Dq4sy1VISF-Ga@U{%|YS8j)ry9TRg|b zh<|Eawwzs@s)TZwbgEX)^mMq>zBUzfit|{*Qr%o~_3iCuUIi=<_5qepct|dls=DC2 z@1^KXciZlh|Js#7c#Sc+)$E7pTg_w~apfx*jzPecZ85k3(wpaHgx=Qp>1cHP;Bhgi z|GU(w7Yhn~s+NSFf&QD5vI|FL`~>Co#dfkApjJ_KiGTOUdk$x)fqkqx=#Ln_)CpC# z*84+Y-E|=L-SOF~fg4Padc9IK2IZ3=dcLpPlHqFDJ$Nr~A<8)nEXq_Rt|Z(4?{2>n zS>X%#p{um>bx`z>CfZ<0% z(Q&68?$a#5QTE1YM}D$eqhU2q&t;N^PG_*%%W3aJZy^03*B3QByj^peKyy#`!4BTYK6n=An!ljdZYw)?zlj=bwvfAR{^$?R`8=|f2kY`^ zt%PZQPza$T&|sQ@18k7X=WzShC$gqdI_z~<*whPn^z`lF%hX~!P1sL*;u+-?2*11s zQ{4Th6*u~g*S(j{In;1{|Ks7{y`kc-Z>V+OMR^h5`sH+Ky}&kAnHB`Oa~l3)17OD4 zJFc9y`}kz-9P7c5Mw)P6Ib~cFf4ex&7O3ykh@YvtT^3I9a^&C1*VsBE{(aaAJ$lDPV=zS5j0M4bOMymO9jCya^ZHCJ~JMT{F;?r7H|Fk5n|B zOL^iWX_o(Tyz;9jFeoc1+~@-(#s|Du)U0t#G?Y?F z9<+1eOS&c(nKJUJj&p+V&c)-id7)Ajo({A|a+x!pGg=$(9brXf5T|O*b08Nw&*MU2 zj0zc3Qtsrw(hC3_`YER6q@eHBZ*|T1s7KW1FNsv90~? zAt1pcN9}_Tl?A(}j(cE+4zz;hw`;8ijFs8G4Y89z!uCiZ`@Kf-&>;L z3CQJyzEArq*PqdwY7=is8REnusJhyZ$DZhDMr6-4%vv46WJi)Uo79=XxO*7He8|X1 z?gOby!A(eV@y5OPXDB%q4t7D#r-pYF0C_58pNjZxvMs%8a)O>0)wwQ1!KB@nV%PHr zmZVVl2UCmyu;mMFmrm}O+Ay!#*M8_pEMH71@xf`6=e}+oKqRYBujJ9U>5%avEV^vt zPCdh(bqgzkX4OjU86i9;&Ihf-6c1pLDVZ8?U<`M)XQbR%+m~t(hMBUzn&#l9rdJ8G%G@Ur+G&Ove zQGw2o2o1uKlMD)~dN3bGMj&bzPdN!k)^~Q1ZgOoYsWKx)rYu5}dL_F$8>_TCloEsG z)QqlBAHZXW=;a3%no0a>{!kb8nPq>zWOZ^*Si!Ig^N&W~ym zrlIt^rq4j0KL+9}dblV0ZJc?_0Z2J=ariC_=&pGg7ybqDN<&Fc(;_9t(a z=5{7D{wK2aZ)`mPI_|aUYNp}oQD`p-vP183(~S5c6+IF79=-N>(*`IHXass2F}G-{ z_Nmy2`WG+dJn?GN))j!RYN$6HOQ_^6zdEKpm-&p2!HC624F7sM|8P*};1$2m6lFLz zYrFqCYj5>EthTs%-{vRfy}8$$2Pbs;>QVUDlXz_dlNUt^5BcdC9|po37;@postD zPRH~Wem8k(kq#?4%|!mQ*nh+Q(zfIO_|HuxX)*Wy`TOzz>zL;MA)5OCr59J{%RKR) z={b?E6I!VT2}tfMaW=2?8L}3x3PP)WnN-{|+s3l(#>#Aldjg14a!mKJRgq$unVB64>w{*8(?HE z4WTUdlaXnxA5-l^R%)2aC}VZNKzvq~cD>qo%_hh-S zbQ_j_+);6FpZFx!1#RL*@0p=l*7;G+7b8P54k|j>0+p`519&_)V)=*E0rQ@#=_>B0 zT$;j{e@i~*C+taSk%gP-ZOo~LDr;FrNqclhS`OFvDM}2KLb_1n-^C^po1;!^X$^rD z-cqLc42O)y9*Cr7(>1--d)ZjSdvdVFq+13xM9~?mk>PV#sSy&D!KzA95OR zAR7dC6K-d9hEXt~sehg}bsu(w8kbrZx>1H}s{$rX01hd)9JZ<67w*jUx(KM+D*G5yte{0O!csuNQ0!!IZ( zXvG2YR3dzCYEC5I*g|Xa;DPIjjXtTqBXyl%#-Poodsj=X8>+G%|9lldcTY9WyY^!A z^xwDjWTPrgWFI?jwJAd8ZJ}w(P2oDP(6!iNnf~)SFS66Yo-;J9;x=QYwbEzf{_95^ z5e3CR`N8e$vmFvl`>}ZIEai)!V|NkrL$1_HWxB89=b!0-%o`vRk}1Hmy0F%DzV@Mh zT_jPi443n^ThB#FR`Kpx(-fumZ8k;irNziI3^FS9d#nW3hrdPHFh1Pkj{_2>0zM#F z=(F$p$9~$)mU!f-dIW57dVym7;rdP({D+x+bqEsSkX>`FONXf&+Sz*Ew)|}Dfz++O zC>!7{Qq-$rQkK4nY;T)|HYIlCsDX3Z2S%8>%gw_l35*JlOVU@<>Hg+r3Us1x$oMdUa zLtpdkBG%^7D$@e)WO;ShJNfKzllD|)rqYu77@V8;O>NHe$UibNUoI&DN_X>ud%~Ee z69*-o!aq9&_uoE2d#S(iYnkrv{^;F#mw6F6`#}>6#g0W^tXQ~qP_&0yV zN&74_x^(aU8`ba_3N22vPGxQP-UmG3q)#p^P}bKNeV?OzhilrvlGy`sN?`3w z)=_<-dT3?$drQ6hQzNXpAP^Eos2IZ()9V5GiwS}lmwW$v>))`Veew&7rPEkB>f?8N>}Z=NJ~~CuLRlWUE9{#cyG8~+r8bb zp%mh1&u)`HllFz9{mG5~#}FEt!z&l7MN^5!P3z01TGLs9lRsmnG6IkE;B(BfE}j7A zhn&Jte%tI+m+<>t71<*Po@v-3xbx_#!2XZZt)Gf>IGQFtpQ4ILBS)~F-7-UXgv*uO z8y=Ejs*D_jFtJ4zVU~@Ed~-0Q-IQP!(=x-HXdbTh8LcIDWDBwz7r(NKuJU`vzujle zprv&RSP*pE0fU%Uk7=ixmY4PQmk(@Rq;P2sKD-%BCUJc>Z!{kByqhDu?Ei5#0)MwlZZ4foi z&ZA=wR4p0F6>t;AMbBy3VYr&ff~Sn!!$}qXKT6=9zW@j>+0i9c-K5^TQK4jG6cZ7qGCKawB=G7_zuV zUf8zlpnvM$_~^1TuzT)Fb>HrN@Vx^+o^|h$zEeKyp5*78@CPMXK}2JfkWqy$J=(h^6kh4T8H*&qkGC^+qB4U|E^+qw4;7}i z>M%Rrt%Y$@B%H&IUrQ+a4fGn)0Na$_-Mt6yaK=2$=Cu|qUu=0eZLROUWrobQMloL9 z)j?4=FAGg>r#wt zN8{ffHuqhyUG!gHJWvkJy(7n`%tQ`6PmAkSGFYwLG(`n93PzD>C&3}P~Byk+Qo zG8lnth@OqI5(|+-Mu{InUh}Cw@iu{sp^B3-Kls-x3GWyp;^5<{)k^4bnsK2 zZcnlDKa>Z)Ag-Hj-T`~jw9PMCx1KLaAHZR~pWNo7nx0lbqkZgz!}A-r%`?)XZE>3^+2CuA;J(|cO;_SrTi~%t% z-&Zozc`-8Y@WOSQ1spm?4KmyZ{$nOyhZz(<&uG5N%_o1Ev~#+@MfQ)>Q=${@2Z|Sb z#$psrJF9h=jRbb(y(oRQQ_zn6;AyH1h?wkN?C5tXC-s8;gDnz`YDH6kqNw{+N4j-G zz@Y%s9pF{VMh?B zuzAODoG`67UnET33OMe`+QGAF-NU(X!HVY1hJZ;k5sq@EW+t!M>>E!J-Co-n5yvUJ zQwXi!TX^mJ>#EC-UX|NpyYwSg$Bq6a>nA1~vAZdEjbrL(Jr@oGqMRAsMaiGC_FXl%=TLHY?`B^>f zt0}9>Ke6W5^L*T~zROHqk{8~iQonkDs=KruE4@Ys+rE*^-$u!>e2R71F4B=# z34H?!VmEjA`RW4zw$Nc^b}G=HLS&3(1$I5cZzBry`7?4=_rF;N2*fm7E6|j~b$i;A zcFuvXk!*1p%rv--^_FGpC{5qRr-e8h+e+KEoSb2i=bYtx#7IB&&f=ANdtZ;BLSGdy`jx2k8qKh6V3ix?SzV+o~6?h7i#MnVQi1k{}5sr?WQ2W=q>o zcx9+9UM1P+>rvmp@T(-tNlGYf=MLM!&#u_U#dVg)!dq>xe{>%%vZE-DJxqGK_w-V>jlKo&`5}(>mx7HfwCSgc zb*D2XB@f<*AE=)onwm!mJP9dn0HoS)#XV!0;kM=Q`P-EjR+K(^P8pfTX#IvtrA`g6 z0Tk-FJoj?^1pLU+>8yOweP=w+hXP&8%3}?>YuS2XawM;n5 zEB~GO8XBukk~F@ro?zcenU1oTHDI{~C3NoS*+BpM;P2MI}O$ML& zG=>PJcrW*4GV$v_;W{oN+q5YGu{-aif!09pw};?X7>FcRmkt0B_K%R7pNechb?#gn zJ7AxLgl7s8T>8$o{BCat`S_F7)yJwX^tV91AXGEQNRR7ug+lrv0MM!lttkSi=~D4P zcJ$<#WQQ*s+jy!yzQPFc-}f~egfNbsBDdeR)6i(?Q!5$4j`~F>00|-kMt+4)MlrKH zTk+6&+qaPdetJM(cps}*yCT?zJFjS3!IV50$m-nisn{rW-eKG zh_PQrH}RmfS^OZce6pm*Gd8dbL=M+ulvht=1%~G&50s7gF?@ko(wtyVD)sZFI22jH zO_lKLyI3HFn##fZV$^IsFx7uH0j;@1`r}m*QO*LzbGZbdAC}plJSXb9kb=#Zn#nO0 zK7h|rhiQ2)9}Gk~IHcBE&|uTxBBQN}rod$}$Q~bFn|#jl_MYb-THs$wvBRqET}YkD z=FK8i2cQ4LtPZ|ozC^44vqJj#?yAD=|J7Uztnec3f2dmb|G)UZQ{L>q`M~}ykW=*A z{|f%OEJ6YRd;dOwn>JYif^7eI{NGt@|39<3`@gyU|2}EB|C5Wg4nJ8GaA^c{$jEPk zZdA*N1`vuDZBAjr*H_7-Pm7y(qWf}SHFTcZOBA$d?lStWH`UFy zs6`UzQQ0u{&>q06I`VJ3y63b!Yr5}cpwvIw5mZ+!+&Rap3_>X40S?X>qrm_o|9z%= z^2pczxU4Xa`y|GQLsD5qr5M~{#)K)(2+mztqSZxMy}jy8^BkruGY?E|A$fY>;1 z@moT{qhCK3vIgBfavb!h5sOb7L9SD`DndCjuBfQ2*3|rS#9G&GP@j7K9OzHKoYaN= z)t-3yVC6Q`cs9c_F`Gv9Yz+PVJZznR z@9O333)_#+i0AR;-fO7P#Vv-9;DG3gSE-+Jvg(iTu>=6tdPSP;Es9%*bLJl5Cqc>Q zZ-?mLDAK>F(KumkBj4o2OHS7eo;}Dy5oIMb*V*swD{cHmW@D9cb1o@l$?*8l?^%2p zpI(fm`KujNzT;E}p`151HeSe58*bfTOm!}x8;b*g*t)p2=4#&E-UmX4lZb?&9=9CZ zM?S&=axt9(gH)eQuSGxH6=&0b(KJw7?`_)j_V#br8tTz$LOzZ{*jVQ1Q3NSmw<)Hf zaP8lBHny7TYH;yxPWbwxL9}fn^z-#F$JVvOZ$f4HF!s!?sm>$dsR)JErqi514;XZ+ zKw60_xR#{_@>)nI6$clr?U8wSMW4|)_Ujx|=p3cT%aQIzKc!LvlMg^hwI3dr*Kcbgm#?4!EYzT1wQtL@*PBHgy z802XW1S6R)U%9nGA&M-|L`_D%nIlPdzsmLdE35bWqn zjV*oiHQ|U2An}L4NsjMtys_JUu{UNxQx+Twz;WVd8~IQRKK!~rrY3txcZqu7cD=4G zwQ8rHrVcGr9uuGa-U0x+i2xyMsB4K+UU$KUEC7RP>|B0DE`#O57P@s+b=~egrRuBf ziY7)pj`{kT_n;e$_pzVBhuD{}#8N|3BE{8R=yl_j$T8Pw$D$2U7cMn`6agU7{V(mn8yGj z8$1;2Ycjrbq`VJSxK_2+j~Br;5`1w)!ORl7p6Y2?5^S(EW$rQiQd68w8)I~sa@`4M zR*&RODP&qw-NVA6l0k4s4~!G3tlN|Fqq2;*?|ec~Q>aS_94vpgBxqI_Ow06un;m*6 zrK4}#G^^#MwT;FNCU#@87nE)JL2F|^Y8mskB`dxTjls6lBaH*UhH6HBodb$*9x|L4 zgth(7?i<@u@u7~B zovzG~f1ku1N%@<1;D!9Ma%Wt7W8MecDX(t@f)fPcU?G7$F9ES)3BS0~b-^CAC%37x z?L`*pCjlg?PIyMk?*Eml1RlPyd!Y`@9j8F6eKHzMw{T&T$#xksJClTGIWuxm?(2-5 z9z#zyi<XwB2N?ShO#->z9+zPcg4(b9@0+US0 z2cv{+fCFqH1u-1I-iSS{?v3S5Wp;*XpUVuTu9Mq14!}G%=HR%#I6U5jb_GZ@Cc{`> zKmXM1D4?w)y_wYBgLeb>#=Hll~4Nh zVN$8;M{W?B{Kvm89CK-+>(v|!S~Grsh5!)gSW`K2+neW@kQ({--062 z#RlOsP<{@Mgy%r^kyymAK!90vdrXT~m=She&aX+Aot3$N1CCT+3hWsl zG-Yw_`N3BDjL*px^35xnL=K1A1Vke&=3aSxQs=koZoQFp#$-g(3=g$FtAGIaB5>q< z;xC^e2FRM3jF~IS^iv_sJ*v5it7mav4n(-4K6|z6D+D{kSU2RE)pr;-O4ceCjJTd~ zQdM{MO|FMRS@54zSL*>IK>8UmFsyx0SASJTa)DWUvqolps!xLQ0}hF4&$kK&vQZyB zq*4C#zUBTWcPSS1$T`}>#4hs}?RFKR&E1-Cgjmz|7k|t`&tk##a8rM+;T87qZfGUEi1cD|X-+>mlab2iX1#K3_QdnGj*|3tpemT7?} zEDA&8xKOpuRR8Y6vBo!3usi||p~;yWQlQYFdCztzQbH}(xy_-pNCpaj`RA>F6OMXaH=NT(`B3I#l59qbv785VFV(A24oB@@IxqNeKw!TlcL+foAC=+v5Pl8lSg&1XZhShkS`)+J&$ zIdU)B60*t?ekzMoIj^Oq1=b!xGmoz@S~9!GXT;wRm*lP8&QPwqC4WqC;x^()jegjy z)O8Lk+0L16nK@qvCf)arWWX2=GnwD0jn;Kejl4f(Wucg7=(wZlh59q}gy(h|P1i6X zj48{Ulv+XFknjta7^|G7HuHI9yD1W7<1dFe8z$o*N^R_Q^@h?8bN zjX-&2AQ`hDxaERKs^e8QlC!hl%e1V4rBv19Feqo-0&BXsNKUf1uiu}Wb1%bB(CkES z0#4^Ss2=@NO_vw4y(GLk3eZb(eFb^>Y2{DHgedRf#>ql&lncIzH>a5TX4#5%v1ZbZ zz9a|sw9nI@88H-9L}dCYmc7_5krsUfC+_tvx`?cy#1P-$$mFdkJ4MAikJLT2kji;T zuAEnv!->-`<)0&1bsvD(4n${d7T23V$vFe2K%1sS(tbz_@0`ITa3TxYX<_1Gkxd>& z!r7(TH}fm`?hp~psxmz5M6Wa4K`C$HYTk3cRC`K-Oukuq6+M2xH_jj7>HhmLeW7OJ z5Y=ueIGK}zia%aY)lv=SSQbn<2Y}FjHWbJL7L2A&#rK{BrLqIdyJNj3*$CMg9-L8$ zp56ha)J`+SCYDn03;Do+!YLWaS?0-qyUFJ%zW}_-F;X<8EmlE4%@k0QqxqM>LueBVgSQUyULDgNj~kWE)*m4D6h~c`f;A{0%7LrkI{4%Ac3GpOUknnRU}Wceg+=`2;u>&kixon&q5)Dtx}dt?+`pWyZmtw+BoLe2nBlE)}6+ z%w9tY1!8c{&{}ecdqtc=*fFMKcDj})B$u>&i)z?4_fgzI23YVetzr0cKL*f&`^N%v zUxg1wHbTZ*BsV3sBF1^Vj;rw`5-2n9?w>V0@I05M&Qy`q{&QEQPOnh0z&)Sd!^rdc z{9tNT@^UV1#i`~Jc+wV`z%IYtONHL9VR+QWZ=Jq+8Hf$G=Rs(DHgN`GwjlVrQIP7ULgpRv^M*2Ap~=Xy?JkixR7-g)t| zez=80nywzqQpQAttiPd>!9nl z9LL2-gGnR9AX%!e*x}MWYL>p-MXD(7Uh~=xzro$N<>$rGLpNBxrrmN*uJ=8>M4mJa z`CzO2{Q~ln!NIo?_sFbjUNP^e#o{Fu%#W%ljq6^>EEV^F=(v4%{9!NN-;x;~+Y}LN z2S0Mzf9y&$+5W405QmCFwo*Rwb^o^6`pGTwe(fg9^JvsAT)7gxJD22?{$G)x<2Ecg2i zjEG#j$mGTRj40Z+0iNjm54%~Qb$;`Xx~r`^)Q4v|F$Ox$;UT@h7@0LxL6bVfA-bgp z{pYnfww(t-h8wdayyexCkIJ6q_ZGRTb`AW^zM_o(tttX* z&MllAFXTZONhyUOL&M3km7CncwVL1?=+0e=QKdG-cxhvQm^Y=z=h9t|Wh*HYwo&8= zIJBN|q52uAh-+TRJ!u|Q^nD6di3Msi10%!cfIupfXM!eap87T!m%g$yeR!l zZ5P7%3?KD_5T^n3huZk(58uWG&3pAcpDKksCu#;ER+}{|Lk!6{z}MZr2$H~2*%-o{ z7DKlaWejb)Kl@}r7MXf0q6ab;T)~*Zs%-0^F9Iv8(N|S zFSueVEO1(z%fX$Q$0VG7^{U8d3q?aU2(Bo>td)E<5P0CzSl^=xmoVM=r&sYKfo;A# z$D{o)(47KLh#}VzuQPb6kXOc)g4Fb_zhQ^oF9A#(Ybcl9gzhf&Ox)7< zwa{jWUpV3e`n;k_)UYpXsp96o@!~z+u-GG?zrxm4!{ZR1lYJ4V({M6X%V?mr+PiN< zuXTo5Vb!veOH-*bGgViB8YxT@Wx;*SOIUO0aGhR!fm3 zDUbd+xTOjqL9ccqx0x}$|84Fzwi#7y-#Y)(1~H1JG^$u1jNL=bEco2tQOvj-Q9 zesuJp58~GPAH7rM?>DFE5g#Ssz)B-Z22rHaxV==gyd4aiMk|>r)c*kxLPP6mex#536AX@t)ZV#p!MM59LH0Vpq9BsOm%gWdor)_0vct|h zhYpn%F@OTw)r9=Hk-`i;psuocvq0e8!ycC1ZxkP{G!c@xbviEIMnELE0)$j$AP@y` z@cR!b=|7_nc6eUqR1_9 zAVL>SNQ}KXuCjt~75?8K2H#@?0POm5%pK;{Yy$QPT08-C-*jJL+ z77Fx<4q*~+@rE^js7GLE9%QxMgQ0+PPfKYAP_*~5Ts~{Jk}^)zfFfsGpxd`r4pOGH z`~)fg0Fti zfO2Ec?RAzR(9UC&1xyh~&yzd#Eb2EZdjrI{PVJS`FJ#C7lk1=UFGQ&|yYDb(n54_) zJh1{wI#n;kDUpKN+ABiyvJF8|^D%%y%A@!Gidn<{XI=*VU-CU78|Q|t)coe|!omhW zl|=3skbPHcYA0yEg&5uXr12WllCROEAv6rsC%o>Us&1axEA?id`8T~qm!j@VVyn9) zE|-$uahm=(|LH$XH@!L!fjKlr@0;QZp_=ZsYj-!bn%2a6N64wmGd+hXD{&Q$f!$k| z_lfBdo$uA4{}L!{-M!<=7esW3v@h18U&*t!%z=7%tG{l~LVnib5eB(*5`OebV^s#F2mh_^+>5I%YQiC2aBg5C2ougZ^LImhu0bxBahnu)q$g zNX+Cf6qhjVv$vg#FKDj=BM8)}lQFF_q>#yQ(BynuuL5!X}f z+W(SxdU7*BZPR#+%SOs`ac--Qsm;XKhuaFRzaJ=kK;QC5s7d5G>(#AoEzs#r0dJ`k zj_l9wn|-hRk{lCzam zL*Nvzb0twMATR5$o!|P#R~)GP5a+)cIsK@3GBqVt;>6;nE7=84cLe^yHC<-Lxc#|d z;tq%IKuBLcwOw5L67J%rmht{grcFq_^_(b9sp*==`={OJsv z6slNrv#u?S4$kTM-xTVddS@Wrv8mxa&_okp9hvxUsIMNl3Dqj>->>)@5OnLw79SR; zoQG5@DFt^EvJG{Qt46LbsyFbaHr^B6+v@}U%ZENkV9j!bDOrJ?$c3!Y&jFoR(^qc2 zHiOkWb%0K+Qs;^u9cqz)j4CC$Jc#_3&5-kSxBIV!czb(DL+{yMY%WN4U-*;!8^1g8 z#s-TfL)F4Ql{n_VRr9em<2P0jknh#Ci*P7Mn55mK@ZY5xj*Q259z{$v&Yk^B`)AXG zM8(ZJEG^dzep(Q^KkeQWZy&ZnTuY;NS6$1rwXr@*l4(({7%7U!(o~}ua@;?yE&f`s zKhIBX+A1A(e^wr0LLkJ}2W}c0?5n!9e>#$r+JJH&p!R(WNIRo{Y`P}i2i$$3GGR2i zKj5#Dg5!69I*?Q0^+uI%l+WCVbsO>8yUE{nCSnfQR#QzW_Q1aR3GbA;oUIi++P7l% zli%uYf8p;peaNQo%kLA2JPn^9YQGrO+7Pp8(LJBjxE8&p7={5-mfulQ1MRJP=+<@_*Gv z44o+2^gIDStSoUyA&E{Ew-%Rq`@DE9Lv(R8w|R@@DCNAJ)G#2N7*>D{-}wGVX#CB! z?1YSSl6iG@dC!ip*O#sDi9A66ZU!rbNd4|lp=j-Jr{%O&`TxAA6+ZLUiC9$T6l^Nn z@X70v~$HXm)Ljn;*qI?K^{gIf6z)xm)lw0ZGfUpec+a%Nk!C4P2MA;wL8lsaqsSr zeNo#d`y~w9YvX3q=|l3eoz3X!UW?8G01%`|WRJ%}C9>nipptF4oz^}=tabcNseJ&#&lQse!B-G@U`FOw}3 z9|TZOcNS7>fp&xu<@UsH=|0cPY?rR{!aJ{W9e-2}{~#};HpIprV08nSz)Yi80P7fD>KWW@QF{h zx@GU$-rLD{zP)(@R+`u2QS<^CJ_CWQBsMZME*+KjqI{JYDv``CNt5wxxG5 zPu3LSUf(dBJN_GSD;)>dJ@A~2MgQU-9_gHY7oqK@`(q4xa--fABTuBF=l1oap@L`_ z96;qujG8`ELeqPK)i!-m=-Vfnk)mm+dsc1%s;nQudhrHPg+@41ax^RWT0~)4HX`xZ zD85@CF+GseiI+56BFi>K2Y@*7ol*sVmOh%ohUR2g)}`(QTarFbml2+^%o6gvKhYN# zT2h{Nk-DkjOProD#mq7H=E;YtuxU7{j9@Tn98zMH_pFiqbN8)nQpZ)qp5H|)VZO+K zm32hqBZV5q=WWa6PIs4#b?qO*2&IPV#&x)vt)=c=?*gU=QaXL`fCjD+(}%Y4hhS06 z9){JCxRsc2H?rkqJz?Zx$@5LTenUg5khD+#m2$E{McaXf*a}hO-laeeSgO2IgIuUZ+)XyUy!H@KBJ)LD7oAjG_Q3PZuO~!_BjG54kedGX`I>4 zt@#x2eR@h)&(v)9JK}opBo-MIp3Y7WYT{{En=?F83Fxvr7@tCNXpa?d^_%!aKCGIe zMUPk?cd{RwxIufG2Y8qd;vMLk71Q}%H=iGV!4E%q>rTb@hbaHpV&t3MnI{}=Y&JF2O!dlyv! z5fo8SQIMj5h*YTxLO>7@1XMamQA9dXs+16l3eqB7I*1f$p@vRGR79lrgbJxWbd;`&3qY zS@e0j>*^V^YCFTJ6jFu_#}tHQ?eF{b*g;XE!vUqBMw`9no->|N342uWWuRF9%o%{n z%06CHkmCaa6pd&kEJFlaKjbB#F0kIYZVNkm>s2@@b1GdyB6loedOP+zq!pj4eH4^1 zbN@7GezUx~n|1fTg@iEr^xiQ`vwQukpMp|Yq@648 z(Dp1!mRhb6mLVrA&f)x{=g=dzcj0sl_Xb9xa207QZu>02wBLp;ss6FTMfWo~H*xv^ za$LJvXS_T}v*Avv_j^T}%D!S9c*`y&$9DC$KknOuXTckr(MqIZ6EO%{EaP0Wt+nEf zQv#OEM(n!y!{PH;u$1?F!c*zD9+*ORUY9-JTEU5eb+MtawEf22YO#->--_tc+cgTF zl`DDP8G80CxRuP+9HR{Ga)^1?}Afvp}hJ zRu7FB7))vVvwjy8p5|r->E68nn&)l&Wbe2)zo@_dFdj;yp&4)7d%3FO-(x}R1JQN9 zG;n=9XI8>X*Fx4e=LV&jod(V)}B@*~*dqq!elu2H?0L?N>!X+(TM{#T-o0kKz)$qU^UWhvf<)FclRXy;0l!TZ(j;#1 z=tXA-Yei@y> zx14&Jn0e0Z=RMRk|2|~9kB6$x=#Ikt=Kp@F!HfY8p*;MRF-0bl=yh&Sj<9muEF53! zr%p}PMF4|3_y!C=nT01Pj;>tyU7vhBHOQ{orm!_yVTBDE&3$7Ch+Fc|;rV+Wq*CWG z$Z|h(z@(FP(DJ-zFs|ug*-IAAr@1QUouogjFVbEvVWC0}eYVdg^m#oJ0fD!~-@*n8 zu?;WFH-CwEA5H4B%f0jxFMK*5GGY&{_rF>Ap;LMcXtuap`K)Qx*5u{e zLmFD9y!iRQoY`IckG7>yw-4Z%K%T5Rt`G+1LGF&eV)L$j9ya&$V@F@21@LUoj@{vz z0)&MZg12`b+C`jrFZ&`!S@GRb#&O8XW^b8q@SE6$1J%d?j|&62k$|^)VqA-dG?ESS zO;clJ)48ASt9&NBV9$X;==R;Isyn8^N>T#nZ!<7f(2(@5{CY(_Me#e*VE?6nrnZGt zkLJKJUs+oif5oKt`zU6#?K8vx6sd1Hmuc2Z49Nvn+!Jn!2HUq>>;WIsd(As~uVNLb z#VDx0uE|g#3FH@w#cgSg%S`G#JFAag=Fyu=ENTi53X_L@78E@u$A1msJX&`YICJfQ zGK6HHs<=(DwEQ4@o*U+veZd34q7B;tSc?vyLzt=RtWEF|lhU7lSV-!6rZK>N*kEQf zE-{{9yg4rC_~z)PmW|(fTf6qKpFgD-B9!{4!`s7;J`3Ck{b?&e{@$PwLGuC4$8c`V zdjYnXfxlr)?!)TGoNylJa-cRLi=1h`RRVZ^wNtyj*4W8uu}ZPp1;^o*p>$`JCxSWyqsErCNMN4%hWccqn>@{azh zR=c9@4!rfQlWMKAZ{r1yFN3vsY`tMH)ju%^Np=O~9ERq8)rj3qtDgU8h72uKWWg+S zY4geXr=3POvLUdRiE_ zvqq|1zN9`DU0C$4FRKMzy~iah{>CF8XfKC92dapjMBE%h(OBu~O?Cs)j zwNx=%S4Ep^7@8l;8Ql%M8u^AOox7NFnoXhq)}Ewu6-#fw9cvb0n+y(8VIL1+WV?UN zqh-vi@-S=O*JMd42_=je_!h-ZEjN^?mb+N4a&1YPWhP8vjpl>iG$f>0@xT1(R@9+3 z&UebV!E=!BtQ#M?iwegVLFde|4dk~ikI%`8Y zzeN?O%}yj@wONs$bNGDR?6 z%spmA%c>bh-)X@9>Wd_nyld$mJ03asosgv*)aqU=`!h+NZGVce1D#{>b0&C4zKRII zN)%*~cYd!LJsoa%TUgIf5ZmZC3CX!ol52v_5S~fqdTO6EOK^oBBQG?cjDNnGg>hH} zE6;cGkKO$=)c4LvH^qCabF9DYFk7>)o8qF;*Vf*0pw=l_CGg=K38+&yu_pD;0IFmQ zIJD6f-M(N3hm}D7E_p!aGBpwqi?+FzX>yl?OCqT+HTasD&Cr*YI{1oW%P*k)<=68T zZQfPCpmh2~Gy9>&k`>sjV<3FOP2ubj^<@D8-sRjQtYHFoN-pcao1zJv3(!8TULvRd zZYmJ`W{UClZ4`0J&(V)g@^hS$NptIQOTf%g+ONxkpG~#+ zruKRkmlEiW3~yw~#bQ+ZgU+1aWAJVaJII~Kg8&I!*wij7Efw4PAzX6{_OCxAc&UQ% zRoARhd5L5jKRSQUF3{mqD{&4fsQ1eTvX(tna)fmqN}UJ{c3~Po@*}AUNIo$gnTCyZ zvvVvSV)4@*irL#Fwy(^ig89Vor*CLMe&Id1WNrF9=jkxfV@Emem2dn2!I#9RVDLhu9!fQJop|}7gn0MHc~jN%^bs@LJv5J7gF1LV zY@G3^{!s1;3)Mv7M^9H3mQK6Xy!7RGkZ@?boPs>jfO@LmwWKLjPF^wqS>bA-HYB+O zxpsP{4@$Owy4=4Ep;O5`YYBRi2p;f$1a*deaY7z?Vecn%sL2@miz;+``A2zWOy(`U zzAo4#D`mgj(S5{6F?y1ld&f2L5naJpG`~0{ChU_dyuQtvp4v?*dntX2DTtl6bG^0C zWJ~?j(ug~gBXeSQ{0u{T`kPBHsgBt%zn+tPkB6_y8*kCRyTZ5X^F=q+^GEF&dP9kE zzR(=W^c8iZGgmFH+!P+Uos~sIb@y4h>NUUve$Ozk;l^w?L+P0e$69$DD9fLq83@R!nl#4+Da33_Er*}V)Ucav_ZtF=9d{ZN(d-F#wuGrdmH zHgLiwXx$m@5n;`xw{GrJcY)?#Pn}glW_R*8VQrwxdp}w$Voj1L&SxGPJ)HC>gD7+P zBteo>K#n(hFQT~-*x0(M;K~O#s@zApa?lVz`jF+LoJ<@lpgM5vA^JLfP63_ca*1*iK z{)APvPI9XrD9oVPo1ZojwZAI?pZ)8!eAbCvEn4<5)vsxE&@)9n%HJ`G7brH!9i(od zx52fF*)&7Er|{vm%Efk?DieuxYd>jfQ8WZO0)wvOqYH!>nC9$@G$Qq%EcJOHZ&mmy z({@Ywtq8*>s?O-x-XQ7aM4swj^=PIX_8nppAzskI(s#Fmw$!AlpA~I`YR3_}@64q= zeka}GVA=ORZE-VNNZ1J^8m~6Q@03;I^8D+B8PP!f`Y9E^I(fy~Xeh-ia5KJnf7@q| zf`?T>;#5ohcx6Y~@O~ISAe&E)Vs0|*d=_5rw+_Lj^0k)M9|>DmUSWrB!`MgDQsS3$ ziWZr>eJsx1Wga-QKW2Qw%*Ow<#G~_kdF3t)oO-(CvY37@lNoU4bifLJ1b@$jt zzQis-h#pVhPRz-V*556K^E5gTdqlwKFsZ2;lQDMwh`fhLMDH~XexJ;ggc~JV+^(7p zM?PKC<4?-vcQW>?#k*I3qMHeJnVg;hls<7eNbI`ujzN|5`|&ZbhetJ=;z_uf@s>^K zZ##5w^=yjjwDS3$Rr)qR7%vsEAH=@8zK+0H)}bHHjWg0V=3>8&o-vE zX7*fKTCqSUu(qO`aX(v;#8g=7hDVT>Z`TA7}P-hQ7)Cj2mP6btcSPlPr?_s z4OOdS6)6Z_ns<(^xvp*$FJwt-4djQN311u-wV?;5BxJgkHq0j$-P`FVOl1eIyr2NW z&6P$lO0s(mHICS!Lfj&;C5NG%ojb1L2bk-8>h|)Y7WX6F#dKM3EPRw*Q+BPu;m4}j z*D2^^F0=)-;fDyviMm+PyIMwyj4;kRfT{OWz3XdNo9>-jpD}d5i>u38`It?d_}jj% z8~^4oVqU$<&NGO@L`2xQRzq7S?IPCBO8U3nnuPTDs~$s^{Unm^m@vrcx2q#5L+`?< z_9oI2uMheHlk8zCg?>t* zlar5{mlv$|YuQ-W#4ZU)fsmxl09q-$&1KAnqL_0cckF?T+H)jhpR3ccz6Veowqo0e zKQbHc!qo07`gZz#KCF71wxLZ=Z?YXyTe|7Fc3qnSWe~~njDp*px@Aykkb(HI+Sw*z zV)k6j?c3S$Wo=-TWqK*P}<0T2~DVm-x>E(?Ry@;VpMHB2$NCoa?zbI`h3y;6C zHplP)iWnQc*`cfYZmm{xEKl-r*528B-WEaD#;mr&o7Wqp=%h4WTC~c+jxw>lxbN>R z%zwjW)@8Nh+g_EM#PW-O6KXauOw``ddsZtUbUAFVip!p{`k^DnYUjr-9J3#@1Dbtv zDHDL6Oyjumnf&(WVgfNjCZOF}Y$k8Vh=p@KLudW8ojcSh7-8MfhEcAZ9P}oxI zX98r@D_ERolkeZ;+wapP_z>$L4yngF-oi*YJMEw*4~C+kZDMwOd+qTr0A{51dR!tcgFH%j1O) zNh6Bs4?%@AaX$YGcT>{OoMb#AcBIas&bbcv@dQa~dnoFb~5EimiN*|ujC5C3-*K0l9fIuf=Iwu#8{gcO{O)vLzT_tci%3qHjxO_rciC?@c!w83~eN#C(; zH3brg-w9`&V}=c5wLr{_vsyV+TykfTph zjDsT`Z(iVz4XV+{0V*?*;_7M?P0F*fi`bNubINO#8n`mqzDV&4+$zBheHIo~@N-;f z_PDz3E4i~J+uDl*_rJCImEG{Z7eSdgPiR-fc-uey%ilSqHx?-*P+M0wp~0@=6o{)U zDz9HxLJ%!oQN7AIC%-BGA|$w0NB3Sefp9`k&k!blA>)irzv@ZJe9_9n5DNlgS;jIf zAEgb#I)Y2f%3{P>n6KE^`#CeY5Sp6To4TLC71QHvD`SPAF=gXkzO}rhfn4~ueM38G zUcb}7%zfKwWX$pI^9y2&aftY*f4kRx{&{7c@zwY5S`-Y6$atD#=Hugs6BXp z7E@MN-qTCp&RJUme310?^dI@Da9h5h%GMns+JmPaxW~XVN&Y({W;moQw$2blnY1;y zwF#)I=63*l%|x@iRO^0JPY?<7Sojhk@To*xu_|o3fQ3dZC`QT&I0{ViaWG2HtWUrwCGG8ARusyz|}`9hbWKsW`y+e zWPy}mT7%~2&%#N3wc&||Hyz@)9UWBsQs!!26zgRFH9|2-4IHNe0s_`jtUM5@w!vM1 zlxfcn%#RVSY#9kR&VJVRck+MniUvP1$3lgjf+MqDg9I8wB2 z49YGhjLLfL8Vlg$M1@1@_ZF;n(Ff?M#G{7(^@dpkWb9#U=yWJE)ko!-#eL~zEC~Y! za#6REnJWh$c(#K)8rnq`z8*C_`--*`uZ?m@wbr#e^Vc%jornbdst+H&@IlwETiM6T zuf4)jdk6Ci6?6;?5aH}MzmD2MA%Q?@0=EiBBJAT-e=1OESBL;G0JX~d)U_|qUcB-XL`{cv5hZHpNM(%!l#5Hd-x0~?CHJbsT`APq6r<|bk1kQqMYh?dE>Za|^5Bruv}vjqes&yks!w&$ zD`L=>f?l8A8^Fu@29lLT7zS3^5LR5)W>)tz#-Gl{o@YsR%T zJ2*O`-Rq}Tph8&B?((&g(h39)f$ptn*!KhiDYRhUvB2q2`ffa(KbTO({>Z&?#8koI z=NSsz%J0;P`-h$_K4~4SZLUv4^P8W6kCr%)q8&z&q_m(!osSla1wRBg|5ZLVO?B`E3K~EB|%(XLjB%cl=sX7k| zHE%_AQ)LDMqqF%m@DK3vzDT0u&IQ?h+6ff=D_^+NYDIGeoiqyr5$RFH2o8}XwLHzJ z>G7q#Ca0zd!IL1jadn}(n>bLp2E}sm_Wet@R{`YXcmV9vx>VW?pmI zB!>3#wuQzWtMIOsh`oKUzKOGDk0vPlvDP^+0U=+>!O^2u5pgxBIE1{pVIz8s)$(ZA zERRZZ7=kix53`u7J7QTlTcFUNQ&uL9l(2=Wh*dw`Q1!Tabj9fDT}rcgcx!JCozQtF z4yR_cQVc20D(+dW0yLT4V}iPSf}xr`PW0kdXDdQux%&WB`{Je;Qbi=o`w4z?go1hA z!6xW>5pr}DO~4=JaT^ar5<|(eO9~(Cx7(TV6iRro{^4DV^=*{^i~h0Lud3W-xRXWf zLtaOfMHr|%Gvv&EIsSp6M~p+kCyLzvI)>gPW-Zt6h}A!msvos#^c{a3ai`F? zUuPadLc{$m?u**xE}uOk@Sq>y44%1VR4EkDDw6G8O;=QU$0w$!=okM>OaZ(oP+~iKSnAaP|GgHSGr* zMyoLSe%d1_R#^ef+OyU*gdYs zn7$IWG}CH-+e75&SoIxp)9G<-2HuPr!efn_A`A>WGmr}g=)X~n zfaN2WW6R6VDG3R`iykb&3Qd0e_)*z1`6%O-f3@M!`_pP~50kIko@GT$J~?jXUN_=K z9J8gcG9EaW3S!8)+CMeLXW@F|{X3vmrO|=bbVOMK%@Fw7SL`x zB3>J!2Mffv`jrp&-MT-39g4OWa>fPgvkxr}^*@)TX{6kd0DQVSt zr_(8^bn2`g>5fQ?j`#hmDSROC)Gc~&KFQElkU|+6qwqUDZMfP{x-EKx764}zcg}Ii zI8!`yhN+!M@GE1M?e}GD_iByP!k^S^uN$`?$O$F-L2E(TK!1P-7S|rBx7!)lNVZ?K zA3(A`bQP+V95}q1w^oz4CdQkQ%S-T?I$0Yxz0Y0}Nzg`fLujiXye|8`3N8!nrB2u7 zvlYO2eyKrzJ|{P~12Y1J)ph9yTCLAkkyk;KY9Wetr~{;J`6XNZ&yH$^;Wm93OQFcI z!sQDwWEm68Qn$`petTTceM)6sc4BC|s@@Z}|1vHTK#J>=QPJKCGe2ZEkG;QhP=<-| z%!#a94pDH^N?^~lu-6E0-R?!V-3~p%qI>cF5%uEIZnLvDR+jQ1&sE5tBx^sb$B!RB z?STwk{bFKfJpzyfg!xaHdWLiGCGDQlV_~(%U}$ahTN|IBz>DHPJ3BiEyS#pVTo0EB z10mQ!yZs`vWyp52>Vw}@(o~HUAhnE*)J0Vp!K8Lpo7DecW>M+^Mu^NTmXSze- zzCOW~9Dedhal7zUD1X0B_Y#G|)7mJ0H6;HKM0&+MXrr_4PF*W)m-0bthyB~|CnE^@ zZ7?3#n?mx=8$4IdT{$~(^JcJI-4V?IIG{RtXKw0S_*DBHmP>+n(4}@wQ_WgVV&jVD zm%j{tI5d+1Zp9_qoDsUH=ao`gE^4ka81^)OX<7Z~wN*ZNZW)wtr}HB`e#k{xH|Rc) zT`Q3*w(L+d;YdlzBlvATq!;g8d!a+!+B!ijfj{JVU}v?s>13dJz6?Bsa198vV`bYh zEb%x6FKC5n8SyKmqptkN1-DxRjJ|q1h1Yj{Ky`PTq51b#cX@fagePoo)o(JmnLUQ~ zvK|w_(6|b&49)p6ot$b51Py_|nB9|a2$bH-SYS}b_hv2^-Rs|(et5%U^72`BvP`ea zGvI=ieIUxO?3ep5_%%(xXh`d8$T78zn%lF{&nF*+1xr|m32cxQ_OoB#&H@CVU{*$6 ziRCziNoeK%eh?5}j+K>_4I?61cO_jlSf=j`72jpLd{*e9!4tI&C5w>Y5_?)08uQ(+Fa*fVlB;w~Pb>E$VOqTqkomeoV4_AupM#H6PlAleH>0|Kc|MVUd>$R#qC=35Tf%F%;ejdbO3 z@x#vwXg7N>lA6-GH=2RymTV?}J#67HV&dMJ<-0Y+?KB5Wf2<=+bt}>~C(Kf#3ge5W zET1Jz){RS*|u+4LQG-KTQODGi|8Vo0>j*QX&zCT7F)v|H=JZHeJatzZ+Fb)>_*fS^Y+| z8aN{`<%gv1JK@JkAH4*9b)y`Fr)VBmy=?%EG7}Bm@%~`c;|Sh!%l0XA=DM~y41(0D zl)`p0qD__k33?^L{2axp7&3mpuPg82kzDcxVd)>w|6QGj27c?Rz01tJNLj6e*3{7P z7rT3ZRu^Rl4BC2IcULr#UFh$f(C*0Af{!1~i))5#*^9rl1OC@~BKNtJ6x2;R3F^Dv zxVZay;^SLRK^XVAU)wgXl_SQ-9ccA}=!jF6B%%h4-_G#UcOxLAW^7$EzNtHy)XW() zeJ`0;jv99L@oghY^B^NSZ4tA-I zUntA}^vPMrNP0nlWKGAK7?rxYq2Ce0sspS$JP4o^F6 zEYQ>^GCtGeGM{dBr0U70tD9=>COA`^LFXMV>oFNj5!!F^#p30~vasHP&Hw?Fp?ZjI zpUP4$18$?^By3XI8L{UcaY1A|1~*64`6;? z^T$rZ3xG|YP2@QCJ|?*R)(UIoleJ^LH3LaYRn-H<`-ukoS=KM+O}d32FytR!6#8rV z{iBk^ z14)eON5kVu-EVq%vou2O$R|w#F03bAKTo+K@)xtpKW!v^$oyH-^Nkz|zP^dv^n;@Y za2QZ9XiEk#zco|r-u3S};NP-G#UcOo@zC#cW=wy5;6KOn{x25)f0Gyg$L1gYzsoZT zri5(l&cY@FRx9iyczuiOYHKx9;tWu#?u#hb@`=C+{~})8TM@o`0B-t`|7IOff2-|L zL=US1&4_*^%+EG1X4h$)q!sj}$%<6}vmyx*SQ*o7tPD2~5AHJqk<>|fy_f?NxAsJV zQBV|&>g?)z(79uXUxXJP+g6{)>$`MG!FALuUi(#Yax#E*WIw@TpW4%JP$?T7?043g zfCU~><)F!Ns;Q}IEzL2zs&3Q<-Igui4fLXl{-KhOj=3Pa24L@1dXkO9tgNhSq{VDk z{-6!@xv7Ejs;YJamHDTXS$_H{izf;|U`PQ(!prM?yy;GVEZOI+@8ApFQ(OBIvwD6( zVq#+MK#K)cXN^v%^TVxnen44WvT5T8JzdF0n->xzAudtJz<%TNRMyQQPz4YR$ElK? z0;xM=xCSh3w4!OnMfrE6ZR27+g>qmF?aD61Gcr>1b^&-DJrlv}!6{-;&1D;O$+K@s zp`!SQ@1(N`8Uj;UTe6SyfvzDe?KL!jyVi$B1_N!0Mi&q_pD*P_Oo+kTp1GFS`Ti$& zv~(QlARgGgT7SYM^8R3Gg5pWlxlIOxBrkw_VDDs@&GXr%zP_1|-#Uv&6{^%=`T09)i9g@FH+M#uT>*%^P|*jvo5 zx!_v%7?3=VqaS`Uga`i~JG;BpEkz}NNM*Zo^~_cu%T&bF;x{hqVJp;&T*x-iaA91X znQuCE)pO|*vsELd!`OjF9ET`oDEd`E%SI_*j!TJ~s=lZkJIP1y*I-9YfhZG~;eR%% z&rva08FKvxYRUs6qXX9-0SML-J**TxDYu@2TWA4uHrvUkeK9^vO17#P^BLjEC$Ag`37Z9I55IXEtp-UAvbT||%_l(N6w z2QhgQL-5wq)2m_Td--`~byW~{F!e&J#MT)Z9b7@grF=x!l??OX;5K(8m8bxv1ySZ^ zVS+Gey7t6?HopUqvs%jmIuLN#dVZqJUK^orz8rju^n$)rwF6MK1Qo)DAOb+=%hGOWWfzpJ{kOWB)2Y$-g1hN=T4O69JfS2@cPmjmLpZpkOg;g z>M_q!ZGF?A`~lDiKHv8kuRi1&0Q~HLWC-=(x$QpsBK3P=Msjh3v z*u6L)J_5M|jqLs;{A>dD&Z0fLC8%CUH2mG2JvPF=O)PoL`WL8Rt3$hU{z*i0&l{rYm+P%dr1 zLpc#!Ttc1PEB+IdyXFZ-!ojy;foX5Ou6LLEXPj*`eTGM=?&lH22XjFV4 zL<<5_yj#XUE0G6rEl`W(1i%ZKP-y2xuQD8v zP+f=Za6yPcP>PnZ2N>Tkm`oJWyw<_7dnBQU=(0 z>f@I&QnB?tfMo%Zr~E1IR+V<4eW+3XBH2m)0464;c*oa}yoX-vFnNb$?IEv)o*aDl znUb}v(Pqke^B!p5I0{d}VuxWe4U~20M2eN0M^TP%3Df}EP2v2NQ4C7xqjd1Q{Y(-i z{*pDMP~?=<@)?a2UI3b*#N)mqg5we*B4gj1?Jv9sYS^rOcI1h8%KA`7HS&>Htl_JJ zMHW(Z1ppOSR$S=Jlfb-lHnaBe!QV-v7Zel_X@U4XP?KELbO!hwJ>Ru%xpZ%h0B%d; zwBSg|%5pct@b{Ai_xwqnxj(m;;R3Bv$30d!$0~uX!pb~>qrC1!k zxh8!sg||F0RNZ_9h+_9R;@CTPH@~H%raICAn>i&D%Ds1gff%d1u`EwUD_*0%Bs|cz zs6m6E&FgsLk9-)}Uo^s{a!fLcEcmA{R7f%t(&2>L9g4(kPyG~Oh&M9;wcOfCPSBIu zzIzhhKpn=)u?}3(PhTs76knBsiC-@*|FpS^i!Ko_<_#h*i}+%ZbR1Sg&E%pS%7utD2wf#gp``*#HS2;r}__?J4vUE$PH zD71dcGa70LV1ftk3|$P`>gtTwCV|WA zMz_wgNwyL=0{7-q_ve8;ZpIM8b3=>cp;r8cd)VRP{I0IxTg zm6?}EKk>!SE)fdF=R}3?Dr8}~$bDM^v2pj$o0cB^3XDJC8}6-n^)zznLr-}CNm^na z#ol{;vJuhO2lZIY46J}0Y-Q7jDQJG$^K5A50*$h23$MdNz=F+dgL*i}K%DbIj9c)r zaQ7xDIB^tfz6y*%;QAJGzyM|hnX{?!8ME%|D}SGv@LTWlNlnm|M?jvP*o@7ZmV&C%`&5mn zej?dUNGfjA7qGl2Luhpb#(P_zhDceB2&EBwVlKFj_hBFaw%S4^6oIO$t7YiSU^QqG zeQP=#;@mL{qnAr9pVwdITdVuCDVk4gSbeWIC17P#>HA)ReK@#8{iI8kW=xMF_6vXN zVosn(JS!7qK#ptC_IX~8=ghc$+$M`iiDlj*NgGZYbEQ86QlQm_gZ)*lGjCR{o2{@1 z92BcQs#yB>+d~eSf$KME=O_K>RARR+pIcF;rwd;058FgKMW_K(eUv8VDr{#k$fx>u{}oZKg6Wp8O}Q zI4^py{hv`bG(D7RvHEgXm&{@ND`v>*FJEp`7D069Kb{j% z-yXaNG%h>v1j~?rrpV_(&Hq4XAy>Uhl-9D~8IUjSmlS{1x#pBtmu8pL=7Y1q$jOrD zpXV5WM)6T~08`C)tzfZ5;uc}!RJ{+Eyh4sX$`S2w!hjSJlLU6E{{ zW%GRvbeRHzIA=oW20U`Xuoqsd3babRc28WklL56f)=^+&ugmvckXOD_%~-g z?>y4{5_#A6i{vb>Nuy}Iu+#xX%itQ1)xK9(KKdi-Ry9FWA^|NdxrKOOaFou&iK1+=$0o(=&s7mFxb5^^ZksPeXmmUM;!0mby^-JbO z3FnDeC=_bFI_55{_`lr>AhJEWUS!^|71E{P{;0$@B`w_vYb!ByWlora?#OdyH-4?w z3!(?v)~Nyg?(Bh%&n<=q{m2rxQ$oi8>IHqX+vjaX@F~~!FeZTL@%2YJO*CGe<)7s# ze*8byDrRZxHuI}a5 z*4Fw>z=8>a^j+Fg)t@_#x$-~PdQmU7XIBj=5(26cx(;Ay8pr+L>hHvJKXDizzC@;l z@NpW;->-WGyt!Yt`0fJ_9?w3SFM1(t`5!}UZu58gi?uHHy?^X#XaJjx>H{DXFz_>O zcw<>Sy&sK@qvx#r*p9Yu`D5fe37mQ-M%vl@0*q00VBz8(ZI%PetSs7V1C~uvA`6 z?EvWu%s;qsx6ywasb)aY2RA&_7c=?KS;4og|L-!e#nR&L|4>p=F3-;&LSYKZ%P}k5 z+~wu1`J@l??FBWm!-31s|2P%ryJci$%gbuzJpZv~F(3b=0@Pj^L<1~HS66)P+(*sh zK0a2rZ-)Urc>R3*te!miu;U%UUxdb}U{caEpJ3JlTwJ08Te8O-K8beGZf504>iKnZ zV#o=TUa3dj>ut2Vj_CK4d+^ltJXXP2pYueI4x%cUo9M5xFxt>;VnX6CkR@Jr%XB9@ zTz)CwL!jZ^uD2;^*&b;ZoKupLo{DyLt=oF09lZ1ypd0LNUhDqg@zKFS4vT*VPm7i1 zn7Q+(`H0(>T=7elalMi`PVZ9Ee~TR&9#yoc-!V5U)`Qh%SMaSGEM0#+do~ikvP=x! zd&TFceEni3er3H%lMent&6u;zFKzAy0*L+XCJa?q>;5F@rf7QtXQJEhSC{DxGfUp+ zGRC9AYK$(c+yH!lvBU&EIHGB0RdW%CEFOefBYe|If_*^Os$L#*rhYP9=7^{ejY$kP-$VA%gi2DjG9_1D6Jb8ieuL zHVTZG$>|uJ6gd^c$h2DLkrVSS^LHuJRhCOC!Xq-WLqR5oF-6yoTjzPGXk1`xYYMwf zvq)PG4z#pHl@-+Wi0FL$SZJS270OKjie8| zhqCdqfP}<|h%`Z{DcWiZM@$T~GBtkhI+1oEm?tr@V}x&?x^B=)^6;}};cN>FvjV^S z`d`oS?Kbcn=UKfec{GDv7g$f4nM;|rzoM_i)v%u%wN+=Bv ztS>6Yq|n?*uN3>tB^_VeGN>wft9j}1SnYh?DDLPM`Q>zLgA_mQL( z-i3r**AFEvjQWB+k%)>Z4h~L<;R)xovfmmbwR^g(>)wOLCseF2 z>FJuvsChPAQ!}iGKhG^W#Oq;Yq*eLlwp`Y)8N#aqcw5zk%$bV@_g%sgI3IrL;xu?C zlt;}YmCxV3+vVX8ixvA(Gr1-XrJLt{jmmB6sQ#!48zr99^T7$2j51#;>5p zqBL;@jRhmz=~e)@q9+Ht?7WXEWQ6to@(j~NdCfr4y?xBk=-qlLV{M(--Ai*t9R23BSDI9w>h)Jbwy)I&FofC}Sgq-8 z^{c};8?g!ISrZF&;O#VxEiW$<4?i_|b`0Tq=j_TFt6469Sk6))=vFD7>iiHvy zwr`GXd3k*qiv3t--u1_r{dt9AM>tMNFI*MaLt1Q$i;BMJ*FBPzWj#7FVc7cUZ!`+t${js8PO(tM3x#N~OKMUzIf> zrp&mUz~F6ny)MyDU0rSNSL@W=@7!fBtQe%ijbJavd}NiyFopNTiSX-#UsSwcBl2=& z7fu&&mj~3Pd1w&WxY|XA%dRRZDV2XJ=;3Adi&0XV+#ANB?~9u#4|ocP%r!vbGmb&Er4FCThktmUoBAp7^G>njgtQ^^UD|;NWGmaCL zq7WG&jy;Z*b&QiEE!o@Q9Gu7==VTn?9OwAmeLj!x=l8!qj_bbf>w3T6*X#9sE#GcS@0`K;d2^1EpOcuvRQucH=R555Sm%a!*bNLO#-{l%HDLnN-e6aPEi}YrdYX@> zeVtezHyWQ2m#%DV`*{QO2|LEj_PDG>gu2Fy{8*q+_GfZx4yWgxP#c`@%0|oleTA@y zGs#56UHc)LFT5)ZjDS&#?r!WAs*j$gy*0KYtWa45B{$&~TE-*VSM6cKuA?_H5B}gL zCpVIEQ+2@_vJ-*@})F-;Do)8mruj)+u-%J zjXfdsds8lG)FX_Wo9n^(b>8tN@L$Bd46~mqn}RnjXeray4n2WbIGMyC@5P)U|Ki>l zFED>F52N8LIJx3DFOya_{&udg{^_!Lq)`J(oSj*m@Ur!2MvQ2b%%?vY8WnVGmPz$w z&A9u3>qmlCIx}!`R28=jiN1TQ<1Jf~E)U4Q*G^8I9B#Z6@wqg0$ovd>Sc zFd+ub{NEZ#@&jw|SnhgjMG0_blp`yGswIa_Q@Ny7R7N2``6ww%!xA$tYis;8u^?u4 z6`Uq9d;3(IZf8q+;)B@|D>hha|Y8{33Kl$zON9CUV>4

  • cv>Ti14W_RC%239{6+ZpQc=?Hzu-%hV~BQ@_? z(c7GFEuTF-YGIV@8;qB_l$&OrUvU=cy*_>GEK3d5n=d<};HqeEVBqa)Ou=xr9lpBK z%*({OO%uiK?00GGd=O%RFg^reoB+*h2RR>^`_g z{%^j~m5q^+@>y0h*2 z_zt<2kveyHh^I}Hkjg;K@R-bQU|FdTZ5N?HSj55N&L8c{xEQq3S<-d^kc2~lOpcSS zTS139`@)KuzJ5-{Z4H;8oTf&UwTEtI2$j<*HY6kzc%M33P)-1 zkojqT-s-?jcJ}^>rMxorVw4^$Yqz*Kc<8eJsHm{0=)v~pVQVY+?=;BZj(j<==Pfvg%!O@iT!dPMjjaft@=fd) zw#{l=qI+|T1vfV_rn-)PC=#Mxh@=ONS^NKmw$O7Xrd`vUHmppE{n8WDxTTZFn1GfW zTy(6Ii2M}r`Bt}xsolff^%}mtm)Kuz=|u4Cm#zjzwWBJj_cF2_o<{G>z|pNGKXA$_ zH1gXt9yR7~)6Be<7FHyGYR}pP)aFtay-nhV*gNZYIW9poN=sS}>Y7^xV+v72s^NbK8Ew(7V>$)NJQvlit)AW}A&?(b(3M zYqkwrCGKE&6D2f?%Y@M`AE8;Rt2LX!)Mqt>4wu)ddUE~ub#;H4nx;lQi*UOe%^AaZ1S==|0}F3eB?#puLd1a!CvQxxbPA;;yr^m(|-o^o2wcm z7m}f2R>`$~g~bVm`h|Odhd*mO5M5hZ}vXY3P$1N{_p+zvaQ9)crS6+(b&=r zTD=*a)*KshcN>bTeod5xLPqMbpG~n8F+wH2T}s0zOB6wrl3PG^TDhvnQ{B zvVClNAdkn-{HeeFuRvGZe4Zg*pwam~DRkdI>{sf0)2LJ}U5{5K!ezFR<=^h-I?&1T z4(d8O*+%(8E^+sHdDr-JrcsKm?fEZGHA{nsJC6s?ypouiH8aMx%Q7#KBQ#-&b@#g^ zA{xZ~Ko7I-by_ihSt}p#NL>6TRH5 zr~i(fHjl+LRQ3XNVyU#tLnAmqUzP}NA&eHC|H?`Ss}|VB+)VsPB-Zba$?5AE)cst# zp>Jr(sQFYYP&e|`;zeeE?09SYU=Zd#QuT|;v?t7(fntRbt1BPmzEFKkw1s# zCT=~7DuC0r6KtL4u3mn&z7@{`2{f*F%1rn=DzkgwT%1>HWtRF(2kdhWPP0oxcrYKf z1|)i0Za**09OCEs%uZ5uI1bIlVXjW%C&wQ1j)z2hC-Cb1+BDiEU8;N-O3h<>F)VRc z)I7JiqGBpn-vRSu?PvmU&O9`$Sec&KOj`h^WZhfKX|Yr`Z&`h$Um;FJIc$wTdwQ>_ zwFDAxN*JD#eAiMVc3b;}%Am3XVsQW_ax+mbw`;BT25)k6z{}Q@lHLq15%)pqahVm> z3pg19hYE5f-;@{f;6X5lX%m}4@*V$2FO3@6L`6Q7w7FD)CG?Uq-*P`o(Pm^k zReaU5S%+8j)k#Z;v2l9r-hiPKMpZ~?CY76)NB`3T&;D!T6Hc?ve!qPu4aXXw+K@73 zP}k6`Ue5`4i&pIvbG0xrep2-rIl*!`I`Wm3nOpSjzD7$ul3$IZW1{xA%NNB*VP@T& z;D;6Kepz{y*zpi%`E<^F*H^2fH+1q^eOJiKebVfrVO3YtIprkK4Mn{PY(Z7|R|iF_ zor6tFQjlx5`Vhm=u2sA%BlAHB7%-N#1Y#7w>Dkt(IYGy}!K?qh!~<5$xj5z7r__q_nnZKym924>uNo*O zH8|WB0=avzV*4VNYs4PBTu~WMu)Z z-So4rOTEd+cWFSgQE?$wf|u<0!JoqTS!bTWa=|0=Zd&St!?#E#Bkzz-Ez~pHf!Fu{ zJGTIq=&ckNr{#6F`_Zal1&Abdjc}3k2MG){tS{O$iMDrJCaQ;caCR<|gV*a}F%7n{Z=4TXXqUAv`G@`byqy?T`GOyGjqA0EnXsM1OfLftx3m6nk|4IM;E;DD*5ew~ztl{Eq%w-#qZ$=#^ zumLd9=*Zm>drM+SJcRoErhtZqX>nrNf@rTJrX`riYlWBMa;IA zcm1(dJfl#`*wE1A29=MDp2}LSsny@o<9V3)zopHP2bPwR?I0}lMHQ-Gn5BZpc>RrR zCE?PxMpf|(EuS##o9!T=0FL3P^5TKsthbEOw7AdNf34PJ3*s&&S!?R>7F6)1v(t&N&(A|etDBxLH>+9H~z##F8Y;ZEhfMqBwQzrvMl z{HV&+btU~BrH<{@)uTX#D}6_`e{j6!g!=;xgD@wf`^g3utvt{4Af-gahi5|dXVzC~ zi_7jd!!4hq_kWD!dvgczSyE1TJRM9Fgx0XTxw}cQttS~3x)qnSy5#V+@)acxXuCqYTr66EYq#jW3o6k0BobN{=v!CubWsW=qC_$ zxPLXi0FAHKFG|>{Zf}}dv$Kr~IVB=kuJt)KID$R>K3}?rzpwYX3 zFb(MsAh!1!?#J^XB?@5{ruY2fQ#IvO4MQA?noy0Dwey#VExRpN13eEyXoc(g>B93A zW$63bdw&MJIuePkG?9e=TmKVMtiZRR&R((`$uk@ z!X7^`y5DSoxIM*k>sACX$~x4_WD0|L@^hQqPLg00-$5vn{6S|wVq}K* zT%5RAMo!ME?y-X8P;T~Pp!UZ!!Xf6*Fja*(EA79mXH%f8O!$lXy|8-CgE)d;;)y+A z?`Pd0nx)32GVZqZ_gB;9Gb~TkeA}$7UFzdt;ezSy()GuZPl1PpuidggyguT-9T+Gj zc}IHt^se^u9+)}@zoKmxbx%#L zOTrx1nY)gRD8w`XM*`xND)Bh#=5#LI+X-@+EhKbr4V8XY>KZ4*!(;UZQxSW8g>4DqwwEIpvXXsr~dgly^RVuvb67An@oMidA`r9#@Wcn2QA;+Xk!6wx4_Cl-=AJ*e*TR*q{-Gw+CoT4_Wly`26dkYh&!Ti85h z{$)Fj8GJIx!Nm}4FEJA^v?u!e|Il6Lon2ogC_dSYzE4+@16l{8Ydh1C`B zH%cqnWD#G4l13e@Zkp(^K8OC<9+{n3P4bT=kSf^R+n{3@)4*=e=~*`eR!O!Kl?YGI zv5sm>v$AKN`u^(X%M;rxLczq9%lZ!=Y%hN(6&yY!%#1Fg#+yR02$430ypQv^!<$JZ z1Ec;+>4%~Ca4oy> zgU_jP>rWTn)~A}cmG6t^_wYB?lA1YyDzYxezpZ9Tn35=GV5WqXJy?ZoE=EDsXdysW=3DJ{8fQ@@1Kj;A3+IpS~^Y znwU5CdYBUDu4YAXl2KywIt#j#3>CF$|kW^rA z9Jb6=9=>68+5hFC5}32*szH$co2FN34^w1Jr-xZN_oZ4tS#TRZ>PF+We!wy{xE_hAq(cg zY#dybd)2;YhKzI&Y(U~pg*~jCuB!nizNNp4bmI0ZaBsOJ+RQJvSK^IKZe=&36-v%e zLX5@xdYc;Gx^^Tw_;pBHSLHAF+_-$e&f;QGUDT5sbVd?c1>B9WB&@?eS!&F^Q}IxS z&5uN3ll!t&2uppkWQIdGy)HeoA|Ad)yo4EKx+9$aaWKT`Nnrg5E!@t;;SaZP+&9s) z#U)aqjx514s~-&mXule}fkC%J(cg4!zPHG(-(1ttmK~F;U|nzd+&CW}aX$iuMoOwi zrV5LQ#|U+bKC2*11kNBfYGv~--!|9F&gfEgS|4exLA8G&FYiERJaVa3Qnkp?&5lm1 zsd9hcU|1G~Dj_KuhA7(UtuB>mBV7T*FzheEU8RN+D2p2gpMX{k$6sj>g7E(#44e_q z&W8b}N*v%VXq|M!I)v5r^gyU26@UC6AX3r5K#1DxA|=vG2w%?K)7)=cuSO>Ue$1dj zRe|vD+s)3Mj4B&Lnj4FmP6<*Pa=!l@DnsR0Fs1IK%hDacriiY-<&(}(W;v57l!(Z`oh%!p=a23U zUCjW1OQWDjC`pHaA4*c9h~?bzFkCp_JE3+Qo|F4@o^%wQRh(H7sltC`>*?I#vXK7QEMY3DJZsC{05pUnJ|~`;p`_*C z^oVYS-RbCahc^r@wO}dk8m$~7V-w<@JJ6{Oy4cXFZi7xLyIfmiJ#u16y6W$`sk0da z;_!?_bz$j*#58PEP>>!Fw3Kd}4ktZYQB2d%@4Wn>FM22yDakw(kwW#wr3LJ&@L-fL#x?0HxsDoLHQRJd3mmul9F+jF8mCIT$_4j*AaamX*#@`>=YT9;{;Co zVhQnnTHH}uIHVwBZM~?AN@hyGTl=I-=#J1#{j|2m@8SjF_0Z$Q8}Y318C6;wSo)ek zHgLH;3iT)inq}%Ur{EuNc(Vpfa%&+M4}a#G1ubW`?b)sQSsgMxf1*cy5*|rr1&4PD znmO<=S#m0k4KH#tm`fM5q5QPCQ{o_-zEO{2(s}rB-&wW64^*I#_;H_@maIo);X{!dFn$(-kO@GBywii#4XWic9c)jK&fc$tT(l7B?uDF-Zn@e z$!PrG1nyG6-yk!~Ibf`Lr!FEZ`%2+}gKTX%D?F}^Zes!7wb`JWhvijE!Ty~nsG62} zNaX6G)kYkAdWC+YrwJf%{UQLmNp$t6PeX>Pz`zx&x)0o2MK4?us;#RV9#CF?h+gZF z++e}``5d=w=}@U;#mP`S)IXg!Jw;a<9ug7~&C}oWp%Ki}0T82LS);K187yIfbY;H< zwe#g9$K-n>@Mv@$z~Uou$U1e7OkfL5_^acK$HK|&8+i8wfqkA5Y1 zeLsnva(R4t^^eiL|Hz$ageeaIXY%=cYnboFMA#t*9MH?mEC5b|Eduv0Y_7#6d5Zwb zNYgP>+t~<0VF#lx*l>YFKu3p0@WwN;EnfgrxFmWFS-JW4&R~6O&~h6sJfBMc>$Q;5 zJFrYtd4oYS=}=TzbSTq_GsIzUxm-y*U(8Fu1BGAe&sp}D6jRyhI3_=TO?bM42d}j6 z6LtuzR(8<;eAWqn+sWlc$$PLO8A^_fkdRQ|;4l6S|Esi9(SRx!2SA7YvH+&p+)KVg zurWXH4ho`go;hVFYA zR<(Mon6B?ypaWx0Q-A^LPuBnY;9Gh_q=8H-k}B0{T91fLzei$V^CYot=B2Syb@w^ zLOkEuEK(P}=vs!qi?vyH^PoZ)2~t&`fKe(a&DS*b`_W5F)7t~4GwWI`2)XNMbQvBP zPQ&J3=$NgO&2e@y{e5rc0Kayyz+-Uu^=?5m#LeFqR&H^3@!=ZvxP5U8kL{p1S378W zH<2QoBUkY2z8}7k_AMnX^>^<^GE);PGbwiAebugcGyJxc$fIE9{;|09_(Icl?{8+1 z1Slm<5B#kC_RwK@XqgGY4cIxqqt7|Im#SD254;d(-CnfDQdeu*C5GKK!qY7*(e$p| zB4s}L2>WHsfHuOH$BVl+2U*c4Tm59&Bdgy`&D_@S%uKkQr3o~|FK67pyrb9h6PAW2 zgjU8vT!aI3X^>!03~vsYB|ZO6B$4r0sSM+&r$V_rU-IoGflZwkc1MlYVKacJ zc|g|5!~sSg-)s1guaiKfN3B;k;{Y0rpv~>J&wDr@`sBK`e>>SyA!rGh)YEa9_Onja0j`JX)qP`P`H9uc*2 z6rkDdzz&uY*%dcDnORm=a!9(7(>C}NW_0&B_RK#Y&W@Ru9=vN~Hj=mnqXOF1RZy9F zx=zCJlASAcp0_@l!JGpCla=EZ`k^0Jt@0_TPxkP>lXDpjq%h6$Sgd zP7$C#YE@DS?d?~jVmZLNV>jfb-{bNyMQNGohvb!8$ijTmoi@_Kd&4#8GOWo31~-k5 zn3>oUSJEVDBaHsz+=IVQRNNk9ceEQkGmxT2+e&UHr0nKB-+X5U6c}(gD@s#ngG!lR zCryw4Zff5p@y*|Zb78`<$Ku%k7}+DV``>6nG(lNg}2Z4M& zY?!MmIA0-jmNeL;8cLYCAY*^ghEg3v@yS(#!LS#qt)SL}!=W<))J@{#AzEkJ`e>G4 zf7GGe|13Qta;IPMD0=*mcgQ1Wua5q6mE>QT?|-oFM4ty$QjGvx=yCH~;`+LOz9-~< z+tyD32Nk8h8sNM_QLjWE0J|?4u)wT>id-(kFiug!+U+o}T|y2QHLHfoanBh}aH@c= zsI*W-Rp|hoY>W1i!rmmR8fF8+^U5%21U-KB{IXj+U%F;(h5z3jYmXL=#l>q%;`d_Z zR8{REcHK-Ryz+DE4_#k0=|p<_`S%aX0Cpbm?+PXs#PsjXI9++&WSNQA<};R>dPZTS z!I@gq)m38Q*$cFrBV#!4MGLlRV7uPaZ*4-o?1N_1Qu0$Lvj5l#W}*5AsWT?prF$bvUBdkXzWUVM0GOKpjSo;AMBXFHYqcs1c%3&;9usDNO zJPR;>0kn)nZg8VvwdiRs54TckQei{GH#MV6e$R)e*LwoR`udxWK7aiC^{!W>m7QBE zUQzp>h76tSoha>>^FFqy?a1>O8Tg{K%GhhaFxEatIXo7D(d=reJ)~P{LD+_N1xgkz zFw&KRtM+!L%A$>=;92V7R{HC)>3PZLVijU5h$U&Uux0l|qX(}If5n#+UuL#`wNql; zWnrf6>3zwZ@I}3L*p-2uwE@} z+#9x?s4sUFRx0=H?M8o>ZT;%)uCF;qzNWv5=hP8|of4mtn11+eSzR{Qh*-Fn?~3?+ z+2l6eB_Nt3j zL?qfAKx$lGhx;D=ey-j71l88@2NAyHg%57%_kGT;_*Tl{WAr3tbE~6CFbvlX_^;UU zkGcc_A@)EckjDj}>^9o~=gU#((VsZ@0X42(kiu}}kEPB0^9LW}zh?VXdnJP@A5;&9 zzR|;C|Cz%$Za75$NN=~eZhq~)+O9*$V)`C1KbXu7n^}~V{d@p$fG9aYQAQtUX*u4; z`fLI=aa8!ul8$4*k7A{glf&@QRdi5jXz0SkiV1)ig;V~3d@HM)QC3coGeA7dKHa~& z6PMjbbFWd|JKzremuZr5!e!J`*&plZBMrdnoIO4Uv;jDZb$VE?`cS5#yaG??hQ zsF&Ajik(ZB^-8ZIAu0%?6c{68!GzBL*!p<2?t=Ixh9}b9fZ*OlCU})`!gIFKt-J4>W=Q&8cGJgD5lVd8& zBX<#7;k*SjtV{SK*fG7?VZXTpU>-TR8>!OX{k;me1E zl|s>E$$f{V3z5sY&9pWPrN>2y3iYCh2;3gw_{8y%wZsqjNVh0n9((iybF_U1O?3*R zE>fiKEq^@TAq+MO=Cr~)4(8!>j5RG6P04En03y_sgNWq96RSWvg>ND$stcg~+&})X zoCog|_4ai3aKfvOk)Az=DGGWOt=eY+P9AEF@{E0B?4dk6WTU--$3gy0t1B_D#_tNX0#W~C47GKIQr zApFK^6%eMi^i$NF2WDdS;fofb6F`9vJa>R5d{Fq0vf}_0&=%cq_5hvwq4n=s>d`cO z?}urQGNru87bj79fC^o8%LIN5_%YTVM!rsszKZ;k4{Zg$0w`~D9)M<=XwE$&(=xQr zr&00|Fi-_%0h>6`M~nQC546%a%bY`#JLM-zxr$L~VRL?a0sLzjrQdaTf&N&&w;@{xjFK`Ejb7Yupn-ZOErnkeSTp|c z=jq%I3#nj?<>J1NfyC@VHT+PCvcGmLPRSYE*9*A2qu}{jy1E+tt0HCAL2$;>`rV%i zJJ)e}_Go&P{D!BVAC>0fz=B-Awx7NBP@c;{$N`w4UIiMvfs@S? zkhL|;e~sFAtgpgvl9C1(bb8vJ=VQksSJ*;cKHo{%=jLFZlH+~JI53{lI%4+T?5IOO zhcQ3`USqP+PyBG8-W+K}QMX9diC390lPja7#VZU54t}gEF-vuq8v$>bWw-2&ukEF9 zF=t#5VSV}jWhzaZ!BS*kOcABU^}Oe3OdQ5+w7!-d9 zgjwX{YYXE0aPOJS^Gz-y%2DzjdHs1-Yut$4>}-fm(Zq7P6~%PFu4H2z?tXv~F9;Jn zGlMZz%PC-!B1R=FQS*zLD$A>Pram7YPGJZq3bl_rFV#rR4=`h+EofIC+!kQNexFt< z@w#TNDH;W)iodx&es9b&{T*jy4KNp%Vh3;xjkLX)!Q%%Npl25DJDDt?jgz~SIbF42 zucSwb))iv1&Huo_#}7(C-3>v38_zjrldHrZ3R&@RTKn`jMZiCei18&l4~tx6-vMmf z6p1)00C}DTHOgm8UR>q%#g2K69+eBsSUFiK7H>`llnK(rEKF>0u)V|9;{Zca0Du77 zRU@vWbBUu?_blRvUfZ`D^}lS}2U913sqCh#fPZ5OP%EP8s;d~-Gz@4FbE^T;KDheACI7`n^{#bMFMnHjtf935j(`cSwr%H4g2^ADBz=l)NVU=M$tk`2Jf?9RVB6% zD4Ube{TV1=lX-K`$K+%#8nQhqwpQDbxA=VUKSYQ>vpJ};qV^ehmzlaPgBA?F?t^|s z5q$EAR4RE}@R+PqzEMM4Z>9hk;j#UKgxqr5`%h+>2xcK~;Xw=j zM|JS9rM_Rbe6*y?PmkO8H%fu$3WUK7pn?dMF6ks%FB%g9l?a$@f$w*K~6;tSqU{Wu>u0uYJ<7maNd+ z*ZjPA+?4xx6T1R%*@cMWRQd6Ig#-V#FBp+uKr=P}u-@xad0#71*RyW9JT{gwk2$>c zjYYF(aBYFQxdF5tpJWTaZj@#1%bjq>;TuVfCNKq(NI*@<)!l?AgavaW9CqdS6dqMzN`pI@kc* zI#Isoc<+bj4=N)AfoictgS7>dZLQ@Pjp60vqplCf?>a>tz8nXfb%Xm;_+v5DCI_kx zaN1JxAIc?`jwEY0VDiSPFxw)6+?s)!4vRV1vc%Ow#(aG=qA6M=6tWTO)oAW!G5!vv z858p?`m$ApqpG7wti?csnwy&&on?9jbiDhN`I6jy6SdIV2E!KN8Z8n?3N+m1AoP7e zY1uxKTHSn9HxYb^G93L0b;HIb*!A*F+&@l*WNjOch(1;Wzb+rn=2xn~*fVe@-r#r} zhEV0dRrzJyxVRXJ^n1!wyA);l#c$lga;q7D+^%aL_Ukf$$d}e@n`>x?gYbHxq=R%Q z=EsGU$Xlkt)9dyfRZP!glCq)&rUPCH!p2V;aQ~e@BRdI@n}46280N_zJxwD|I1!GQ zxGow-4y^<+I|w)kye=8c=zIHC8^faIg#9gTaw0U(uIuFSVe&r~E}guK8}2?cylI`b zP-wEA9rrtvMQ{cG`w3I6;83)2pti5N2~~s=X<0=dn32cYj~bo)n?bFz_2^q|M+tBNIrdOSdlko}3J(|GL3r z^mm*q79~hiwdlUHS_7n|%j;xFQ3RFpDzeurF|669tVBwCa|7KPoi{VNaEk#vqQS<8Lr4my-;P zjRi)&5GOm>sYOBe+S)5>E0O1{zB$fXmNPMJE_~d0sBfg#G{D*UveVVQ6qxpF`2+}l zWc*ZJjWp+EgR8ghA=y|UQl4I3J6XYXU%OAU()DA3DQ4tH9jCB3bCH7H-CO+D!J%P?S2td4X=kKo z&2_vJOZfuhO}K}I<17ta3UUj!j~3G<-V;`3zhz+^V``=dQh%xHMTAUV!IK7+#-`@Z zqh$t-faO9hB#usI<)mwRFVfPG{=W5WP1UYg)MJdXjKTA!%T4FqO1yAsBMG=)BR83k zLmrabBcdK98RVHSWJ=cMS5@`oqKW6i9;RD!s=~DHmgn3n-tjAMjDQ+BE$0o~N%WNc zHMrGn0CBa=!t-Y!T=y?6zkf5Wl#j7yJ&k;OGjjHR*z6cJ+M(MW$zP~-%K{Hvxm)8b z?VurQ_m>J@f$D%1jL-Xp&JX4K9omR(>y%a%kN)h%Ot0eiI_+L^`p*CO>>t0@ex~5A zuaB+j>BT#t`Z=P1 zC+|1`MQ>&nZ4gd$nn#_gdY!QtE-oF@Hea`&$%rWw}>(xd}t4CBop^Y(=5M~ROqQP1LdO#7!DO%VP8hp30kXb!bH|KT9 zVLzXY6uBsZMa3N%nooFbaos*<>K_%Sy|e#IOMrH?@Ly3x)MXnkg^znc>RC<%@o@Qq zo}sb8f9Ms#oNPU(3Ol&PG&DLMRm!!*z61bD`LOL(kM`RAF*75oYrnNbb#46;+b(_G zX@649zoTeB>a`W{rQ-3p+fR7kVFnyT^nKBrD9qWThCx-2%BnV`5rh-4!LiaKiL~bQ zjP%3QHQ1#}L~k#}K5K3-r4$z4+0_p3EIp4l z(_=gNFY@>3OPNm%202JVJtt#nFf370+y)jgw%YhGF%IK*lVYbyeF$Wjy(m?*al^@l zVOD}xIxx1+xb)(vio;K;n&}bI3CTbw>6=2A{p%1mFqorA5N&6Y@U=LNvc^d}dQd+U@*SZPp4MzHB%GDT z@>{P62)-S&jSX2PeB5}e9b5Q(nD43@4o531W?;4&50GR~-wwPDr8MeAzX)-XEBU@# z!42*C&Z^MqKsp;j86l@zgwQhfEhmZ{^+!dtM)~IBO5LgM(G~qRpN5)R{dG$@bo_0C zJftf*m=Ml$dlt5~fC5lFFxSG56map}=1B`9wDtc5>n-tt= zvUt*h)0k?TaRd&5>UPTm8ljNjP>L7(V_lbZR8m%KS$0wZVDoBLGYBY@)r|-a@_B`b z(->7K$LX$}zQOlhe;HXyF0UB>B_YBojb`G=S6e$Zp1Izj-6P>Wqht;ZvhS!tUPHdS z8K#j1XbgyDLc^^9Wb>0;RntT^{Z(lH<{`PtCR%G0xG!E^ewkPjh+uyCGI|%NtY_Ai zSpcwomoHI~pmn9-Ft7QqnlEh==R<1)9NvGhiq?7?bH1-ux^6n@^#cfxj$;^cne*I1 z%qcG~j9j&Z)XFP7Knd&fLz68*XDh0z8Ucp=S0KPf6$lr7Qrn*KA3_$udj`Zhd@r{e$Y9| zgCMen6-DWdJg6}Vn1sWZ@OHrPE;1?)pf`7+n_g0%8$JUBABh^S=wil zDbIn6^`I}&FtJ845~sv{X;Ij0+&nyD@YCes~ZwOjDxFw}n>;p1mdskq~! zRfzyIWl!(qI(ogXF{v7b>-mRG+XDz}6wL8}3h{5p@wq0|a_`YAksFUPTWN)%RfD+z zTOMnq2jJ&@UkOIPAXvqy%q*wiw%^ENJOL~V;@H>pdM7a7-&~%6AIt%1$_-18N&04H zMYY-aFANMMcLB`WA)Z0RVg)_6G1Wjl%fq3?%1e>@+@1Rh2T~?H=9XgwD*XC>1+~8n zTj&{&iq!Kwo|g4L0br7 zr=Hh>IzkPhMo?oanIcfLPsr*xrje*!ySlI~|75k<=27@;DE@IkY9}zI!uV9Oi-{jH z@6T)kc-8H}_W1v(a6E49Z5^pk2DE>Iyli+6oP=uBx^x{8R9y zE%kKTy?l83r`wm2^C>GBqq5=~HYOT*)ym<8yvdS{Rd406S(R(LEvC(CStz zziMIlR_=`k8z^^;k=A$aW64>=Q^Q_>4psq6hCv?uMgtari(V2xB7ys>L#})^+NzQ7 z{!H}7@<~fCtTpA<_8y+}2|@Gq|Hl$}^a>RE!Ql!0P$7JqM`ix6&{5P+{vRQ9Wqm*>}08v)c|Q<%QZTV0o-@Vg`q6rLEVHPJXf8qJ10 z%Ov;V4+`(skafocCz5IZ_&;oo0uq2CueW&Ilb`(J-)K^eVyzZPCx(e0sJ~kRO4%3O zM`4RqeNx9lKqLcn6*u(=wKJeXRcI-OvR_=!*blGN%Kw)ykyoLz!=4=@NX=WBy6I8ml>en5lCrM^6Zu9HD)| z9ZMBf-G`*sF0sG-`pG7CxS+xI>1A>_YF$PJ-xuc5MgpyB`f>1|4Fr;ZTe}czy4mYN z%Omy%rbP_P4q&!DYf=49gYQj)Nbv8$ed}d-$LSBBZny z$Qo|iL7+*J{3e+FS+$1Z@5S1vO;NSO3N=T{WdTEVqu|-xP~7U?&~uJMk|9OV3*eR{ zPov9Y1{{VXtwxfO-M}wjiq481M8GIn2+O%LwW)8SPM0G$>gbsNZBoNwMi$J&`(`3D zOnQP886;`U#%2lwi7l^Qr4C&oqAN=O8s}hnuCMWptDVy!WF@KY-9_)=I&gOe?{VAk zD_Fx-hr%|ClE6PvghwnYU80u+z3hBjf81V$>*_lx+QU1D$^@g8dVDh6^%ziL90eK# z6^ct+=7MKH@JmF3*6`!wQ>OKra%4Etv%u?WT7C#{X)*N==tV-WBX8bu`FR$-Ti;9D z)%ErPFnZa?dC~v)e}ja73@zY(V2K{8JbK)}JBrwIijm2{(PoK3P6&3jQ0i|o*740W zH%clAdVlcZp_}T(YgNOTo((f4w|?k(!N5_wVeQ-(kv>Gi-@v!3Jr5tA#TtJywkk8o zHr`M+?`M&Ja@EYOk$kb~WTFiA3nC--t9J`TVJnxk&dtd1 zR&|((ro;xkJOn?GzszQ8WjTa@skT(mw?! z_5mIK(Y^Z)1@GX;z~RCYa^V!I(_i=T*XtJ2$}0C2qU|xV?I19RE=Loqh^4tD8uf{3 zoH6YvZ4qM+II_{S&Ar6P<0i5}H2BKq@!Sx7jE~^;{tfLGH?wY&VUv@=)~!gt3On3r zq}nr)q8-Sx6$FA@&y1LEtrEW`#O z)_f*1K0G|vyBQ70)1uAGbb1&r&fN7s|3;zCRj$WU&!5jRcuL2^x6Bd`;sTF*WPh!}%ef&rX$hIfXrkmCV zYTlvqMg)YD*>C3S99c&xy%1)9M@m$s z7l10&3^cXh(037L{q%jz=lr9zzMH?K2_W|9WSqFT`JY9<73CtrpfQ?yk3RWluc3W^ui3wS z(LE9%^KMcE{4P#xO^9vi0(wP2XcdT_@2T_!(hT2DHw4bvU&7ywmaIv+i*f<3lZ!s_ zdY&_?O52h?KGI67c;~v* zvvLv^b@^W0qSo$9%`pX`*ejU4hM@?qepS(7QEtx?$i1P@O33V#jJ(p!OKCc7qM{;` zFXpdQB?r)1|ZCd`sA0tqes>4RNf4> zU=fr0MPBUFJ%bQ4HgoCkhw6WJ$Sp9;xmh!`y%QLv-cV5Y!+TvIDumr)0 zyY|aNOB)9gr7je1k48sGiHLLq2Gxm0<<>Eg2OmywmU_9|wm&ZMGQ5$&L$;~bS}yGA zSt01`cOk$YWB$T>!jo^uODThw|LgFOQU#X!5x`s8gL@#{fZ_~J+gu$j!&j8$xdRj9 z{&y^OVu!zhyLzA{KO6&cDYfti!vpqeh5Mi5BZD@0hLWLbvTm+o> zRY=sV+^ah}YW+osyzHgtc%)(e8^|9;IRzW2W&^M<9R3dV@W?DFzCr!sYZdlO@aXR@ zf3_$bw~#u^;UQ9T;6pr?Bgb-?eBBqeb_oI^-^ZvBwmJ<@3;PE~`gXC%NtWMvpscv!UXY$h&dmeBGUh_@K1|M~MmrI+VlhMtu2 zzeBuhfsxH!q``M87-2&OAz2>NdD~cCKHe6LM9>hEjL4-!agXW!H_kn|^$8Mc9rd@D zcEbxQy#Bky02F#&$AR&_rr8^5vFcCXi?!@vIG$1a^X89~$Msc#Gv z^?T(-*1sdW!G4OX6JiN118wFGx3ip_TA$4#6%2B_E7{pS3%|t`&R!C#9iTbgcL!~4 zQK$Q4ab<3gPomPfmdc`GW6Rp?T~R>^eJ1EL#&guYehyj*n=%v_9GJ$@#s~)2(?wd}GEG+g3 z=NhVd#|zp`$K_o=;}bvcNeKdq%TphVPG?Yq@sTC{pwA;CFAN%T2Vn-EM1DrFG7)R| zMMFuz@BW&N(f@J=%IiPzAd6MoZHTmRa@E}Vh^s{VjZl+?(~tv)L2UHbP0UNr!l(7{ z-(>~GwU9=X!NHNr$46ZuW-%S9;9&#hbwsHmdHRY#pwDbs;Q}@saLPj zo$2Gp#UD#nsB!Nb^|j?+7@lL!^%{b zlc^!HCsRJHkx1O&+gf0t>=X)xO3FoKGeK3AfF?6^fxpDdqrp;CSUA3xP4oFXxzUjd z>)QDlRz$WBei>dI>bZ%^YIDhU#7YKBBontmNOE$r6<6UL20SvVMb-7!ipgq6ZL0q+ z2%ji+2#~}fNE4`=LJd((=v>;vP^Nts?)i&kbs`qsjb~otSNb6%2rB^}eM&SNQQ6x1 z_^+AElP5ckd9lO7WWeN;yNf(cIQ5gmq&+7(OR%m(>HXOBF(@H1N-#?uP>Cw5?gR=< zmTGa9ZmI?5fmU81W?Rhb6J?TAWf=l$xOE*Wy>I68xjbePoB^&p6wXAMlj^T@?$>17 zhKLegusa~$zOF)pU;uu{GY@`hY!%=cUsx1tjl_iN(9C!2C z4(WWn!14GndgHB7Tt_rDC?p!qNUAL_KYt#u;yOVObuCqspgPTQRX)0q=~4)KZd@&; zedtKjIGSeM{m8(O<~w*u)}tLK%IXU~u_yco3U^)7A$hr~jV#Y-9F$CBa-|F3=BI%{ z=P_T@!lrX{R`9k7x$Bt74b-Yk+y-6~e_3x?gP&#fGw3&$o1a1|cgJ5m%nzze<-T-} zn5EsIyoG&x*qZVWPwx&J8Q#CLtO{ z_8ozizM=*o4}U;Tzc_QEKW0Gw3m@w$mTR^ZDyxZR&H)p?jSL76=Sb$S=*v?|-9of` zx$HGCG;~&01l}zYtnZBgC7j04vXuwm{f?H{ZNpEE9m=pIwxq2Hm5zBAuPNtHrKEzf z_g=R4Qw_#75wDjl#i!8QjAuC9SN6LaiZ*!w-~UQ6fofihgbU!Yq$A~h4FD4BfIn6_ z@xyY~mi38~CMAXVsctgW8_GX+pSOh~1oqdF`l4@hTFv+GY#7dysJD$Ux}HrR-M8j= zIVrT5n3-s6nC3ZEyFlT@qcYLkvuuyRspab zj0=0~i-5N}P6J4TgTs|M-AJHrX&IS|$Z0eM8Y=M((4Lr5T?0(ZkVlIoibhVU$ci+y zU(B`#Ljx$%zj?5FW?tILW)IsMBpn1gC`bP1aQ`isAvG5T(H|I>!2GJQQen0voShhd!Ol zI;*H7Nhol(pt8+aFd&&MBdfmJ=bundC(HQO+)Z(44>RQ+XC1yS+n+fZX{w#kc-EpY zw>qqznxei#wt7K%jhQG{XH#LEAApJANoqpI!xgOJFQH!N!PBgWlG61#!e zba2bliE>?T9*vHderefQhRQtvL}lYai=~GHjO+HGtMR_7ovI8%E({_pn<@rj8iBeRe*a&Z0g>g^nk%kngEf7EEDaR9=Hg&di)1HDQ> z%B08ZrYc>li0@gwM8bD$E+=R&hsLmYa@SnaJ!sp+?5^-zXL=L5V80|dFOO_I0S&wZ zIUV{AHp?i@93NnSbWM^sRDBwqHFN#J*T#V@W-vuG%35L{39H3XuI#w`9@tt51TpQ> z1%;3h-G5-pRMzs;l+vmWMWE?|LfqHO*R?awgF_?b5Qw(b;a+*Q^o5A)K%nzq3AL<8 z{z2zREo}~r#=N|h*E-9!G&B$G#%xd?F4u++pTZ8D9}MFPY2uSUTs(*zmX(&=h9b%( ztz|UyabgDlOi=Whi#oy3SE6G8#E~`K395?=N-uj=dxhcU48n>+`7s%s(VB+NY1Dcg7g<;h#7ih~$ z#}O>u7kpYcKm}^XfHq*()z*yW&eVML)(@h^WoBS&R>9|L*w@Hq>q&)=5lozaIqb*R zvj%lQDPK1RMz5B-UW<~AicwcHGU3d^c&jD?CfiIQ&S!-A9CV4UQt1!6(+(q8v~Vc)7VKmIC(Md zF1N)>Pe)UG`rQJbXzfCE^vc0&Vy)NY0*k4P=uuJQy#n_(NZ_<*^;`xti(a;Y8Q!;bppedu@ST2R zF0sBD?)+eIO!@wO|7VMWk`j>P*N<#71wWKjM6(nU)tcoY_vT5#JeLC~3QMXRzw?YW ztrw`%!~Z>A;3U)ENBN9RO>M{(fBaadW#y3^*yzE;C@^ea$qq}I5J~h@e_LSnt=g}7 zi6%+PD+h=+wA@TeJYaDyYSl?`EFyvM$PS!8)O(p|87D97t6xlX{Qyb7h0%Wm`= z@MTQ=+QT5%=GQYI+iNq@tO9ZjFBQ)`Kn--`;c6|Qto(Y%5&1Z~%2Ylygw=LJF>5Bz zKwpV9Ys*AeR5?>yyRwB6QU5|84A9|L=t+&3>53e|@!TCC$L}SyWuMvx-r)sAS zfTEhC(F79_LfM^$Cw?mMSq_4_Xq^O`+d-VqCEov6tl0_*1i}?uO;*X=?PNW?c#xhY(^ny1N(GGz{C){`)$K!IBEdNXS^6 zsGd3=P1Bq;nqaYP09&M~En7+Rj#gVyBi_U$Pe;~%0zbjTK!YRcG8uV0J~7G?9X-}8 zGFKLD;%~Si{egV~yjG_wvKdPN;y5WHs9Oku=&DTvaX&H1{(h84{EO7rvd(lA3AXc) z+V$E9yt;GDJngaE%GwpnrSqeGnewYEg4uT*(8j?8t#m=_N?TI7ztu^yj1cgIoRUkO zLNb3xtCr@;%NMbpK=NlBia$G}YfyO*i=X~2Yg1tCyrj7FdXl&JXtK!gPwr(lK>k}I zw2bdwny|OBJ-t#*!4d~|=b&%K*W3O(bU3+Ldj;V$8PpQ%)&&t`<06`OG}@v@euP^) zcRtk!STZ*AhQ1x+l8Z%@ZmAvy{>Z8t&PfLuO>*$-X=lxwp)!D5(fgy92>Jk?@U@~U zDLI}2niMjBvdAfFReyb+$jeBH)>m1g5uh5raHveM3XG_b?bYnH{~}S-v|_zqSg4_^ zW?ln82UT@;Um`fR9?miJ{Z2_SkNFYy$idi^Yn(?-*^-wh`x|Hrc$-jLUfBaAS_R*T zl*R4oGeR{Pcq9q&7Z&)yG%-V099A|qH48naR#sLni!;Wdr4a~>NwqgG7#-7F0+Abb z+`j@;9=Vc}M~0Gu@3SaRvKui3(fHqh+i+^czqo|I4;u#aEK8{ua{WJshFtw)go%`vxi48Pz7g- zo(Dl2Y}2c*tI-h=NsAN5r)J}TP=5j#fKCw*O59TF%t9i^QuA)7&jo`?OFWZvOB<(? zxm~HM{lJuV99t<&v*}{WGM41FEW0;)c&0}KSrSG_HBc%8O8{`Uqe{qv)974WT)@$j zpN^6x_1tjD!^zWcpk%igC4G)r+^*)-4W>B@^*OMhjSI+U$H>bZ=PC5@{#8D?H8TBk zZ;hza2%9J71%~A9eh;sx{Dd40Tm$6h z=iM`K%2G~L4h=an4h_~G6*HwXv5ltA(!A`^`t-$XEAbqFz*b%yBncLg($UMPe*$Qg zZ-G|1f1Y;pDqX5Z#(}**Y07=aeLzqzQ&C9sM^L$REi^Amc??A?J0~JXFes6>3C61} z+Wtf0w!S1$z{M9-64{YUO{--od-1j(b%OlhW{{)Pedgn(^-1Rkt3z{xt?vt~$H&Ki zaXvBdMiyFt$sT4bDZkH+^CHJ&fIM#U@h-WM$Y_7U7XdQpt1oCi(v1seH*se1{tkM> zbuSDYVgu5DWN zqtRo@Opp3~MsKQDgaXxPymy?O)8M=v9ebnbQ>rOcy7vm`VukedQBr@uBQgD7S?pA& z9g--W!JqmLZp|!k#o-(K4z>U#!y8_M8tD1Bxdh+T0um?Gm0umldH(VcwB<14>fduk z`LKyzTvl2ybZ`8|n-*Ai+gBx~7gBq@ul-5SDnemc12{GSer|kh{UahwmT6oK4rsHF zPl;WVI&shq&SNB~EDpyqST_RDzJE=`yEp=^%Ee#|h6C=y)tQ-_KK56$%hT3>JKU2~ zt!2;0jfrAE-}9`)GkE}%GcJJid>tGbe&B|3Bk^b>%pnp_t*O6d9c;jF}HM4qsS zoxv5(v%dgq#xBlouw0Ae(ZiJU0r;whd>qAnNqH9Up*5?{q~MeXT7%-w+SS0SedIAt z<0`Z;y08j6zFcd7wLFi@KX`Ck7qVJLj-SH(Fj+4WDyVD84=QuuTh@OpduzIhdzXqE z7%g@gg5|HwWW9GC#(In&<_zzJt=ZD9<-Bi^!B*ubYgxCvE+PM(K?129`vYpbC^mC8#CeAY`;>5ATY3un4;#RkE%l^F~RE?3}S_J6?yGot?ch z#~XZ&-Y$*NYK*n}_y+z<0392?9IE}yl-nDq# zvB3-h!R&iAI{^6(faxwudhv@}vIi$7RT8z0L*B)Q*ZoBrOoeVP3l7y(PsOe{NQ9CB z)-SebGocXTOSe}biw^lcMuKrKjwp~@nYXgTN>_7l5;wClGh%LT$TLnL_ScH4@QYY;UU9?r)^K}g%cc|O;9U4m#aKOKDXxBdlm zvkesdJA2>8&HlM0Ps`@Lvb>I60C^R2uVY2SQ z@C5GgKHaulT`>L?G`c}CL2=g?u1oiRy6-FTMHZq1*8BWap(?D@zSgI>c62{zVHCV=w#% z0ZdKtS%)H%!6H!6|JGU&oB{1gf85Fk#742FdJEc?02OYJ+04;QKvyj?%A?I`m%L6# z3=rYe_`T37_&gN684WY9a)wE z@``U)WlX`>ap0T%{HIIqGoa??8_<Mq$KP3O1p1JZMv3fBHg9Q~uCHzIWsMS6y86%TUgWO3>>K<2q~ zD3vxkK4k+j8PK7yNzVro9PxzPyHJ>(+Amwc{Xdy=dJrd6SB5M1q;7IhpUnT7ldpAN z|7eF0btpB+2ziWUq>|{@XU|hQe+CW?CadA$;U_@+Q_m&J+kZO?^a6A@>V4Gi@3mhh zba|!f+)tBm^C0GZwYhz_skDdvOFmt2`JF=AH=tek={ukzC~~@aMGVs{1UB?2=HC4* zaKTsm437%Tiu|EUWp|X+)4R$ood?(kQHu zLi*?d9jp5B@$&hoj-8mN__jD>8WD$oZ!s_}`*_?K=vTx{Z?@kiOpuzv6-3RJT1GjH zT>03zcMoq}Co8ggS?0}r(QK$!@u1}BeKt1-eg!tTI>fpn6Ht8Mn!DMXjebfig1vlr z-O-9^bBHfDiaGN!_BQvSCbBxB1Ewu?Ysr2TOdB?#zXTI}{kOBCX0 z7?3H$=~(k}OJ;#*r>4FoTerG>mH90>%-C1<)F5}|TO`t+cm&R0|d^sAOQaB$Ft$%r-4!&#z&_w z*2u7+rE8o{I^e1q@|LH$*%t-i+uP-@84oB~r$neA&k&^lEH$E(Vde=trf}oD%}tOm(7e5Rt|+bf-*WP^DW@;mn-Oo zMr#VaIJ_#-7v2bP4p*{&SR&fP5_)aW!GYYIA8VfE^Ih;f1AuG+3Ad7_ra^P>`drTQg4EAnZDil(6zfI=Jmrs9A{I(hE$mW#-T%Fk&pnUK|4uB*< zB_OnLnqJZPFG~s=h8K8wnFdp{3zOpC@$@$Wk$?&wj0&hT$NOp$h{!C0%X{}xlcj@B z3|3Hhh~fUYAL*^T72IJy9vMlPdX{k*p%9^=t9z6Xihx$pK^E$zzjo4eT8YiI)IMY2 z?cWz2l{q`(q1Nt1iP$pQF_Q^W_J+r^QU=iD-fGS|*cv`N7< z$;SG=mN?W4Ek$q~Kkr%M08(1{%btV7Q661F&T?$BNI@} zYAtv(XZ%=TTw)NJ%9feqvP$=bW{x8CgciWFm;uVrt!=CY)LFAfR?ik5>R_sZo=jLa zEC)vD;pta-h$ujt0WP|QJj5{(P-|da>86Gqr2Ac)t5xplPCsZE^53M)LV@Pl&XsG} zO9cm#{-&#pY8zQ!{=6^y7jW6Z5t|c`e(iea#P6 zv!r^g(hL0n_I3J^ZLbygA?U=45#G2g9aikJJdV<6D={(aLICcetEZrDzdxlp@eG9( zV_mtF9=c*p?LtN;?kTQV4^Dx;`hzZi0QOMi|3rCb^D8E%st@|`Ag`&B_26M$#juPt zT?U1Ew$EjqW2y-XXIB!fv*L zbXkV=z^S{JA?cVQCUOMGkoK(3;P^xFF8gWIG^x>+4GgK#v1%uV@Bkktc`aYf{4P1B~*<=cZQQp;%&Ra z2IzbV(x5sM2e4TAnz*plnVo+Zc(i=>&MW!8FIYmEg zIz=BOWBTYWBUDc#1Xq#T3O2zg`6IYcM59oVO2qeb($s$3zhWY(zO_dQFMfOwoP1b$ zc84@Un;hC!@;yx5ckV+6ua*yHN_5nLhB(3N)_Q$*B~Uv*B0pb@QY_{GdXV&1e{6c@ zBo9h#3B4727#L8~K5o!3rW^Q}D!c!oy|L!8xLw*p0mmf3k$3z3>rjp~a;%~`TfN>V zQxj)x;WodgKh*+0UWAK74u=7FZojqa3rP1qkLQ(i)_LvI!1T)^1aCc7AM{nT-J8Jq z*ps#-#zIe7Em>HfP|SnPQO)`CnCC5KX3qH+t{d{61L!)YM4FYxR>p6&$|AWuTHF)7 z3|dI#y_A(`f!Zif`D226A3Typ{a{XJb@(k*(Qj}c?+nD3R9AvQt&|bL)wYcpF1p)Tk#BFS5G9UQI z*Vmq2YtXO{xoM$7YelKLW-daRBl8pMujTLHh&sjYS{B-a*x(X%MO5aCSESrgkEzpH z`*yfQ-+vp3*1n0MM~865uoBiNqh`KRo(cFBgM1~dHH`|qY2gr3w6<5K`Bxq+2027X zqG)dd!nxSKF1ZgXahjrTu+Bt?konIM7uUV!WfNPnocjYOh!vkPf8Op+ZXD7JCy26J zV(5d%UXL|A(#6RJx4?oWE<~wU@A$_Mk|<-{i*=S%={_&_yzWclznt?08L_qOJ~7=Q z7G&-`su7-S!DxC`w+bF^KdSdWyM0ch=<}K+U8TJBJiC33IE6yIa@PEPm5pCVf~Xf8 zrA22Nhgi>WO0)pEh;+l$aEE6A4%3TtbGi*S?P7(8RqK)jo5k=T-P6D|%AbZA?!46{ zNq+3I{@!F}^Jj`Er>3@X;jX1s1JlH}_Q&pWarm)G-1QekZTjXt| zF7$)fx>wn0+RN|j`0`1(U+wxh@4hXQ?1s;#sulZYGUI#Q`bq!yA6q4ytEAp4q%^99 z#P>&tlcQXRFO%UnNy7_gv?|Y%{CCa5OM^3KuRL06)sepDFSkyHys|8G4sidn@G?Bw z!QrwI)af9+xQ}9`gL*t7w))LF+kA2F(oW&<`uU*jDPhTeutYn+@WTJ;W$z{*vMAhD z+l+1C7azfytJ}SoZ|p2TuO8k0^pLnux$qbcxWF9Q9FzZH0=s26QqyC3M3`8W#K z=th;42*8rBq(ocfKf2u1)cw$HrEF?Kzh1K6C{1_|D4!sl3U1rWJijP%(WS;0PoVdj zHha4?ta-HN!}BHpSG2DHUJOOImo)qRlhHD9_ZPLU_Vo9TbEv1sbCIZQ1zpxRh&WIC z>OB@i`aM1^@I4>drRNX$hnB=ryo||u*Jx(|3RHX$eC2053e)^ff$w!FZ@18^Xd*hw z(>Z*mDVIu%i#1U_&WR3t43|y?`F_KjEp<_K3s*g^@pKh9Kf}_2xf^C`i1E4B_gyZ> z6nl4qeQN$f-Jmqchs{cLUm+(1vh-s3&k3qkR>)Yy(KmFNkk9h zf&s{;LuX6fuw<>Ln-5%bb(^}exeb!6?ZRJ;BYdk0YabKp z((!%&Q>57c7G(w0f)V1b@OD76sXB6yHB?Cfvv7#`bUjk}6_`EddRzIhYh7ww$eNV3l6alAk&C`sm`ksaO-$O&Q>6vzEcEI#n;tm zca953gO-_BC?UnD*H)a9?Zc-HMsB3E<7LAL_s- zJpY8qK@QrCGO3Yk)CNqLZG1k4sWjvy2)E}8FdLHYM=Dchh#9Ln^@aP@PhDQPYYQb; zp_#_Lw4V^xiIA{DJlZqfj0!nm#jLDoDT7M2ZUToG?gyyh*h)Pf%ALo4^6Hc%8y3Mr z!~pTv;B~Aj9(a^VR=viYNegHG+Qi?>HzL+pL&mT2zpqDHktUoUkFW=6RQ;}p;qafW z!LN(4wkt5{4sh{-dfpjRL$C4$r-_9*QD}|Xj<~Riv*q0u2g{}fj6tTA9evi#O2nUU zXY3GRCwy3ad>f|O`ov=6-w`(>Ia@2-G=|$RtxTnR*?oM`Gr5i)ir2V_<#6~M$hSip z4YAbj9soVi!&SKZfH8Qt4nNP#q2u2V9T|cbCL5_P2)Di@QQQo>oa?<}!8c0AF7&sN$WvSU6Y=UABH-^M)YxxkDTt#l?)oiiijoF5b! zU7y&(+iqJ*~xX@ZXN8W~BYwuY-KM=K27OKhaqVI#Rqok+_UKm`H z`#jy%cfRL9bo32aX$5`qU4^(u zm(12_c=gDYc!9#>u>#R%t)g8RwKzyom()!}J9Weg8AbfG@p2?cB$L$c#f8s&!HgBB zgI=<1{?(ECQC++`t3`Wi3%#w?y_3hND+=1^S*gntX$weF{^ifCRd6u8oA>;nzBA>! zGhk8Tm|iA&v>eyY4w9~(^+5H7QSG-kbN&0E{n6j)j4yP3wM7 zt#wy*FW*VM-bu@?pfyvV?`()y@yX6P(TbqFfe$Y>RWg|G6&fioi5vFKMVDKMp3MT5 zIPNX1Blz0sjA@8-EPmy3<#zx0cw}EZ-{G7nNQPYuw2eiDVa^pZnYLmk^gs)(2aZb) zf3p{Fg5C#RV+06mD4}cePCw`qJ44|pLbQj)ZR<`s5W8GCUQY)(ARb6FQOp{pc@1Q% zriZnTEL4ZdoI=Qty2=;#!JJ6JE;6_70K~yR8b%OC&to)lpwUC zhY$b0i|;XKEAr|^E1t5{Ie$epMyd(w!y6Q?)3-U}BZvqqdc&<@3%<7tUjVCn^$;P^ z$M#+ASVQxJoosF;e@ioiqSUf=8-xApVpL2dH23)WYzD!|y4Gt;24!4nb(lYQehVd% z7`$~zV9{Ags(?(cz5O!humLrF0iR5D^8Eh`n_sdQ>u1isY15qS`x7EO|1!74-Q6@LN znqf(0GmXPToiHjV8|PA}(!}*n8B z^8Gc5fVE0|b?PkKIJ+4Pk3#j{pEPK;$~5Cme&nX5D%(3@d1Hyuxmx1YziV9-jpuNT z!4Ap14wlQvGDR;)%+IzXiZrI^374W6{3_ti-)nwFZXjl~SoST@s(sBoKd&U4sTnKJ z^;rl?$?amqR9fbLsOJGsfp1DDNX!JfRMlohfla1(EjEh8Dou?at;tOtWhdNB@dM-MOa90|+fL-hUSqL? zCf~VJHqPs7_NcdREo?En2vFkGTf|^~v)JsUp2k*6fYyMc-qn4xN*~c5(AkgG!=(AquLO;k*dSVb_u={PRXpz>3_BGKciXpUNTmKQt624IDKw zfP$_vLw~nsxF6p?-@Y%?7t^I)UXdE#o&2O{{cTgs!`J`&&ABjq=P%zkP8KF&DfvUG zk90nXb+{Bm3QDpppOp_ytnC8-5INYl*hJRra*m>}XBa$su?C{jA`$l{Xnd@ZHXI|s zplR57438Zk)Y4!4m9fg&ucj^F?F|d*P@yBJ+1q|x8uEP*SuIbO??15-<%hfwWuknc z&MKgPUhrfj6y>)V(JJtblBs`a>vwndIyCvfuE@ge%GklU4RSKZ*c%mm_p#_`Yce6w}*pW)zf#toYre)Dq*1RyWFLA@#ZLxt<8423v9Fw4RvOs3S;-W|QBy{rdWO8fs~epD z9g4mA0Qkz?Z@;L6APZET6AO7;VG`$9b8_g-ws$QQiOFeWMnrsQk!M#MKe*MG#Y2!> z-w5lA2parq5tj`{>LUg<9v%Y$rda9h6{RbY3B9P4gjq2~t`@2_BkkQ1xnz6n~=JVM2&VJQd z-ofNRY_t9cuHqUdnC^OrQkfg)G_RERr(`C-#|R$-xm!vJRSHAY;AowMn|z~u=)i@y z{AA1<4G)SInRT{H*&HY?c zTvSAzNKN1QR$XU#VbUm2q;}S`wV(wzJW}FNC&}NYKCZ|e4gEty^Ec~Lxk8l#`dCa) z@Q{K61@0SyA2jm|^9kY%5|N-BTG{Q&@ZRhXh0t;5_6L*zPRTVtu0laB#|IXTANJq9 z6cL_QkU0Mt?SF<0e2`$%2@~T78huLB(w}Y9yZ(LpmD@0ndugbv@977og+Mmtu7GHqCCQi17>BTi@#8rF=nNOH ze)>I{byf>`!6jb8%BEBQ(Nw@4m?ExJ3RCr$ps8_!EMdjMT~$Lf(~u(9##~olTUApT zkgffrxDl*KX@J%O2jBi>5}`h!W|&+iXJW&->Cd7>Qk=a6rhQ(1&!LWG`z68v(p#Lm z#eQzs76T=cpCMeDxU$e1J$2Rr{z28`d}HgkLN25ZqMvoOUpy@-hh=k_)|I8}1ag%A zfA1X`c<)ATPO79I^uUe3XqVxQ9mh`N8Z2H{DZc%qB9o@Ct1b{>Y$!@LRQfZ}A6PoJ z0p`L2bhFrbri&|HDl=TQHBEO$4R4bd`7GNGea;DXhvb#asaoEo_7B|Hs9?U6{gZX4 z20K8_5%|ddW_>KK8V3`r9#@fil4M>Xhk8sz8Sy=;?%F6|K({}DI#Wb5DRubJ^}Mho zL@m{F(MHK3Cs2O<`Gv*VEZ=iY`QQ=@T8)m~?n${K?RNiF^Jm3i)mi2#Jy(I>iLWO+ zk%FEn|K}Ym(pGb0qZ7-#=S#*)ut%?2FRDzCo~`>8gVafagb4o~OL-??mmKZxwJ0Lo zcSKQ}-_~qiC$!O7FXD_EsEsSiUooi_5ehu4!YN^r>hM*TzCyz($N56S!X!U$R{{eWBIf_i#=-}r}!1r zzB(D}1pAk7+`7@cMlY%im4-J8Q27K@ug@dv%lz1ebQ^y= zDT3UFZh~e5mX`zgudjZ*qM~Gi_wn_z{O~U3WkoC2B}JW_^XOhy&4r$ycf9pdw9EdMNuz|+F|26(d%=EQTE9~#dW?ti0!5PCBV+pY z-_jQ)H*FkF-i4Uqj3No9ONF6tjGw`uq7M6n7+Sd~MfVr$I>2Z7Gx`N4^@iuX5c#F< zgz*;H6{Fn=x3azLXN0&YK6c=hle6>7%EAf1kHMzGXsVb%>n@6Jioa8Up;JVuNY^L61c4sYyhw|l5eAG+i0L38tfhx)P<>l=O9gQVZ! zpXIpD@Vz@Tr2(BH%qLp9TC=yZI4s$iX;cTK0o*OFq{4a>VUkY21G;?9#Be9n)CAH} z(_#xlUBNj2$&d7}P2|d58~k_ulW-7FViDI{wKZ42d-3`dMV28BuWdBj_*a)Te|XEC zf}&t5*4?p>W`;KX;8yqV7ldQXO&;i4+KUrL2*it{>B-|k-hBOEwQr(4<7N5kGs>w}lI=C+#1JK%6Slm;s(sa~3aj$;* z_Q7Wi9{=I{ag&m9z&A3sf;B*MUJrfgAWV=ct5%a4G9=$adapS@7u^DjeI>3YOL$&j z-&NDM2ahMhww9pDO-HKZ0o9u-K3Nn2OOghbV;ZG*m8VPhZ!82M!Mx}Tp}a!uH0zWP zR{v|QnS>edeSAgA)C8NG-0YEwGyO%{fH=)P+0F_ygUo5uaAKTdxsa} znd#asw7O!p&@0&QYy>x|p%7i*kZgrOB{BRJhvsP;(K-B>zF^7$#ets>;8VViLkS;3 z6ZCn>If}>jpz7!Q&vxsR1Ada z+um^B6@~-1AewOk-&b;Q2<=fEK1BVG+x*`TMS=gkZiC)ps|leVden_Avno4IgZRY$ zq)!RquNFOI`U`jGipI&?=??7qOqf=Z@8B{@)dp&~uU_d`sTyXaroK+lq^2`*8ctmX ztD{S>3@Hsxxypx;tf7lEQI;#y#pURh^mQI>!TScByRKcj*06QtcCn{mtqs3QB|wvBGtBoTXNs5L$g{3mffhT6!F^dct{{C^<5( zZippy%;tHKsKXWJ#O=K&uK}EOt}@-h>VH@9Ke53wkQ+Ay(uxE{+tAnhsNLI2W)}-~ zq-P%6OOMs!omZ}GKZM2o#!z5BT6Z)7VtZY7`*z$Wo=gxis`j-7Y_tZrrjpguNw=U7 z_#Q1dyw0oc-&>T){=|D=KlCbU6=7uHt7!W`~#VG_S&>=Wxo%KOfMN=`)qt%Dzo3wdLX0 zpGM(7Ny>mWVsD$VTiU{*4JUedkXw|mQGeFI$hghj{tlxsy1y<>cbN6Kke=?@1@(AF% zzWVZOykpz`fHxsn3UROs^X}2!#!E75T^T$`=o~{2*3YHT5ck0PbZq2gY(@DN2`$*( zZ5l<5l)k8yjDi>!^1owylMlkc4HD)ijujru$KK2NNT!(Y%1?3r(6X?$Xm#XmUm4Qd ziGSgit9F2k+JVrG!KUrLOpzGUTSFV*B|;n=Ejx&@vCdjzJum?c(&jP&PGlguq#?T) zd_2mzTX6jrQUu*Ac1g~)mw+&UL$Gmwbl|Evxft=Y+&>b2>Xd=o)})Iy0b7;5$tqVZ zjLlWcK~4CCkY=RZJIhtOeKF8j8i@<1tFIrEPc*BxthmR9rGYorIg|szp*VK~l4NkU zpgoVzAL}0Q-~7HBgy?;P+ytCqqS+#RN4&YF5`FtWqwU*UFPLCpBY5@sV@(te3h@N# z9~CWriUeH;o1fb*7_OGzB~%hq>Qi2P_gGpmkHkeT@e$#m2piC3n!4f+d1?6x2Lcsx zeN9*7fL~axU8I0;i~6W-{!2Q~5e;?d=(Ch%85%Cim&Fr(72wWB@I|!WLPzIREvk`8?3) zm*$Bg7u8oq8JM4HSOJ+gh6hE2w+>o>R_`{N+g zZb_4g;oMv^9rMF{3go54{HjuCG33c%FA>U;FW1}PVvOQin1#J(cmJXcRsEV&(z$Fl zI|6#IqJ228xqKOfr}u(HcvvYfujQSKFK_OT(BTvcYH1f1Vd&EQ4o7lceytlqtB%ac3x z{UUp@KCBy^Z0rM7h2N_9k-dySo*~Q%_if(@bf)whTYjp2HlCj!7NEd`Pb%Xh#jV33j&O|6U?}? z?On*?NXN~#!u)n_ZZHUMIF5f9Ci_M$nsaf+$}3rk<6I=`FK%Gfn!p{3my|s`A3rjW z+m*Kl{(mF+`%^w4u=o3*J3oKsVpGxVQ`BP#eH5Y@XG2EIk1BR=O(6Q5dsJYlgzA<4 zd9)`oz|Z|g$kf{Qlp6Uvo?&?JQx}49;p}027-rQqvp>9Oz^PD8&g4y_fU=DA*lvvL z(GS#MXJO)s^gij@U$c_BA=H%3B6mTKT(fafD56IMm?ojUT^~3p4rMi~S}UkL(2@-S zxdm|tks2baIi#uEBATgug7T6zc*U- z42gu`z+vT6pdq1PU4)SA=tn9=?}t;zkZ3I~X*e}#3T1Jc#O43l#@5na9$Tk*+hN#s zhxgHM-N3b)7<<{OjLn5p~gBWQ9kts6?$ zj5F?Lq-7nOULFYSILcJ0OnBpIcbo>hW-?Gr*D@S5s!OR)@0P!y_j3+zC4VFJf2Rm- zLYe0_<3)n^InDj>?W*3YJ;&of(@Nnp#kCXqn=K~$--5SPp!-PZY4XYy>y?41B4ToK zvi$>Vv&7##aKA(P!xD5R2616|w)KXy;dbSLn)s`^&Ik9g*Mj1PN6kA+DY_0`8t;00 zb0ANHguJ8Sf{cbiOhZLLR_)bJ-oeQoy&!jlp~f{3xd2v`+)Wdn*noWc2iFzOOJYwC zJP_OvMtWL^l@iX*k~jl%q2tdD#EFlMBSi;Q>GBq%WU0c*{Q1x|tLX;@iU=}XkZ?+Q zvh)BKe@ub+@<~z%Y8tk(7@j^nf`7B+=GnscFE*0F_@RYQ{P-CEM03BQcKKHCe=d1W zMqH$T+-sl0ocM^FJ-bMs8lEr>hyI*v>OWn8Y`=ZfjI7IxMBdf*t!O`D_kYfqbVEsr zv@-dS+J*^V`lU^2>*eh@6G)?xrxeghF$W-y+h6`9MLOS33<@&dJaijf_%**BEg4u! zS!6h+C7G(wKTu&mdn~?vK{ZzpilfY`EL1!Sx^*I$8;ndLFFqwaG%CYMg%VqV79ax2 zyf)rtzmJa(*1k-jmfR$^PUl#^S~}bwOwc(Ib4$@kx<=KkOK7S&rT8OAwAT9fj~!Jn zq9#qJW*=1b_jg<|_o|~RE0s8vFFv9BrALB~gq&yu&1YzFKhPCB)hFCCBBM#cHB-nd zbZ;l!YlWh~RG8upJw{j>L`D4I+g?!&jmjU)S8ZLvm%)+hG+hi`1W`wm2rxnm3Q2Cr zD{EV61}*z{F>8K-z_ns`;UsyR#6w)SuJaUq>*wzLl?^Sl^SZ6AxtznDoCJd=_fL~@ z(ek-8_~?7?r#JOEx=b<>kc~?>Y61+)^Ult2ZPWaz+KvE)e|%AN!!al#=#Jd&`Tz0u zmT^(O?YciOqztWuv>>1$sWd|=ARr~uDcvF69fE{(gMf5NcY}0;baxCj#K6G5_4mYn z*4lgj*V=3S_ZvREg1P6u>O7C{aa@b7PnQw%_j&gp7x~NaS`dde0}BVmvhUvQ`rZlO zt>3fUUycJgB)af%-JL^~;$GqN(S*%b&pT}RuX{LSMqK0aeaaV62d*)Xho3!O+Lx@!=z318C~zaFKHVtuDde2ZkfYbk=>Sy8Ml2I zg}@C?+SLADuTnzOj-;vz09AN#nmp4a!Kzg^YM+5XxF=s#PlUX4cT-R=v6Iu~R&aj(b#~U&7 zKV@`IzecADEgsEhEkXob*s_N*tygX=KctC^AI>6sPRuXC%Qoq#5o+0yBDzNR>D1gd z-n{~kXC&_fpu^e2AX91 z;uvl?C_PUwax{>vxxDD!wBI>?+>2&x+{vE&OTLe5z{1|uOgmjiBRY?@tp7+y>_PW% z`dfA)4@Xa#mizN>5F0y3@r#QXShGJel@ceJi?H5|EIMcp(!uPoj@2H~yZQB`!j!Hl zWZ+Q6(?xV^+nAo>e4vswJ;q{W=(D6%q=esG%%36-kYqqFR$NEimwa1|1=`vMKp8iw zO?Nfkh2EWC5H|N0&?<_ZS}HssGnj-N{VQ-wg~}EQv7v#1IQ3ESdAi0&#Le&xfrbT zZtP-sAJ4*hOcPo>dsHf$oS)-?!dcm0E;zg&k_u|Y#}+vsgSN;eHYIW*m%&3b>Ym$> zHu+cVz-kv&mhC-AJHI4#S5>s=EWZbhbPd{fRJPmq9=6gfU%_WKp-snVI2C9$DeJZo z?a2^h3Y`Xrw<98+Kp@$sGZ4VpjMuA{Ap`&&TJwdy_DfZ5m(yhoNi|7rfui_XOnxyj?*P? zmo>Q6Y+I18?-=i|sQdDSVFjS=q^g5WjPhj)3pTEO$iCxTn*X{&4Fh!A!dGSco5#Tn zyOGIs#jkc(hGy#{>>EXipV_mKFN=3qF3m84;PcQc)rNbH%T1 zo;IH^{8s4%BD1+lX7#&UDL`vhZ(1vx9dN<&>zl$m;o9`sDwDDfDkK@0f(Cq@8*U*8VqId z^N72B_*Y1)YGYKHGV_{!Lyp$7fvw>dK~L8YgnjFso_6MX{o0IOY2kTCx26BjT;bH2?X z3(kbU>Esl6HTLP}AC)aik?vt3nMOFl-0iD*-z1|D(Ra5&W9u_Zmn|TWKd{)&S3ICP z7D$rrKR>TpLe~>1C;#LF6YOLZc5M~BmrQ39zU>?-vmpc5aUT(Y zX_k>XXthWjZ(7{%n=d?0j#cl1y@rv#Jvti%4i12dKEf{n=XEkRu2JO1FHXEgvJkGQ zt7BS*PiMPjoY4DOa5D>UkSy_p^Wetf^*-5NiEnKT!eFT`yP10Ed?zq$9n zFdc6%HuR|py9v@?ShAsMZiISy(=`Jzz(p0!+Ehe+ImJci6?ibhHBwBkLH_Zor4cib zBiL~W^E*;MX-7$h_kiZyXVl_M@5lCsdrX8+VgYqp0LPvLw4iU>%d}t7HdFjrz7HvUy*#!T8b9IYO?xh40Tm5<4nE1O|x#73ltaQrHq8 zX7(0?_?AaEu5Dl+T!RZnbQ}Ez&U9S8$(QKb8)#hR3M%Xr%LvWZsW{}H$r43P&YDz1 zs36-&Jow@amY^;eN%Kn)J6QC!?>3GCw+bF^Zz!2EPmjzbIcX%gB!E?=9Pbc0i1jR7 z-=QO1srZt4scnU?3#X00@xdAn*df_1xD}ttLA>(D_XNpmLJ)6*%<5;d2`NZ6MT|-T zs^10d8uztLYjI_hH?~VK9<8$dCtf3i!#nHxV3Ea_Fw))@_*9v7Y;(029bP^;gSYL| zyXo4g@bbF!#m3O~f5nL*0ww=doVbPTf5wSj5;EUu2I?TjW#G*^DEtk#TC13!~ zME-r5v&ZZ9jr$w2Z{ShfG2BrnSBedP&+8TL83Fk(b)4nnrw{pECQl6@~NXFBq;cO zh9X{ZdP}iR+h|#vKzuu#l@mH+y!>X!=NHDZw7j5Vqg*2tg?Z774xf|dIQ`9z@cT;v zQREH+|HN73GWijyH%xv}%ZvcWln_||R;cm3YVEAv=p)N>)`oatA`#gbDWk4UDoQ$| z0=4+f>UXYgX75x~c%BxV>gIRa&6UsJI^Na z{}ClF<-Bb_4%+^5)}o31 zw!C@bpjG8phHI@KzCg(l1{cX{|E~>d>#%vDPt4z2XiBQ5rh1^TY7Hjr$#;TKV{+}E z9b*(*nJjIYg;HLAK79qn<4j(;nQ|dDz4SEjyff8g5JcI-ZMmNt+iS#J5$HSsZMioj z0Ar9hZ;=Ou)*pTO96w3;cqPLLVe?qSKN7jFymaVusd?vjJT6&Jh+V4fy2qPMK2;_u zg0)clH^Itn;c8tywZo5VN6NdK-4?Bbw0OluO#QA-vIBber^Qf6HM#0jwRF^D1_msC zphu!xq+ke=RiUgQyGV@cJW|&1YE=zZ{-sKdBSnNlAHrEq&2e54p@19eP*Zb{+3_K> z`J*pVVT${cJka_4iLILZ%biD6CYV2mhvatI#r||qOwdRl%6kk3#7{LmXT_8VQ?l^qqAhwx6M6HY(H`p;9-wkuWEreY$m{v(tIJ}%& zVu25Q04x*+P%j3T}A`BKQ_+LtWpCk zTtcvmS=VU!Lkc3G$$@-HX-QFMXIwBNjVI>r+$j@gZTT9C-Z-xc(D-CBsZ=N5m*w-n z{LHJ(igkr(&^|iM%gH?I^u!cJTbL4{RCTV6lYS!|_=8wz5+1mUj7%W*_Ugk;xTN@+ zJ-?e%ue=1wWZ7%ZqGk_~@KHQ)<8SRgsuCUj@C&)VPisQU^*bxnPLZs|{BThx(qZ-# zB0Y8lAnEd_8TT5bgw9$~|7>p)G`4$8a#vSlN49(!$q7=*xSPy-49f3Wnf%f|nlr`<9RVW4=HoH`9fRz05t8!7O&|QG7bjeJ`l@G3 z{S|1WEQyv9hKtTH==TF!>9?-OB6Kk57)v+zl|x|_+KDGz> zVP=v5!n*AQUs-KkFUW9~_^#(Ey_HB^Y$_ZW{bMfa9ATj#To6e=E{w>?EI`C*y@&%f<&2g>Y&i^4 z_utDPzwrI9Fv#U?0!S#r?jcRqnMkXonCJ*jDm;rKZ-#^!)>#fZenMPstrqI1wh6ig zvGl~)0{|ih;Br4V)Ua-d=nHb3zVCaQt z!QvqSPCI7}MqW5ajbVB#tEx1z47j!hGnOlyDRWj<&fP5oagedIjvLcE0Z!)&AnhTYX2wTR7ka9UQ)TjDoP4?p7p*W?__IhkpcaBy+~a|S;BP*?ctLE>yV1>d*XTyM3?Yb< zbP+?!ALuC&8W(|JTsPa2+Cr(XcX}T~r8e-O$1z`p#|5q=L@2w@y2hV7#8VywUrjZI zMM((YVY)cKx?wfPSh5JdW-T9w@(|Oe`H*7hSQa}rroeG1rq+|~q^0PPOwpzF?X^->FTZzIT*m4m1MW8-pF!&Ws7}1a zP;Kj*s$+i*c!Dh7@~6e&XE>^gtgI{FU*A&o8GR}o3PBaWgD@}}1#joz`9 zl}^xj2KoHlT)PGC!t2Dl6#Xp^*eCl|Q2XC4;z|K%Eqj|Dy|HcQvD-BG<;J<4mem9Q z68sIdF|L{yJv@KGAjACUKDM%L?2&2?i5YJMID`{r7W)h;R9h8fZiPpg%M$P^BA{H}U;7|8> zmzwmHgQ!8%d8L_3m}P~ZxU$fc{%JPuYa~Eer?7h9hq2DO#M0c;`Sj0OWTQ$P53{#x z>!{^m8pqc<;eBD;XJQlp)SX?JOK3J!BBu*RHWrc(?>4j-R9WV9u@CeUygvVNg@82c z6sXYeTn^k0=IAiyf$E^Tiwn^RM1V_^&I!0+INgaeDHT_hgWyYua6a7UP^h|^KXw#v z(_VcoI;88H{)wAK&<^Dk3DDT;BMH-Rcv&1pv~eXu4KBktdr!3X_+*snFS#kI5>2bF z)5!iw^yt1V4=%}U+5+R>z~%^y2lx@89xXIsMdWT<9D=mU{hP_YUQSBnNNj92QY{KQ zbL%3tZIyl_>(OUth;Hotc(DTdfxWxpYHW_3Rl6*$0x53Q(G#dAB=VwIL?Y%eO$Z=9 zNg@k7bG%nhXde2BIAQS^{nZGGce|wOu4zto;RO4?tT8VL{yev}yZV9?jdNwPQ zbAFdpP28#2=;^a&$5iTNuecqhqld<+^5&oy-3Z?|UUV^Swoy4@Lqyjr3 z?AiSbsVr;TF3a`4ihTGhHH=3gJb2>kitNN+Oz9Yy;-uHkuB$9A1M8n%XOWjiQ@c#N zV!2G#AiKNLbV`z!)jD+D>(FL3PrR5m zOMsV|lbcqldScvJAvP$MjnhTC`$yLYPyWJ|jDLRG-@loV zXn4sZB|09Qx#Vh8B z>(~Qmaj#)BX(T-B(UA|2)hen}qI~X6_r}x#a7BtUDeg6Y_RJV7{uAU9C$(t%&$-`N zY%Kfkyu^OYYI$1VRE>$WG0yL)Lk|vR6ohPwM}T?xlJIMY`3U~QIGJh)woH9~ymW4j z4s^iWTc!{%-*nZFfIli55Y)}K+-b|4-hBBMFY&rZEB&q1+p4tF=MoG!#}r% zOL0lW(DCNb!r}WVjdK=AA#dnVn7y*pCinf(S9LvfYU#(-DI;iOhWdtel(=gz4S`t< z5N=iG`}2($r@j|Bq9{%JZEZqA1PNGEx^F(D0BQ*#`0DAy^L+$M(zME6U!?Hr?^xyf84Z5BT})=vf(PDiu_9WfLT&q*;<4P9&wW zlv$e_WX?`AyG(9x=gGfb@H(8zQl74~?K6#%H8QlaP$g&UvwgM|#wjGkU{H~-6FhJW zSZ-br9?uBTfs^g)S>mKWuw5P6^L6i^nJWflDL)UL-z98a1_HztHoF-iy3lK1{of9Z zA4$c^AH30_n1;4H+iImhCtqt};}0?$7+Jjs`1U1lQCPEA7!UTpV2r>!1zZPMph~|4 zm0Eh$p945Esb%$?Wie9UjjTSYHok&l)DAo&AvWH(=tQo}CfFBB7y>Z)v2Pfp90c(8 zx>%kzOo`6*opSKH5d$;prL7op6thV9OP*J(6+4eeu1#gwX-v-0rmQ1ITyb;c= z(m*Vi&-gSeyuUwuROQcHnS{O8f4l-tQ=ky@wLGLhKQO3!Ui%Fviah1(+wJbD?21z5 zQYn^)QAxX@@c4E=vLVezthWqGb3;6-eX5j?4hyNbSO@2D;RwR8psKLz%;mhJ6T`<8 zeN(a0My|$YA1K1-z3DT*)KLJ=0^pX_ZGWHv8%TqAe2ei8a7vi+GEKy+^EZhJi-e#; zaos~VLhIQS6h|`ESawGVa;4Q57^_;J6F(>{b9|7@(DXjw4_(bY#MbZX`APl>L2GJ8 z3fVJ#w0}&DKTjk9dVntxuKb*CU|&;+{6XJTF%gL3lcR#o(p7~qP1&Bm`%Io<1>oF3fn%Fn(m1irVD#Ab&nAH+x9UhV5rO3D0O->dKYd_>v0jl#oG0qwb6ZXHXoYt&BeS85Y)bxb z`}5yl5co0hL}1Eq`c|Nt+jQfyc$r67s7*iE1*Rrk^QmmBb)F~CCk=;y(sA?-9*4c^ z0@ZuyTo66O!tkFfH+o0KRnH;ghL=vj=~`fpar9hU^1}jatrHiX4Xy*4mwlgM<>}zK zgl@%M-)ey}Gr(V|)DpO0yBNE^t8I@#5=2G4)#2k2W)2Po?uQ1F)>4$1;-)-xlInGp z_c15d9)DXwK_SN!peeO0xWhpxvJesm4?NZRu!Ttp8X=NlCf`fUHUr_4tf;$xpbmpP zM6>`4RTF%Fd~W0IalR+AD-nUPP|8;hyQUUxGhhCzax!pVR6t_`= zmvwdQ6OKEet}I>k<#7}gg}~c3#kj9?5TRG42H}@t6>9OR()&rdkE~w$cmL2RF*TSw z*r;pC(;L+lPELIYoT&t>o1P$3XAIf-T-37jJRNgmLU(x}mBWbvhV>$YFYz%3hhz&H z>|93BFxP*S9$7I)PkKHSt3gFj0gkrN87{$2;Uf@Au*L95^~*Jqus2gA))rY^<>I{} zG%K(MBWpM5Ti`V0S64P#@C%Mt|@Lyb|3?&{4`gnzHI;rDk(yRyS7^2 z(ZspT>m}baR1^qVm_)Af^QqdX?5_2b5Nf|P{`W+705bWNc``t>S2R~^>d@I<5Q2Y# zY}=>>)T7UMv;-NqKTz9QTT8Evg}4L>z8B75ljePB`3!>Of^JX|!f#yX>dP1u(mxP* zP4)tUbgY7}IwSY=MDwU)n%9EjZE;K0OB#`DdT{f^AZ^_CgFI4$tKSkh2V@6c<7ppj^ z=ZkcamY-uNotA=+B^JWr#P+eV&yD(wKf$V#v%H+l#XhcJ_Fx2ucTm4X$#0@5q1q z*QxpMFNv=mAhbW$EwTc0`5Dnk$is$XLp_Wj?f|=A3rl8$Ie~UW*a28Y`Ardc!cV=0z3{{H4{20_&-LQDK9-9sS7gY_h$7M+lgE4pm5waVT^%a* z@-5=N-L^m7So?gjfh3+f+$hbKGQ{<|Ey}Jwn2RW_3IlyN$2?{Bc53zgcZS{|{R|td zInn?OU>mNT%|_D4=-+G))g8s??xY1y+f%Acpo|f^v%LjTY+;JMR*w_CWR37lIG@XB z(H8M`A01rmej;cjXBYj$mw$i8zxDw`AKt<$NI1()Xb$c>BpYM^OI?Uhs!U^wV>W;G zc62*Itb!))Iaram^|?;uO`*#U08r2z7h_`+9$!+Q3B~pIUuLL(RcI?KRgMcisRJl* zx8`%pGiu8eMm>~%AkL57An!nDa66B>~5|&p48NGd7bo@ zjJhcI4Z4h?(EWgnh3XWx{Yzj+v|`Cna)gi`Pt{KUdLvw3o!9-gGv^yT+`gKHgk-A< zBPbiCBOlOX_U`b!hraD~nlI6P$JN$h-cR|FAzR=<=|L5YJmM-13uT~3eXTMt;J!yz z1Yx6ys!*$98w*IopMg~NgUq2@AX?X0fR z=?iYcG7=R!KQbQZ>{ARU@gW6sGbKK!CG@GITb(66#aEY?TFcD*O@4sem8&F;HIJpl zO8Vu)*wBi^i+CguZ@4`^ozH6&DxwF3m{--l_P->4RX*68<&v?`o_fSdF{)DmScC3- zNC>M6z5qsO1}^cU`&=<~G5yv6f8^QM+qiEUbn*R={ru!I-PY7Bv>fcu4-OfDbDCxoC^1kDj$wVz zxUL8oxTb0+ePj@TfT5Af#l-dqpIhWu;rR!8Dr^fpy53D>12aeQOHm1zN#w(#4+;K;ju`3M1DUc&hemFPBq!LG1Xz2&Djr&sifDaY!ru9ev8nyHkI9(~(4M-{ zx~?+<`xcTIrLGh+Pk$dF_2CPV9vi}Yfl(7(TU+06W4v!8HvlkF&U2s-#p(#h=4$(E zpW&V+CfN&9M_!{gd@?Mw&9!><`mK&spz~s}PG~Gga*9S-h+LUNa5KMsW+tv&u&|`2 z@}bcny4=uSoib7=38+-2Bla?#jSSpX3H!q3f>U+$ez8(^4-OSgGO$g1+WsU+@iHS}6POOM!b5Wt|TS zEm*p6dBC_57${GParzbpb7bFzzv>`A$L<(e;bSYYDQs~nYjI?^%s=Ox^@DGYLeXH7 zx966BM%*|dSZe7X1n9h_521eoDMgnqk^yT(@9Am6y^BF(yIa#MPZr*p2VgYg49At$ z-~8wDK-<%Q%YHg(ELO%jT^bEZHoET`WdPZtA33gHdqtJWxmq~t{)7BnD89T)fwpS0 zWuxw)?FGZG*IOb`+^?f6{b9`?wGUuf@2L$Abv3I^-uE6tA5}JMQwqw$Gp8UEwaHaO ze(ud4*Y*RROpz1Pm3K({7xuLmi`l=nQ5Hyk|FJZu8UeyYKGBAQu()^zC}(zj;hJsu+4;HSXo9S1!`(!*#oQhbE^G0zjSXJKv}ql$Y-h ztT(G?7cN>4A1OLKPSwj$v_cDNL>K~2RHu#8{_n-bR)ERxg+O2I!2zR@tEVf+q+$y0@f~CV`P)3k6`X z5mVqTZKU?WF16RgL-KvVF5Q&gKC|cp=;zvMQGio&P8_xAO@N9AGft5-lEhuy7wEE z_Ln!_l^h|~=mZr|Z^-F~>p>I91bcs#z=#hlnA)qZWtz&MN<&jK=4=}v0H?1LhfP8hZNd{L+PrC&KIU zm4TO+&UTqPgl;vYn1yYCr{x5v*?M#2?m*t?`Zqdf$umC#u}L(JDqFqfiG(lK*%Hb; zf1_}3)35F>H*H#Pv=I<)LEw6i)2|6lIn1D~x7mxe;*Fk8$2t-zqKj>pvxWS@L35QL z`1jgonC`&uybcL!-Dbc)y?R?qa`cKBIZTJEg3z; zwD5n%OM{qq~tHKGC@@1N-{;ce}MOzt=* zNayoICU@L^Vu)v^cCxM5mGrvPswe#4kfqrF39{7D)*d{}V>Rr?T9d+U3TOTFt~lF9 zVs85UaE80;#>up{jPeR{Q=f5TqEU<-rR(l(GejP5>`6lQ;`rTXoA)62^Zi`O571HYf`yWgYXRauMEMR0c0OW4M7TU+}3L)dQj zhrX@TIW81bi8x$zw*U+#gJ%iVS3Aj{KG`e20E*DK??qmdeV}jHr0{{wVb7R>&CykY zh%l*_#qcqBKhh|z!=6}7=bG|n$fzLF5YW-;1MG7L2Mkpt;6GcfeV{_Vu_=dy>Di1W zhH*SC`l}OiiAY@_DH0b9)~KMe>3#0f1~q*CY+_=ab|*&EtKjM3vxNGfeWA~jKc1MoBee7Cc(z*Q|CG+`uOr0bZIfM`6|Ns z_N&L~-Oav9b>1ujY2Rr9bkt2s+(s8E_-z3F8XX^ZwIP50a`6UQy&V?ZdMbSW2_3&A z(Ii4}*{=7{ZJJ}ew}OkS^2-ljz3vSRwVTlH?l;%dwNz6#;fw@YmFm~Dt;a3;O?H_c z3UW+rH)kByGxKQ%BC~5c71Vxobj7C5tZ?e84>7pLPeD}{3q0WU3op<3eMEL~jG?!!9&V(?JHHND|^4WGq+hd?) zxk~9z!FK$5&7uBxI)r^;vs)9Dm2wS8k-&JP^F3CRdY7_hT1L{O4xZePoi;fs#5#eF z8vnP3LWi1G+lT%%JC~uI32-hdlEF4H z^>$m}Y=clyMW>08$a6p1YDvaIU!kHtZ!9BnX(2_bd912W>ZgD*LY`?^yhIs6#FcLy zo{-POPDQ4HrCqE?JqH47Z;^HG1d!#bK~QcY{x&@+ZLGJG)W^+Y z?|FnLtVnl}$=!ldf=Yo$_HIS`w#250Oy5qZ(V58K72U;&A%lq|mIxgEGse?NBkwmI z{eIe*_~zomY5r45k3y^sf84l{kE6x4x^MJ&GF3n3u0y}UOF}b20aBHU<%S5vQ2#-d zj~5yu%*-9hldC3adm4-Gl)chck>{9IG^OTq8$34wNdDx8FF-w^?(e?r0U$KDY^zZ? z;wtRoGv{lvOv-PRnTLrrhI#6my=SH~+sSuC-%#IUoIpg~C6`T_A#(??J#Dxr%$ogL zR46SqHTIaJ`uzq-!f>IieQtSuiMEFw`eY&d!=$JLo}f4#Ll;lsA{X)!*>^}bm70*J zdb3ZKuCFtTKTO+jsSL;?OGd81Yl%yD`Q`+~HlnFCApT&{LSduc-;bRAP*BH_f&gb9 zJvP^S`$K?~%1DbheOcU%nfM}&`Jtwp#He*|@WD|k1)f}95o7J$hN&Gtg;I&KAs}x^ z8)3dFb=cqh_!fFLC61<*2%sw1T%1C$ShMspy(V{7oCF-z0_B1{&L#aH_>SV?JG=|; z&QZ(X1Vq##5BDn7058j%V*Uae3Q1BKrB~Q;i~r+s>>zaPkt?#UFb3c#g(RLNSex}e^QvOk>x2~ZTDe% z{iFA~QPXpK=IfVmjTf-WtgpPPw6Lbf1Q_8Fzi=z!)G?-SBwY20TZM#1EvQBaw}d`|Z`#f)w}eKq zNSF0wtB1b^I+F4Y5da3HM3sU}HQglkM7myVYD&rs0zVxzC&!~U z&u{8X1vj=Je={$U5p1DRcCYFUYux}2=~GWoW2nzFc&VVDFp)>^FHTEF@pcT}c}GGB zQ1YB$LtfB2)z~su@2D}<<+7emkwz%_{u$45>-VFTn=;ChmN29iu0e=iOP)KxqxgNA z^8`p{)8lt|(bqt_tJ%!`_bepemuS`v1_V=~02y^V`1^AaM-I?-i)DFriLOk0j>^GT zRj4W(`c41`pRyk7yc>DJo5ZrFdPs8w0YRzhAdI$#+7vLEm9pjr*oqCFutVz%KD22?qjz zrt%sccq2k9@^9N5w?9ylsXFGd$P8F~Rk$zrBcb?xyojm8g6e_bC&A__ z28)#Wxtor;E!OoIY9b(?s);HgLR?;sm9_SLY9WqF5pMm_nx9rBJL7Lb|KagWr0Ecl zq;)}90H5n)_zuss{h4=@rt(nwspH^@R}Nn)?v$}P6@DfqQ-RmPZM`}|me`oFd(+l| z@@qQ>>X;NSslq)w1&MbXW4%X-&6lDdh;|cg1!@B1`lhO97MhLcUVp|R7ta3+&h#jK zevt&-lp_X5!g}4aqpqPgh;>GR~oZOLJalJ{eMu?O9wk@2t^& z7Oa2U4D}rG_1Y+hrUR~~bjBtD^&9Ud`QjNd-J9jsW3;!qO8oLt(4t7eCt0>vg*I5{ zy}gejvdDfiA5Be~EYQ7%482x1eA!m{a)cNhJAXC6Gjmzn`uRAiA7Rij9(O*nDpRy7<=4CmOd(G#swq)m)m z9kpwmXn2_b1A zpme;4&&Fk=YxVYkQ1=9*^qqh537M&uob z{od0}NCwS$SO@hjs~QfijCa~ZXtf@6CWft-lwPM$;)%~20QXh3;Rq6w?)XfNhFZ|E zNfk}FmbCfoXge>>vNJh=hDE8^$*0^(j7u%v@5ZJ#e@0CI*b7v-TzCN_;NJg9z)eFB zPh_wZZ@s| z3AmF(|C)en@FxM6N*qYQZ2Aunj^&Z!L^?uf%F^LEoRB8sDP4H7ZkRqz?|LDGo60GK)7btxUX62!&z6( zo-I^M!5B8M|8;oFaVP9LsSiHQTx@grb67_Vrn>}>FM1aDoS$O2OYJ~fDpe>qRj2PFWP$$J9?o0J9oVjdXE7hi@bg|gkvtlp=)7{39o5#A)LZfU6K!^aIqMc>=)tAk@WiadW5WWZa{Ce@rb zH#y!P#8O%eAaFG-rKJ`I&I~CeRZ65y7KbGa3(pez_nL}ut{IbDUee>jGSYx=mVDEG z9v?>%`LzNjnr|uRV>2q;kM=CAL?`)s^DEjp9&I4B*Qz@vfZo_Y+4W1L3&Z8^=H@M; z31>%Fh$=6FkqBTVF+2&+U6~+%0wB#$z}JabizNcbI+4`Gwv=J&A6|a_ zs)+FfDL|Yrf*Y;f-;Ts4UT1xk@b~73Z$FoXfjZ8WsNGao!&;!M(nMA3(ya6B;Q(P6 z>Upt7BP~&o_YM}#lXAau?1Y5roX=_8D-0ei#L>$9B{-jL8J9m7a`VQsr;(q~RD~cv zoO0xt;3*hS40&VZ05UO6aT42z zu*GWIVt^n4^{u=-2N#fw1mCa%H~}!u0f?OA_O`O{EQH$q=B@hj+!R7JOW~`+C?i)4 z(Oy$Krue80TZwf(|7z^n*@VW9k%+ds_I$h{L-zh)cOcm_mHsv5-f!L|fv~?tV@9nb zvo5T1@+f*J5uQA7mtvl0^1C z1p>!_Xgk1{gJ4aF2!;?xzUAGSsq}QdAo`IZMa>>SRxV78EB#y*UvegTJjMTN7n9W6 z%lhJ%_Kyr=8ZjSi535_N(_1NTdZj|4{F;Xk01s^hx(jyQ#lpf*EC+m*k9LmPwAOwk z@t^kuezOh7Xqx?H=wHgqyC z&Nj``9F?2lb~=CMwW3av4A~w6cC*D_@t-PVI3dInI`lQp7eK~s?iuH_WC-P-7ypkR zsY0fFz@3O=A}o*NcSAXV%x5#_RpboGUR-a0R094@bZ+&F*|~R8?D(U-dE@Hp8tMsv zLsETl0mv=fS_2`0X016r+djCow$Xu_DhwDn!P`I!GtgU*cv^=A(|9p~K1JALvE$%V zuo3sYqK^WyXod}av;UQ+j#UniJ_*X+C6K1o!l>|E#n7Fn0PUURJ0M}vPh$aK){DFd zJoN?4S4}A9&IW+|y|yk4J;zU)n|U-mTFxz-pVE^<2I^;@ow$tYsu)^%Y9^$;-^BXJ z`HyG&qX$O;juT&sWHowv+E(3>bJ(?qQei9smMHnscg8hNu2-cvn(W0L`SHVBPhkYI{wnJ*f3DIS`+C3FspU?5EVQTj zbK{CAGq(nGkGH9_)JJPYDt&)sq(6?4;$;d{dK>Iz=dLw}EyJBqlws%aP})eFkw)&M zZjnC~+|*Nrl8)!KGKZ~!IVznvg?DWC@ceqS!D9GT$HYqm;pndjLydIx*;uGhGt1jJ z)z;;rvvf9M2em&1)}M#_>j~x9Q9)!(?8c=wM?ZC*Kb3%Hb+}_~1=@(ct#ko+D;B zkj+)#rp{GI_Zob3!Za_?#7h6w>{;w*{z)*rIkciqLr#YY6uV3$&z8+8HKiD5USHTO z(?*A}Ck4rv5sNgX*An=l~DIUT2b!~!Sk8e9qsufUawV9 zkHRZP(@#bn)<3vW2f&PR7}1Nbl`g&((BWu*9oTlfN^zoBdPa~Sj@?t5loAI-Yd-p5 zJSF|+L7<8=7Ob*JvX-y$}=yuHY5#}hq+qMWLkV|F&+w15SPtoXUrF5?~P`G6io1`I(O}N z8r&!{g~KKN)?f`e8qfRY;J~&s8>PjnEBw)=ZGIpoLDkU6Q~Ybe^eT1F8b|%nLMo8# zObCWs80FrnmMT9beDId{VXVlCskr|?-~R943}5PFqTA=_F&vH0^&sna*r9Ns1`w=@ zC;*#%I)P4sG9bi<0kJG1D-R!=1i!9VimrxPy)~(v^Wnqvw<*wyH?M!<)ha(lR=Zd6 znmnEsA`*@O>)E$hxCOVg=o%WclQSJMOVBeZ!N<|I?6z$Juertx54dZb9PfAR+?9or z9^P{#Q2(|3{vE0MjhOz72JR|hc6Wbf=Pnm9;9MszNykJouy*2FHE-8tAFbgP-Thhr>W z!r={Svc=xxl=w~}F6_cwvty(}{h6hdf!iR`y@VO=>geTdn0W$t?t6QjUsR@XBF!kBxLko?E2xQ)u|EtvZ57&HEwtq(a z#!I{1@mx6DKStJX(iC{G#)Mb^);XE{@{uvE5ROMhV9d}{MQ%^JE@g5W_^r4YP!`ef z@!EdkWCcH$K5-S~H*QsC1`?+ry0IS%=(|5E+VAlg2lRfV1rSt9lakK1TL3D%&_d?$ z-yPP&2XZpk>?0(E1f&%t@I5BOM^mRDn0m$D#&#coc;&)Rg{2AoYiB@m=tAtpFXYdK za;zoOf`p`F7;xeP0QjX2Q6&|e|8giayC}coaJWWT#bsH4aoc2_@b}mAH*VHH2nE$X z=iuO};U^2#5o_VTjZ@bXP2=a=r)WuO6bWi93l0pB`ecu+%s@LS}UdfrR|?tU#vgxKx#A?`a%L1kNhq+43A_C z&+KazN4VlhOrAWFa#|Ha)EBK)w2oe57wy6RXk1*ki17MJVr=#r4p=>A--wGPz0f0~ z34dW^0J@IE(J)qhbwyt!J#ygY$0rP|LySrSLA=bPl%#|l z5`5nVfxg>X?AK@g&v@Q5d!s|>TtlJVetInoBtPXcm$#thxZ+xp^kOW9bnS@q0u?;S z$~1HuzQbt|Y@4MRhd1}XO!#92i064qu`nYwc%33Qkn4%Tm?$)t?VsD2Vqg+{3H)mh z`Hwl-GYk$LDKV!k--1WM%coHUPFVC)FA>p%s%QSNPAtQH=&!}PP+b;5DHL2_;}vE~ zKw3+mo+ca8Ss~+xjW=FfyY+H!3gIR|{x%6Wh?tgEwq1?+A?QbQ%N+jRU6v|ijz`_- z?fKrtN;^eeV9%{YM}p5V*335Skmw(i=g+l{Q`YR$L+Li4i3ZU%R!IU|06V}$ zy@po$MSnJanNvQU&Bu2M9$$?~#`vEN9#Th5ZN0Rs$K6;@{TMW~GqQyHbmDU~vv2kq z^bLz71}gHj1-f9Hvyjfzn|K9Q zv?pY>$l@w9;bzYnjfX|9)`)$_9&as2nq41~4SVNq+va_a?B5nFO+U>P0v=dwM5hqQ^vd@$ zNUFI13RH)HHBDPI?VW;vyKu=(=-Cg@o(3J%#=IyYra{Q9i#>9d40&H%A&E~FZ%zus6A6YNGP1PdgB^1vyt}DQ}Pr&rSW2TLB>k` z#tEuAMBE>zwxQuk??)A@`srUXVPWpYX(=O9aX#9NF^@?xWSC#sP%;o;lyw>CV?M(y zM>s$hsK*2<7iG6F^B0dOqvKxDCxS)vBYNB8kQbnR3vEYJ@{I81ULz_UX$*vW6%ZFL zCNA1o-;sP0oMKgIQ3f4I*75u&KoSK%&S?Pd1e}6 zW`1ZLdo@nMx5T=z;Q(SX3!4IxBxkLwfi!aBgr8AX+zZoB2<3IWWmQupA7IiY>FFj) zw2p*_amPKXw`0K^akxdnKSuN*Y9Omo7D?`1b+`y{e#Q*isXm$oIHuW1YfNt51N9%5 z$>&)2mCd6k;9K&z?~iJQG$Ks0Aqr~`Q84RY}Lo<)YwAxXdOSN>Wd6xo11_ucLDEKYS6 zBm|kRE&J`dXVl^O*DlaAYYsTsC>|;@C&@WfH<(YgDD>sS&xc5Mw!L z5C)l|%0|h-ZeL$lOkt7D7CSCxxU<8ioW~9qzt? zh+G!V!fzHVu`?3IBzLb;!`+pE>~rW@2qy>=)PpYt(G-_dc9RxOPEM{~U!FjVo>O~n z($#LH;BgNIealU8&9|dGK8=_2s*7Zx1RevAH?deT$_~jUep!3_J5i|(y0MA9-FK`; zNu8-+qVCO_?pG&}zy{+LEU#|dD}vnseHSQMx+J4Vkyyk_wh^eS>%`aq5vc22Un+bm zwQqT?ANrj0y`C)%v~66WTyO`rBiC3KMajnIvGp2nobNPz$YcM*8iUty?zZ%}8KgU{ z+5P6kD=QKWHuitcaY7E1cX)aU7jB!b_nevw7PDhaf_gN#TBg)y(Y1qEtLP629#Dp-`Ygc!|d&QHVo5=!79k!x5`27sj1gJAUK4%*gD@>A_h`r z^nxW0USHN&5c<)Gw?+H9L#@KJ8k&h`v3z2-u zYOjp=z7?VUdf!tVi>@z!;g1JjzP{U_ z8=Qa^#dr{OyyL5Ec`cEy_7!w-9FH&OGv|3?&tpfBAWv)5DvcPRRd+w00=;%o=2Y|g z7H)F0#R(gzesUnlGeyR<5`XE(Hbbhq&X_*cJ#HIi{)`jBw9$2PBu)at>o89Vns5h_ebB_WV+cuGfqe zl%+d}V>V7*mSSfID)jtN7VvU{6wFSuH(1A^C0^P$Ke2R&@iq18`EWN#3%3lrmOwA+ zDfT!zjk~<(IWo=gm2C)gYK3ibuyT(}<7j3;M^b|ZHhe(E3%N$)Ju4PC7>8p0I_Ms@ zzOuRQD%o*Qh;OekB`uFcT}1{yr@9v2YmxW5qPoo=(M5_Tn5PhdWr_gHD*oxv<`B-NoI>s(7ZPKA zH0=E14bOtsf+BMHy8bF&kOY)P^+VjL7$BW(OL)&JOB!KR5Kzx)yLsbV<#T+Kz9E=< zWGy+h()eM{VQ6&6EHj77@%;{?bcN7vJ4c>Uep4>me@2C-c~--~>?@&Kr$AXCLb$9v zKc8&SH=lHh1iHnni{fW#B|kh1ysm6+)kiS}-!6AMI>mJ0toExj~KyI0Sb4lr=AnCMS45GOza{kI+?#Nf{H>ciLH23cY!O z0W`(nu%W07ON&xQ^i~oN=-uLJIq87IiyolU*|%u-@eT=n@lhAc4#^+wkX_z8CbcvFfD5g0dpSR_VplZSqe> zQmiFKJPq7QiK)ddilWuJ4&UAEd#Bf{&i1`a@rt~8ksbKH_o350QGryiZFN4U`iTZH zTYHc}7HKQbnvzPG`s(D9DQo|{=Z~hKyS+mek9c}QdM9c6pl&%;oO&SXc!v$CkmsJq zfdD(ZS*L3QRly=+b5vfIteo7A6#^PcJqNnl5Lb(4%Zb; zSd~)5slT`gV*Ic507BjqD%9}LSsFL+Y!~l#pBCW_&H?gy*rp) z(lf#@U%ng{*$CyIlgT}-F)2Tm@Lcj}cU}>_OiPm2IomLtEv^>m_Wse?Xdr?jEu}WH zuT}BxRPG7Yz$-Mf?iw4?u01%~X#LgxInQYQ$>`<#doZ4z0q1Bk!Hb5yJsZeQ(4Sl%3TgGtsT|K} z)hL*T8B;v><~i7l6P>beSQYjCqre)3he#zuSOFojVVxD; zh)%#SJbe$pkTwKIQq!!S4=N1mJ6{=6)IpxFBt-uK?Ran?eSWgPk+H*Tdn-w*-!J<` z-v5m!)f|s-xR2ccJBoc$j~(5-)l3hy%W+_|+CT*OfQI!4ZaNlOLNvR^5JM8W(!Mn4 zp%M4p3tXx9+NnPEFktrrLCG|REsg&4m2PD@`eu&0yl4+mvTko1VGOH62OhfgG=V0* zh)KwQ_opKGZs6F8sDu;$np`A-p?}Kp%G_sQ&_-6#>FKmVdey5PHC2(@#dlx(n#OuZ>m129cW36;9Sez+n^G$S3Tq3zW7 zH0UOJkUU2=pmApsI+EPu-vdd!AFo11drDi}i0O`H=MGTr3Lr+DE>_Qc3#>+|f>Tol zjEr5ZG)LnLLcgxsnn~<9%X%Q7RP0OL(mMAkS=t;{TIeM;2l%!s(88+1BgAlpBt`7pL(53eKv2d_`TYwEa&csopOxPak4ON~6_ z&~=VKYfvTjp}%`N<7*2*BRo)Y%X{@{nf30V?iBG~*Q-(>HzFd3#I+imIZ_wqi0YPapy;d8;23U17%$miw_3Ul=t%kl0^4vY~-HJMz0WE(f!ziyB z7VGnYqBxju#iWWVMKffgSqx#D=O47}-t_+#EjuNYN$NVdqTbdZ4V0^Csi=;0s!V$B zejF40uZeX&9A1ZvK-o_dJWC)|pS?l2g%kORILkzsJe#bWufqKUty2kSTr+_=J*%Cx zIhW1EA}b;*3J>aH^Tr!p_{8m3(9fp)1z*;4*lXF@Jy#UN`vx+;r0*j@vQyA%H!A{~=Yfg!T)1aBXm?JeM zIQd>3=K1M6!- zft*Ex*IR~>R>XD=m1Ur%$jb6yYvnh3P=^?ZT@%Iw*yt|~^o-sLILKaI!}>H0)rKO} zEx&N9rv}mN_0qb%8xgyBxMZfb1qWs&k~|G5yB8TIZ5p95frvj;ZK+Li+l1_@(H^d1 zmOl<{#YfJYbZfOCWgjRsmngX6w9X10!7=t$H(|G*L60c%YXqNV$iDBCN;TlkwZBAQ z&~mejkir%6{(RvUbFZm+CSF|H2dd*USBfR^WFP0!X6*;51J%BlU6MMjXlr?^?}Fb) zZ7UM=k4(e}gZteu?7`7jT87(s9B6UzrDkK{A~!X~LtT|M@oP40hJGFbKVPU%&xrH< znt32v8|Mlj|0~}z94pe|6oKTiu(um+q@UFj<%BM?ZbF3#cD&$_1%CFKU&G8owsC?f zj=Kj0C?1xrtAD=_QMdmL!+2>rK@P^*nT|*t)TCe^&UO?r8Zbd z*$<2?lK0WT*1p9j9lfg(@mJYTN{rscqna#v=GXjD0H7F5F~yFW1b`x@G*UM|MV%(e zanWHu@L*ofl% zY@+GVK2oEgCG2uOM6@wB?YgWnb4S6d__(<2L*iV!rEm+1*duVR6R1)iR|Cfr zJX}Ovl3;6j!yE!1{25f%i!I{;dzU)ug50&}|3jSGPB_HqS9s@k&Scieev^C^K670B zID(WO7m#yJ>8*0lGlUelS=9L4NihZ8ItHa0*#k4~*hC9=!;``UpAE=BMA!y0GNFms z)VX@AowHO>a&4Hsq$VfY(`%25r68z{w>vqpd?W9#nO@Uy=3W8>vyC!}*9vPfQP z>#vc4+^52ad@gGRI@zX^4^1vgnyx??-n*_GHc>LKo0HV$_X1|?Z<{G>1yLSMI*&8P zn(S{tcjt^0!=*pEg(Z8#&XsdN*irdw{#UkEm{36+@|v08P+VsRVvrA(aS-g&k7wev z^+yw=zJr&b8?DjjT$-Wep3K<5qkRT={XVR-3R0DWw<}I_7Zadzc&$(Bb>Oz}A&rJ_ zw?0=p^~(n4!Q06jngha}%3;XOIh(tfVqWx5!qKa3`fwRW%BF2iBsjH{$VU zx93o@^I)48lZQ_^$rsfVHZX@(1<%w53B?6ulRK`k7bz6b+t_2(4CQhO)c``I)^?lA)K6+}9+y@89cd zn;j5E#dxUwee7Gop9};8!SfCq$vA%EJd2d8h~)}JkoW6# z+~3}AO%?pIVPW!aX1_2HAtoi=lgbC4fj(lXm*rHyObb_d{jHrL0=J>UXx)jnMDTq9 zY-b&ybnVCOKoJHUc&nxGhmz{KGgp@tig~pK&BP`Dy)%2T5f>D}UTxqO=J&C7>1!mT}&2?&0cI|ABvGOY1s7|2`C{S>Y#phPTOGE}F+# zxmQNGfGo8fm-9Nl0jZ%{i718`>cKT*#UcyWaZA@pjDW7ZH2({XT3@) zm7y7u4}A)-Gv|;p&07wX9Sk&*-UjmXy#WN4#o0out)#r zvx#2h+6#8|p3Nn6!U$>yAY_;;%J5i%M=P^Y_+pkCG-ZyhRn^q7Vz~V_c#UHI&-JiI z-&@{XaP?P`HM**>ZDIQB9lCkgTi;mL$5T9;(t4``aZ{y=(J~L5MUXNjODY z?0fo0NRn6}zVS9t9@`h#MnV*8GmhCw2MubqVi?#;HXByz@YQJL9OW=-be+9gJOQfr zLZatGtp-7AH~rcx^{$5m08i6-u%1p5fxfzSyquqP;u0TE8k^T!gcL7fEclpK^3)tLesU2bql9PHPb@Gs}fv=;YBr zc?*r$*8tcW8eajQNpHqBeQ~{GI#bELzaubtVu(n5_rbh*6!~gLy&=mDf9!g>mJgFd z_)^q|;M`4)bxVCBQzly@@-pwG{;aFPV_im&@Es}h=zAkoi$u%Xgu@@}pFs;;MdbVj z^z*_-)Sb1`1Qh7+V_$ycMQWbjII3}Q_D`Pk-_2Ikn8jDT>M|to5Ef*iBrY&TJfWDk z2WgIvVuuRcA;PaqJ@ic!Ga@5&cq}asdiJd~1m_b}gFz{r@?P(N%e*Ez^@r%_cdB~s$c7t4)3K1iRvGoK3t)_)?V$C$1j_JaYJ zFa@}eEwsY;>iBU zi1Bg3TWT9dhlMt~J=UBPoa^wHXmi{#Q(Ksrcs)=-J_-;q@G^(%M^h!sN?8ri{*9jp zM>9RRoPYOPQQ0f^$uhrx`%6@)mj&<_k1IY^?%eY2j>{O34eRf4mUMI7jD<^TaMl)f z(Cfea{)7CB)P&m?ebPS*?SHWXe=@yf!E-p7u@ZqIQI64n#Pr?22QzZC_bs;$!Z4UG zv9|s)#*qLeDBeKUNo5|8o2bSg6`HaHS)dSQ9Z}9-`;MPyP)pFeS6m*)vdKJ6-eUA_ z*}xJMq_spAe75`K>({~6)$6vx3pCn~5^BM@Af{FVN&wMHGRC0$8~u}o1xokQeZX_F zLs7rHWI39n^i=t%M%z{8M{EjSAggSD|<0l^W6 z(Z%=mfX6Ry5^f$4c;-htY?6)_X_YYwmuMy}52qWCv)1k>sDpqBXnBc=i{Oz?CP|rcJ%U;h*P&$ zh?QtIRJwVPsr86sd9of>4t-4!&8cR`{@ZQ9;M3t9OrXRvJPNMSe!Ewf80;)a9iN(# zcCm=zedJ;4Bp1X^>O#5gB_tKW81o8%KGFG4(Mx6?Z&}({@Apn2!z+X=--3PyxTGRF z;ufPYV+>Gh_05huzdl0rj`bIxA}2=KQlx+Rw}BsWpNKZX5V3egh}uUF{K>2ZG6*c6O< zWZ5qn9_=iYED@*F_uy0a!{xoj-ZZ7BFKgYiS^2ebl|`7QC9waRZhr!J;=k$KGT??c zay8JZ_hyLGmqk8Qh?F(0B=H|ZFbRox}T#~;pOdWR%6SrPN9cVye(l3)iW^7lW#Hn=`oBcU*0F&3frVc+d7{*D| zbh``NYoroIK%sSixpDk;a2?7|r)MfcmpJ1Fo)8@?#h;Y5Fp?KP_DoNPSsv^L&x{nI zC+0^ptrd5eOem^T65CK7#w`X0p(<;G7-_kz+%Rb9T{pxyWS5tPHX`Vth0s;c&|BMV3}dxqh6RuWWKZBsy?Lbh8RJ#)JB+12VQo-m3o;({2DCM1qQO}}rR6Ko$%JQ8I&)Yv2c8}-m?+m! zmQ`jX4yGb<%k0A4h7E zU#F6Oiu`>zfpwE17)ZrFj1dAkt`sRJKmhg)hbTwow=MuM?qEk@?6mH!;xn@+~`P+nasUcRHR& z$-TX2`%Om5RMNK#_k!Blt6MdkFlx9#OUiFphYz+BmVn6ddm&g8$z50I*>5`wyiadyCX%)T_@aM z;u#7JYMciZE^78OBprN^Nsu_$Yb5w|?46;|CnZ|(P5+_HKJiK>d&eoc96%uDJK70S zt1TWOI8-L?s7`pj4b1ze4-&llAiNNzs1**oieNn9?Uoro$k@ELFd25-mXHWnogRbBrz>dTVOAE(zRkGME%QW1G#yK{!-kc6}K(nqLI2TRHXgU{g+@8jUajJY(wmP z+@D1K(YuBPW%+aYju1QgR^tA`b4~l8u!M@LX5CH;0Bk=W25o&1IgY&jP9px65X5R9 z%iSD_d_8dA5P-5UU{%!eG%TgQeiD^uLuXV0w&EcumGM7vOX}K&vBwq|NdblnxKF?x zg3QFbpYN!3;-&h*&h>ai=6h2mkFV$Lg9j3XPrrTcSQ&wl^IXe6;@YxKH7(1&|G3-9QGmcTS05WzYE0P zf3OyEY^}V$KC5Ev{8fxH@!@moydArZAPLDs|hEST7YRUr2+RomSkoe)dP|tKPo#s@3ow3Z#Z?<|6B! zv-zgzS8FhpyUkt_D!Uon2k$zp;dX!F>%q<5?U+}YH5G^+yg92jwsus>$;mkty`{N5 z@`||y=cTYDfR3@9IxNLyJ+jkBs-dJFMCwixKb}= z+Zo691(7E~D{-xfSyPCNZ<-W0UcBnl#e;*u0 z01?LTGOwF%LT~Bs@HD6+m$P7IA1nE%O)JMkOV7(#ub1s;alIcK!^* zh6-`lLu7a#GWGW#huXMHlxSX-i(I`^Z*Z?|l9Ix~-p|yDt1^u-)%Jqt@i=~6S<420 ziw}R0CymF7+|8=oMELiS;&3q<*!9M(3_VUmkS826ue#tCAm@JFEb}n(d&z|8T=x|o z`~wqiR8#tdFwm^{bD0~~uEl7sJ}+?z)vB>gUlYE%I)8R#C~{+eISpxYTufa3bl|0X zb5_6b8~JN`vD(X!8WG#D`dFKcU5CNAjC0cs=*{*lfmX!@0avT}% zSvVpMNF1*ryu|9}6{^skOs_Vl4TTM#2v1S3#J9Ou`ORQ$iA3ar=$DGH=y4x|CIq10 z0TA{B_7-$x#6My*g8txT{rv5#Qo%Qv#(~iXmnk`ujvXsjJ#WP4M5h*ptb87{l44Jj zL5wMmx|VwE<4Ul%d{wJO0G=~f3g^L?c)QNZHy>(~>V`5eWrF+?-d8?lV$uX@>jf~J z-vE9@Inw_vAgziHsl|@Xy%noM3|Y-ovy%VkY`?(#(d#;`((BnFczIW&+E|N_e|vh) zT2KX@%*CJTy#k*R)WE<*>wL1_LlOhTVBx!>{fVV)ytgX6L+;uBkaw#9=@*@U5k#{U zRWk@{=R>oA;fHGd7s1yP81kif<{q08%}$G2Clrgn>h~MoL4@?0X(a0RnvW=&i%-l= za92|FD_j?SK)t1fuLm!z@p7HS{HPE8;BwCOUM06#vV+BFbqo%1l8tE7(mmK%Ds0^6 zL{{VM82Oh?SY>RyLn@Si?`NwWqh^%TPNitU2L<6Xi?|`S9pDq86Eq9yxoppWrf0%Xc^N`-Jdo5-ZGi+u7M3c%eN*=Y^aZrbE9+EKN#J024 zf2xRPYW#wa--K8UeLXRWrbznEFw)i|H0jCWl%BDNCX41*RR=@^lwe$U&x1THePn_W z&!?FOcE4yPe-4cMqeut?zkl!KSy;4OBx%^)Hme9T;C&#mp+7fZGxbc!4CD!$^-nJ< z&l?X~TGAfu961*HqF=ww`3izZimDMw@pro@^@N5Fd*$ZYhHfJ_`tfcLPj)oXkc&gz zI$GWd@KXg{wRv7OB4DQ_9CINz&KZ!fFS3~|iBk?AGA}*y5VvaRC^Q;Cuv{lYS)6J&`*d=%mbfr`$m{EK zdVXE+#ACuHK5*Q7bx@Kzkpcv5g)??|H6#`uZvQ^L+UnweBfXl&WY=?jEOioMsp8qg z)?h z`G0O6ENGGY*Sv$sFaA^S;Ck1;jCUdHgb4hH-oc(85Eaqsa-XHk10i;vo!w2!{mC(- zA3h3@OB@Ge+O5p9uoIbn;QNEvHQX+BkmOOOu$Ftu`aGWe!El(nj+_S;nZt2@N}<($ z&+>K-h;1wI%$~(yTlVeSibhfp1r5lGwT0Ubx6~4KAV>oAo|_*PRFzjo$s0G##L5KU z4em_T5R&tGw^Z)WEu>-1YSrY=3qiT5%l)$7D-XiK9xOJ%c5|6Z!!BOU8A96rDC9Zm zfS3k5xth-ib@^%0uOVa;gpZ`P9?m7-w)Fy$iYG&52-yX$74{ias{G z)jbzcsz8F39o^f7%$MJT z!GZ(KTH`nkuZMGr+NwRb9>aA?LWR$P!c^y7rfa=NF3y+@8Q5iHG-hBcpqT|Fhe!@i z^QTDH3qwv*@gK+W2cKh33&4bTpd%(Fst2P71x|jwc-vd6t6BcxdC3oH*dMNV;s8VD zIW9+_3&|37Q3fuj>mnIB2VK*~UJB;nPj)C7v}Jp%e|ruKey_ohtnlFBiKo?>_BeL1 z$6?WF2Vvz-#T6hC_kNRz2kO^X1LN?wpkGi5&C00lbdLbNc$fo9-NkIk_^7*me6{An zU1v`R{z!rK+vE7Y2}qrEQ1tgIYx>}L8qBe)R`c|X?LE*pUT9aFPBQu|W zG?xUlj$6HUyCvn`WMWN8{07u)kD|=;QXYm2-o5vj0jjTdwdHXmy07e6&s&_U$LzIc_8dKoWu>ELI_Wz~rd_HiX- zaa8AcH#ZAo=f^obO=A0(iwDoqzT>brETt$sVHea4py;Bh}U$7ypi0K(TD1 zw_fX#b0-OOp2u(1bIYCbDk`n^u|}l>CU-m&*0yhDy&|*3)o$x5vL0d@76k>N3p*B- z^2BBZ&hvwPzjV%Og;U8e$XN1uwz~8^rTq* z$uN)R4C6F6Oi*jg72XUhxP4qbYhOT22XfDEJB}{i`rsqLOY+*=k^YmU>3X7tleD?> zQ0QgifyO(hLpUT%W#I+F0+|U7`$BJ{JBeB=-(C{|2HCTVoFJzk=+xI^#kX%H0OCrf zM^F9Y649S9xITQUF3u-xVQhs16P3(!sRoEC`BNH_*aZw;Oq`0QIkBPE&v`71@SfE*$jcyYH!^QJ>C zUKvEd0*YzU4t=HemQ;?9zt9i%eubms6SP=4mitf+=yd%n*it>>m18&EP@IQJ1BHM4 zQh~`Kcc!La>4P0Tw!2>*ay4g)&b1ig=Il>u#*GoQft@)GKlc)^KR9sA8CKA1RMq3z zZHxHiCUK)#%PgfG6npPPwrr7XB|c$8NCq--RyX{5&dgC{($p+QWtp6-et{HuKvu0{ ztDDA4tNPuF#_Ygxb!=H{6V*lr^Wbw=M6`PrG>G!7IrAA*%T0Qg5;Oh<8*eu%GRJD! z0}UqE-^mH*d1cCVz;th+)wl!P+|OR)Q9cRJrMhxMalp*rve+aiM4uJzC(%pPrVVVO zn7uF)O;qoA7%DB5!$j4cRW4@#T2u#il3_{h=^t2)!JJkiUbTWZd_5{Jb<8DK!fEeM+>mb7h9IFaL*> zQV)U?#OjGtD(};^&nc0(^b;VV4J;y2SSMrl?G77{`be)C&<03LQrJ;_$J8G<(QsV( zAvRw$6t%G_Ra`j_kv&sNRnc>1Q)SW!wvEZlzZx=fJ14a##eW)b_ejj8!JekzX+!X0 z^EgSI#t8HguU8=R+htGE=VoZpgMmJkkNksS-Q0xbGr|#mJ}v{x&seYRtX4Ri=3Kgl z-xCv7-}<0a3(~r8qSky0cs*sZ(f-Q_Eo+*}6m`wljf2a%$h?KrxNk9unWH#s{SfXvaa!K%SQ(?=-p&BokqIS2c zx&Dd=Z6V{RhG}gJAVfe7H19C@iou`waCm z=|Z0hl@oKcgGKRRvO9s3+XJ!h;w1Ir`^i0Gec;PH+jNM5rcIL4RE6~m1hI~ z@3BJ^i0~u307EmhzsMnsNI5Qo2V^*h%!4N=n@rShh3lB#JDJUf;Srz?tm>xr+V!SzW@aBoEJ!DW zNa;kVk?GC8chrDO_CV$Z|ta4AO|wWgeBZSHA> zm;gv;{h*2<|H@}B3qq~E%%Pa6!WpAJs9ABWJ)gg-C?i7Cp@)^#C3fpNBXM{jZa)jLJlj*F zwcIpXeg3N-Z-dUU)|_jy3WV>Ny*_X`xH>&^-1wL=R(pZfo)w=SZXZa1`Yf^6T<)Me z6;9|etAFgA(8?8r-%i@@iYiW9kc+~cyzRk;E#QHGCs|~Y0WkFhAALdc(D&`Nhz^g4 z!!0=EMAk;~hF&a~?%nFANjIAnXLpL@1~puCda0JI%rImeW5{73I84=4N|X1PGL)c5 zqwd4$Y2a!rRG+Sws5}*qrCre%FurFxr>NDzn>sv$eFp0>%qvd3y`5Cc4>BAV8y({g zkeJ|}h6JOS!FG$CT^iN(c?&HHLguYQnC7j(Ek_amHh;$AS(ZWi_fE8 z8Fpr;x@nSq9s0Tk;nYNUKlt(@Ip{Lp4rm2f2v^EdI?-FUKFT~Jzn>I8xSkE-Ak))ERb~`;{t)IB z64kqp3(Hnyg;Xb5Y2{Oq^gRZ#$78+}cZZP?`bZMOCgM&zxD9{wh#hFK~9j?G!<~JT+$D?x`er-+2He zNZ`DaIidFGEhp)7X5JfL(%q68PG;_IUAp zqWZq=(QIK2GqvbnHIq!7|0)l;r>7LyZvfL|m)xR03k+JIQwDfp#;YR~3>>Upe~k~R z32$|9Yl@4F|MZe99J2iG{wPj=0R<@Eu(YPhAqjhVFo~IcJ~`n!6_@zy6aV}JDG8Gv z%1EK*_S+d~TeRc2W^3e?L@Llz;!-9uUD@Y7MYeYr{fY0{totw$zZ0FfZ|(DiyYOec zzx|E~Lw~?I@+;Aae!msg2Nmkxb*#IlU|wz3Bj+#%S+U`b+zsqeF0gK02vO%LZFcm? zvwkCU{kz|a&xBV|P71A~QX~%vWwn39I0>!*M7OUQH)BDM_k#U1C8f@z%h_eVz+pV2 z3Ojx(-~C~+12UXho$Ba6dj7K1-90hE9~Sli)O%#Shq3Zxr36!=%)b{Yygl!yJNt8vb=#V{4l{EJ4Nc+xMp9x8lopJY1>pswwQ zSXm<1p3N6?)O&R6h3~|4DY0MiQWpNXlK-O+)MK~!ebin|%73kr2N?0VL z7apgQcf%y&Cpdr1yZLQX{XJanB*k2cX zwMGvEjgzxRn>BCTD-}ggCd}WLh$cxK6o*4zWP+&o9Zg(3tqzHU=UmU<9wCxp2$!fL zy%(D!C&u7<_f$0t+@o|ga#!cCp5CPl)HslTDm2?C-Mu>os_{NklF+QC-4zFX#nhJF zCrMJ9>t{#`pFFF+wekl098E6S_5}o}2ky`!cWyau-E5Yo*%T=iOvmXme>>I9eUE;4 z%*jCooH)hy%KdCqY$<*RHv2uP+5<@ zdI$T;5Ynm1(-MmkU|=dL9qJIsqdY*m;0b2bOUJnP2?ObsFVfRZ9G>()9wQRUJdWPY zvEjbG6c%V+nu_8wHF0z-f1JuwqQ5cD2jyefICo1KlW(4OJ>U99^TXx2mF166iUi9m zr;zth7&5}2|GcYSAR*OZPkcXvX4N>cc-V)V#!{qR{gaqkV>&;punQ-2lKy?xg3jTQAL3tMW%$!aOJ(~sr1uZq z+q=#zj_Z|J!|v0PUPWy{A7~|Uj5s};Fl$$B*84-NHd@;{@0+*74kT#h-N%q(&FY^(T4gw6B`_-$ zPD-qUrD%TaWA@of8mBr%Xuj#2TDi5y=Ke&1bp2zR@5+(s5@=JKkrk5vcD+PRCGM^l zY88?5d%VwsMZL`stxve-L_HLo-zU)~a0kxCoF)rYhvdbJzs#4EEbb*tShSb1r+F<5 zpSoM^A?z$vheLmcE>x@9%(xctQwX`oS@F0^?q8){M~lw5t`t3}a)rWdXCMDTXQExq zJXY`kcDifshlYz?!Z>UJ{HGb& zoiPTK1l1yS3QofD2A83EAuHQGQHrX;2$cyUDM*FmoU7*Xw0(h%8daEIs{?XTaaA*P zZ>Ae|YJK_Bg-U{w;+NLsTG$|DUM-S|grd;2BxUJhCsN>MlE=FA27WcI;^4sTEPuuD zI?p)Z#TT7&o)7)$#F!P>C9LW(nkfld>eK!2r`cbM_UgaFCg=NTu>&cwX|m~lXF?i6uAnpyfSDus`2X2O5?zy%-{wjV>Cm(~Jm9iGp;w@t>GOOSm2 z*X3=A`GSJ-5tCo`7TUMm<~A@h26Nc4y4sV{xNS<#4P-(1==e03$I|Q`%Y%W$=Hd6Q zeWB1sG34?sFh+5#%h^$&gvQ~Gv;BZ`-TFRB2O1c{`&piEOHwzKAZq^ zuH@!ktDlB+k(WPyy-@nx6%`pFjrrBHVW#_F!dM;5UoKewiV#azj(@-P09_&od%vO= zeRP)p)d`G;+uCd&^WVNOaq!(2wt$pW=insfmf<$eGw!LJxt2ggd_NThF=ocR%O+?!EgDAk0i=X3v_n*M6R7t*!R#_(GF> z;Snl1>T8T~DQc`nvXv*{GVncN6*D=}eAO_kry;E_+k@`DU)PU*N-j#1B1LhBuqvzi zRlAN$QNAKop7bkj-*44j%=KFPn5gVfYO+imP(=gple|(3IJheTeXHk}bZx6c8mdq? zE0~im+n^WAEc!9Igz#a9uZ_a2k1y3pDRU>QG2`TN+sCM_}0NXEpP$M__B z&%?pM<@$lmx9_Cy55;Bl8b8U~-l)#ci#x(wxOvUYZQr|FB&#mnjaS*ZpB>x6r{wGz>3Vqj4Ti_a%jer0dHisbX=gYMN=Nr)NAtFtQ7Z`OXDXQp z2VQCQRLt0zqmGWd(4`v?$5YhN##qDiurO*=Co`(awEtlPt{=fG{T;z4C9HCH5gyoU zVc8b)jJS@*1@5jsjsXWvE=WFfhDlgBOZJ1`@iWrVc}oX6LOa-TH9ZoCaY~f<(5SYR zIR4e1VOZ zwpDCo^b+l~emiYv-BeQ~N<4%hiP0-4-y!h;AEY2R^iziI?{dNYCb4bTzF4i6FZ3Zmq zml3=)(7yT;KJn0%B6V;Q`1_SzBwKb2TI0u?1H1@f$5@2L!p6t#C)4ejwTFDn7hlIQ zw=rDQYns;^_wE}9S97~H7wg?ED$|Fc0mVS;}8;;kyvp_jLQTQ6`b$^rNg{i)?YqcBJD!p#j=2?N9a`1HJ**gC@L$g2$J_c9O~g?FePfug!EvEmX1ferB-AMb+wd7KO1TNF5x&-J&)Z zzGoVq)16(i&0mo0DDX<7X`rnfkXcV}wd%_BYIm^~W|BLCv+AH*hFPM&kfo>ILw8Re zVSedi$`#L@QT-xjxi*6@&t9IRc=LcJ{KcE|wUg(fZwxDMS_EQb z$@dj!y@L*_kgG~|yH0P-W@eqZIQzjT1#6!4o|4uBoS~bkwa1-v1s*d{Slh}j?g7e? zILF33++5MHu);A+_8Y8E6w*0`%oIQ)9~0YlhTJ3PchcG|9O%mnbkh0a7Jnoo~0s7*wFnRj^X|01g!3j38ao&jlbD}g88tc zBE%BByI1#dtQMo(h1-BEPLc(jtX`21Z8nu>u@I7UNf4>VA!1yvZgyQ0OWhHQhsm{G(-(XVp@0}MU&D#@dE4WB|v$8Fn zkD2ig5=a8_vb8OKlaRVE)G$O#g#wVxOh(ovTNZQ3d%=XED&yBe@yiFJ&E5z3I)(cIb;5MuA2)`@+TJ1iz*o|Dp`tCgCPQ{ae$l_Fcw0lbuM8UJ3 z8HkNDl%_B2c3Ki;4wE`|O{m>peAHpg&JS^pcy4aUNF~Houk#oe9o;|!GtXEsFX=+< zA(1u%XCmqu;@Efg76emj{jZ*jLF&Fb%eT|gnllvz3ROteKl0rEs>aOn1f*`#If&4b zLTFgD-dBdGx0U-CeUjEL-mJCe%6yn&u=8}Zu3Y7pIKf1=9aH$zB%T3`ZFvdAp(Gf26|<2k7TF3?Lr*4+uZL7fbu34MR^`w7%aT;BOD%5G>zQMoZ~_ z@V{H+Q?~Ciapuxp4n!=gNpOIGgb>FSGaIjk?=0;`cBDA0JE$!cL9K0ehPGSI4(ty4 z4()2K@w@vfxo{OiN_|G33bF<~x`V0}4K-5U4>l4rH&S+LVLzvv%#engPXU{}$9>dH zWTe(4d)$GxhQZc^3C#u_T9 zZ;cm9z7OrM&Bt^H!FtQ3CPH!Ry3L9kLD`LsjU3yOzB*$MXSS?+%97ohiKVspV~re> zUieJ;@;e-Z((^QiH4xg{%8x_hp_yZc*2|M2A1=crH{th49P)RE)?%v5tXmrAplW3a zfQ4Vb0L0P}7MHKORL3?PmW>wcDP<9m7>k!(}2QKfh}JLAc$&S z1UGMmSVIpp9o|cp>5lvmjT^dC!1Uv3a|Nd{d(J^Wwb1MaxGf%@i|H#yI%e103QFm1QS7zbk2icX0>$S5U8DGUXZAm<+Z$C7Mw&yt@W zLiw<8p)5plyz%8WG#k3uQ%uMud{ni+x7FpYV(JVS zCLW7%sgeY@DtcjVo+}|VRp(rEJ?4YNN)}vrtf&IH)LS?rwL-koy3S@cx>0Z0K8!H; z%kjK3ACnc7D`iRzZcCcct7|BKQ^nbKuVo1Q(- zsN~XZV_~J0Ra-1hR#&qxhsE>+l{Y0^JFxiZ^Ey#}fau5{D3!Cem?(aBDQy~A6Zfn> zA6D-pnIz`S+tY#mwXL;ak~3ewI({u_p$|gKD5FG}HIPoII;hpMTixuDx#L--%e0510nC@od4KB=% zZ6ev68CGD8N=xO@V}WM;4Dv?miY%)uM_P|2C&;vZZJQ1ESNeo*-+#|{HE_Uss9@NA z>4+oB<${I!wsB%b;QJNn;$b%K_0ZN3TQfiR7Mri%-lhu}8r=dti>J&9F=9~x*N3l# z?qM;uPDToAREAc`vK|qkEPKO>#>R~>jL1fT4@yS=hunjSCC9)etJOWdfjesAEzTF+ zqHe}IXHt|${Xo`Ep<*ZRQng2EVwVG0-ld;TFmi<&dFkt%r)-su&y+#=wrB5bTQocB zPg4>)dSTTA4JFhJL~J6~8ehCE|A6f&m+mZQp4Yu$WNil9&B3aI%VeJqoxRr_bQ15* zk{i;b%acbFZ?btCg$h~*)P2R56Y?z%y7o2md+G%TLq-A?!l9dK^-tkB~dkaU`@_VnnyQGX3bdgW$ z-IOcwvV5Ewa-BwPJDBg62|1{`c=B_K#(ZHX8v2U$h!Kr^ZNl29GcW)qrGN5)InvT| z5?+C64WX){KT-@P`?XP2o#sPoD=MCM^6;^UFIb?lf5Uc$)Ri>B`SpelO6lmp`8Q!< z5^CZXgq^bCT(UPJ7b?@!(#o9d63Z>o6N)l)HrocJN47a7;AmV)9lT*(%=7Str9RH4 z2N&EUgXjqI#SFe88_SULO}!3Jn`Jb`mDMqG%Zx>J5*sc`BSN5gqod4~)0UtdXWnL4`lkRX$#k z$#7mvnc9i^1C%i6_G>`cbxy(tU5j5y=V zC6q3q#o8js>d=DF=oLG^l;*f4GlL=XgFvoOkbiYDtOzWncK>mmh1kZA_X$4UlLN%O zpbpt3kuEh~@^oU!EY?!>UU#D;YYX3J3i7eNkokb`o!FS%- z3$3_op6`kHVdU{07q_jTA7LT;*XZcddtQ-~5I`l`iP!_~-7T>gPgx9XJU8EcEa9P_ z!vm(E+44ZkNz837lE$u2?&Id$fu}e8EvX`!q z74R>GZk@glI+dvQSjpb>$9=fm9ni2tZyNhTqD(7!U!f@x1Si^9!*8~n45cDu&u2+z zFj!D$*9loNkieL)(ON~RX3`?*GA$80d;;BEK)J14pG~gjO~q@g#<0uUK(Sk->e@*b#O%9|gO(cK~rszb$7+SZ%d%A=icI|oZAmIXXlU9W9g zeQ_zCN!o?jw*dqD+nz($Ri)5lI!Qo{C9ZaMlnzbT&NUvnl8o%8nM#kdHb#-k@C6G1EG+UV1xAalh<4E^bk>>vonI zs&Y+>0uJAdk!&rxBWFN>3zdE!r5WKLc;lvJXJ}AN~$oofoXcyQDE@nEE!$Xc`r70P8OTau{7}Pmb6HjO+{yX`hqSuI2^H< z8Cr4Y`UY88RmdaTu&w;@V6&Ev>1)0h4>E5QpVkwOE*O+5l5sw;>?&~4jxA(po6-%( zxPkoH-p;@Vm~uLKe4E+Zs-N+y(-t;f?t^JTuTpd+uOhCF>_wV zX9a%Itb`6GME%;^i-%bp-KpSdT$WrE#9sXBBrTV?4OD&vM{kyxcdp&1JbZbMkE!$>Yxqnu>yC)e zglTTeqNH0|@-)VdvaIrxeK-PpzYL*qOyV+Z$#qV7%q6@w>UDhIeSV<}6Mr8;4O{}R9b48y zx`P7G6?09TYIbuv!sV^P>+?Y5efI5iv!W_qdfZQ(SDaV3Z}9OAfJah>QpPH6E$1ok zbm7iPwR+e#up@nVHel1MP=;+3(Mc%;D2IgfLte5u)cXW^?ChTek-acAK2k?6GGan4TJd@>I z&)Vbd{|Q<<0yC9w>F&~F-J_)tJ%Xxb{T%!jWW@7Eg?lZ)GK?cGMYG;G8pZ^B{aI!q**)6t zb*(Z~9_RAw&zoMmuTx*zHODSy^4v{Yw&HTNwsaN~up!&-XDp&Ft&4j&Xafx-R!8NPohSQ6-2W4sr;`_9Jw5Qa%%Y{!+M-hUm(W1c%6aGfWc78tTL|?Q z80$N?5e%mLlCqGFqIvyNLf6$r-ti(beVz62>Em8 zL?|8I%@*q%hqb`!pX5^(1&9@oTh_T{0EjaZ!K?Ic?yvi@c*y~D)d4=KBggoevhtS|cqZW09o{EpxL`DJ|u7Yzf@0fCAeZf_l9L%+-dk*06}I;$twdL@ z0o>R-Ss;GAqYbWWeSG=Ci-`N&J5H|Eer~cu$9L9K_yI@!XLA%2xRBkW$NIT#K~f5@ zpSW(A3U@(`vmDB#aaH`>sggcj+Qo#%{o4VKEnSQOb~4`ZR3E;}-T3nX<1Y&E z)A8C6)8GJD6uG-HgLa*Yh`cCr;?GN@oBWAc{e0%O&sL6)kvltsv$llC# zh1{W*OawS0p7hG&lbTirHURqM_ohnvDt2xlzs#y`%G$c}TOdhdk~M+_(h_KkzxWLD zE!zS={w$a~`%)Pg=Lo#wWg2TdBLU-ey6Xq0|NII%Z=s)eY)G`{_s1(fA3G|lJ0l>LBKYoCufVS#3rloON z*0m0DNJ1xN0CH^I60?Q=%_$MeqmEl1V7P7hU~T&x>*Wl8U49r-E%1_S!c6^rHeC?D zgh2dYO*CTUKAcx-Y>-LT3a5?gm~ND6U6>(pLBr;I9; z{fF;+^b=MGmP6bJ`kMqimOUsX&^IPZq zbun~wgb1K#obYH_%z-KAc(<`jS+P^z=uXi|m;*rDpz<_8_zZWrDop>JfvJmS;`4t# zlu>NO6jQ35g2DK3m+8W+r$-rEyh4MBE2;eLWgbww3a~rYxl|sHgT)hdvvwY#QSisX_+`WpzWJCO01W%R0YzN*zlrDGL3ETI$ z+_ag;9Bv;Kzy{pcJY8tv-z4@#W-XqttXKyGU?-9>>AUD75JFKGu zKXUB&9EB~#%5dk8lh=@EI3QY_w5q?`Lf?kJg*Yc%hJ3%mmQc>l&Sl^>Wf@oeMH%O>G6=#q zTT~kuH(+rKmZ_v({rl*pDP~&16iOPii{}V!XEH%&(DrI%4~;}Vd&a1?K-MOb|h391mpH(-d<8UnEpbRqt|A;BJc6# zd2m+TY&bV8vd&wx2W{w_W{9?chan^{d6 z=HTDr-|k`Z?Mlz-@(u5o1}yJsr$5-!IkTBK^PB++b1$l!ZjX)*$)&p`_5RYP_Zq54a8x85vrs6L2B`GI z%8)>_Rio?X+hseStt^LS;w^*f_ZKWzJJa31gCHSe;?~-_ARc0BAOWOqqX*Y8=C%Y) zvyW||l)v&nM{b+m>Uw|8?$(9@Ji++b)$+%u2iv{q#ib`XA1J{GW?t}p1nlO;TlM%|SB(%Jvm15Vn$mm|{a1v)UQKvrDkX+3dSK zOM0g%pBWBMHxh01K-bpW)>}E$mL7$l0o@lh%ZrXmONlssjh3d zU>4_22nM)eaH`$p68di`cok}Z3d8e?-%29A8d70q-k#~FJi#Hf- zi9uZ`oe%5B2nyf_5Kf2?{jcf?x*?PXgW;PHOB~8N2D-mBpE}(6Sr39sVrI7GE>f5Z zxkfKCyYIy9q@16u4|CXr7Je#;LQZmJB6=Gclf*>92NP$L8der5TdxeszIbJ)ClxOnNoCLYpN=mNhQ;V=c_ohqdchip+4SBqLpKxC{1V;j!l4i!*2Mw zZLix;a(?Y@(V&xOWc_1`!pipTrtiVENK81n)J<1-K;2cTEdCg8$wfW}Um_j&h_)s- zcm}tr+RXO@KOKA@bWX`p(rI{Ec8Bf;Uix%-&VGresnUI7+KAJuSdt33?P^(59n-Z( zbKi6lM5^C4SxnPfo@_UzPIBP8Ry zbz@=phW{x!ZX99jr==zBdaZlXIEJr1^Wbjs)x5H7#-_Nk4B3fPoO-g z&0;rdBBCsBZBwnaE3Usl8z+QY(M!SIENG8(IPhks+ik77#6e}0GLbr&tYa#ac&uB8 z<4rB`B`GKLl_1)m5CS^xuVa=m+^=#Nd{ei@$pbc@HPIRh6i#fXfr({`eBa#fSIwTAZ< z5jkx@1@I}kjX}}8$8?M9I;llk>Pzs{Y+3gQ;d@$y>@ANLj|G8tLs0aRIcUCZ;>)ma*2Ae_hMmB z5~Sl#FJ<_q@OsR>&3RHjb)H6Klw_JE%j{OGV)rtG*2X`!eUvT)v&6!lzuJS2U?iM+ z`=c>UL?UWr#Ax@1CY3^xlq(N$7|e~_{gxO1d_ClQf2LB?)wry6rydyOqd+`LVm4W| zOVUFs8e#WgB0s*3;o%VphyrgGCOPxOJEqpa3uA?*GjD*^s(DYY1tF|!3mC+^i5p=fJULFG9)7q28P zkiNBpu%9p(owYMYe10SNb3=~i@QM&c7v7|~#N^wN6>5|rQejb<|60RB^6BcmYsL6f z;Ui^cj3?y#dKx6PhJ4D)*BHb405$S&19;dkqt2wu-`QPXrxSD-y_eK-(%4LZ={izp zyD%1}iuLMOLFbYemET6usrpM?85!qa|Qz|$UTkmJL-1>;y1dm?UQkJ z`nJOU$HZ-Q@n51xRT_8|&#OzngR8Lf7@Y=BDz}ndLS5Q|R5mXZusVhWQ;Fi%C-qn$ z$Zg3zi|P01W3*Xae+skHFEtF5VvQCab4g)(go3$3{$ z@=t99dfo?8>uDu|rzIJ^X`agaz@xqL@mnz2^GWy z(Q-Lnyc)gT4@?e3t|~hYWS_q2Cx7=i=sasefJKdxR#F3??brez2~3KiSza_RD(KwB z9k%3Hl9YWK9vf+&$h8|!hocp1Kjd2ojyG3pa{OhROf7|4`3?x(x zoYGSC2WqIaG(5^LH?Qejab^HuaOQpx{a-tVi32FCD*Y5d7PvQ?yT<~m12S_gBF7^S z;AkA49cQY9AkKgIDVhGWAryg25(HFQs3~VNCje}$i%N32_2sjP`byblQWoo(mE$ax znMwiafAIwXL&FW6B&xHMc^3u%gpEG2s610$?uK3yAn^hcA{@5nNN6Mi$mx2pDZ18~ zxH2KXQOz#k=@G5EiO231Gzss8-yF{_$4-{=c7{`FC6Yn+_hkrL;4kz6)pU>-U2wlY8U#tmwvAjSUy3p0?|L zVOV;QEN=NEYi|#^n(C0*MOuF7-Iw7#wCFloV!W@cioW%yp`H4#$|PW846`p!0o05$ z?cL^aWj@9BW>*?A$$Qm%QXJR?Wk}WI_3yQkqH@VYj%`RhjnE?j%Bm0uc)en{>hI># zMTi#H2)25u(lwi7bpC8g`+t8Hf!OA?hh4;^zdW*1ZR^adbzq_rip-=URocNmNYL*5 za$y!i|B?o#(zgA}Ga671z+tzoCiBFw;>IUHiejcndwm{+abItceN8C^ph}d~0FvY<`NhXc-#NnL4I`L(Hd-paD%Q7b3m?kVaX<+GoJsTep%VvHOeQ z)1AZ03X30V+7&GnuJkSq=Cw=hRe$}@#Qaae$VmRYe*Up!z(aJ4wva=fKzOXavXFR*ystl;*YmM%rVu zgA=HV7bkPe!A;_KALY#(IPh!GYL!Mz+Z1@m)ed9jH~#XhGH>hQGzm23*G6f{1(9br zA8*aooH~-g>pS-Ou6t9txK-ng*Rl?~AHMi=X@G)m0Ld&F!#gUCYw`-T=V!N|)lSx0 z$v253k_(h(LSh!#=!EynPVSn1<%`)DJs_oJn=^Dk3BF93_`Epzl1gjL)Ttc>dK0#% zXJUbbk)~QR2mOIN;Zap~>Cf!Rr2)drdGL0v!D>g`9{Jl_e%e!8u$)qzLFLldlfb#; z;~3nUIfjP>wYSvMoB%vf=%4UFwgmAJ9CG-EL}r^aPhXm}*obO|GPKbupo87^edkM3 z3#|kjs$iaHjBDA=UGV9ZHm!S)YK!U2P;@f52@+^fmMA^UPYDsbQi$f+6-aX$E{LAJ zHS8F0W3AqU5;>PtTJSJ6OMP4J9J-OXkHp^P*IBQf2t))>Btyp^$!D2*QeH+;>boEu zpqNl07p_=9*V)5&n9P=Lf)(25ZY4BZW(nvlZi_jz+<1t+*R#|v9q+G9o|+WV3+?=R zopCWHCuoS$S}0y2Uh+vW0>|I#L08)a$30Z12%X>DzvDq zEiL-*Kt$RfAR=*YhLa=7+8p&oPmEBIe;lUzr7W%Hp*uVaaDSb z4%ztwLJVEqY#aa2K*U|r9bA2-UeG3xdE#0(8R!yH;_8II2ygirqA-~Q;wRasApxgRC|i^t7wA;9VUi0`SJFKXIu@7w(2=4`xihV&h&<}WMgc- zhn=JK^6=TqW8gzFXV7e{>?$BI9#d+gLY59A`?DT}9#U|G16YVODgFa!Y>;10R6w#B zSaRDJAVeya4(&h+i>oz^IyaOOnjCpN_G}x{Kaeo*#9+1OuRj^9LdMly@BeVl;$i(< zLQK2=?;(=YUpjfIa9W81i}TlT7Nyq#8=qC4yD6O;QU5;Ya`YAbUB#=#HnDsQj@GBR zzOuQRic`%zSuew$Y`gXpU7eR%&<9?pP1;giC%^71543L2kN6Jy8eA~wc~_QU@}CRl zy%aOE5N{U@ozF9jjyKhO0w4L3>3TCU8YyY2H>|B zy``#3rA1Ri^V`a$OiwyG{X0-ooBricpAR9vObXqjD=4^ktqA|J&o2qOxsLxZDd#5+ zz2*nmm>=|z_g>N~C1h_K_2gWrMxi_ATToVA=R(AXLM~kgf}^CV`_qat9DqoPBM6! z(RVkcui6KX8n0*~IQJ`4%35x?XG+VsRRZF*w&=4(rm(4t#Wp*LJjlZL=+%#jx>f0J z&DZRwiuL?w4xeCCyktdlH$!*w@T(f=!?6$wHfXiDFtZj2yT(nLi6(1L7D{CxWcSsV z<~3jH|FGGeuscbYntiirC6?4XpekaeGK+Unlt0hd=&@k>D}s>Vm!ZgGn}K1l=w3%*z&H@14pObLJ~qge24g+8b5;7mse7U_nS8q|(=F(=AyRFD6TH{ROMBLl&w1Ab zUmRWOY;AJmK77PTLD^jWO1UxpKZx)ZzbVhpCAxMSo4T{^8UE0rSYmI7FW$VEm$#hb zS2e2+5JT{H!mP6DAMQ%`!$`!Yeq{u#F!g?*_!^EzIZU)*TH*DCStL+^9!42qrtY-LG zUKi(FFw$v)#|w4C=|)At+cGD3S?1TA>^!pAcz2VawL3&|bVj#NSJbLg{N-+5-*wPx z4Ep;6?c>_B^BxbiP0AM>4+93^TuFUE#!y^h7{L7dXk646^W$5t-`Lhv>(bA=8|`_I zqPF-zZpO>1y1;OpCo4}L0NTDX8`BO){b~Bl>Of?=(;}W;@!&GUyMK}G>z&r|exP!A zupMb<)SMjZ$=zfhs#6MCZqq+WFFYf4tJdnEepK!w(V$Xiu^=r_LRu%;U|95AiA8#e zS;2pZ`!3)A6ZaMG(xxVyd?Xq@Y7x$Wd{>r-kE-BLx_sJL{%}3?Fzr={CBD>7)Xn2( zMrK8G^I&Pkok`Kq(e5w{dxL>yIQEixXXj)WF0VQ=2~ zfCU1TB1rK)-w@4`zz7UZoV9D@0bJP+K(^@+bbt(fj=mZ8H$^_sfYN+E>f4nMd0btK97e>)vCH>gooRW-;VZgI}~^8m~pjD3=x<2&i2 za%y&YyTVV}f&F)c;+;B(Fngha))zSQ^7Jpm&%W5}nS;jJZyG`#47Tt5lnv~EjD>~J z`qt*2@hH7F6@TFV1>8o^>2%Op3^zI43!)V2q)+|2nZxRQ+2k|rH(;5;prg~!Z-Vvt zQd8#k(sW6`I^GAE1f=rM5(tH1QHb(RQrbxFg-Y~+fsPD)Lksbw`-*bNr0P$hHO0Ez zZ>4@iRbRt!Lnx%Jih*Hx$xN5=Bfj1+OcS1+(Ef-^mr{gD!(-y)ITTg%+patGG2!m? zEO!Z$9UE$U6N91N6HW~W(8YX5C8J9Qv!$u_y_bFoES!9-!4qI#WM1kQ6-xcW*k0cn z+j3<2msdqU=eO4^z*ARXuW7&E-tPwQcfYxlYxJV_kEzc+ILq@SeTTT^7mV42=0Fr)X#AlXx*WTh>B$fRWt}b zzY=nPCGc`1gE;DFMBKLLS`47DaVZ7Jg_b3*>|feY%~LSIg?SqgwzGnwxp%eOh&l?y z5ko@8dT=3gPsTvw(h~Ht!dk7}+HEkaghky=yccL+*O!ou}PDxZG{7;M@@?p z5X}i2C4M=z;CxW;M62CocLdf!ShTot3>JUXo0UPHh_&G8EgkXhSPEa7(@Z>dB+}E7 zOZ=I0UT0g9Ya?RB-y`vWyhIr(MkD;|OV)vW4vE)i-BoaiQ(EMwnkX~0f1qFo{bH!} z>%2{>4_i5}39~rBgY!?!WPIY)`ON>1P-8^Hr8dQJD!SyC>FH=N{Fj->;eBBG@dPSS|B-s}1(>#*icX8=8Ucb^4-M!4GhAi4GRPM0ONcuRfb$r+5?ZVs9qY)KWPNX~L-d3dxtrt+3 zpexyIg0n^J>3d@mi+jmwv4JUnz@pu`Hf?<56pCu&&?fd7-`$eqbw^>A7GcLHbu}^! z1IJ2!lig?BEBd)V!k(A*2O1q#aVtD{^tnWx+y}$SpNw4YQ6OI8sLcXnyfcu@g^yegD>in0{| zMgV0(^s$w;>aFfIKsB0i;F;Jrt+xgN6-<6MRpOK0w4}q|VS9{4wBUuGqSDLvZw_*N z&vI7^+O2IN(R72RBNrh6{QnPd|3HWLlGwQ@rt^=o4n_)H$?hR`rVj)1nfrYH5}5xi zb5jU73P8sGqz)Gn4V~rY9Dkrda8(NQc9i(Dmw#SI(NTRsxc*oB{|D{f<9PHIp)v&u>SYz1?KYbtbRmcPa!GvG3=&}&f6Z%8w% z#<n> zWT=FO4BBG&CXFouve)K(<9pUB%objuw2_f<@gK`<6MR=)E2OwHqEp0qeVCSR#>Rj4 z>?t&Su-`oCJ**4)6n11^xg$U6q^jl1_-U;Q*qsrh{sC zPQF}<`fX;)aC`h1pb^zS(QU7@IHCkN?O;;6yFhbTnnv}a)FC9L( z#jEVTZ*lmp9BI!;B>k>k<%<5-DloGep`(PhjIzO!b?YGg?Z$<)Qp@{z+?`n<%}<2K zFySG8%IM*cb{l*0unS8NYcHUEX!po*s#WCjo2aMW+UhnotoYuav(NL|Ws-a_3(1Qw z@Uw7}ricC)LDi3Q9l48{lmJQZJf-&Imic_GA)V#_d8qoLx%$6C)h&7dn@}~2*WaM( zKk3hV=WbTY4a}%H9^$DTF6UQr3R=aMHhZ-toHlK)a>Qq`2`MfGLDgHB`IQxS&eESw z_{{UN(5r6Jx0C=USp(^tK|qHwQxPbAP-e9Na=1E3M+Z6+_M+4`6s-SZ#7 z(1tLo?Fpum-6Cf@{Ke+oyt>_svL4{F2LO@Zt=!lJ zn1{yebLL|*T4tN`Z|gspRoaC2re0TIGK`&6aBEXKc!Jp--YOw7yT__yHL#jkv4+s* zablU%2Sho_xIO9K+)H-z;gyFY4J+IF<@SROB}5Y&MRPaDke~dYZAju}9f_TOi%xbT z5g{NO$~^2*Ja(C53jz4 z#i%uBW2r-}P|K6&kRdyHkpak`Y>5*|xUo~Xe(mJb=~e;1RsmR2#lO^LVJ`hymjyOz z&9|qdXJus-v(MRd*;T?L0QT5KTXu?Uj3FMeidk#$2~9=)8ncwSArUcUt&n9b+1D{r zsANf&vP8_%YAaRQ~jz6 z7_gcHKes%L=I%^)gEb82-sTr+)R!?7QFieI}MPk5$m=>1OcdCB;&MfUB+p3*Qc1xpvdA}gpD%2C)+cv7X? zFWsY|J@ajuhXvzMe#_E=k@n`Gt<(M)6boA`CPT^2r_Dmws>MP$(9bi4Uqq?fQF&6O z$NlJ|f+a7Y<#>Tkg;_Q6u&yi3ZZ13!ojUF*Aag@_yv_F9Lm)bPGyuYWi@RUA!FNbZ# zUa%8ZXZOWC1TZ-ZMk7SEi;uY^p{zYFvXa)dHK3O{8?p;Vq$_7lLC#j_pmcB-BzN|l z_?px;$coqyHOnd4RV}+?&~Ev}JY!U6cFUclBScYddvH}Yh-ib!;$+Q0F)_hwHv_Ji z^uJREHTe5wP{>U2$QJI;Iu1%bSB)tjfm&%qWHvi*+g@y3rw{z#UT~|D#3zA(RT9bx z7gEvTo?y!Oa0KFOE~_9NS6Du@BZ(|qp4BnF9iD%9eKntr<6s%{Q_}I?V%RuTHTQy8 z&xvkSmlgqEGBs`Eu2I>zE*7aauePXPJh~4)NPf@7(|KWHk>7yw^ zh)4?@^DQ8On~lZ(BBHCKgdysx6pfL&^^f>HUJ>8<@j8D#Vx2(Lv71`hZ5Ha1dI$16 z*#r(-P7vsIK@HajzCLZ<*K6VDciN-==^W@!3ZGyEvQ|RlBihQ$OgKRsE^1iryCW;= zws>yN{$8-NXQZoaBhfh5CULY1Y!M+I|C)F$_HEQ=w9D={CB&x~{ZfET$=47W)lA`P3SC0Xns#J|69JoL* zeqbm7f`}Gc*ljcVlR6~1wbyOD9l86S;okfDDbL`i1YF1Ac0`8@YHP-Db|%7LFFW`JXFDMyoK3wiOg^!!%qM zB?cXk-kW>q-%`I)Gr+++n5Go}9~wNa9oO>*lTUz(PP!l!q&r^ohB_MFcyAslrqG%u zk6P#4uF5fwxcg=4TJY7c8reZ+%^802Nw7Vt+gBwk2h$Ds_1@STICn3X$Le7d_Q|@$ zT8Tl@0P32aD9og~Eh){i{oZ@J)wVjpkBiuA03%JVZ00u=ED!X0ay!=R!^54V(dSp& z1e{^RZ`qANditKc*9E+EK7PqZa2GKv76OeR)Ta4vH)=erj$*F}!8aTYM~={U2No7_ zmV!CUJBNZc?fV1gBRWc3y?1f1f;XYXqb|Dj@y_;54X`yCY?uCDWU$Aj{zL|QRQ#Md zqmKB2Y;U#fnsdBr@~iH7PJx3Ca5G>_o|uwbM5GE{cvhB_(nufln}FB(u2PG#Ag~Kt z1;UJV9&5PiZeEE~nw9Dtq9n%Dn7lpW511FO+@A*uN}=y6F(*&?evXN0!6cEc<+T|1 z?@r|Kbu?fXV~$@pvSyGuLmh;eZi;xDVBx~A$(P7 z>gn@iY`~Rn^zSQUzjZ%rum3|ar=$G%DEeE?%@YjFdz+x&esTVzg4FW;PaEaR`v+CY zAC;W7W&YKY=D)Y_JE7@+6N+8fMB}a!`k`|&oV-6;QOv-(RHKxcdI1`_;feldbI=(8 z^andpRL3v9=rg}O&s^#(JITWrc!T)`-R*f516ufEh<;|SFP+_c$XW5ur+SPlcyA3F z+J)51UD9D+!udChd}mqPc1TphJ|Qdh&76e2@8Wvn_v<=%s?`51K*ivKEi+^B0%rWF z(D{=SX`}N7c~2k1kA0J%j^)$Zl{V(TMDG$Fx6NSx`s5BPWj@MIQb#L6dCx&cf zZu*j|OdQ>iGs^tQ1yTqHOc&n$V}xQm&U`!2KhHma_^nK3J9mG620$H(=F&M6>YSG> za)HE$GXg4ej1G07Xm#uQ2UL8(?6wj1G}Z?QnsH+n~ zVV4BVz08+SPN$`M4^`rMl{<^C_kLtN0>}JT+j9opbDWeWW@J~(?$?hVx^5y)p1|WPCsIMn zka+zn^1whdS6M<+%PJUZy@1LILiVbDeeLIPfqCUA=Ad=7sws1coxvN9nXPKRnld*v z#}Yt8-=P?TWI;%WShVbOi8SL)F*883miNayJ5P0G-mXzBo!C{6IqQET7bx{krDSnB zy|DfB5-Bm{=Xw;wl8?FBK_>|l&Z~v{^Xa;0hJGVA+eYrjJopk87VpiRZ*3N8KLoDb zbwk&sBW@kT`#-e>HTxbm4cbyl=u-qcq&@pz+vLl)#K zVzJD1@g;D|sms>U{Q>neMwgKWP%(W>g)ckL?JQtLGFa~gF!;U41VImP?~@p!0jdNJ z$tKbSLc>KQVdb#qgLh0hGW&cM-f9o4#Eh;~6tEL5R|<<#EIn=z3(|Z37pryfg^p(3 zPWdjc5ddc$N5;f9UH!>weszq}=QgqcNy_c531K1->nRX<<5s3P_(p8694hML9~Grl zx&K2&DWh~%QTnH4I!NZfQKrl2J$rpTYQN&CpBv-W{eAoG=l=<0vY6<~<8_-FZ$*8? zR03f69x5(C7BC*wEs(A6H@M%lgR{i@3iL?}>KIHuRJJ~=J zvr%(p8B3ds^8#Zl@Ju;@eVesZ)OYOu`5)Hvh=0v`{ttDdqCd>%?aJh4@BefAxstx| zH;S^SD7e;(eWZDPD|w+=R;uOCm7@>E$h|5fOH(eMPp58B9v> zl`n6)$AO@u0{p(vG`zgLq{pphl8P!nj@2gIlpgdYf*i2Cp3+qly{cZO5yvyYO)P-{ zG1yeq>~ZsoqK+r=J9aY9>RDQS1wWgW_I&ylur%GQ_4jH7JWb-ix1NUVUUPN*%I8b` z=dI`BhjJ2vjw_}vukWDduyVu8`CR;@Ht;$6YbYe_Z+9@O0o>HmAqO2Omtl$P)~ycw zhtI*)_{xrU{+f_*B7J;5b5$CzH1%_RZt1aE*^l}hYPCN1SZ1w0r;#Yu%%_xlDYwcj zx#o5F1lx3*vwrG&98G7a&oV`PtmC!nOSZ)B&x7hh_Nu%d^$Vw!D}2!N_gJ~ zc>|vs)*U{>dJ0CqD^N#z1mIqOKpEZ475&YTAOe-$S)j6e z^QWp!eep>2v2OluE3bU?0ZW0orF&{wyifDq zkNr8OI1YFiH6-*LX}LpvQjit4L;5Rk*4%fudwP;Luy^@l*lToRX+Rh` z`I|6uF)y^tozgcO+$!cCWdxE$-4DyDZ>Btd$uEN`-w@F(Psg_rnll2rr?{RYL zRg0$2XZT55mgUSr8o!Q%Zcdu_u&?6l8=c`x-F_kxd}kxG=OeDY)BjUIvE#nRB$MW8 z?fra8dFa@}8ndrUy;MVK_9*jhm+e5Tz528YWCk57VY)R;48tFp_;a z3`n7vauui9a0YeRGi|u;Bl)>hrR*bzq=N4t^|dk2fphn_%88KASp#riiCsql9RpN! z^0HcuzD|@ZA2Ppx#sLE@)xKwnNL+e1bZmKC;8=uSc2a=9KAN{-Y0hY{K~x#FJ-8q) z%ZPMcPCsSo9je>cpDVd{Yd}Gtf38W{x_x7h#Hg!e>stf3+uC{D6RmYb!S#(030ym0 z-k?8G`Zb+>)-U7DC!%EIJJ`CHrV7%~;v*4W1^INV$cfd0+NOJ{+#Eq zGvq5|GVM;IoMkoP0k`E&lWzsNHlsf)$jKb~^MYKPbLxm}Yw~VX{*~+HmZ>|ie{i4w zMTPjoeO_Yr-F;r=GP!ciVcoS%3WrUD=T4R*P@iCjZq`*v$-3Tcd+`e(CLV*E?lp+G z!k1L;9dNk0uR_@mn&C{|ynUXG?d=V-?aB}DmVWgx*ZPLGq-6M#sjvkHue;!HEZHv( zlvuHMv~4H-;|}Lqe}LmZ<;*CJEMlCR;_^SZy|I>a;XZhbh`PM!zkw{4_{`bQipx{} zx8dvGK>D^=ZAlNGT75c80VokHW-2hk#`&Lso2CpsL4>$cW0Dal9j6Had%n9^s4JNO)=?2q+cvt|FV7KzYFvg z;mk8~5EflYX#xlzBC#+xH+RM%7JyY+xtp@uGA?c*J<}4~Okll8Qw{LGyd_0soat-jjuJ8SV&e03)f*2B0Gk*QJo&bs;=bT(S4ZlA$Oxm{i@!RjFL(*6AP zzV^020dv_YsPZfHuIi}E{~@Ap72)!~M)X~~dNo2E5dk~L`Q+d{Qs+ z=SQ;Wn0in;5S)<)?%Z0V#@C^}f3n*ZeDe(45F_}8Hv@=ak=(GW33%4NH7{}>$E0Km z=U#8r{L4+bO}d4NA=mi!<%boh@fjX@V4YNMIk;AS!$>}wg1-ScSB~~jk-)k4(nFgE z0D|+izk%5;BP|_J9}@eE1D*ADLz0*k6cPbi7pIAzXKq26oRwevR(i8?uW{lPTjW+| z7S(Bz&K(18+uTzViE4jJ+3nRMjEs*jfu!&I-b|-}&LM4}khs1Wm8b~qKh@^_&&=qt zULwc5BBx-x_K2OaH`tV-EOO{U_}0zX#$KmrLt9uAs)7j$wj9ggm|Pah%Pn42{Z97& zPM^o}xBLgFU67r)Lq+U;mg!qR8$@tA7=(jd6SBbO0rzVJRdkEJ{_iSoAz%M?#qF<9 zxY7sKS_)U3_CKS@`$+a(6{cxy`5~86Iwm&^JMtV(-SsIe;58qfUT=HaRwqTAhRS4#KO5ds&*wDGI3I2Arsy+7!uBSn?jKL z4R=M0pKy`dFz|1(H|oVz*_%l8d=->Y(p;AL8$8Z}G9E z@ajbDmPL|~co{-@f6Ly}t9`Oz;_5+EJ=0TXv_xxPo*y9rMLN6l&+(<+44BGHT!6HUw3{a-kQ25aB z1#Mbta=_l;Uc;A)w?91g{&JspoDmoP!=(Q(UJ4Y3{>{hz<=(&J9hd%Cu9q{@3 znNs~t_Lt4^lHi&bq8k*>6qJns4qT+KC;;a~1LdOA503Ix9ql;b?c@=21sZ=m{cZHB zpRhR}vJ+1H?%)1voZ}BsoUZ=ACW?dnh(_!2f!F5vS$MSeNM|jPGu!|q%&xZe+OX*6 zY3NiYfvkyG;Pu0vRk0#!b2UFKA*UZE9J@+cj41c*N{MHOkBOFq>_i3rCt6zWs~Z zQq>)Z8lnZ6pB8`B);Lg|zG$S6I6G83pd-2^$VmcFnLPc7l@T%fPu#oZk^bpH2OG%h!=CEa)PsOJMv@cFyS~1^ zbzD^a*j3*S+De$euv(z+qy*oA!w(d9=ufy*lT7ena;;OlDh+VC3j+wMH|tUaeFDqgJu48|$A zfdv!@ff0kgm`M8TR)OkI;HjzmZ`6KL!+{x6MPt&2kJL9sPrwr-|Dc7V!b1|0X18R& zGPQTRAkZbdQXd+Mi^#yFLLsZ&29YA z+n*A(zPjIeAHpMV*EVzFikvsOf<>K6cEIa5=l3eq$niUiIZHUhN7?gtv8Ah35>wDN z(67%VOlDc8rIw`(C{FHRKqn%$qb@k^&$1kr6n>3T_LDm&D{dqLe;eCz;I?n*;u ztaaSn$Y7FPjoM&j)JYNWs}th5dL1RkSBGrdBbz^7M}3kTL9}*jJdCmpxsPL4R zu~^`oz-u#sjZ51p0R02}%R?EVJ@fD0h5*r{Iey3Nw;P=bahz(1#XMH$a*oEO`TOR7 zNhtSBPtW4@v~HYFL4MjIThsCDo>=+lvZW`<2lN9}AG{Ucn&TJf0H9~fw)%7J=LHGw zFdDkQBGtA3sKB@+q%i~0Fz$Jp;BZ`4xzfa(1PCoVS%SI?B_4*Pali64zS zMWL)4Cv&9QGt#+%o&fQ2SqEjHpC-swENUlKu;fme7^3P=@CK@ ztozJWd~Z1dd&deD=r>;GcH%nT$5vCbZ{u`Sxz&|(O};_6OG)~1|5d2tHw*N?1$7kgC;kUYYTEvL0tY12Z}uVEl3zyA>j*$F z>>HdLS$z&Ne2)72z%N#zbH+OlQ$Xp~`J2*h%6N<0>5mTADFbG2JN}Ej#xf?BM~*FL z-E#b++qkVND$XNv>gxFnlUbE6x8aHBA+c{RMe>iuP#?6Vx__LgveC;fQB>3Na>;MO zxYnaNiD+hjeYCp#;e*QyIn3_mD*bD}1~*x$hv6fdZpf02k4U~hM)cJMGMtR@Sh(0^ zlBZQ3!>_Rl{g{R(U{{LYFwn<8%|=|H?Nz(NRI7|-guKXVtO8)2>wi282Vk8Bn0e7N zy#REv!|a@#>M}(`Yhf5-=pJ~j$fEVGelj~*F9efUTfj@b`d$Hg`KFUn&j2Q1MfEH! zJZ)Ny+BYA{Ws`X()iFEI?jfDE_3uk3E0^-cVt+#5w_gZlD;c-3GxaJYEx#uNns zIB4rz>HNRAdI{i0uZ{CnI;V>AHL`m3nym^N?}!i`ADmJ{tstydAShx zLmh@{<}7S8s?q}8uSVeNWt@WyTTglWG!h?0iHoOxf@cGPNfKcClQnsp_urPcmG^l8 zgH4~Yu~uN1{Q;;pGmWLzJ3iAsN9lEmw%IG}BSF?LBdK!#%4XqkxS}imOEFcSo}cjA zDy4mKtjH4lh6oMNwuI}5S04sE{Y!d-oh>=C`s?7yYX2U&w_gC z1BYz~cR#j_{=ynLRU%CW(0)Lw!?)?;2Gug!-G>)}yyy7~n?k0}-9D955I)0~k}ID* zd3&V*;0OeE)q~Wbc0LQQk)kd6LfHz#a02znNNE;DBOl7FWnr@PT%Ro)Y?j-Zf5aA( z1uANMaN*{N_9+cwATah6=etfvU3M|+u`!Clo2AWV&5mHVt*M&=S6Pk`qy9d-)>w|< zWJ#_Umm2&{4_Gj?xU-~S%R@(2{k8AA9KkTKvLiI$Z>ZY*bKw7nJjXZd%-t%00VSyBo+^N&roI$TnJG})g1^*4ei0$01)gGYGeZUAPT zh`&M3kx)S(jol5ybQqE9pbk*l5%wD`#dszU^LtL0BaSD5a;KhjuJ3GoenfB`-&n^P z(~UisBB4_Kp3aIRxnqwC_B{ju-+F@#)KMyKeXAMVrQ!<{9yY)0H!WM>-_)`pw(mFL zjC#-6Z0#}VeGtgQEBFyq9t~&X2srYPzRIKA|4>2gAIDZ1?Dz;!DP@>Z)KE@XTVjL^ z>hNNFQdXQHW*WZkxuvER{^q$|+WCzyQwXU(Y^A3l;KH}VP3U}_yLBToZqu&vxO5;} z0=0vr3T*`L*j4qOAik#p`_3HQ(3TqY?7e2#Lz`FsbUp2#@Vm|)e168f@g2Y`Q7JLi z=s-vT@SF%3xCcmRG!2O6Da%fZRHT#Fu5+%V=gzsQF3QsGduEQ5^Qu0*zRiWlvb>CI zTUA<=QueMZ1{r$CyZfR-RuO~m5~75@LjjxKYM>m?C*t?}0*mdI6UjF<-k{ytb8NE) zTyyG?ht6h!A@dsOS09yCX;}JS46bqiD+bpeL(y-yvOl_GP5uJ5OgH;O@Xxn{@_o6# z#!LS6-~U4q-5+Xq|0atOX&|7w7y}`NP$(A3(Ltq$f_8HuFZ9G!Dh$j$pX082ZrhyD zFQLXh88H6R4xq2?PW6yTT~stfI2xk_IuPAXEsfB>1nB^|U4o_>KkXyezgWopoib2Z zp`bKrTYhBrH@k3|>W@{MJ&g(Mi2L6DoS%H}af&`|k{0Ve^Zn~MM|}VDw{P=*;?G^% z^#40swqLJD#P*?G_PKJZh7Tc&-JDUfYnwCU|1pljy#otaxJXT~J55lFk7}uNJ#^IC zN1POYw4IzT9M-Z3%T|#i*ivzIMoug<_-OUohx$(anByB{hWeyBAa6rZ%^#%pBrs>e zbXZe?DFSy@%`1b1qV;{4c&)CQB!-husHK`NZ)1`8zK-=wRP0m(x2rJPnH>vE8der5 z9JCS<2qN06+pCeZDR6HnSX9ZS4CP!rq>ZD7i!F5uF%GD?(3Iz5gzC!Ff{p{Z$6z4* zoQun1=MSH7wb|l*c^M_z8G_h~Q;)VhS8789dahz0DMm zk>$^jp>*pT1mD``*HZ|91aVk@PsOrXVm|IKHi=e__OKnUPU^v`@N+&l@JXMw$C34GWwug4>vPgLmbq9S zd$kokR*$QF>KS#te6}nH9JH+J)gZlPvRXEv2K5P<_K}6C(N|@8PKsg9+67Ii1l$`J ztII#gRFD%$vns}JvEMHpo**G=2M7dni3U!|O4~S02fHv^`j=s`&4Z|+4DviOI`JA& zk@#3KbczG!2<*y|y4ZM9M|98GTel`nGR~3SaU(tZ!Sb%NDtNbWk@L{KYEJg{uWz%N zpoptGDXhYgrt)j<&`)tvhuuEJmcC9PpOUR>EBo$z_TCoK01~_RR-ClC-P}uGju|@X! z1rJHUq7=>f{EYel4BLvprvLZV90j3r9Zf9X-k#UdSJQRR> zJy6Sd_{2S`)v--*^~%ot?E>M`on^R|ek2OY7x*==Y-P}Z=%w1M+x_bkN2{COBn|Uz zmEs!g=rFM7xjm#S8;V=732QWg^SlwIMQ4r0C;akh2Y zE4XM;Vv`$*r=ibFd&4in$F565<;vl17h30}?!jG_u=fDLikwA>P+$UtaQeswjBP`z zcbR^mQ=t8;gR*>fqm@x_KEY`AoQ-AJL{~Z;R)6Iar!#j zJKP`b;P!5m#$(#!5^oG+rr%7Jsp>dm-04WHmNb6~qlYte_+&=uUR6h%VdHH$E1d&# z5E+U6oW_`nQ>U<2B~h(N70~Jtar)7j1@jdK(%Vfq?TiHrSG)nbduW*$4ZIDo?v-_F z&Cmn4CuVRhPFXQS2L16Qy4u}|z^Rt=BxlI=5le2D9{$}t+4&A8sP39w6+?jE=6tXZ zKs@%IJI9Ly@a+br=I<@_4Gap|zKX_mmY5@cB^Om@$6@g>uJUq|^ypqFgH*nao89(y zz}ZwrMA^|{7$X5WS(A|7WwTKsaJi$y5nyCqpj^}4z(SeaD~(!sXRgU07dp8dF;_d{M)3_JU1Dg*gn^R8`ab* zqGr)ebpC;b0#35gf-xWJsawdW@vMX$qq6~~N8;>juVaQ7QW`MO={QY>HvHBc>n$lA zbZn-Wkp;hS6jX^XGc;|lc0ns14)N6$j@NOK;$g;{rw5~>;(3EOxB7%o+m@Ol3mi)9 zp;Lh!`C2JaV&bBczLH)}Rm;o0@~S}h5jM6uNHq}oanF#PtKX@B$7LpOyszM5UluQ` zV!y4Ob1+cfl-0z+nRx`olO@wavK-~DxSe^5mY#6e9??LQ*KRCV8!DVSI zJ|)#~$Xif5)-|aO4U5rlRHJtsu(YDLmCN!!7C~(t+85kA$binxMfVK_u(bB5Ycno$ z-zy|Tp{%bRA(}O5YEaxuY9y!fz=n^{%Sd-ygSx0dr`$3cqJwl$EDJK#Z`Fc(bu17S z0ttCm;)Ux!;&mD#k-5l-algLT;SZf(`=NX|ZlOXlPxPK&tb5MTjWalq8P$4cf)6-I z!N_Yr51#QA)Iw%?Z@_R

    i+%zbyC{j;&0n%iI zd6T^aZP=4P)h|I<8@2||0;z+mE9WZuWdCEx7!&nBqT~Gi$-{r0iRD(rHKXSYLjCx+ z0d>0bkGnE*k8l9BeBZ0Ewd2zv^V8sb?Jrzqe2ScJ@77-b8wCSvU+lloIQ0J?ux}0L zzd}{=U*1TZ0oH3ZVGztIZkYA{jo)MfL!pLHi`$;>MP zTb_`uv^uw6)3{iDJKAfn1}J%L4M5iMfHf=tEwb>zw~n`_f>%R`f-XCpzN=#203f5N z(NGoPDo~-h1EBM?(@l^m29lIJ;4c8~CC1Ws*e}4D4t`yY3JQhLYdlD?x-$HOKW*X` z#s2w*hklgt{+a&LRbwdbuVc-^njSZOTHFMpJX#yTG-s0UqHzdSr>g?;=lSS`1D7KZthSQ!Flg)$t zBCvW)78zP@9mT%92ZmN(hH|1oN?AIRP^f~6BcgH#2ekpj( zopu$LXVBJCb+yHq)F1$@={S0sL6>zwk^^Z0z2&ZA)nC9?rI@SggVWO+`s~+EPV&-hSDoKbjpL2A1wE*aO4z+Lq?Mtz!>X0Q9$a%D&mZq@=kb~Z4tCIg2 zeF6154f{Qwl1iFosM+eQMj$0*XMMo(uzG(mn?-uJo*-7${CdNaG|r6O!JA(XX^DxL z+Aj}iOZ1bWKqj^d|8?V6oj-}f#76!HOUFhA`Q|Nf7<1aTI1B<6F#%% z0rQ_KksLM|0R%WRXi#Wkq^K%xwwi<5UIA+6L9g_PASp7{eVGJQ3!9?O!Kf|17U=&) zYyaLI0vq}Fzet8D_G^f>9-tE8~Iq0U$a%DR>-Bbg2$?!RCWx@&3uq1zPQ| zdI3U1#kdp zJ?w4R>9!a4VvN3qnP>r4r;v=fJ(Nv(bDM1ic!rBlS`Y2)bpu%Gf4zHaSMSo2l+!97 zk+=~6;0Dxz`PuApbbme^|p6!taajI|Gi*)KQIYH1A zP;Ei>-%V!j>F@5kZ>rJ({?*cdN<83Xxf8&0<(1d={9NMHZx}!5g`|q z4+UZpWGwcDH3Ldx3gM@=F*%f{qX7g1w1&wsHhJhV93SqHQM zP15QG3b(j-pGDxX($?;2j9G@oi*U=-bkK2?lVFp}J8qQT)teLxATap1-sb??twA>M z;X#0ORLzV@STs}hNb{pu@=^TR^a)K}9$x6&19>S0Xf5A)xJ^!eezX3wSxWl?5gpU_O$~kL-t#(7cZ)p~5)Jal=y^}1`rvrg?!^Gmrva*naxZXyn*p*ofGEIK zDcY)XHz?|-ee-lR7C&(GGYrQGn5_h%^iT7QHq=b0Qb&#S`C6RCwD@(|UEgK(Wp9FtI|7el6W?LynJDDQK=@gEc0)bL02 zlAM50<8Tp=MXl91;!T6o@WbJ?R9v$RYIH}ySUeB4zdfj)z1X1M4eGpr06NL%4EY5cCG^T4jxOdbttuzvwgB^*Czq1F7rVLV1LJptV+u> z)tH=F#DxL6J$w&HZ!_F_4|GNgFHOG%v`_D;a+Cv&==juu zeY04wUai}F|LIWmA_{E>h?IMk0X}#El*6XR!-IfOP3EJys)tkqEA$7{N<18hMOM8F z=wXWwYKHZ7YKd6`cPJYK0zohSu_EB#$ydlnzn>0JdkO(i(N90}0zYPcYk&N&DD1C& zlYg=L{$sNKZP)(6!icqJK!O3&jS{3`byXYSP6Jrle>y5=8F@RlXR*=X8EY~1wo6g_ z;>q7^{@*@>ykJ}#a!y(-Ch(_axPS{j=ObaFumn!1{EYI&tW%bw(c5Zuo#)Mn6wRMj zuK_~d+_C*`ZB3I4yII(K=vf^}OTyU>JE4}gU-@HOwexFfzxXvw_|?2MII4kr?!|RJ)^dZEgmd2_RIqpqM>d7A!vLRYG4b5iP9k0`J+QqWf32 z2|IVmS{ApXp~3;}{OcDW3Yi-o0$^2q+u4z=L;@O$BI6hR9|D0qEvpyrD&P3>^;M(b zhZBgn69LqjIo2vHIn|?0@wVtR0dA$v06h2(nqgZvv*J6xP@Vx}3JMYk#KZ${JOao8 z1hCJLpWP&yHWYyW_;_cX&rkc?Q7~wx;Y&w&QE7fsnjhZV!P8ug!~$DkLAPF}vN50; z40%xLG+kq8KFX&L7y{1J3%deYx@?(%)`?AaRcQ9Y81t zCuk1`#hBd!z1YaR+Z^Z-Xi$#NLHfIi)d=~_n3*|XEqw!(9$Q#e{!^JTyMAg;TtmIE z&6{M8-vrwYGV>r4&)<*=G{gG^)M@;9p9XGkW<}wQM7EP1dC>M&P|Mf2P3ecZ=^u8Z zwwub{(^sS0ELQ_mzc93pi9y81=0sV6!rdwNK5TxC9xn!lvteWxG>f`r>y+h1AL$k*H%&fAGZkjkfau56pc)Um-0 z-12ws!88-8dOYM>Ku5Y(2ChPl#lg`#C($fo50v8&4ffEee@ImK+ z(?=HBvGZ%R=_!MS_ZdJc0xRk)5KbI)a^G%XWy>7W;N}`VV@|_7L9V@3yzAkwnyR}b z1^J#md}5%ZqkkdusqG_oS8>f>1mn*i%eeLs++x6ITQHesGd+IH!;RJM)6ejnb(?sg z3>kuB{ZdOC0Cj>Lyp(K;M*O&V4?v=HxjtyRN-d|qwYaW=R*+yN9KZS1QjJG+`Te?m zlIK(pJd~k1h@e61mlBHZw(g@To{X0?c5h~}>@RPG`u_ZYGNxo?NAQVit-aN6ZMa<} zPXS75Bmjii7;d-+7!j(@y<0D{{G}Vv#ZpOlJTO!cF`pG^?6{HG(zWhgOyFPNs-`U)zKtMVpK>HTzCgHxs}7K4BOw7bx{?@zpq9ty$yOeIY+@N#kGo9w+}NJMsUag%9jh@|{aZIQBHD(MNZ> z^1H9=65+bKe_ZYkFQDI@QG}-<($kHo56+mYXnR7Kx^^}H33ahsPF-3O3uE<*6}UGy&v&1SBV2w-~k(PCoMriXz0h*D=u zorXkTrahf!kkMuYHOS19=KLx!jCL^swV3c~&+GPJf21R>>@j4i2Q<_*3SspaGG;LC z0|@=bJmdTU3O-3LzgBVcyvVn!;`0rOGQY=sh8tBmHNYgBLmB7VNduTlODV~*`BIEsD)KcOS(1|drfv6 zWCZolkWhk}>(%L_%eQ9w6bc7xX{N8whaOi_st@BAxr-on7X#FBU$BVSV-b(LI<)r> z!Yj@MEFn5g%Ir@@L_K!HkgxbQTvc7V?kdgotfKhbgInwugJkKkLrwZj3UIRG%SZdn zs_*LMy*gPs?dlB7L`$!T>Q$xPV9?0rL97+r*G~~nx4yi*J6_OFwNI3p-LHR!vv-cA z{d{KT>!(8ENOXU+I(t%D&lKx2NE+1eU%h<~rMz_}paw~&)!0P}6ZV0;->&adZJW1g zQ~+L|8KB-%Mk7Gmjk&^%J`G5{xpcEN2~?dRi2z&JQ6^eFn!CF)FD*IBGcyxs66zJI zP2}2DRNo;?sM*Hv5MZoKIg0P=M)X{WF}>Y(R&b|C>Ye;u2i|NGmTv*N>v27i*D!ZN zAf@#kR_n|?|lB{MK@nhS}&oe@@QIYnds_yGPZDa41cGohbMRqoqYEtZLeaJ(t ztsqPFfZpQ@VxKqjjkb%mi0P}6&M4^DW_0HVJYcO5;WBC0gK~T8pdUX~CbU-3;?gEx z?N#!8guldAyZ7!AidkZ2Qfn#)$cD0#;S9=W_E9#fJ(;@&wafYCx%24shk@?qhX3yj+mhG1C8m#G2{FSulRPArR(S~Uc}DY zYGUY-e0J|89+|s_eq|^vvvL=`GZs-}lqEp7Kj<1veZvZ+IgRUrtB8sRatY5t07I=T^(2q-I<&R+dKL)D zDKwgBqxSX{196*DwUwL|;GQwqM{xWkr!3#wrb;sxR$1o3S9)ZZhgHg8(!>@+fHvAT z1ff|3WMFs7f0@cI#O~DZ15~F2eXk|A?o+aP)S5yMjZ8c7zV^<M9q4+#Pz4mtkKCTTy8;AUI_vVUSGqr;<<~dXE`N=1 z2C6>ZLw*zekA691u7F(6d&vwKeuNZ0798ERb0>*CRM1~cZOVt=gyp;`t&~NZ+tU}u zOU+!X2i+&yNUf~Ib-P5FWGHFi9U)0=WJ}^iAhWT7`nBlx<}Pu?T-Ccv{LkXMEVxBw zqxaha#my`h74LdqrS`c6v~C-6uKA+L#0qh}pSwQj{OufuAr@K=dCDL%+@8p}Hmj3e> zL7R`5A)VX=aR8>d1Prfjv)nS8Smh%)*8$Yt5~HVG2RloE;NCK4owkK!Pid~ zqSRYo_89wB-nlp(4zFY`G)w!y%&8;=LWRSaxKskXC|P*WDJ_s$oPSv4jD1WqwA^Lz zPP?k`2rTlj*MRE!hJw{5J%O>S=xrm{Ds+x-cqL&aFbcA2NtuF$Q=f}K!OwLQt(O98 zo$>O*9h_s;Rd@Bwisp2Qm~7WC{`CO?mv6dH!OmQnr9Jf2f8~#^SeXVe-B?RR=Nl{C zvh!-SexIU5@T3o2yKxJGQiUdkrVcA&x^&R&fZxD`HW^J05flw9dhn^ftvFd&0V%Pb z0KXU^R5>;rtK*@nkUJrO4qv~-moaqC@WJ;U`^(3(uemoFmb<6|mrWH|ailzJA$Kmv zq4ciF^ngd9?|dl<2axG&8Pxvw4|r?kT1*Lki58xn7fs47AyNRQM$Q5EQ4)mep6-TO zXQu^KN$p=5iB@+Ss;TrQI+x$1FCIiFdq?}volPY_gRIDz`e z6P@KeUFKMmW`t;r(Xwj#}}*Kb+M z`Jf+qi(9@ve-YfDXM6(QshSgLF!+MtjVHm*o3`umb>PaO(4teMnRl$d48JY3mdrpy zJZtY~LY$Q=dkI7wpx-WUC$4M1lh?QCK&Lw63-pq!EkyIIj~kZd6y7KvFgtV*9bW=P zIo1Xa(I?E}^NgK4zh0d6-4&Ol;3_HwLe)U#KW(KkL8s>!=}geXTMCUb^ft;Y{#g?! z9zE@6P?$<1<6Su$f~>uHqK2QIZu2}Rnv^CYo+#5WO*a+9%+JruNV|_U*)B~_y+kFI zhd=C!olRs-s2^j$ikWRR+HM52e2X!Ze|3(?va>Nbh!d2!I4)QfrZCj^julzPjLr;n zUU*9*k)dp)uH^MiLwKAC6qtSDDgs^GQf|0LJpA4wqmRPF*Vpdavpwp2gFG;jGRL*S zc)J?&^C8%dX%=k<|EKhj1Be)7?AY`xBWb4(4h)0cmN#&<`PJ7L$wwWsErD}J{H$px6G&yC{Cn|NE&&E^PHpi7Fq;c4-PTi z9}em}EP-f9>6zTe@JtP&k0svnX_B18BGmU74*&AX4(K2*VUrB&=5tPc+>H{ANu>kL zMiA!@Dnv)@lDPxM!iuYLWp1?4dTv>hf)}aKAwQSYdpuhNuiWD-`$bl1gLV&B$-;B} z5X~UXsh8UHI9DtTZ64DX7Ab5V`gXzXnp&1n9coFvz=u|8Rh)h6G*7B{yh2!X9jv!G z?{f{RZ3#9upQV>QeVjX5J({s zN}j$QE)}S&_xkS79If)yH!x7t3wsPkB;9U#NoUI=<>>9=N_u>qHRKmxx2;6Yp!%yy@;^ zgEWm@m+vhc%RWp$o{(@xf2*IsTFLwnu z1|-P{`WB%hmz5DUdQq@9rhQ@5xES0!{sYQ$0UDiBWlOUKFHbvj*bwjWn|A%Y&n2p# zi~u62_OD;RI#I@3T~fREo%Syi1~D6lAWp!jy7#U2PFL*(ow%b8z@#ma)K^@mN8HoB z510L9%4j`(C0q=W@&)CJomF#RGs<`86lr?ZL)vgXD*%qQC`; zGbyy(IY3*SIz51N$PCW4OM|qHT{F(Rj+mUhKWmzGIG@=YrXyn!)k8s;dyo*bj58{8 z_`HK&YRk7u$`8LTds{6TieUuAzDS9ieSD4U8f{k9TtL&YC(V%T>d+`7@0E98uQUx$}$fzVAgLGOHn zJdOA3kY3FRp5;Q<^2es{L!u!RJ+l)~6rMbR$?6AEkBEibHbK+48-?pM5%!%QgpS|1 z1q^v=l1+x+R#}+bcSuu%4Ait}#8ced(A5F@vWOi!mweN8><}mN&B|d?1yQ3x#+eu2 zuj6s53yXw(8U!jS07l?7ECy7#6w7xDfZ#ax0wKG?r)-M6$h|#TdW@F4SJGV8^Qu`# z2>m~mU3)y!-~UIXRw$Apmqdk7N5W&;5SCZWuG9h(d^% zZ7#Wvxf^Eu-adWw>+$*TyFa#_$KE^db6)S)d7anu`FfpmyzNY&ke<;oj)8>{>6&ET ziLde2J<7DNj<9DL5}C&8U))IEwiUMD$^qi$C$MEeol?$)tvI^BJJk3Nl~=ad#qX4K z*ol$i9-zsy7%!c?ay3Z-fRS_JI#*9#@_>9Ck;YC*vXtZKtnAFox3GpsbNWcupWnGg zH)B1Oj=C!+IBLaQDAQu12AL`GShAzgw04?%08;`kga@ZL**2@<%<%-0{wx#vOQ58p zsN*c4Uv6p+V%}GJ)gJzF#&uq^2<3uj8rk_RwRlrLzm+yA{(!>m_yAmSNwgH?vqj|9 z{9(lGVhiL@Y)6u!S<)bCHrfRGT+-36P?aSL*lv}Y9oiMwZru`!+Fe%wj7i&F$1)(2 z>#TO^a^zI9;+fnm$BOK`5S}_ub&gY06R}c|LDV~g*ftPT_-%>_>T!>0llTIlPJWU* zYkU?Jo+0F>ja__-`%z|n%V`cNwxh3wOU8QEs4ll)T*_Jm$ecg7Eli#igQ_Q4vBMbU z5@<;=pmyH|32rGsFbd*G1MGGUL%tQ(bI^dE{Gy0YJcn`F(G}XEzNxb#0H;%pg(}Vhh;wLDmwCwy z9+u1-!bcii(i&F>9d1uLSB1g?YxB!B;DF~=rnG3|WFp2ZF0r#`u;3%A0g%ocvL*Fx zg9Ln^w@IRG?GK9tJ@X!=J)Il&^QNttR~3iVlI3g`?o$i97t?fzyqa2CR!6^FPE7Vz zfKy=7^(*N=*kL&W(ES`IXFQAV6a;Zg3`Cni9_`yyd6cB6^!`aI=+8VAs4z=C%`Vig zS0D|KC>S~1t5BdC03veQ*k&sFa@`&KsIv9UwqMn=wd+Bn<5y><|MGDPOh*hrH=Oa5eQ)aWkX2uj@Uz2>%~g4(<*7ze z5v0UFeVbP20Hh++bMlgOhcXn~o_OcHWLcECT+J%S=fqW-OQHh_-j(=Aj@`imK>NYj zOB16>=+hKIGO{P0_+gB^s;)?&VNH@piF;%=c(ZFCaF^CA#GMIU8l`GqUj=a*xO6@n zq(0YU6i7w?>G-{{U3NWOOxpsBe_TWw^XC9fC_N85Z_C|o-5)LX>kpIfyCS?xp4(J= zs8CRgT5jfHp0+=y)tB6zbw6lu2YaOKRSEV~=VxC~2AcihS^L$w3dSBZ{<0iT707my zI!_HQyru8I1K@TgcWqMgR709aw>5qwd@{kB*yGEHt5CKB&A`r%-VFceRV> zZ>Krn5io%BC4Q(hC~b_plz|ni@cVv=5*-aJ%xQaSSn@dby)=(kQm#)f|bibdakLLFv;AXgCtN2i0~KD3>{sv1D}Xjz@b35NKn zCF60NlIP0diJG>T9y)Er+itIV+=LZX=6|cfsY53@eUES{b#1OqM`a5!7vXbsoq_`c z*Cs?Vn@-~3k;Ez|{Dh>uD)*dE0VnF>_X6uTtPWpBKe>AR5HFTvKIq`hId}*>wf$qs zW}y60G4)lRLC)Zzm-|^H$Z8fVWJu38iQTD;b1*@j#(Nd^#NUD5nGRQUn>ls?22v4( zzF1E2n6PvE;8Vh(FezzKwaY)x0sNI4e#*VlF@)Cy(`1b6(yk0avyqTfsP9^Mn#)iX z$+h6F7nQ(_-=KkTKI!Azn34VqE@o3CO@JQEu_p^6rbv;QXg0ymYUGXnj+8!$59noT zY{GK)3&y%=s0Y*I*_NfS_T>a_4U37eKyp zk{D^X`N8p+>13lu*SSFyp&WRk7T<-{9e`6l9XCw}PEf1ZQuu7CcYnfI$2jn%_ztuV zN~gk%S!nn~-10|(0w13niZyzUPVC|GVopW^1$D+NR_Qkn#`2t@2@{S=)hh2j3@zYc zEX+E0;+Mur7+-%Nrhssc%7#}`g2vk=&rX;*QE-N*PYo*A4OK6$ZSs{Mw89Lxf=Kz9 zkXqW1eRKPnBF_-swbgPb%d}8&51tFA!`Z0hC-?=rv{iX;zH!mhU4l&3uDe+PvGqJr z+55G`bx;n-m0Q`amWHp=?dr~gl9aDbtjZ0Qw+PNZo!5>Vc8IQP?zp8oNj~KwmB!r< zAOz=rjTT7*<@E+Sg!?}B`orpPKv>{$OGg<1(2j-Y`D&#Y=@(m5ewMxbQE1jP2PG%N zjTeVe`da)u?#(L42P*BNb~yt{1hU%(vCGZMan<@L5P?u?CvY)&b4p>_Gax5SrC0q0 ze%-|ZUTiKf$SYRkV01B;feoo*u`fkEz)xYGyWOOksY!1z#ouO&4xj0jzot@Sy#b0!Yhl>-_awx;aVcSPgA^5ztnfW>5vvcA{z0YQ*Q^dl?qXI&TggQ`YakM z^mXf-0U`PKsTPH=(2qB!GB_ZO_X0rNLo!$i@M&32ML{DSq_RT-s(x8YuE^TB6g+iF z;&y{{Yxkwxg&F@tQl)^8IS|6eTm5LTSbIRm69plmX)l_uVz38dEs1@Y5MEi3 z6#`j5b;3}7UJ#mhFKhO@R9H>tCPMU1jCN($SKWPCNyrZvDU6PIX3wRK{?6F$tI80I z9dii?oDN{fNW#_1RK0$;P6~m-`$S=7GvMA0>#1#*kjj+zp=GAu(;F)dhF`|K(Xp3j z35ic(y1Qj1v7)p*@2&YXo>Fo2jFl_tsANxVwyer~Ccj?9yB%y7JvG^MEBVTbGGYxz z-7tL{BvW9S?u-2~ajG_BM$`BTvMD84frlGCK;Fjk_*HJoQ=ITmumKYGM5V2QI*5{yQi?XI;|QJR_z5wikz?Dg+qpm zq%CpFq~PG{2Pa(lZ`1V@z~@(e^n!^T;p*$1nrZiF?*a;gU2Z)r$1ndrVXvVq<^kh@ zQP$I5HP6xtE^y>Dyy|5ZyzL&wFv4BSn+*<7%GdMp1dn2+awAREnAZa|JniBbjAY1J zoq=o);Z`Foadu)|+Ou9RAzM=0^jH<`8`p4foS;Z5lZ^hSP2hBUNQ0jWI+xU@l4m8- zG-+=EX>Z0HyBo;F(`2zp#;mh6_@pI!a&>ia(AMU(o+tjwtSs^@(sN?xlY>1=;l7zV z4Zz)M`M3-nAxdS*dUyYCZ_b7Px&SQ|rl%ifmcvmhU+gX%M%0D}BhhvvxjS zC3|5pTi|FhuKMjat15irzDzd81FcV0Q``U<`m|K2bn}1tLh1ZB)G{3bkkWt%zQ%JU z3LUtS!W|c$FuaeuVG9U0G>$Oz%2J;FVa?w_nBUE7NiKL|a3hs+;b1~rOL zvUE#O&|y)SGF|C@o>waN0jZon+y9*H#>hokWY>X7EIYMn)JG(*F^Ypjj&E$&X`RS)gc<2FGA@kk z#>b1fJj_Bx#~p_3MRnTjCzBHT0guRW`yzC^;_>}OIxQSct=yP?#Bd}Sw%-=t$x5{TWZa->toEGqg zw+*bsn`^>oG-^Kxg)Vb5q*5-^J<{RoW6t$!GX)1*|qxIJxV_sZp)u+tA3e6j&5Yc_}dE1UYFYuWn zSq`gKXqXul+hq%}Wiff%p<=nd4Wu0X>I?pLB0}~&I14yA9m+S6vNF|e0&QvHc%LCYKp8{ z3NG9`f^s01D~0;o>FpN(C#B|No+y3a+`LwiQf zheh!G0dP@%Zz4m{D5DK`Eqk*?f!x)BSLm$5C)?WJ^Vnr-#3Z)M?<($;b)XKI@4*Y9 z+Al7Q2jl}@Yjj;?Lef`b6QuyhD#U}%)~|Gq!A4ZgdTiFeXK7F}I@rV6H&f}lT`;P4 z>HYAL-&P0cpAbz5024k|H72Jw5s&SGgI32~@Og7~GdTF?>?)#8Z1~CI8*bmymZ#C8yO8Cd zm+x#40Cd33GnR%w9~a>rfW9J}eP2E7pGUWeF5^$`0-1j=WdOT!?PAEo3}6gfNJs^N zm3<%}XMA~r*~cb5eF)K5r;n!2_p+Q@#~*9sd4%9R_@p)JTpPQ9_Il6iJgKaKB)@4Z ziM*eGT@k^xp%}0&0Ak(Nneuq; z$hFNiC*2;@|9G(zQRERFRrGjTm3V5eS>c2uzI)$yKZQRZ`8yd>NcHg!$9?JM-QGJJI3OD?AXcpA5Q~UzL@!c0RB7f_Eh!vVbDZr?Mh;5U%affvJZO$mwM>raTB#Kl5KDJGCarnUCybOBLYK@?@C|r z;^g?mH*}%*Mba)BHo<2Ta^?KVklMA~HE_4`d^(ljPwgI`XZlab=VsX=R;!K!tpSeT z3iXreClAlxy}h*d!{O=7-+^3*XFrRaY&bkSCVy@6pbxD@Vzjvkoa`C}6W~R5 zRgTe6%pf}l2}|&~H+A%mW9#;1$H{BGah#{K)pdnU1wL1dm3YHiu&WKXL&!~P&)(Q- zgq1JbZi-(eJ3+TU8LL=7#J#y8>JGA@4wsZ0h>>M)Y>PXW{K1AD+=($1JZ$;LGx3NE z4Yuh#pNs}zU zcYa-s!+ItK;eIq4Kf@pUZZDXnILY4GNwLMepex!|J$UF?M&&P43$=pjDfxE(?S0b; z+vRi1S#F~v@wKjgmet?O_J)CqD>DY8kDx#=-IGN>5IBeh+L_Z;`etEOV_vVwa3<{cqd_)!0Lrnm zsX}?yd-g(z0nk;S`PMNAnuE*KUHi>jF%zpRhi|-L@aJ*zDM>~!*K}~!lR8ic#QT|v zD<;c=9vnKolv&}-%g>!_7NEYrfyTB~=u|M&d_12z&?Tj-G$ds}=Fd z5Xk}Qlv~;-S?-?*#yGj~r>AZH;maT5oakZvY-&HvvwJ6TVA23dC-2nEEQs~Tw0JlX zRc+`}jiKp02?+nZ-W4i?9Vx&CJrH33NQU!HP2{?eabTTC|W#G46!cLT8uP>LQ_9bKQ7>_zT#X0ZG0X&meba1 zmU~!vf*VBj$=r<4(CO-mb5Wn@w=x=(95gRS=aw_$%dGWG-^*O(*9W_}rTVu_4qF8^ z6J_MsXF1+3`qaz_5Q(-h>nM*isCq_xgyqg^%7ceNmSW^OwX@13EvOx}=*5K~Y=f9{ z{mkFPFj9vKN

    VW~!jzMd&ZtP3?u7Nj|reWy^jwTlH3$=W{_{ff1;Q6#6kpl7@I5n#e9X*@8;*Fwd*{e5mR{2N$E zq^fxbe}!M1+%mj0`g3^IUj*nVL@Vl(X~oN+G5QS3>vE4dFwied-x0q41YLSztOC`d zNXxrYXBx-?m@EV}pe|R4jn~sLl21`w7_@CL9za`x&hJp5^sOOV7^|vZ^G}j5n*UxH z$y6P8`JDLOl5Q-HWWt=P>5?IstvJnyPxepc#GDrtuLmSn52@w+4!XM}te(D$va}e2 zOvDW?@of)gS~LrkM(jPR&Z7o1BjNnxig@4;1X)pOubo9=^Ft&0@9MYy?Z*3etA|Ro zxtzvEWy)ULYjSQ%(rJvY^tGOexi2+$MhI)mH7h-t7M<>!j#B|lFQ(kOR|NlHUp}~L zjvszuqE;wf+4^}FWpyl=C|~2EB#{HV18bRO)+ucFgbac_JSK*jQ_2Z1R?UaD zCCgPqYf`)^%{9cZy?2!axaC}tV}*rFstd*%x|Co%xi8+lsi=l=y zv}+XiQ$7$!7GF zK3%E}(e$&X+%&7CH%TMh;j8Bj#L`S z9a6Rp`oqT0v<R%M}`IDWB z{jl9eax$_C)O=)oT}*l!D=ebGOe`Ha1kMwfHX*!lsU9@2euytlrtEl7J`0Al$fT?a zVD|kSpLCwf^b1n9*hymH6cw`?b3#R_i`QO{1~YbcCN`L|CA)O8<&ddY6g&9h>LHT( z7+d-LBQ4mVRK42p54@e{wDNTQn3(XgiJI`ZqS#V=PVs)%+RliXp|w!``r@8Q(`=J1 zMq5J#yLur3-sC(zvy`~~)ngG?lWTr!Al#R{zLJyaOs%`!^hfH-j-?U@b>H*B+1>8H zgZqEecOLM2-f+heh4-Y8%$c{+GIrZVkdbJ>oJ?Fkor1P<=(pr)>)SRSj#}Ux&@z~6 zSCRU&Os{1|X9e*?nlC0EmUbS@3xl3@TD1QQvZuDcwRroE*u?d7wC?-RvDw@eBnZ-^AB4OHvwgyJp#uJ;)8 z^Ri4*`Eb2H)N5;|3_4XBF$V3OAfj1WnCCPh)CwXgdMn<0LDu|6>fjvUx!+G)E|+x|GMf^EIv~lDMkfd z>*@JnLk_ufPQ0o{}dSg!htp z`V`4R^Li2SeH?oR$hYxMz)s3fl7-G}_~w;!G&6kJxyTN7;g%W}(#6TPTjiJ<-(^-x zGpj@kSk?TzDqGhy9wpN9c0O9nxzuW64~LqrAu>exVasJj*@S*AaGcW-vW@5m)^|%+ z#JOnZE?!x3Wo2*6s&FEmli0KO_^NzGQ*mp9xAoPHr2Eq%nId-;avp4rNfCP$nHNN@ zpDdcrW3HL=Ur1mO^AmLkC!zEDx$~CI3&@shNO|EBKS>8{*FHW5`Xyh#O&P2E(8Khr zBKnq%GDs$1JxY++UUW0#79la-sSQpM(2WYAWn}5k^#$`)#C5 zM5@IlhtwaA|HrDjGV&Twq>$| z&ck7THf7MDdz9Aq=8?*K`j<)CdtSPsfy_f*&m?u5ABk`PTR$^9US_zwl3V z`)<4_e+m}v0S2F7W2>Cw%!!YXa_jd_({*`;eZ^AABt67TV0EiW7c$d zPi{(0SJvIxURmf<9z&m5mRvUOg)DKfBIf@b7T&X^8HEzcR&pSiNH5QDWzR3kN6*j; z6gt_U*a~G)i3HP=YeXE>l-;}UM75Zf`C|4=31Rd6#R6q8?6989<7%o*FFDP2dR-(v z0)!mB>2So}3<8{PDR?M|jyXGqUW2X~VO#RTB&^vqw)iS-i>PgQ%9ldU3g#zP+!K$_(~oMM&}$rw+zh?%@JG zEITu!!-Gias^!cb2@XWXCyGP?lb@yKG!}mup)?>aL+_jG1sIC>+)nIb9(p%>x@=|G z{^h=d>!1ZqM!~$(+wpLSerpnwnOtEmHd@5VvvYoK%Od=2@Z>~a0&mENRu5=gejIjh z#hh4DPmWH$hiTQ{yZpH$YvLWYGAvXReM3cvCIh|&Lax9Z)=$_ovl<5MOLz7I6F3Pu z_8)m$85JyTvT?svyhuzsnGyPM+>bB|wRDB6A#Z=cTMkn#NeN2`u|{nA3CmJv2#%$J zZHdIjeN}P!4Pd*ro=n-ElbO_5vWYHj^A!xwB##i12AFh@T@qZ3;q1AH|ynK-n{^E^&v{FSxtEEILO%TLaYMz2Gbva@e zdd3lH89wWU5LL{UuT9nO{>#CO$*3XFrY5fM5A4E4_O@uq|!aRsNXebFIcI&&^CH`Hn zh*3;H#+Z}q|<$hm={~2f82F@s)YJdmd*Lo zhlI`HMY}mZ5LNPp7c^^aC*-~3`$%|`xnIuOaGZcxY8c-+)0rLq$o63R{qlF7?^~4< z6oQB5_WL0bSE7E{VIi*fm)c$RK5@9@3*W}3E7uL#jCDW8z0%0JZnludLL7C!Yv02E zxhI05m3koo{AT%)3UO7yKeqe9ogbumXOp)h<}cfv!7uIU83l_}FdMgw=WYa`BC% zRFV}6y?c20%rBl6>DS{Lk{}4zlY%kh%WjJ!T^j~nD~Hn?IM{7Uy2GpgE6p8|KDkNQ*gR>0Ax+z9R4bLz-a=FL&aW>QhL zBgl6vKQW+{Vdyl=>CZ!iW9R{l15DNiot&|Q8k(T`tfTI<*Wt47U>^EUwe^+4RzQ{2aknh6B{RRj2 zTkQ3QOh-w=)=lmGHMDUr@C!-{AMDUm(ZOzI8t=2OgM2L?ccn=eyNItwj_BZuHoi^u zZ=}tz6NF0w0ie-J2d=7MV#(iyRc>nJ(r-3fo4I8s^ofquI z_h?N)nL|?vt(~%I+yaeCH`#p0D#;fm5W6-wLG#$(R^A$GMwck^^9eL<8Z~czF+58m?pf+=NQ%zryR2#JYKPdFm5Y2))`mcBoFLB)yGs4R?cbNAEXKsu0ohJ zR4_WNu2j9U;atixCuwyZEV+R&*CI6{_U<=$kXtFAHmJEb6>3rQ;Wll25=k(N|0foOf!q4-mS2BGY2_d2uqJ@y}7cj9<+q<2(;q15BXE{== z-*kOkLxqP+(@zQB?ri9ALV9C5EtGk_AMW+seF3Gusk9${reXi!(7uCCH)Q@(BuWl-^Rj(HQL zfwmAu>2=Uj?N-&b-(7f%A+E5LM9#w-Ree)HnDJ*d?W2n_-$twG3{q}VqwS)&-P}AY zyVB)SP4dz)KsR&LWXdv!2{b?DWad^GYEw{)i0UVTlT)yp+`i6?d*rQ~p&(--#4YMXlvP)zOOgkjpl zTwFTy(-@^MaVmJCFu{WE-_v3A&B)%(`cDVS{^S;Sp^mL{lZ8LJUBZz&j(_odsnV{M zk~c9^yXu|!0B#^hXcW*P$)4IN?q-7_6Wm&8Kl6R1LYd7Cnps#bL_xf;_z_o|vILk{ z_AIub@Q=_aFU`+*edj&Ry17*ri6^fTAaWpIKB&*;PG9MC6g)Ly%LLlw(Ov@eQjlox1nEJ(j7N7Gpt~4aUqOk6F?%)2){t$c)l= z2Gy?ZOsMBtt$OTm1h3cMmGj>!oe+JalS$)(YcJI6dlu>ze$IhCK>1^%ub{!dfP81e zDp$JeCBh4G8JxW5>T6r?6EuyNFY)@5su$pGQoU3-gEQ^4A84#!p$kr(b#GakzW%~y zL_xX2NZo#fWYsFelHK1cF?e~Qs){mNL(X;JEUj|x)Xc_T>?5srimr|}tP|9w7HQtD zT_a@mAccd)^>N9u_6NcYajotSaf;bCGf#Uk5U--4R`0!3wnYp&#hdN0D$INw8&lsn zmYtR$Jn6I=G~lmx z;?CZ}tS6T`o;Gn#j1{YHj;;(?SpW2bwsgbLn3@LYD#^71R$>CBIli6>)*A{z(O-=8 zO3I^2xugr&9pX^mV#y`4MxBr_at!^4Oazsm<~Ay03sAsp65{4&qg;oAyT+K&Q#E_T zH~P-W@iXeI_)rFbN9%<%*$`z0gqb+z+GIYn=Sy^XsLvSv~IbU1_DQ2q<;NE08EDK+IL9vx_^;+q>K{8A~ zT`wKXJ0L8};GUq72l9qrVpRk}AmsrMAGG4iY=hW+(1Z2H&y;<ugK(cJaYd*$`m?M<3cYE|i<=q~@2VKf^EhXD18=QBm?(x~PL8{kq^hZ+!L^ zjH9x9`#|T7!4@3rZg{I%=1UPG2$I9ra*7^LrB& zP@+R0mFg|QL=;GdEmuD}yLQgHU)p?N z$Ef^C=5z4-(Nk`j#2lDSRU2mmv#oguYVSwdFjiHPS7=kZLdnOQl~8``?*oQgiF5C3TpBVWFPel_Ch_HlVI9`>zova>L2Ct$jO*$#4nN z9saKmrX6-HOHnas-a#(#irm2x z__#EAiKStKRfx?CxymVBmA&`~pWKWt2d!ij+1B43kJ=W}#x=^hqGWh$jmH@~7aA_; z5Tgn-i2WX!9^!lMjtVO=!$h=>W&cV!dv+-K3bG)P2ay%DE*=T%85J@^zjtoI%2QhO zz|MC^b1hs@-dRc7IbbvyQ?|jI$y=p=mQcEuIO30A^Ii7S!?TRHvvjIHK)LgLnP&7t zAJAC_x$s=J=K>n#x~-q~X{&1F4nF}Yfi388Os%q41lgK;g%#l+!(Oc)czt~3ZAgvS z<<*>0)u0Oo!9y?5pEyREPHT=7yF@eibc2T!Guke;I0MH4%xpWijvni?|x#EJ-W8^({$a9|EZAmeCREp>!Ej z2+FV>HvUwt>D6UQ3)7Tee}95_AqZj6wPEt0VyF!PM>-U_tm5F;S5gQdANc4JrJ1Jb zDNZ8PFYy=N^3htl02^R)pRgh=`+rEH=ASM#+zZgFK}}0aH$}_(N$@EbyC|8{6Nkio zN=to}R-IRsf2B|B-#N3lF6X#0!#Kmteti`?r-%`cS_-w1Jy)MBQHebz(XXpJg?s{uW}&?*%rj`n8L`>zUFv zz)a_%bdj{H+H)fWUPB0Cw{ny(PKY`NkaFl2{q~t8aH9A);{#gu#~{`M;YdxI%s{TV zovBs#r-GljhC+*SBco}g=DCRIS82ovs9F&F2Q(D}SIz2I6X23v){*Psjb;BVrO(fU z(sDTeOaz1s{>XY_w$rkW_X6HmRyNswSM018m!X?%Qh>+qXMFhZZc$yYA)9KLP$_0* zYyN`^zj)FgZ*_5wZnhe<2QTbWG)cLc-o_8?4X4QN_93HOgSQiTg{)V~jXLvo7a9|N zx~Fo(vGL{Zsn<1SXczbZ^|lP?t)r(MQ-b+gl(2mz~+ zJP5Gm9PbT+diiL9?r6y`zWj{(#9d4#F=+nGP?c5@#pAs}^ec^uMvtLhNsl3tC^=fB zpza~kMwO!1O6MAc?+Vuv#QoR}!a#|>S`F*-mohQ$(NW>W=)@{cA$Wv9fYTYiMzfndyOf4 zhWNF{yFLwd0qqLQ5%k}&yi&aWKNXs-x0X6yI#>bE*|q_icT-ERZ9jSX3w|_q^ag2A zJVQfm;CiNeT(Hkr{DV6dDCcf`Wml<$y5NaH`FUQ{wvEJ^8`l$E@uxlHne>kk(KCqJ zM?adZHR8hs%XmVvM1TM6B5Qb}QuE^KHfVi`<5yP{g{OfH`~kA=Tl7QwW~YA>$fhit zI0v&;&TPd^(p}m<_d+Y?asy0bt3y@Yo8N&ur5_64;QUwzxRcN?CkKc7p zza7m@(B7W=-YmhqQRd}b1Bcs0Qq0yXV4fq4HEL28hT&NEfz@@yxT%%XYGq`!O6emR zJ{QS-I&|5j*JY0`^r!?iGPk}|O&(b!_e?i1mzk{&D8>!r+7~^efZCl^XNKy~&MT)pgq7!b~tU|{#!VNiIR|8Sgu@k{0JBjyNAnf}M(9>Iq z+FT0Xw49jtD8f5D z=UElj`A{-!pTujtx%H^$zPfRt!^90IV}7?B@Yk%$;^Ci1J(uFQ9OcOjuP5&GuCiX6 z6_4_Ggg)-Q!?RUSi-wJb#3Jk2MW5kW$-*_(#3x+)W>W@n6YpC`o-drzrti(TD=d2n z?CNaF*`1?xvMn}q$n{L#tZbk*aFts1^40h;kaEIwGe4zA{O_jl;sKWS* zSmsMaqMtK!a~`G@8PPP+AO?_rozYV1;QFvC1!@?=41TMy*s6aice7Y@OHe1_UGJ9X z?lWZ%nES}oLNiU@2iG?MyTnXAP4QS_a2BRFi8&a?TCMCfSGl-QIu%*(4{B`FT1Z6_ zG@8l%?vvz*+lC(=9GK+JdSGSx>Bdf};O%Dn#0ua0i<{k|b5-9U^Op)O{x#tj&h}1~ zi&dU7K%C~QO^F^Z7WHsg6<7ER^`X%{Hl~83Y~w}!gWFe+>s}p6DYC3_8SN}8eii(|X1=h()W$(0DZ|BzQwv!i;~Tcz7~!Ba^OzG?Wu_ySN&# zwof<2a+L1)-u+RsZ{xKS>I1uZ@?~8FBI=YtQ_AU=9@eYI5?0Dadh0b6xdc9ds@!(i zU(h37+J~Hzi2R9zYd>z&fn|F=RrW?cmj|2 znz%Jqu`Yzhwi}g|GG^a+Zy?dpSB3(FaQNMn#k{UQPf|<6X+dk_rx(Y)z&q3K$wV*y zI`O$CF{3i#Cxh-=9f2hetr%|tV=icx)@ec-WuWb3qUmxmK86pYU*El;& z)df5zQiEnGQxWW~%k4x8t6B&MDJ^b>f71~WlF@EdiQMyZjWTyH z-la{y5;741Q)ngyJF|IdT87O(jtLod3^}UxOUnYJoKx1gHDA)^_bE9pfB5axl!SAn z>dR8j2M+gG5d$z;UTdM=99!BAwIBXGwI%2!2+a0iTuj{vR_pFxsGm(MBzO=5#VHvT z0i&INiLytD^*jdj+{`R92DFGt&E~xjAF0Hn?9?weJ-f&Lrck(nAK9Z~B5fu?9T?7> zU+`}H^s0zXkh7f{XleK7I6+*N>sjJNQ5}`|+-|YO$FY~0hrz@Z4!A4H{Dx}FLTjl; z%~=JldXo2I2+<vX=J!Q1Z00Iq&}jgDk*rZofH!?YzUk3sPTt7 ztl5w*i_AMd)X-|wO8|}NX^(l(R1)~m>4SQWL(Bl@BHdd1I>KVC%DQmoskocfV2igWWUVX8d=<<$)$$D3cf2vqzWn46tl95g;`%sBRg4LEV{{1UR2ly-bty z-O4pcS%z%`g<4UL6OtF-9xuokS(7%U$(3f>gEwFyg_Tsk8Fw#-jslBVGG#&hFEw5h2DhvG=oKdb9ptkjldsW-?nKbwYD_6Igv zuBKo)s=*2T^Sp4d;#`xI)JjG9^~|rds~%2MUb~xlz6FbSYqMwhcs0}reKMe_l0+yz zMiRYLRg|4?RXojxXcPi4B&H~M&Xk+l&|uyG#dWZ4KYrY4(WtDYma7Se^qKc*HwrXv z+D-Wv3e%03D`x|GXZuy#QWu#wP3~*n+z${Nd|dv`^_3tS4v z+((p;mfPnCqBKJTkWoD+*foZ%#Yi<~qcZUAl*PR-WMxkszqN66f3Y3I*5ER-Icn^e$BD^ilpdN!;OgQz@VGffz&)|T7 z-A(;|-69l;9J(0=KvO*x__omc#9?OVmlOXhmG_Me_-MP%ZuTFQ_4_~#%a3=cSWyY_ zb1ro}N{J1`JumzI+GE8LH;Ho>;|q5s}yn1tUHt6}j%MSXw_&J^XK=ioTq61KRJcz2PqSv?^?rMOtz zv@DB`NjN6-fT#o==B4UkzxPqNI`iM9#@g z2G+ov{~iV!Lj;nad~vYZM=Gdvw;p+DM}BS#AG1bqt~-T`+({qoAG>15qHsEE@i+L%lH|zw~$#> zMR;>lr+*$gB@u7|(zI(+37G)h5*>>8iT%kd=Kefb^7(H}xrKK@<%FZguN&Pw4!Lt@ zdoBeMmamhWbItY+-&)z{=%^-tTAQxEDTfwlccwYtKQ17}xy~L45uW2W+oJeVszqkE z#~@m{d&Mbx@;_abV9ZKz5kR{>3@xk{q&`o1dt4B=GAhmQyYRjSn5PPy#cQ8_4cS&2 z87(m8SfOF!M`@*uyJ1`3>YF8Py^^D)R`g@gGqLLNJBc3syugexza?1;Yo%WmLAtuu zLF|R-xlfW}HHT6ksq6_;eSn-XfcAo!`y0?sF;v!Zmy5~5TNr-WZI#r!zpNl1^*G_1 zW>T5ESXl|BTs9%B^~UiN)5R!4IFOJzVd$XUC*y!C;=XJ5hoh;SM3~iG2olst3~P2v z2g3tKtMg_+UK4Iq_si=#TFSa|6YRMw?Uln-RaIr5&naeo6A=L_xLf=tkh()eAe>Nm z;Z@qaKeX+NZPxLZp_+UdwA1)Z*TyZ2&BR`N+U8=v<>W^v;;`ebiGEF*wqx0BJY|9j z;`x>&9v|Q4ODajhJG6}0BKc@5Xt>fwR|OPjXxr*g+87^F#M}Tg)JK0Lpt zq__*jZ9)p9>#=H9wZo7&oArb*ZH4>S=O3G&yM6t5&;GpM5Z+5-&~kgBS1{dspEB%R zzcQV`MZe=fpHXmMI8Wc(ikL9nt>3&VbZ;|%LRp$W@z-lW8Y?-NzCsLq&yw}0Pk9L0 zOLJe-w?2l;N%1eGgzAGW=81-4qH?>OL<=}l?n zB8GzZ@9l4+&{5|5(_HpD$qQ&7CbyEeOI^t7?mY8uN#pkD&W46;HqCRd%eD{6CN#Cu zm$*5c_Oyi9JQ^*mLcD=cl|(PuKKQ8`Lx{A$C= zk)w?}30#;oFZ>m0X=zF8j!JImdOL;IOl;VlGq(RR_2gW8a$WmCM|+u&4v4wer`~_w z7g(E-e4fLgdQ8R^t~7Gn0fk7gX?jz2H~!>kyTYgXm1>y68O5K9%ma33y%%TaXhX%H z6sP`V>HA|>AHCq7N@)PgqHoB!c*hg*x~*Lf=yTMUz1wg2ohlY%H}#&X&<+3zwlPyTy0GD);KvM z_MKF%>BTP~Mhg)N3|x*sxRJhHM$}Zya%dOUIa><6TzxCCT>*{IN`5mKZ(goPE-Y)h3_pZ`ieWr%27!cA)AAe!LK^u>h?5lJ4-Rq^OJQO0Z6J*)Ss=cQ0~t7YqvMw^5NOt@z=qE-U0zTG48i!qG($Yo#JRE zP0;L&oKMTEyVsvQ39xZ}lB6KbcgpW87rSOI&uV|6mfuRDxq8s#L%c7k7)r%^G*ZeKLo5yZ|&vs4RI**@1N`weQ8dpoNJTm zu;rxFHSMn^>n=2?dGC|d;e1lIJx@*yPho)cis39cegHe423u|3GQ%p88|0=GMOus; zia8)nlA?`>hiSe``HKooZgX8>K)0^3-2k~x}b$y-lyKmm4BW#cex z<07`D9Au-e-s4lA4!t;>es?;nndIi|Sl6CIX(N@|DlZAmd-r9j^%fhWz6EhyTkLaM zl5KhzJ80)!uaBK(xf$h(ZTbZyec6@>1lF(^ut4pv=QT%TC*|c!zpobUz6w?9^xCN2 zLZW4K7&(AiFKO8pK?#;vj;ktH0->n{NL%a=GAR=b0@onj_ z)mrx`{I&ZbS(yPMPYm`icOf6RB5l*$Jl!YW!A!h+gDEp{S~jr5hX>9M7O1S5?RT2z z2tFAygRQt5&3O@gWStv5Occ7ywcj1}Cb>jctM}~TkKY>mmJgx)v134C!jWJ2$5rWl z$Loke54=akK}k?xy!O)_ROL%nre1KivI=IX0TBShr+J2T|Q`TvDM)$jz@4 zD{lho=9?(z*ZE8{(8k(6M4~wSBcma^a!s@SqX>zz8q57GDtdwLA4@aL`QG$EUCia~ z!@m6+6^1jylZ`vE=B3RNDG zLH>Q;cKCtXMzh&pCY7Hrd|mkZ9w>`&TpF;4PJTVn=em`r4Pc{-J9>J0ZEKdHtzB27 z%JmML5a{=E3-B}Ro~4Z-E-Z-Vhg*r5DjX13yz)@k-9jA|2^jSe^8J54|wDUZfmD8iL!&v{-%C32aRnbMa;m&I{>%^GU}sN0=^C} zRBED&aKk6O&PK?Z)3x*t)S$rlZ`tj)@2T0330pG&iQ!w>$k+0J6fgguFYx_m16ss+ zoP7L#Xj|0~{Tg7;Z*W+7YD4f?E)r^E;xm}HfX~%3`X+z_rN)JWzf9t-6R>ULwQdzg zjg}#75kUOs4p{z>C~v8PJE+A5j@MeX?A~$bQ2-$Z?Mwz0W!p`D{IeI$4CIFPg&7{n z4!_Yl28)N=+4WnF3>lS)nRGCCN`ch-p+BL_bD zcF3VJW9Rhbd-(Z3D((JfGyjjO7XKHId@eaU5N~B1B~;A!vNM9?pci)c4vgL)lAje9 zR_!(~ebYg;egTAb!+l!}Mw&;ulyr{`ou%bXJJv=TxM#V*P*oM}^VYDKu-vyKSJ64_ zUF4^7={Yu_-%+m zKYo2blAiHr(CO9%Ny|REn!L^Mhe~>?8&;hvqzNW=ZGvKHM}hN8g&yBpPpYI~h=Ahl zb60(TGl8v;EfY*ZDJ%K19!r((@TVpG(zhJM9{(@_82tZs=lGM})RR@Zy1ItNdH;TN z)=-%e?w5cxZpi=~yQkZTv_%?{z$2dwn#hU)wBzB~D|fE9MP5n69hs*d3lP#Za!fUI z%mel*Y8tq{Mvw8DoxW=*n{5BGd!TQi4vm0RD%) z+(-vsPyJFI9?JlT1LP`vAH^Ho{B8P=9rGD1I6<)5bh@+Udgs)}VlMK67v96R3m6OW zrWt+c-W6N%)F%0xyiS$cCSLfe5wVEaUUYx179vJam8bp4na!B}=U1?xtj^t|;)0^Z zc%V4+&NN^vxXZRm4Gx>>rZIy{-8WOX5}dXkJy~4W`@ZZicjwrhKK5Ml&erTHelF50t?VA9P)Vm-|2idLE%xx> ziGZi6lKhM7SfKP{!?9?MZ=QT6_&YBA$3fcvM?>9zlf(PAlKzv9r0Cwu3S@+liQ>V{ zmE!+3KQW^)sSFr5x8f?U(!{U56etCC>rs|Ci0017fVL#)tZrt87ZPO8_pPbNelB(8 zTQgIB`RpLxRX)?##{dAp1{NNBtfsvD&VdiG=}C;KI&uy({VydSy4_JgH8dz4l$#a_ zS^S&v{4c!K-Yg(SOxKV~6fLJS5jiUy92}BXUtV)d*|>kl5e9rfiw}(&5PL63x-a~> z_@*nYprC*o9N-rTh+NH8-$CuVb5&x7{7=5QTFCUlaAD0i}}xCJ1ck?cXJO+p#PU^lYp+ry07fI$JE z^X;f}0$mYRwpjb83Oz{)TL&!)#5sKr?mw4`*L$IF6pOXL+~RyQ(Durd{HivawLCsU zik~3ui!J%`a%=8QcSL8k@AVvaAJK0mS^(Y*w>fYQMUtz2vv2JByROS@WD0MS8HIV` zNyw_pN#9C(0s4q5xQ-VJ6St9Qm59JK3~Z~HujdFz&pWX&J%P1!z>+0B$BXR`0(nuD-Q>G_lD=Ju z!n6ax?r#1|E&Z*2R5-zZ@B3~+V8cs*+FtAk*z8q3AluVL6#*BGA&nYw?>qtiy~xNq zuoIloo0Cm%-@cXHAAWH_IKO{o<7cFi$H$bv%effS^M=LwfK&~rw>|)M|JRM*hK=x< z9sCRM<%1q!K`3pDl%R=C{l5?E#m2T?>oc}Q9F$m&%gAD6-#@3BYs(L~faQ8}fISSr z6h;D)(=);E4^VTl{?IAD3`atPu=Pr;XRiZ8!SLYnyTQ^=u+3icgLo`sXzrzb80!DI zqev+l1LE{=q;hOkCNXhhd?4%U_87Qre~DUg03v?_z!UJDfHC(pd_|9fVp<5WgEMiF zbp?=fV9y8Za~sm1=>+~Z|22bFfkL!)H)dA{VE zE3DRpRKvq|{p+qq(Oh0=^zH^9W>@3P~$J={oLAm~y!od_B842;RrI^IN+2W#824>)t zwc3TJc=5tP+6Tvg$gA$~hQ3b<2OWF;>%)oz+JWQFu?sms62P?&?*AnM0@71cOA+EU z3i*yLb`1CwAlxihH>@gVH&n+Hwk)jw>C;#0){JraV5Y_|Z4X(+T1O6G3UK^)eDUi4 zcUJ#~091RfxBlF!S*=zs_S zOvr2>cS`bYZOr_)hs?@bBg}VKs(Kr7K$PH3}GHR#mxxdd*hEGR3K8^MK))s^Q zgX@3~o6ME!DIfAm)!t#k747i{cxij)O8cS6+^C z2J~G#PzrCqRc7CXE&I;|b;o=1$$a^SyFMt4ZG*MiqM3e0Y9mX%?S|}nG6yJ4y|}W{ zDekEhTHzpe0S_(O!!J@6Y5b9&sLFj=XZMHxF5(hR`R+vjRf2~5aYfWuqHN~R?|)?= z=w37|=gFKNw(0b&H&5JpiT^HPe&op#?ils7d%FJr4$$`t*KzX4dqL9&%K10z4UgUK zwQOq{hN5z2zlG}q282)e7QTVK2=9?0*X{s^QX z%r0qX0zl;YT5(ZPB(U8UktAhfReX5cvE6~C69i0XE6b-cMQgy4Ss)C%!9@A4XOZ|J5{1 zbams93ZbH2ub2NfdNKb1<@ykqfMsQE!FT7Hj@QHHBF@}**GD*P{}Db)jjuHPA9%}3 zVob%5Jbk+x3Y@gZS^u|`8Orc%Sn+QO?GJ+UolQ00-64`bOQL{Psdi^TSz?4tBr)|F zS8D`gjpJFwfW)IlRhAWxwwWM-qQCEc9%1uu0ik8JoegS?0-E3BE z4$z^eeA7(~l7rwIipZ_3lk5UiW8*yfZ1!vx2ZC230;CuF6BDbeO#Z*cF1tT-%}$o1 zz?qZpD**e7kF9Pe!GkFcVN`kxToaOdNiA$xn6V<>o4HAv%_MoZu?XqSr`-atSGtJf zib?CUA*;Fq@DkV9*eW1>v$3UV!#87vZEO}T_+(Tt$6o^EypH#P1J$cy8HI$Pm5Y-#;eXRMoG_(G#KT^vTQIwU1ZRjR3IcvA%adSHfJriS=%Le}c zci`{0=n;nP7kex=8gI$BH)ZogylE7_4cuoj))scKn@S^Zh*2|CY4osA{TdJ^{?ljZjSnld@v(?I7Qoy`t_a>K5XM0qY&8z>31L=r7|E(F(>4<>f*3x58ma{>| z+Mh>gV3z^*zdPZ-4W4(pnS`9Hoz!VkZsmXXQqJXu7VZ&`kW%?($Y&8QMlnL4_wTzI zj0~hPfGU4K{9QGY+4(2N{4Oa6-hUgT&ItcK(t1={CG-?|PhVJot8l zbvYDobl*@QzTM`|dB*J2TlU(JZx)cfLjWlpis@?lhr;5>ytL6dkeJ_%=%q0P4JfLd zLaHjup)MHSj@K=@G{xG+C~5I>t*rHyp^BN(G6=AO0%%D6#IpC-zjTocpo?t^%wdmi zNlTF2hXBz04=ffnUHpGl;R5kpn);uluN$6s?{cVx0xGu%u(KX!2(F&?Z+_mahY1vM z0_x|2fSdHeGw1B{TomX7ne}3zrl&q2E^^ZacXH7C!|YJen@>+c>T zD~$PjcN=C~Kp3mw3tSkf!Z%5e9#>ZjI;ZMIqHvN&?T}72Yma@P>O@P{gN`MvuL$9#O(V#6K>JUi z#ZyMo;eOt)iX@x2EH{*19X)S{JN%x1Zp#>pxR966UZ9wj?asO-L^ca$rV_^?GdPL2q=AOm~ z-*m??>m#=4@87+gFhU@J{0I0G1Kv!MGXgs3ZRLWwkKNMkyA>U;Ep1(wcyeDPSv0+P zEN%1VY`yvGYV_g%D33y|dKd#95NnRSUl#%k-?Tw@W6q9yzKN}P7*dwy(VI&1bJMu? z+U!}-ln7$;8Njt24T;shkLhoTKCMA-?Q-(j9%Z!m3`|l-O!?T5>hHh%;D3mOdJbo$ z(o9gu_kDFK9I|fXFzNoBYeINJ7i~VpT&pJG3TeYx=#q zG7y%^zK>Zfxm;hEV25J$I^Rl?86?*0*u%%P^lIGCE1K~U0Mfn^(yGzxWG4@dFYmb! z5Sp@ISD-Y07`Tu&MS}TNk~V9Uae7Jp3%L0p!J;P+FaNd?K(&9;l9sQez+eSM8hV60 zA8$}PuZJOxFPa1*eodJkdi>5K!f|#$1loqajXFoMqAmby3lq29!QW$rp^(bP^Z6~4 z3PhAw_c4UR+X6L3ljT0Y%dTX=YX`YW+xKM0KJdCpdT9#_>6~&b@AmJMo|>u>fZQ0+L|Rykwaa+np+IDS7@uWPx#iwe)akYYkWZ{=3B{8{)O} zpcXSg4bmh3haVKZtND(3f=1MYo!5dvy|~o9OiL^=lfZ6jr{!%|<$yFhv};B|%L)4I zPeI-e-j2w^)PI5(Ql?r!@=g$VEB64sAR@%Aa9?=?-f7;*sccaRt|}5;ur0-8$Ho<> z;35BV2-{2oHZ**rFT8)lZ!k~ip0XDLZpdLoVmar>|7I+KdNY->4xxTc`-+w3#3{H% zBhv04#*&V(g6rk7fAaq4#CgrFY*ZM1!c#t=&um|FV*>yF?~SO-Du5m~V27Y%6)@Xs zzYA()W!pec99&kW=KB4yD(CrTF-a0zh9Lw)NI6Q&cSz&9IDdIjI4N$*6xJ++V?+4d zMXQy@ojW(qTRKn(Q9tSN1usoVvQVjTa66|?Mvc+Y73`$w{Kt@carmcU>!@Kt4E*TM zKP+MXV<7CEeWORj&8rOcV;9NF>X!{bO=D;O*=7Dhx}8Dq!xQ^EAiFc-m`&$MQmj-G zQ}iBLx)7IIWBI{F-YKyS-~Xgwy>pe6(4>J7h*WC9gbJJEzuyatN0#S+tBN6aAxr(X zMmELb29`_2vwHxAc~uF0Gs#zBQj9?h*|r-YT(Tf;ZdqC;o+&8sAQz6D2idSnm@7<} z{7>h}{(x$?z5sp9Z%Re#9T}eexE_ZurNs3`_5~jOiO9V_G>yStF~PO8{9JfAxTjn{x{+&pGx!r=WiE1?Yywn)lf zA?Uo|ifXZ^T!oe09!qWYrOo5nI{wRi*YrGqm(9FUN$b1S<&6L}FZHYNsuT+!KBgdb zO;M_Eed;AZVgROUtmjG~veX+HD|%2sKbwaoxB%(31sOG8i;(&vea2iSyM;d0uX@MR>mHpnJb5~Un zfAk+7Lt0vBb_`~;pCEA$K82`q^){DBl5#~OX<#4IoSvh!uRnmjVC`1m?fU2Wgl#-J zcRf^Ha`(jz@8x`U^G1cU6jJvGBGp^qbliMk9zc|^(LsMh{|C4Va5$?209@sL$%AOP zwo|R}ozD+;VDlT#UhQ#Alc(!)ah=$z4cF_%-sdTbigvq?DM93Ga`EvD?Ei*H+RF{T z7yE()lzb9Rxn4bk5Pyx7@3pEw<%^JrIWOM<(t5(vaC2n2jhbuT_sMKm?*KLArRf+9 zG5px9RGbMAlJ?2Z`FjzUvTck2P5g_lhC0>m*=Emch4M-0VJmSDlbGl#SRo|o{8<)8 z0O^3_l{&XclAM#()HfNPa>_^0Ryqa@i#YYyEkTc|x*#PDHaetazPR$_GuYYBcPDyC zwOjDhK2Vh;jaCD}{d%HlIqHmWkk_`W~CbPt-nd>UdM2o)M$r zjw^-*SN0z%8407UvOfKQqyVdJNTRG_4~b-VkSRfsp@YRi}%cmI__l$!sG5VCDn zSSMLojFwZbC{;MRn_kUri+PB|H?;y(pNwp?Yr+5Klt1wZI`V`=TL=}l{$B|4h!{z$ z366enFg^Ea`$deF9w>hAqE#b6cU0Fl>#)LHX@@_B&L`V+%rC$thO2ej`kzWj?Al_N ziZ~mEryPRWZr5OO!(-MPSfSsch0@?Y(%;c|P3lxywcGyF@aa1cFgA-pm})U0E-%fY z>VUNdY#KFbvtFaDb$UPlU~^s0LICR)^+fopp+n_0hl$>X6@Y`LX?IvVQG9d z3PR|J#Be<2N`nKd3$OMRkld;D@Y@o9KI{i{E|M1xSP7%9jQPjY(m^uo0*!8-6(;-@ zR{|G?n-2lQ0*c!YKNp68gmh!ftQ-nN?;_N;HKxWd!_^?WYGA*np`Q}1V7LcxA28l% z$PcK(l`h8eYLQuS(c9Gmn`_Mn0`<9DlNC%dg<8h9fMg>b0rYvfhL{jHl+D)M2Q+1& zt`^dl#HDoHuv$<=)02r%A4>jM)pf5|NvY=UBQ-HWfA6Wfu>G6T?gk_q&g9wLlL5sK z(=UcMzO>#pHMojo@L_OPSo7b+t9GZF9w{Kr_I5r=Pu(-6-$Su4L>4;mt`&2+zk%AI zGC)Nbzo2&Nz(t|cOx0om4A6ySWe@61KG00h#a2VG*+u=_Q~n%CFI*!#bO*E{zXxv@ z_))fve>(3`-n!(Eu{)k1!+iFa zp6#>78qs1$V{waWZy`#luc$P*#FWomD&T-jSwEJCHFdrKETl!yyqe9@)jjweBEPxY zNUE-9V_ZP_JFTvkwiZ3d+CITR<4x=z%%v`{#y20rnrYb}XmddO3BbMcJWNb8uU5CO z{2?M|Z9QVm0W2(S9}Q|^656q})siC9h;a0Ya*$}!g8_{v0V zriXNkz2)1J@(oaK5MA*B+*-tj8bRlukyfCQUAX9uvhDQ%hkza+`_DYfAd9>aY6vMS9qzIv1^Im?~7VI?;{w z82b~bS^jzU;pfKCq2N*@M`e7xre2f%F1@Saj0b!L7s)U(dbK$ku}a)FO%q7Y%4se{ zd_v(l#3yJr?)4+SmmKGC$jiYblN!!Ok^Lbesm<(DUVHmR&;`2+KPQW*#fHtXuJTt? z+o}SUXS;o~fi%Lv<3^u39v^?!He2h63Aveg3w%X>;1uhy-)tu39boh_&DBPa$40st za?;?~$7#Dr7ju&02d}g3{Wu`Ew3>s$-|kuLB>!;ASn6&tPxoZ{>X1|857pA>6`{rM zpF)fMq^`fYAHF9dRg-AzG1F`|bzs@>cp_i?H?;P!83`8*1$e72YT(zyJ%$-tn!F63N?~c6{4# zI-#w_UFi;xz+`guJvP+zdQ!>*D1=TrXx{BK&ync86+9Ah)3$7W?+D*`EPQw@P!Q&T zAKDH$^KAguC3fbB69tu(sfiAO^XjhtFPqLHi}W`BNs&*}8jk}bGG8)_p0bYbPTkeI z)<_5s{Np+|%YKQaxX+nSu7{5x) zU6y1D!?#?D%}A3yy@n0eB+GL53Mit$IEj<5sy}Wjx)H>IcIn>3#SF8F*somEyo-L?*8dZJAXCa@dIewt*Q0!;6?uN&NvqQn? zk+Hs-I5xFlaF~1J+LxMK?pW%j?)pywQ9mbCfp!S;DLyTuYPcE3UZh`QV6Ps`nsYOL z{X^RQvp`25wNH}bi#-Bn0#&))OTgA}^gO@jQbWM92(l)A>80wg7PSOs%Yg_bKppPXE z*|@f5GRbf87bBhx*I|jXOBr%_q+5(R@-}QtTfx39jrwa^t7Mm+krpS`PeSJF^@_D; z3OT9-5L6YGRIIQrO~S_L<%c<-|(MuVXSm{ck)<1AdvfG!j-Nij6-bT zV`<<~p5uIkB@W4b3Vs6TBFCct^eK2AuKsS~-dTp7;~H?+IHBG9O8uhksRbHZu{@Ny zXWGIgN5iSw{8^K1!{vlVJpURUx4#3w$sZc3k zM(#IZof8hcmR~)`eH$qf%gIw_d~%R1NOfnj1GuhEt*M27K+IeF6zhR!QdJ>~8B6|_ zc+8Lefncd;AR>begq@zj-#h21+`u{?LDq8R-{WrrYxG12H%UL0oe$d9M|R(kyD zX>1Yr=$+)!0qs`qp&sL0Q;Lep^|!+u9LldxnSA=A4o6N;ouT)2SKeW+&ODhfc0`#) z-lZCdYnzD}(=K`LfsZ6`+$hiOULkDv;6*|L5`#Y20`1dl#^{oz+gXdv&UEYL+hXn# z3$m@KL=7gea?R<$jI?myHQ$81|k&DpBcCHg8X+d5d^|2239|%Nv#Z8=aF=AMBSVK>-O^ zc4JMctUDukA?uzLrU>c12ZU_)fpP6Tb%xUnXY|4oNp?>al@Rj@3?nej(+oQWx0u4s zDvHGxkp~gQVipOKxyA!ACXwuYYQRmz-di$s>ou!*-F~+AY@z=bo>#;&h4nAm?_^0`ewLiD8=`Zvx7|Yb=u_aj>;aiHFOB`0_tds_9M|;h5QUFoOrm_5Q6c9^ zod%{pfttA*rqQFTxKj?uKQ?2mijGeMtzLRY1{9&y-_%AH`s z@ThdXLFakTL}{btk$I0-a4CQVO~5M);QfB~vxSRdD(064PF`ltO}f~5`?>Xx!ryjw zqyf!&i(urJcCzSvHg$)}XraE^B*KuoOxHgAxXkx+pY)$vpG{8+502^ro0>CuU)UO^6kvpcx zG9|uyPhiWZakkN<91A#F%14}j*sKsS7h%g{KKbC;|J%JHnKZB!rD?lC|X3rs|3jtuRT;;dAL}q38Mp+iGP;%0yZ$#Y=G`J#3z+kxg z`VMV0(m57Hg17`3*}>{RRDCHai#Z)B6f~n;%i}LhaZ5p)lid$_Bb;XQ1pdB*X+_q! z7mCB5`PR$bV3*^_$DrJi(~|w)-D(@q*Ft*BfKLtl+|?mSN6tL9gq4g`qp{J*OwWDL)!8r)h?0xf@6rAciy z{p$Qlfd;<%{O9-4-|I;|pa1TTK(RsGyuSJ7vpGq5#TWJ9-%D-uS%2GP^B&zgd&TqI z_<6VT8uYx~YajhMuOrgLQ7YTplM~obGe%Vy^Ot@Dg0^ zg)0yIvc|EIdy^h|zcvfqvNg0upndGSCSWh8=E-9OC<4g0)BxZBpEv z{YLNHFG}l$po+MYG&=ITMMNJkn+DxKEt#3K6d*N`V-;{sH6xG4AAAhq|AAi)ug<>T zlZ~jT9(on$p&GzB?CLs_|Ptb$(`I z9LV?tJFrGY<~V<`hhf%KW17j_pX!GyE2%AkBm53k0~uY>uSr9yYM(UF^7-|{JL(+# zxM&(B`}z1icT|9}^VH-o=!IF(;-e-xx%Jn5zbk19;lP)yOh>x$zq~KK74;Z))>ha- ze$_^{xBq1@rVhjB>aTff0>1~m`2)uZ3x}V`B;OVFlXm{!6DyoFmCJ-|1FWl~BE2)g z*C7c-ar=~d^>R8C;9;abpE#H&Ueh9zP=Y*D7Tay=5?qABllFz2OXi6qSoOQgcqG(kCx_nt4%|`mj z&pg6)FjuLW44X@$dccEf)!N4=AD-$vZ^7p#GYJYCXy~d47V#u|;r9@%VDVjePHJj~ zV(QY!Q*BGQT!i(`8daz1@V;bpt#uNJ72jKDfb)qIj^h6ebE)D6!t1m_$1d6Cw`+t60)i}oY zh6;{h3q+I9d9`?3&o<8xNBbn3;6OQ%iL0uMZeBRRj%md<%J%y&QP$1l%k2eMCk58D z6gZ&c)(H8#Jb|)K5;otyMgMsm#RGw2GC6;w7Q7vLOMBFJ`|&I;ZGy$^XOMfwXDIk} zg=jYe5QS93+7dn{sFUrSw;e)X7A#VwWi+IcC2JmeaMdRz{q--8kYzDid87yQ)-rF2}Du-mhlJ3OZ=)Wz_r zw+UpoO2)qtByRaRA$?3$#)p~Lw8B6`->n}z&PF`8`{}^%)cw&E+L!IHrX@4UGa;(a ze?)*g<9pI-+bK3eYg96%zN)T147UC-nYj*kK~T@cT@rN_+uu=IQY{iDBkP<>es+m;m&gn-NDe(c_arm9#inKf5iOe9SW1D%6@8x5xZiCSoxD49)9qzi`* zy`~f6n%4d2%9nu9?^|@1sVuw3lEsOvN^gmWDP2=z9_mmEAr26 zs0X5toBZEVF(H2Py_cn0qbf1F*Qw;_o_fEI|4y{2T?sV(H7T4Q>g`0iEL|Sltmb+d z-SRl-AU3{E?zz%O@O2q5z#JmA`M(=M(*3#ly5n51CpzcYpS-(u1~fSFKli?KzaD~2 zu>6r{&+lxNa7AO_bYg8_5z8%av z)1{Y^@^{a_K6zDIAJWF^4pU(a@HWvA8Z3Ki?O%{xBhd;3FR&7}R(AN*V1t^XE?X%4 zb8|o~=zzg{eKTEI z+h5-MhEs%l<9e0Kv_S|@{^`1$dJn)BqV1de;-;GWJ%Ua2o~E4^0)*#l&(81ohcS1H zalAs7E(~-~g3TkbrV#LTWgn`76J|2c=&41CmC>^cx1G|!7iHWsXT=PM#${crRBFG5 zLOAmI`W-{EtM1~d_Dnrp3vC|deP4f}X{yu6SiT;9n-bL*tu0NhcTKv*qrz*H_w1zi@o?Vl1#M)tDz&rC6Kp3kt>Kh-s+;O> zjXMF-7ard#J<3Pc5_7@QcTMn0>Y+6Jav(Z7S#b2L_5@4*ijq4;_ET}N*#2P<$aUE* z0{m0g$mwM@Oqdn<^G~0qrVCVQV(DnITlXnU(wP)(#B{ENA5ECOt%A4le>!5f>d<#a zG@o(k>r3$Fy6UQNMZR z9nwd1Ypt9qi%@okhT6y?;;$l7GDU7M9-qppi4qwj?z~i?Wyoxa^t47Se73o?r>*$n zd$MCkC*lg(C^?{oz{sZks;*{#|4G7-iA=F_wv6a1^ITSY^dhxVb>y_JU$G0;MApQW zGUYY{H&w%?_m2!EA$iEAt5YlOUm3yf`B`&IG`y#$ukGJCzt-%NoEnz<7^ttavfDsV{Pm9cT8j>H1?E?W11e%s#8jK1Y7z+62zKz z3GN4M&7L>#!*|F6JN~F%;9T)pO=5Z^oSy(LcH%O>Gzzb3dRquPV zI9@hbveUgN%E0P5vzK|dzAJL4Y3~8}s+4ttm>8e9DQ=5J0mnbl?k}-Nw;hcEtI|zg zMfAI0aeV9gGNI%WQ=u@~sFd1eoSxQ5%tBR)0_~cFR=6AJT`PP(^S1X;ws)7 zC(X&*PT}B-WOVVf(a&*?gIGSY(UQorr!XeUqO z6KPuitx~2(#S7!^T>6mWW@{iBhAF-*O(OW#R>62i<~{~lp>U-Df8=?%@X_WGOMNx? zdJxa!n(8+8Jx9u|t?-OH-#u!dtJQ5PM9i#M=;Fg&TN2as=%@Yw_{Ol=uN}md?iBBF z-UyMM6z@Y`c-v60`iiO9^d|XbIThI5v?5^%TG8zhn@7CEjaUCvZ@jK|i=k<{>@Ch< zMF4RnaMerw^Ys?Z;GvkJ`6>I1ox(Y@l*q$_gZdXrn&FLr=g;#}98- zIOLzKYVUu3uYFN=A3+ge_fT*PJjwFMpJ;w3Um=K}N!U#A)E_a!b{_#gJ*rB%=ijQJ zPv1q`3dD0Gw>q`@w1c9~<-sKr_~?*$a?)W{;o&OFV?mu!^M+4h5s8HHwt zAO%>gwm`~^AfS$ffD2}ntljJP##0xlRUfNWtJGe7w=A?4=7$+WAJo& z4UJ@=mkJG!RiGsNWBKs#P9Pmgpok86)Sla$n)g$4(Ng;2Eq+0WW7vgJn&Ph#re)jr znO6+H*{ENTX%%#ww>)R2ZwB*90Wz@r9G$Ltw(|fzoAppxnVB01S$M(cKMx^f4Z-Zb zHrLhP%))EgY`U{Tz?m~cZO<$B6X0^*xE%m=W11fspAf-WHJ-|=I^k#yf1>=^5}lZI zUX?w(Qc4Gi@kaGGeJ3Ps9(Z?kqGqT8Rb*dF-|sU~K}{?mx>FJ2l>_chnX=b>)}Zv( zS7BvvgPEySQ~PJlYEsGi#Tln`kw#COo3ts*Q}{;h80tqw5bw_*PpX6o1+^w%ND3aT z0c=kp7uUj(O&HXln48yMqgrRU@S0zQ-+DCmg_Lm<(#5(ESunI&ho8_JO)bE@Y(+Z) zx8QxMqpfrQK2{0fto3NCF=LqFBtkKe@W&6#FY@?jtQCMKbt(-{H$F}U>i$M0>Zpkky7|!jhPDZg3o90UmY%B@k=nR{ zZcR{kj8TbZ(odG}^>VKqTkQ>(96#2|L28bqnYs&DJqpBw+}xHI+0aZ%ZqFutmqwEGn@;6WR)XzVY+&YD`}KS&TOO33n^|$s!ep z>VYAHOUF2rE*>ctOl6?Mec{t5`=J_6fUJ=zu(L``&OOklLvLT)v;bQQ#7s5wIfl4X zqQ-!Ta;TW^#!t0M-BO;zr&7r7Ve{mNOSg#j+cuPR-KTy5K6hrdE`^f``!Vij>%v4J zm|MNjjwqH9x(Lu*tw5TQk}aN~gst*ZmxG}Ck7@Vwu)YizkPh!~s(k)epYd;PIn|Pr z>BzmO=`@as=G+qCbPSo+3b58}qqs=MU>p8yZs8~w8=aKqjpBQg<7)wkevfj^)V*yk zP$d#*Hjz3f>%zOdl{-mR%LF|W5H&^bjdN+XuvGOZmw>X&N6ez#-?Nlf6gDL4q!d z`WhM8s7P+pY0kt^8^+#gPx~yY0pCN)-)!rw5^tQmt^w^HdDQ?kR5s2C*hbU*bXGrd zgE|WO(4DJA{7~1WYh2xzH78ck>;hTdO_P*q$Vg5xuW@aQMCzZf8ad$B^dmUOfxl_i;Zvk2nI$V=m|nHE|kVY=0=lp0P@2-CjXYq0&0-%n2}o`gB1y-bxb1U5PC zzht&`F>WteSpA6j6vJ0fG?`*yAmheC5Vt>&#P?W)o68KeD|uxYvPiXJ!Y0;h%-LQT zPzi|B;rA61-Tz!RblZujwrF>n)z_G&eg{1ruK6+rcq{UF0DU?&+CmHqD=G4!(KT?XRrk`Xn4_W%C{cBfX;b=)Zl3wD)W~iV$*QiK28{!82 zD}-q<+syt8BC?3n#5d&n1dAd=&g;%0?y8@B7QrxTHIku;&3H5-x=72mwCB{b}B>V z_4fmsd$n>huk)*U5&UlR*DGO41XBwYtmz_L4rWS=TlECOGRp;X|5<&5Y3k~&*6XA3 znTV0>xedx}VCVtOyZ;of)0*jl(DTT6IMxb=-~3BU>23Ag3vz?2CuACim`v6!kINzI zhWVf>epd(J>vo=|5aG#U>ol+jkNpe4KjWD6#R31i!e31)%T68%&->F>3+<8aI|7`p z&(t4l8oce#3ha0e=Ng^URc~B7h(+{6OU7(EDE96%cX1XZrTR{%l=!SmMkrNEOB0#^ zi1k(ac0f&CE2ojz%E}dJ#wIG#jOOGAv_IYDovy3SGgqU$266`t>sAHS{#-8iVRr&C&XW534e(zRs+$`U0nfVgpnX@o)tnnx`AxZt6H44d z7JKwmX3(^NE)WjE&4&u){Q4!}?-~-Q+Jo21b9kSimJotv!chadxctRaN9Ia>fnnW* zwd-7zRm>OMO5@ykvz0(;neVwZ4e;%A?_zR$(wQylgM^xeSwTyCOc6n_jkqsb1C!Ag zQ$3aApUGxdHE6KmEqkM4np0+|i5x?qm>Bl@o(SJU3x!=+L^!K0#(nfY&tyEfyKZPZ1ZnX3XPk z%+m0y^Qc_<2x$l935e1Q(N~7I7f!OcCmy%w&(Cs>IF~iFzqfs%htjaxqSPB_3zWU9#Yq*L zv_YNGJ~f0k7WhRTXM`O*@r5bwM~k=I*4I+{_{@KMl#Zh)JlZaNFC=?~If=DZ_Hq%( zF5$V~+^-3ia&bbfTn3p^T6-Nj^&4&|nx4#1La@$tEZyt++u zq7%8lu4yz&ePNb^!eki2e5*vxslja>T6_Y2G*&QxxsU8u?Im)k$HX)fC;5y9+@+;? z`TJu^DyiW&4Kp)#Y-NuQZc8%Uj)>ZsI@Riq2kMy5%|?nukrU}F{_z=Z_V|+=5pb;{ zTEO6S3P+J^urOtU%8#0?=7&;~-nW|&##FZiC@YwC2W|NglY=0AzCM;BEbJ+x&#;(% zKAjU{!T^M|8gO4gRU7*(09t=}zhy+zRoSQPN0P3kal6O)BJ=t}yI~^pXnm>jS#2QA zM-Y1V(z6g#V*Ja93^4$livX}Wh!KW6ofwb+#Vz%A7o^(D&H(9m4wu-%nr#SK%SXooUg z@@(KyOlxg;j=;VNVXD&8O^)HR3_I1~_nWhYEfW`LfGK&k-fuI#{=-&ODN(;9VCE65 zb{7hh+{ZC5Hhie-HQG|nNYgY{GB~WrdI}U8<}*Dy>f5=P1FRFsG-#AnLKbe|$aa$l znmi~|Hk1tVmr7EJJ-(9eUNjA6mB|N0Uf6@p)(v+G4@nE&*e2-#myiQ|YUd>}B--~Z zC3$!925eb+#gfZdq=%n;vxDHWdH>u0H1E9Wgxm>C6 zyHdzq79&K-SD}kvm7yws;f-I>pG=lMwwrZ@Egut0fs_#q@l6am+kJ1x%Gc@mcn$nowTd1n73$7|UAht`T{z$X>gG8V{d`~+vQ z>}4-8;$HPWr8-!PsiglC7nRQ1qtnAf`=Kc#J(^yheVOJ*|~0lhkao`UkOI`260xjM%A|{vCZ~51et9O_j-t zf0n9WcJOkoWF1wdpMKo0ry?kQsL0yogd-)HzcN4{^;}FmYNLx#d-=|iO08J5rNrb5 zsy}^_laGfkKRe5E0M9l=uq(F>C?K3Erpi5@pP zyr`)&^}ty%mR^Y$D>55>o-oK-o-4-Qe)RIv9;!O;7vE2t6^oBY9iudQjZ67|y>x31 zS`aBSJO;%LVs+Ie6{}DgMnyZ93G}Hay!}`H(7c8>WlD(wTwE+%VeBJ@|S#(kV1|DsR_kS--Cw6X~SAuq%ixSBeug@4f9# zk?ypqWF5U$XR(>?hO61n`phLLpi_^3Nqwe8_-dy9s_EqW8u~g{OF^yr)YwFU)dWvE z70$}*xi*3NS*vhOWD6C6`Gh4+>k!&?rE5!|3NSELX9cq^)HA!%fEH-l*CSP59|KmF z$NO?h$C6u2DC-Zpz^W`^p8{i@zan=hQ&+bnmqfq5RW9%e8GnMT-q%=&KRZ$VWxxj2 z^|!m?&>y+ULb%k#g4Ie)EHiY!x-jn2?KY9}M_&;^Gfrw_dl|f~kd2GbcJ>c-?SJX2 z@^jT_?N)zGVtL8N!`d;dQEtxc=H?~Mc@PUW=j^q*u40%pX3j@15#E$AQ9<0-sq@EZ zvGHRYb@Q8+$el3ewqI-ys{+@x=q7tpoflvZNp`e7C~;dpAnpRU?ZD9WV@3w9-6s-syAFQDTzKJAu0)S@!#0~^5g zyB1kc;w{4!kDz824W0NhAy$wDN9`>cW(&ORC0Mo(Z`y`FOU%dw46}j*=^hi4lWRKc zHoC9asU}$A#5LoZmg=@Z<_eDCfMqDD(P`MbbcxXL*alYg1#PY#r&6~1ZN0NL{8@W} z*?YheXk=-{7z2ieuUO+1x)7s+A!Z)k9c8>eYIUJRJ;q85U{MOI)@u{K_S9@_k3E#0X-EX!(KndaZA~w95t8c5S zI!XS4T9Whw7uvuuwKoVcBQ+OffgQBbIu$SWW9!yc!0v2H-ZjVM3`Bn3kSQ+PNBe+P z3uf&@)16}9#sX~VisA|0r$pSx~)@CteuUY@{p~7M^-dc%%W1ab9u|e z{0`Ei`K;z?#KyCM0<$K9MrUZ*>I1^Cf*$bSGA3J{oF(rgxJevR(3_!>`*Ef3XVn2V zxSn?BTVPODal5@t-#f&41?CPYMyRkGZDbU@MmoKGCDbYCZIapP8wXXml`t$bfQ8NW zLV^B8%Xt@ni^FB$8c8tGA?%5=2Qguj!6Yba&&8jmMi0C9!4mcCJU&r1WbAncO zQWgQ=L=kB}9=YIs3H(hx_UR7(wR+vKpS|@~1YnhGi=`}b`3rD=o~q8VsT<>N5c%7T zI=|?yG!-n7dHd=b8og5I3hpniR1H~z1QQlR2eH-ErRxrr;R$ZV}(SPXpwJ3j*^<5{&M@3?}%eq z{8$Wth`%1A8Kb(M&`+_`UC%WOd=^%S*y_8%trEt_#fHEaVl2B#v`_;=l6h(K?IP8= z#^m?|Sz+qhsn~BC@$C4bog3v z`yLSWQpriWlhK+e?3oGgJ_yydcY7Iz8Y(gioqSh<8XA_pqHLeML_hq#hA%<&Q;A#X zI?DTGCBFoFC)qYUj(fybwq7lDU$U`eJ0)oDo3=>R?g8zJS4%{`EgKfy$zwZ*!Fn?e zP}K6Bg3Nt_aZa*5MGsuUaey-V=uHG~m=jT|^DrmG;p-Cib6|tSc$ICaq;CJiQ>qmI zR7qXk#I-7a`U0D1&+xqfb=$WoNoxmk`|)+D9yp=p(bhaOEy|capAuzLO&I3=H5C3o zGj};4+mi%IK8Ntz#L1w|yqfTGq|!j}-Uc_l6=T3^^+G|_1Ou+t#xf3PReuUh*`=

    X8?+F&npSZfKJgFhU;bZ)#i0tsUa%!~)H zV)tCDRxc0%a=wOou@=WS>s=H(ipANM4{en_6 zWpkTVu^n-v@fnjslvqw56CU3}lq@P={l=!d`mME5uN3>F(H=bMzT?VBvX=mt(x#6 z)4qZdQ@iA90erz&!okU{aKFJy+2RC=V(d(b_QFzLF+m%X27;8DnHfqi`L``CeccnU zEx;|G_=yiMl^*#jY)b^iO@AU-Pv#UC8P9lMed<^{7NG$eOVFVI`{#fC{r_}swY6z} zYX9%=)gY;@8Uj%yJL^A(z+W_d|NIWvC)uoiTONO(GIB2fCF|lgmxa97g6m9_zB#7>)*2b$iYszoKFT#zUj%mr^doFQNk-^UNMQb+32-X;* zCQkSOyjlXGq#VFec&dlom->37PKZE@Srqub?3Wt#v`WduOnLb)NGuK!TSmO}7k19N zkH4;mq;}(6d;LVNcy9i7x9GA<(Qf3f$TVNGsb*Qj;#+F)<6p%e>6q(tc*6%|5N5s)s@ z2~BzlV1;c1AwWzZ6s1TFy%(|2AwVDqfkcE5AcR0d59O@5_p_hpJ=Zzkb$!<PQ-^H7|%kS`mmVvZ?Dx5RSOSZk=pL zP?qpI-}Nuf5vy<`=0g6&=+ZL3Oh2m3R7t<^S0Rm1JtLzS4Xz_`^E!rT`9C5fcN`)f znJk|zK@rgbB7Xf-4~NJ!)u9+?*kGETA|z2%oCXR zA3k);%EN1gr?=Bv^%7T~e)zT+IFUh}!qzi^O2?p>DlnpuWtwl6Ofikks?OdwX16jo zJW(nv@CG=uptlTGt6ISfJ&hAb5(%O@zJ|Hkv{7pl_fhvUqy8;cmz++!L##$<*Q^L{ zy{!RHUW!HJn8ighz`y?d^S_2`{BlAH)Dq2{1(X$pSW`WTuOPL$&OIq^IEkj+KY)K$ zX%4p+jUXMLGWu1WAl%%+MGd{5hC;aseHfo56efENmwtQ3nk=kUg?qzf9yBja1t|RbQQxTN!Ac@kVb~N@$==derDC z0enq0#Ap0a~*u$7kLQ7&)@Axtn}n;pK+@}BJC_?E+e*48QOLF1pFPhHD0p%FYCfmIpr(W8#ItJ>LAnq^QIO3o^ZTVuE@ zzsTs0Dmla}I~KzNY5}QmqnN7G(ExwNi{L7~$@VyvdYIluT^9S*c8o-kgo2kPV|rz0 zo83;h>>D-A<8MoGNbeYmS+XlcED0Fl$SKrdqYW#nI=9ZmtVO0|OC%)T-F5d8an|)%W;@iPfX|H5z??tSQvrj?p!!VgacB(Us6qZpP!sygR z7PVV0wr^pEaqs^9^vw+-Rt$9qFNkc1LVag*bJ{_VtHZ27!|&;lRv7K!6W|NM2CvLK ze>NMOhgcH19VxlI?~2@OPTqXhP&;p+*G4i$5UYpH_ z&{bT!QrOytLkZ;u1_rM^M#|d_{0ws+`jPx)z2@#A_C1{EN}X=RW9=gS@OVrR>1=y@ z`wFkQrMa7=pN4He87l7;9ctJfg0XsNn7gQ&q6)>)xC6llCLYNQ2{n~RzeM+N#qQ&5 z#xMqHcFUCEvuA0Nj*Z;P&rML@nsyVV)Dy4sG)mfCe+Ou{VXRE!8m~#5C#ine_DPg3 z&s(c<*Rw;mY!|*4FJ4S>6|2@Vrf(Q#jVYLNcBEnbIwVv$zYhIFV`;^^BG*${5=6VH;qhf zhHELMPe)iT;OHrFjU22*9~o<>Wg>3l+b%lwB%UPzQ4=T5xojloUIpgwy&LZxTDh}> zL^P_5b#*^3e$KK@@FzemS3SNL_o)|kg^Z7e?A?6|`_#t7eK0R87qPt<%kJ{NM@gns zXAcCs8SeqUa0=|G)K(RQd#Y=`x99Ka?3j56FkHV3dDo|MYJf(rg_zBk?0M7K+%o~I z?dev?YN7eeiqJ3rxIdJz)Utc5DIp2Z?6D1SKXkwr^5Fz>>3(ZSPO_PzUgYFb(Wv&g z`W3E}rJsmOnck=AvzD26g_6_VBNsQ6EG;nd{vS6tXpj|a`MVnv+2Z$WA+E~CEeRk( ztO``dRi&p5*`a5M;N8YOHCwc|le}9gTmsj3-%n zDV#W;FSJ)>@UFPTR^h;Lu9v6xpNd7tpvoyJsiQEB4>le7;D34jhxVx|f*qm0c{?)k zCg=J~-cmsaSxY_9R1I$zj(@kf?M+7KDRfSegyV5IS!fbXM?4a%z*C@v$D&8J}3h^5-mWr}UxYdHTP97=IYZ z&&Z_CTkcGk#N?>vG8YkIUik!QXi;{%D)mM$m=J(|H8Y_9hG!_jM`S4*(b1&6fi;3D zjV0pnDN6NjV?PV>{Tsy-u@W-@VxHe#wM4`8lz9gSp`nH&cm)reh+>#tXhCM{Xy|;l zk|3N-|GF1vX9d557C{cj?%t)Gz4WA->7}WLG2n4M-L1V#6~db8&ksL3|uP^tJ8eku<7eAr`RSlYXVBCCqnK4A>^l$z3di22r%U9nJwi>S^ z9Cp{MdRsNjh#s~U7wt6DpC#+iau_KxNllA9n{SR)T%50C=-s>b4z;u95Sz>dhOcoC zCtBLmimIRVt0K{tk$;cw$TK=3a}3Xsgl_Ges%Kx z6Di)f+#R9dg@_t9WL`QVR%tAX4Bx7#cL-mBG%h?Dj;ZZFE_Lq=Fexh67gP;z1pa7g z^=wkuion0Fd)JTec|!+CC^;AC&h{21JK3v}I?$-u5Z1Z5pOxiJZuDKQFz*C|M7uYu zNTK?*f%J>m`puXA)4jKi_yb=;38|Vt{Sm#i(VDXQjae8k-w87+#zLXS^P_YPfa_;zXR(o=bhonR-&_~M12F~59 z8_4MF>8afIdR^{GyeZSP=^G~V&)f8w8<;s+KQa=qwqPHRK%55wy)?M*+=2f(oS^7A z(gv=@u%G_<5G0;Q6K==!^`+p3Y#@Dow@aNmj}JGv#EOWC{n>Q>N~PD>#mA3#i#@co zw7gj6jEgTJzfJ@doh4e{?OaVw2$O=e(~T9<$kIpl{G`z&CC!V9ZIy;Z+?Tyq=w$If z#{Y00jyiIB(mS%wJW0kzj7NPT{qRYjC!1T0NF;1$)8)nMKYiTjxzMj=IvCMa5?cwS z7>?Gc8V#Xh#3LK1LLsmv*O|ebD*w6O+qNN;V<9_RtKCc<&COf9KPQ~N7u$2Cx{R(Z z`u5#8q3=8;)85urOrm;O)CZRw7PxdvPfu@hdB_&oyKsv?VCn*xR2>_VTI=)CVZl9r znratpn`DvZRJTGGfiY~MP{U(dT3Y;C_Vr8CB<+4YJ}W)_ikM-llv}QwnEmX;#Cf~O z<%&!f`9!lqOElg3-aXe!*7g>=d%M(q@M6u@3Xzg0iH(=LnR*t~JI=)C&z`-bY^3b4 zHzS$p6-N>yNVQv};>zfrWKX&{xHAhvQp<2ER`cxEEoZwh;DYN2TqR3G@KbwfqXQ$y zpFiI(8$RN%V*hCuOk)q_6{Il%ct;1|Pld%*Fn~c=;Z(psyZy)^tH)}={k?%zXCqKU z^cRJPSzL;Iyt#~xOnm$HmRn!xa|uMByf#OEg;I(vg0^v=ymV!SP84sxdX?EB2}w>$ z$PyKmg|GR9OlL%AdL~!;Za=5$2Vbw=+!BsNrfP)gK6vmxGgJPuv?sQ4!~Mm}mq|8i zL1>v!m+n;QhR_w+o!KQYIM|Tadw#UWcV+m4BcTf=OSH^x|1M^D$C1*JD0VYeNP6+% zqL}^qxQ=kg<~oZKLu6c{74-Lm!J!3r6+K2pj5QZC3#=>j=9_jR5Y_X<94yd&HZ^IR zSvh$(&=nV10lL0-N)KzSI}U?#33`+!D@+d6f|u&BS6n*V31JqM9w>09T-{z~HaRj# zQa~1W`lo~R(7tU87mR3H#76F66}LYX1jFyE8DmrjMIHu3hWvaXZou3oHH}FEhwD;x z;AHI!%!Tzpb}eOBviZqR6;Y=LP9aaCW0w-S4Tf#JI2N|_7Sgyj>VZH{PEMg6x4`mb zA}V%lR;jefAXpl3{7oLVtMnK<*WPY8*Ze$g>9{wi zhdR@*KAi-H6bZoXx$QMM5_w$OQnx8$%W!gtmUeDekKw@66X>fB{o;JOnMwa?GT zrA}Fl zrc=&X%hQrEYq)o?y=&BSTX1X2m0vcv7|!ZGiT7OTMHtDlG%RX-6Wwk!Jj6R&lm!;L zs*a=brXP< zGs=yA{2pJ)*^INL55DOg;6A8$;D(`QQbLk0e#sxIrzh)Vdi!?C)<^66K5wtz&>@;U zu-xxGT7CQ6x$}k8fOj&{0S#7F9!|A6nn$;}qeJLX*XkSyI1PxBd8Ieexut_Xkc(KF z8Pf^0B(~LHG$blD8TIw>5DEp^O?GvC@_jwU^jk~I_t=is-a)gWZ{I`-D@PO}KaBaO zg^sxK^6|lts>*hD!oyYGO&b4(1qIY><9-a9rHvdkx9XX_m!q|_gaC!m(g+Ou5}TF= z2W!s+*-l%1h@Yqy#BQn!B?)QTEL~PM-ezq?I&(QQ7-vzP^~C z*zJT`5DF|DQoWl$KW8?xh1*(%!#yl{X|$9`(z@(=9kjo~${eNWiGGop>Bu>{=Un)} zllx(9ZA~xKG7rrBZc!&+qt$>g>)wLgnxbI~SO1XU6Ek>wT-r*{{_5i`qylU>FEJr8 zX~cx&xm~{w;*)dDOiS`tGVbj28#l7UoX2`L)&;tLetYFOKdRzOwFzpE7uBC!MK$UB z-|c!#g>RO$(&Nvm1{fM%ECI8a4hsWk6Z6 z{{4PzRlm$5t({FjH+=0I&UEtBF#n=@rXEyZKM`Deng&<&Y{M!^&H<8Up-;TVw{~79 zRiYD#JyY{f-uGzY$?8M6#{coTUB9Lq{PVUKc>nIE|Mihi`oBge z{OhxjaYVmJO;?09tf$`j`PRqJ@05t&V`D&Md=d{7T~nQ!*?!X#GDD*1X~3@h_CoGF(y*f%-c?zr@w6SAR}SI3!W1RDEaXY*5X5 zGpCY26w*sOy0CeXP20@PLpXg9%rvNNp5#WG`C69DubhLrutdk3%hYY&nep5@&Hu-* zARb|FpWz6?q+Dd$S>gJfjIQGCe?L?)QRWpt21Pty9haWV)n+Z6=jlw4Fqs57WxNqa z74_`BTuuJw=BCKGbJs$bre$KaR;mrq^3dOooN|N|3Zm~5mN{o$Cdhxe;!$tjh&hQH zr%GX)R?tx9ER|P4V2&B$TB;-}dPAmuVGqBY^Xv6d`4T(fnT@7(LNb%YX0-qLhl?)U zdi3#RQGctdF|uK&nax}wdM7viJvIVtR7}E94=pw|l_DJdfp4@HP~e%^m*P9=H@cwfhXFkUN?zpOzgHMG_Xg9D9q5r)rxGa9tB zwepvEopaqj!S&~w^Bso3*f-`|OTEzdFDiq`;X|*Ri2(Ugp_k(w*K%|8R_DhiOZ6d$ z8;4HRivEOO99cL z_l39~*0y1?V#rqR#rKXqd-qZ%GsMBDB>*yuYDaS`jCl#WZ<0YsY}{glxLjrb<>vbI zmsoJ4`AvNUlh<5~k&{KF3zw#ny(ho&aiLZ}WW+YDZ=7bOVwSu^{TW`hr~fvn1#gHO z35H?-J9>AhpFNSw!UeNQFi% zVfvr@#WiI%{K;yEBsSr!wvlSDrSHym_!L=tc@Sxb@_Gb&-|2!&oglnaQlPiRcNlHJ z^UaD9*z@dYDeLmKRAMmrExVU4xEpzFNE<9YaQ5F3u4P?evoeo(n=S|HqQTsyL+tj{+)PI-6+%^qH3*fQo zcx|6AEi~8|&URc$QJH$^NkrA)vm|XQJZWa^z6?o8=|me8D*Jg}pticln$P+Y9ygbz zd~{^Xckno_CZwhm)@l?syYS|eg5J6F=jpjjLLJ!wt*;N8Pzq&(7%H10 zqvY*vrJ2F99P7w0M}+FmwloLK_kZ);{8>K=xaW{Ejey|tWiL>hIgtLdD`3C z_cz*bA-#fD892o;#fdc4NWGfb|AQ3oUL)8QDI*LGuw}Y=g=l@bs z>E^rI7rAW$+DzPW62=#dl2;_9eQ2K~a#GF>*+p(W_NpF%j?nkVx ztwl^CQhWy-7=UqzW`1{w?dZWAvx#c`dc89svax5*;mwE}S~+^*Uz?=U=ZM zx&w9l7~M)^A|QLI%()KEJ2C7Q+Y~Xab_(r-&rEH3f8*6;g}Gg#KBVC;00wx<=LeEL zPqe&2oc5}YJD$|qiwPQ&0A;*-u}0(i2CRm$&CawVM{rqs!rt4o)`l+uo%Sn8gX@%F zk=Ix)6qrfd)RIVz;n4;swVG2^Rnx*(wD5^*8FP{&-_{ydN6!nx7anW;`zTU|FJElV zZ{>(^QuQlM2Ho620oWMG|iZ$;t(F(y&c3z{&P3 zDBw^Us|!a?D;n_fN!IERG8a=+{M-xk8Ei(A9e@X%@Uxru0jX73if#K6tL|a>7EC<& z`=#@qBobVqKnI9LMEZUgkaHNMZf-qvTb%Y$&J1GMGUvk>?bxR6i%O$DPaF0HoK;l3 z=>f0&J`^W86 zDST2A-lgj;moU87U?{2rMrdPFIt>e~ORfbnNaxqr*H`*|M@;?n^j^9_3v85!0(gr+ zP9yteL!kWh1kc4c#JpI{*lF`rhIHWk_mKNmuAs~6s;{rF!JVekA3yGcV(L$~?l8iz z%dj6$_pnQvG(SH-5IP={G(%6)`f9ggh~3{CLmeLBV+7SEv8$V=Mp|3`uysM-p`9^N zYKmXXC_o-cBep{865f@hMyJ9{q4&*mGQ5KRwamK&8dQxJ+*d1CNBv?&L`8@F{8NBC z%hYtAj>f!~(-7I`X-eRTn^;s@Xx`FvpA83HpTcd1XU}90LlHhXhfj+|uG8%1RFu|rdoB2;pfdk(f90HT=5aPy3 z)YLGemH9Ck?hla4Ac1kB5P|LXUqsMQ^!G~#Ys6QN9u1#Dj;)1a^BxizY`H9bbIwv>&wcy`h_Ql44>RW{J=Icy~Chi(jA1g z*1sZr$I^DBB+aC%s7d&wLGb&FG)(2joYD1I5B7?ntXscG*le2{ud0GVck0C|kKvc6 z>Uf3K0t>n@N<%;&B`gdH4_&RyaVPXvsr~CBcX8Wb#DdiVXD>)wmdo3mS94S91|<9R z<09Am7EVcmEJ$ZvM5@Hk!*;ehBuhh=fd(^0Z2Y$)0*=Om4ar_L7NCgizK2bVSjja= z*6gYm!x2fqNZ`OKLs@yYTfIkRS= z?z4{ppwxpFg{bd52^qcBou)+2vT^`sxt^9~LIxmO8N$rP4Ughb;Y(w3`JW!0L3jlA z7XhQ6`SP4Rb4yEit-QDBB=D!L19ASJCHcq?c(AynRIm7?k(YiwDZ?w)ce4)sNRqbv zZbFg2U2tH+p?Ta#7w%E7VcO6EwaoRIq@l}e1X zxk{}`XzwgT3e*-CUve9(P1G5I3?YsUmC<6uu)SgD`SqgMR)4`bY??#c<{B z@+o5AKS$`5?pgU}H2?t5;Ok=jX9s59P9%G`eCJ$`sf-^$qS5PLqIi&*nIf#U`(D-K zzagIGOToyR7S;DNG)$}fZCYZ}?hDa^3shzDmD~pN5>we5s z&k=VUxCPbFi=LQr*rcfb38IOP_i#T2L<|SxL{PE3u?`$|0_q-47ztgO2JfV^yF1aT z6FF=$$XcQQJxh->w`wrG&b1NX*po!>rbL(2kQR|68Z!Xd+oWpk#DOWxMj-d4*HEOT zPIRR~v^E!>0tJI6u8z?l4x&&3;Bngk7jVG^6Q0zt^t~3Kn~sBdrc)&`ouQ!CM}wI> z4mmN*í)ek2o-@k&CQfvFo2GFjNVAgjgAX8UHeMh>PARf<2;FcJ~axYKgM7-nN z`{%Fba-ZTobBTAW3cVbFLT43ofUl)9K1&~H9zprz%N7g@Hedp#Yrikiv#O@zrY);g zm^sKvCKOmx|LraQX#FubABt0BsILRA!*Trcele)>!=KmJ=ZW4<^P?fm=4j!zV*4-F zwK!8^l{b<{bL~@Vo)5_7+CJ^xYY;+DRXTrOn^TI;0P%>;&+no1<)Qk@PFum~N>B`N z%87S`YQO<25wA^9(<0(6%A8R+B?X1S?N`34W^_2@jvDNL@A7{i63NUT)c4Mt%R0Q93YhL zh#9AP-~uY_zx-B39W8T-EwHNVNzK#1XB#6xYX6JQ0a2%dniMpg&yx4ANy=w{Kq^Y! zfb%3qv;c@TF((z?;SYshD73-%;|+dRmj=)XBeC2@RT*BL9sU~r$>z($E;|S-@5UR) zA+~T`_PZpDDlg3F&ZjNrPkqRUp9W0#KLSie{#Ef{@9M>yH5;?}PMd2FOCNsut-ZTD z0NOI+U??!Vmd(M401R}esAdDbcLEd29569%hk%^r#*G_X@qr^~Us8QY;DKP-8E_X) z^1HN^;WS~E1M{Q?or8xC(X%N2q0}N9CJWNkM&4Nrnjtqey^ioJZ&><)&Xg|^PQ-hb z2N2D|W`A%Ne84l0XtrYuR^87SR779q_kVfk0Le0)jBV@$1R7;PYhJ_mA*D(YV# zNp(N$B*+bxPYT1=GHmiz8i4gfsdM+K*r8iX0p>;45<#SZoRsjM;ZoPWb0~SY_=fWN z>5b{okPT}N3C@Zj1y39ai_ry4y5sCXE{9fKXKQVH;f}52kD0e|aD5i8shAoZn90zP zkbv3-Z|_Gbd8b;4k0k+8JTY=~m8b6d)@qj=u8koF2xe>zA(c}B3aDaToAbFE{HD4R ziHzzogVxqo{cG2rJd2Ljzw7u6^;d3nYw+0tzDW?QWT9Vyc6GSKAsR(kTc)Pb?^NjX zrPbnYXb7plP52LIx`*}|A3d67m%#zOnP~&v)kXZ7BJkIZP3Tw#LjXZ)(!W@p6@<2GU2`^&yRpIL=wcZBr-~yqs=XXK33HS}}7@ zr>>(0h(JL=vYFnb+3m!CdvzjNq%e^EVT=l3|89R`8GN0&m!%Uc69&2U=y(d@jwGqx4URlCwhRlcWm z?bqUbs&j+&Dv?83p8^ij-Gc#;e&b*Y@O27uD)g~Y6Of8bdFSIlxbWaD zgPE)3&dNfotQ)VUeoZgQ;xZpo;C4Z_0UbnAhITZ%bi}DNsZS1v| zv=4W^*4FA`tB?{Up|J-DWxL6+6RqLwr7~o-RrUSH1?1wZ=RSYQa)^#`wvAp9bRutW zm3ob-BIE~;H(=`gM+*WDt~?Q^0i72 zl84}Q;{`1v)Pt#qlbAEg67rT$Qe%+b^u;;+cd{WP*hyWe0yuQ$q6K@vOk{jO>WSz zRmj@@)9q>jvmUjFx7Vp@j`Q_3QxzMlSj`Yi3&SDh9)W;tDD%e6>$+4KOt-50gWlFw zoslYUm+eNU{G>Z~?mVcy%R%UzzVf@gTV3td=0QFCNV*U?@kXfwSfW#=th|x{>Vl}> zUiiS11%9*Gx&;PkW!^a!G)BqAEX#>6PL-#0usRL*VW=H?dv zd)gU5^1ZK7X>!Oh@_n_;e>d@6ifa*lZmg_Tq*eoJq?fc-t-QX5h@}A6W4U%J0OUF< zhPEvIXwyJTR&c1+mf|h|n5jS}bwVz@ z<#4>)Ok^Eh<<~uuo}uD4eQTz_1_6|~SGPBYn%eS#mSf1;ufpwW?$E*Cjuf0!GPk-* z3jT70`I!Z2BYHPD)e6slFL}^4+)>W{`LRvcqSP_BCgQS7k2R1}#gQ691zr0r5KnC; zdXq3&Sy}z{7Jm2#iUXlNV5gyQc)i>BNS>)aKD4s9T6bfW0pXN>V08=tfNrzC8AM}o1PrE_syG8{jp`dfEJev|`DA>_wnt}ex3N}{>Jp|RuL$;nMx)|`6gwhP9I zgae|I3lrk6l^7DD3g1LhmPg{jDG{onM}9TWC23ahR*g}Qw?_8Q*MIr)rQ0QwHsiB~ zqG#Z8(@ZIo%wm%$)O_`_UpIVbDsT%>!i}mfPp}uqaYqQ7Q2=dx{_C9r_ReELlK~>ug}Au5ei6|dJ(_j!ce!YRxl^s1AuJ~bsi8kR z04DdF*KPZZn$-8u@vBd{pdQxs&^xftrhFX|1lp_uj}0mw6N6=4dIS*aMtVj`5rI$4tPZMCl?;uMm7XIOSd93q6Og!sfq_#)%~0=8 zLtiU8I=d0^KOf*P4v$ku(7|>DO+SZ5Tf2T3G!#;>%sw^sUnVB?(Wly*3FF;; z-W?$NIxW0-O6i0&z6JP-aeSdCSj9&z`2^m2V&PMBx^qoHK7oUGK3qBz+S-FDC8+jF zUudhE60Py~%LLrMceZ}=3_iQPA(EX8Umi4HiP!ck9@0Dt1Z!H|(C?f)0F$}i2JlD! z`|!Uq(%$0WTBD41UC;3R_L?`R711FVFI;Mixcji-YU}sHS-_nb1brDfvS@A>5pbsb z7*uL3~V8qG6XMurUF(~R1fEwD+T7-9#Q$W;7 zDY>yk-d<7Sck<-&Ji=c1!qW~~+%DlvF|w7yQnHgz1Ooq>;y z1WY~J0!(uv(YwwD2zqGDSoZeWxHw9o$8wBr!_&a~Szd1wNR*FUoi?gLajimOU4^ew zpEj&CPhTx1K|?c^S3|F0>~6V2{wh3=#IaPL2exhkV)NZYBfGGz0APkzs1R8QRM%C3 z(92_&ci3d?I~YIUnM(jIi6%AW`38Pb_nR_6ij0AS*@G8jQx~Y(b*rJ&Rb?lN#*m}cLg4ZC2@pKU%HpNf`2+6C4?ugKgh z{#2f#K`$Tw1(5ZQS8(4%w1Sh-+9Sn--1x;mtiY_`o)>S%!;%uQ0|ij>(?YP53*pQc z;@yhXbb^)P&{scdkH*4iVmNcAHT#f@;H-Y@mqD05hZ>kUXW>nXeHo)z82L*7rKq~p zH6xYvqsZg+S>Ljz$_y%OSsBs7NdQEC_bh})D5MOG=e%tCa+Xf4LV{+o>z}V(b86n) zPhh=J2ruD?D3#b(DPD*i+&dZe3LSwkQia-v&WM)9js{RM&RXxb*{}CXH^JVwFQ5tI zK(i`mqa~grqEBdSP^c{Z4MfukpX&!~>6Wfv|CF1Y^XpN3$eFMQBQ$3VwH-fkq8$Ws zKzasYRDKME)Ee-(3d5(*q7-12j*jvOwfTB&BOv%Zc<3O7_=1c=9Hci+8xx?Nvsz|E z>|L+T>XLXAN!XY{ zF-W_ttr{@v>SfCSJTr>0p2+8iE}k2yNFI%7rSqOXEolee&e~*?k4fK3B=r`J9f#4# z!(}c+zfQN(U?QQ=Ic0P=;D2$;bDWzXt?H9ylK|edxRRR?U{m6o1=yR8sO8h#*0|uM zw4DSud=9AbFovaTNmkyM3!N$sjjxg;?KHQROn|)cmwYcORsC)Rn{Muh2sb<~bMFFs zg`pIyP&0S8(P%ikqCo61#@&)jT#!peUTWaAcXDc~Ow;yCGXJX~KF>eGS9iA3y3(}l z-oJm}_3qpGo3AewMhC!c8luWUL!63R8cS{$zpd2US!!}uEdFB{ce z=?4ve2Z_oX=hwtenTCPXS1ks74XVEt#URBVF^fic z4SZw9WhLb)?Jr11J7UfLWe7G=n@VHOD(|eci>H-R1yVn3g#r23v448Je~8|U5s=^+ z-AQ+Jo=<{d8_duOFtMjb>bHUB$O)+&c(X~xQp_mD)mX5R&sadpf?b;FhWF=J_5Y}` z+S`Rz=&Uz4uHSPnl3j8v{n{JVSQRx5YFVG`)$&<4b=IB22B?@Cs} zrAo>Ig+~pek)0XBn!59MF99gMp+#)gay+U=AI$G_1i5`_@Ztl0<@@Og2?=d$4<{Ty zeR^E#hIai9|i^VUm(NTr6Mviwg8wA1?2yoyLT_70cA5sV;{mP;R=?~A9~dB zv@^XGsF%E1!P zEd+mWQ3ce&ofMGu-WS|n$3>!X<0*bUaSIDR!^IH|`+nPxq8jTPE77)r&Ok4kTM)D^ zC*3i#bS{LYYyySsC>(FdTm>`P%44{>xs!k@t|N#~yyI<#c>6%ER(loM$e#`8kTf;h zwOXALIfvx{%|;Zz@%+Zmg`hUj|82Mqgbl+UlDl@f^GW{;1pTDHFZx+q)SJ`R@pZE; zr@iC*<9Yct;nnI(z1sbihE_A6CR}5yIWFg!`qDhBUZi2Q;}P*r)9vD&Kwy_?NDQ3v z4u``h9bqIjM&tRhy5+Y633uh1Nj?S$mUkefH6AaUk&yKMUBsY-ktg!Zz8n zXVZyYNoS6-aC)xyKGuUCgZ>)76Cq1!u^n&EY8&wS_XmNo#*|Ku`cW({Z-tIi#5Q>h z%kl?yNcb*_p3uL0x7<2>d5{Tq4r*bMD`9Sd1Qq6!Ll7T}=(_n@6JX&gg-|9C8Y9_6 zvf(f>VLt+HH>p9Bp>NkE)wL94!N zbV_w#V{_9m#5fHrmcm|EYZe)+a9Sp5go%hN>44sQZ<1Y=*I2A9sE>WP(PXy>*I|xS*j;8<7qbm|pQt^rT=IvE{;+8B~r}57>#A@ms zhGbsEyp)dwLrgu1iilm(l9Gtt;!AQ(s(qLHKyUX&q&55n2aDpw&fSk6gIiRpY^p0B zx3gN)h0!3su3>}D^N!~yY+NmOva_;KOwgXyUVecfQnCR)(M6+9QBYrDKyzPU*K{@8 z2y+p(eeXQz(#f`V8o5?AtNQHub56$~oIO?*nCsiKItP!aXx)Iz57&F|XtGkzpFdwX z)PC9KD$P&Iy7(46yaPe*z*A5E@rPUD7zAXQN~~o$Q!rA~6ew%~l z-@R;*#fbz7pdgTr)m-@q1hqq{lG*y>+=3(e`DTR%uzQ}nlQ9TSNTCG~&5B4#8Eh=g zI%KcT4WEzTj=p~Vh91=jBYNTEIcV;f0Q*nu(WA%PsdjKL%R2Y^^{HgB+j)il3RgqF zyir2Sqy%i#(uxq(Yx~xRI(KAW%y5ca+Yg>~l`Cbnpm<7r{W?3ljxr^UPL_F>e^Kh9 zuT^xc*2eex*oZCma2EF%Xx%9sI*}Rr<$lc86 zhmLb}LRn6)%(!Z=6wQI!Bmp4U2>HhGsMDF5UmIRcq2wZv?PNn=i|FEoODJ%^_<{zH zWE=&wYn15=k9s$4Ia{jO1ptRVpYdz3G0Tqc4;{Egg6+cSrd7CAkSe_8h*+10>>zgV z#Tsy&0r>OHvO0|gMlmGtH-UQtg5;dev6lMbmI!~3CB~3l zYUFqbN_AOWE>$WfC8mlEdeGX0VcTzEMU6K(3NE1b&L0JK+Flc)dx7KGzsHw+vY#ER zLvC*3jX~qZ!F3?I%KZ3I*BQVNmJptkmu@w#Z61oR+x5ud-Tyu2csnzj!dCPY*f0ptB%RQBSX&tJ}q$jaXN{Q0w}yvX%EPoIdK zxpZZ7Q-Js6?`LM*a(@c{E+RLDY}2uGfx20gBpf}V>jq6ddSXh~{%X>(u*|lNsxy&Q zM<<>1uFlJ}x>b1JjCTG?$xUb`Qit#9d$mhW^G zlW@!B1=BV{Le}rx`}ks*H$O9WZDT_h5bGdkhN2QI{ot7fShNKzYasN8iDp&evH*I) zrnL6T_Etnj2_CG&;p6S}#W;-&-XV`%d#9To| zd_&NiIda*E$m71?Uk~}eFRb3y*S8b|L&8f!f2EC;8|i%(xClKjuT&^0Dk@6%{{6Q$ z8*K?mNqU`A-G$Tx2{$B}l#1AwbE47BJ-hQuOCLzI;Yx*$zDkRHr(koDEsN|RVO}{h zioV5Hz~Uz7$aif|9wEhv1aloZCBhMtWoBiyKjqQ5U>Clg*zk3bgRjQv2*rK;c)_B= zJ@N2q#V*@B^HHb0-U3a^06can41vK&o8%ZJ0?5r82qD32b}+Gf|GyZqU<_#EgT~r6 zWV*zr_P=-1f2h1^_-Yg!-Ukk<)?W7txF{ZcLJEi2fm?e(a&2zhU}u$AU)dBmOMo43 zPsO})YR%3q4I_HAcUZe4uW9=!A0WMwY1EZzTsX%8o+}t?2G>>|a|wS`Y*q_ha#fkh zL>R12n)1~HDS4H37`?)|Nk&Rao?R0W-ONY1uMEc4vCbFmh_tGnuQue-UeH?=+i9zpwl zYkl!W>-wHOA4Dz(Jo29nOIs3Ne4G;aO<+c0$qDN1*ZAyN*7wNAEt5TU^9eda5!X3g zzLrFxu0(TN2{7zKu6-=;Hy$CW6V|~Q(D|NJ4V@n4iNk<4LW21g-p(OaMK%=h2r9;c z^luALhps=KT)QSBB0rEa7iA@0`^O)*`$ZHC&z<`qsxI5nb?8v++gq>@UDtPjFwpby z`7_{JLF5T%t-n(3R=c`DI%PH=n;1l5Um*cqPtAIgRaRK65bw#OBHP?L>&i7fuW1i& ztyjc2JsC=DbPic#N24dbeew4Fm92%oKUF3i+f*D1TdRPhmAMHRkyBYbRu_adcz4Mb zC`%l0%LZ1pcD{?>2oV#El4J945mCAx2CwJHO`P(P4_|BE*}z&M#@B>Zfd>ffmCkun z*G_al`Ud1J0@G2?bvV69Dz~L1B>wPo_^_-+pUwVQeQy&E2jtzAJ$v?k!=aIB$*}o| zuI}ygLd_jOzY0qi_ z-cWMS-c8X@mTAQc7ie4Smb4l12(u77T8Wqs>kuoeD>Rnip3FBOO9NL>v17Zl{D)n8 zduLKO$Ph^ybs`W54z4*u`KvH*y$1TwDPNnl4M4j5XVaILS0Xh+3jMMO>k*x=rwHqj z>0Ooy5bwx{eGUskdqY&LzO@dKRjVLL(lGH3j<50Ript8J;8*AQpRR&3BK{DhK7B+6 zZ3iFU&l%?=3s@D<`k9asRQ#>zPmkwStAkV-j5u zJ092@!w0qHUpLeYH-uygj}I{3epcMH*GoQW>>*rz9V88R2OX#hYcf(-$bYaR54B*63N`PNbVbuF| ztBboZgYemgzAWjgHqgY;b1Tb*yt_Zw3gR}__|$)X#6&fSao%$z=(x_KFCwxmre78i zVEHnAyPCncg-J`U_F?v_eo+q&hj{XN4=ki;*}Kuv$te+8lD%rhRhjioH2a&!{q!d2 zMH;e8>rz|!9zszZ9|EoG9%|C=+NU=XFn7_D7?e;c2(s+Hb_4O8OsKy>fxLI0W$4m8 zq=9`T-m76F*|*!WyqshewKS`y%Nw8k4w#SF`1<;9m1Y%x{A552J$4jGcx&=$K+-F6 znLzv2Dyj>A5HBLCco{2v@^{z5y4dAYPE#QrdU}P-h|-62;nMr_QW8>aRcTrE`^zgm z2uaN&6u(=yilGPD0-u#R@CJaiq2Bihmjmo}7_K49gF}=QKU`Ulv4aTcLfM4V?0l;( z(l_(A7vs|3?mKWeChaf6i?qOAypPVxm>;1@v`v@kcFbvRz$*sZ>YZ0Ge8!*CB5{Ns96b;LVB?ow&Fwbt@!+r=d zD6(m|V^{`{nM2ipsdaUZThxhTMC@%2g*Xa3!n2{WtAjE4f|z5b2Fb&Lh9CU9gp~o6`>}A zazSIll7)A&2#=i_Cr6~cE5aP;*K!rzsNYn7!&crsawPUrZtvzOkbc1a51!64D$b>g z(!m1>PH=aE1$QSv;}+cA-8HzoyEYQs9fG^N2Z!M9FmJv)Gi&j?SJNe@YS-D%Zo|OB z0!dqClCy)7fu7tH*PN3b%LNi1&zu%A#ldQNhOb}W7t?jM6s;<{Tza*rA6J9{vNT~?);Ly)hVSD3N9l9 zveoI_P~%TXP*8@-?Z1J+jfQ}N8=jry2Z#jk?U@c&-yEZfaQ}92czB5TF9L~7a>6}| z<=54MAZY^XS6NT-CnO^JVVwGAE3^3c_+3B(kN?M$2>(L68y7;v9)*fDu-Np3M|X97 zZG7BV0dPqH%-_E&0$?m`j(P?S8B0egJs11z+poqQ;}Yy*-_-Pk4}Qpj!Q+ne9s@Q$~- zqFzTQrK7X74$-lo8hXZ4&{vwT?CVq<$|OR0CT<3&{^|ngr|}+}Ix@WH@#|@A(yj}X zAginobE?3E?%UjA^jmmC!N(C0jmLxZ@9pW|I*%=gF7}0&R+S$|b#vekpHs`S=08+|q!fbjY5cv>`c=#+MG0*K6Ks{o?v^+? z-N_%0aLc9`aEwS~MK60esmpMs85_|Dik zjXW#5pe$_R=LcV!+P8tlL2*dwh&h8<|3=Cc(jVuPcTI2X#NQ-dD$wP%XKNMFr&cVQdGoZkXRaDa5Red4B#sMtS;>{}j7&x{)4GNS5G{>Hix6vd z(Knye)pA_5?Hhl}NLY}{WHcpKU)UvBMTbWxO=x>cB-9th$0sv@XaLy(i_vGH6CE4h z;x29JLDVv*=Bs!|+ww}ILd|7Sl6l>}_1N%qBYnn+YN_^WlTF+>-Xh56%*WfFhMpll zi>Glo9>&pledR~(x`+097cPRp@$(NgHS(YZm&KEPFYw5jj=3=l*zW?4YOE$F`WI$`J!d_<7mA)M04NXbeh2Wta01YA z;s8UA+QCxL)y^CdxVc2_>Gs@oqRLrkZ|XcJSVwhstL5L@CLppT1F~So`AO^Tu}qmR zo715@m*X7ub;s*ban9cJIaS8vR{)b1oWre^sm+3n%PFA&up*>V=#ru`*nvFC55H?f z-%~g%Nec|g8_XTUBIH=Z@J{3J^y&jrD>B$6BqTyb#YEF={L1!}vWdgxB$$UuWuE?a zr610l&Hy<#HPJkpX_U6kpVvx;sA*^z;<=}eHq0Xt<=^8*Vn7z`)qi^U2TnQ1p2?=s1BnN*%G=d}wY zlbNAxvM32C=B+p zDcvAg`v46sCJ6+S!GDZSDmrCIR$|OxsNjBIUI97<;N22x3hV+Iq6YKf1 z3Qq`NfW@)KIW1N+6w#Tt;uheA%u0ZbYM3 z(oChYRH08Fo5O)GwPXh3_6Jp@#ny^Q}U7 z+$*GEO@Y6$yiu8+TWtMqLHrE@LQzARR0?xEiLZ_2wB$02! z2N>C~oL*IcU}QAy-$Lm}pw}_UYxzE1SVpO9Z)NV!{*8LcD+C=aq5Qn+mXmy`zHq_F zHto;_h34x}g4J}!ua7+QPB${^%v#)5t(3u_1$aQHNv_;0s zAFI9Xl+BDi&Yg|%)s{gJ6dbom&CapHH*W02bYYFWQ(`Ph;l?u$k1taqbrGvGz5kf? zW{HkjIm~Y1TO4y)@#vvQ>&4FLgxPt`3hB$@KF~Y2{|Fi(PVf z+mqpM!ivO&MZ`J)>Rcsv2W0T^cEG7W0vML)0YhkO8nB3O0hVI(^n$|{>XxF0qRBwl z?d2`gdVZx&&B<^0G|I^*By3Uzrs*OcL+hjTj0`fs@m#@vSxn_T;oE?xVqJlUi%Qb% zM`98=y_RWZ9v@FRTq;8W80~4Ozb5*>K&rP`)s#OQf?Fcw-&N4-^7K(D)9}ssAJ3s~kvOGz`+cLn$dNH@*4vA6=Yd3MZU4%u8LBO`<7 zrgA&qAF@vS^~FnuRDhdu;RZI=bY9#;M9jvf@l_RAKp!kL)n*CfJ^m7)p=4A0bZ-H6 zEPX%ztLY^31umyFBMaJ%G3`6F^8@J%AAt(_&X-DkDz_i{`i&S^XDRI`GPPb4UF43d z(w^|ZXZ=Nh*TLqF2Iut3ZKK6gP%@|pin7 zrAbOyk;W~wTBeKxK3f2Pw7b9WZe?7yPK%|sSO0y#mCceIFzb1Swf)W|27xAHtN)-} zyZYtjq5Z+479tTU^4up_ZCs(iLtfucUz;~-atV8WuFs*M^6cuU_nFPWbduiq{ZnuH zGCm?ae9RNr7@Mrutx{?`;h32IJqMny+V6LmV{OAc?ya+O7u15v$B2ae z0|64DF#5hppkHZ+zo)WGE=+5MN@e0qEBj$yr5$n0O>2^NMrjtf1*>&FH^_IUtz7_K zug4aizDZPa%|#!o(ft=GgsWd&m4JZy(=Y}^TA|KZs7iW+ z0^~czd<-m1jbl|kG>3Gpy9U`>FR$0~YMttOEB0{S=+VG(d)bNlzr8{MK* za$RRYjx1Cw7Idzxw*WIZ_MMZV@;lDlO&+}kGqj^$M6K2{$%0H`%3WaMsm zG}fg{9jd+nFN?JTV^ng4oP$xd_U^2PR0(*-plAW5CnhEX?t{WztbIv9Spy+e=(cIF z+iKayiw4Nz+MpQ$e4Sd?dqRN2QuV<7VtmvSz8kx-zLIZ@H(Z@Bjb7=)uc)PL6<68~39F(^B83~@r@L@o- zU&B|E^0DP{p9=~Kid>*e-oICv8~}9SFL;=ot+asC{7mq!xu~6R&y|GMo_)x#)nMsteS2OEGB`di zbCyx?>9ksIU5*^oR;`$A0DBcP@bwE!ZO&0>RGHo8uhLsi+6*suO_pbD^KJziG@2skn5=p34{6_gI=7GQ@FgrxGl7V+s^E_l%gQN%g921xNv=F(0F?3g$d_85 zb&Z5nKEigt|{$H$-mn7)coFx7IbK8A;Jx<+s%~x~Je=`D5#2!|8>E6|@e|DxZC^ zWI%J9t=+h3)=Qc`plEqEv60M^PF+z$Z{HiKib))5H6|L}#)(Oq1UkKbGXZu=hSs}7TA?=x z#cd@Mv?3vrJW6vsd|V4OWOa2R*CR5RAop#hea&o?ue2=MG`1Vf-A?Ym=pnMa zUhydv)|%eK(9kd`xmvg=&1>9yJy^P&+hiBQ6qIh6dMdFH) z&TZMHF2t9q(#1I+zs2SYufxd`HCW9GrL)=6z%1M=C$!3@W6$^5nCv4ZOwAirx=3lI z)Q=u!cRZV`tVG^cfL2?Vn(8N}n9?G`Bgm$Xb$;7Lmccq6e7&UGD0Xi09OA`jAB2=tpkUy@ps@t+ow>C_zz(Eo~FrPLN8Rxio z|Ld*8FXH!p8d`R3CnlPl#M=C+=XtheFHxGgNhZngciK+lG9B7hA~Z5fkr>@~`$g@` zm%V>4ren{Kgv%WrKFE(yF9M$D5ZHt2`|rL@_u97`5yqn(LwtPp!onZ9B!5EptV6)t z!I9XBKW|Q-5kC@$bA2R;#*9uzQ6x^{4D)QVl2SSEII-~De1C4oU3N$@0wwPr>{!)b zPn?{cjPcZ618HLX$i3e__tHVD{n7p%d#K)O7FI4(Hh-8qeQeZfAnDG_%KG7aC=_2y z0a3G~`{!FH;a*aK{P>EcZL>^kchB@kURf%w2@=l!0BGf=3>~7B>GVtN7R?5owCqSb&LjawD!ZbUnEdBts4pAW@Qu|z6u+7 z&ba6;TlgK zUtFuiGb09Lt5Bb{sG?N^rm0sC+n7H8`vJd=8M!ZtZ-l?U%yAeu{xU6Fe;Cd#H7%Vn z|Eb%_h-{LD@cIg6H*xSm)E-ACHUl}LKT@Czzvq)}^>0rErt*kEvJ!zSzDGUmV13}v z1PRj(>l=BIigl|B_qN0k_@;bYpk)4QT4(Ctvv|Q=v{?(Ysp*Z#l^yXU)fnN@c$z3$ z_+HcEJ&IxrNsU(Nkn(AZKj7Bboi$h1O@o?|xzR*__14LJ{iSk{nWc5&v4Xr-_}q>3 z;VrECbHWWmKsWUUOJJ&+y2IwoGdTr#=(f<$*kN@r6|h9T-+)AglqGS6{c^Q*>A9Rs zCrTdh(Tsv&pY`P=F*o^Ox_`>GVt}ZNo;vEH#^VBS@fv%GGB0Zl`>w$(RH6wK>_>Co+H zq=;)N`JxE^jPQ{??342(^F+jLPsJ4@?!h<|se{>33R)_;qUhq&16Z4&VD}zOjzhjN zwNyBk77}_X?H8Z_Senw~WK7?1$~#a;4UFN z4^Og04G-2wgUTp?yUPWaDj)!Xl;0^FuCDSFBNhh?XHcaTYd6n@*264zF)=_P4D(H3 zjM5u!Nf-jeASTYGknBpNG(v7ZTJctiVUSfFRY6tpC$b5WwCF^Oj|mxSK1H~k?&TUq zX-IJ;zf?rBcweWH2;&CAv`yukzXdN(R zr3OqvcckA2p_6mt$RErn4X4am2PxG`AxTN@HJf7IgSd!IBi4vLEo>Z|Zb4rnt=<47 zhmW%dRhxE*^#&dF27EGG64V z6}f=a`ODK9s@ES5CFE?(l<9|lPe*;05+iz@6wANSe`sZVbO`A%KfT=;d}KT~f;)fw z2osz)pJDGb*p*jzX%0^Mw}`QW(-?qVRS-Lhk{n!^pIZ&>A{kU(c!eL+Z-w(ktxs^= zsG1ZX9u$&Z-ek!f-aD?p`<#Uie=Hzh4!DV!~6uFbd94_lzmS8OzOqzSk#q*0|?#Bn- zi|5x`N;6Z>G7P2>ELBn#S~$Wc&DI$BvT^^oJk+HVq)Qw>rBi6{_q;cqJ_CEB11!NZ zMX7^7)s7P3(>%JqAZ`!SgqbTzjO4_z()wnsfIFffvV>JTyrKC__7HmX4RFb{k&FH>PU@?8ZxzBwwisCi3T65q_ z$331}UFY)fL7iffrU@D@?Q-hJEi^UBy3b_I$#cYQDcrF~tE7?P1GmSFI#OB}o87G8 z@sTIsyFy}vQ2>Qmg7be*mY{)cW)2~DROA#0ZVn~BV+#GXzLe2MXj4W=U-)} z700F~BxS_ZhEog;)5hjg&DRhFh<@y_QMS8iS)XZ$2-FBKP2^_9K#-&&28YyHWoFztO zd7n(DLAMx@`7_Fy&CJ?H)YS7+Fzl1D#=)=gMZto3l0Wwm_IpQh#&ozL3%TOd_`C&K z_`gBJ!ygmm>9vQIEwL{`ZxzjzLxY9oE$c6y+h^lRok?SxwdB?4`e)p?exc*hQE>g> z?gR}L%r#h#%g}usw`Z=cRZ!MqfEi#Cr{>y(d-5=@?%OkHSc%hABcJ^sWv_}qI7fDM z6;T*4&p3f&l7UFOQ2t#s6Mg8k%j^;X12Y*o1|YXQ!pN7gGWWO6pK;ns?mQw`f8uUD z$^@-u2P$*F$B(9E=OA0$M_e;-<+HHVPLteErww9Ti+G%W5;~YLrddFWc7HxH~c+T{{eZEpB(wKyN z^Vpw(7NJ2%D)V@$72%DuV;u7TNUrk6=}8N9DhubuIu*gZKp5@s4m~v| zh9}J#G)P8mY{-&R6cdy2NrjIFyuO-Q+K8HEqO?2pf0eghzit^fdlK$}YfyTk_5g`` zF`~7YuOD%N&1J`jVjJ8=AOvP+SPFMsi|~UIEuPZxY~pf+RwXMGhON0&NtieYrG`%R zzu_8N?B6Y@L^cN}QlwrBoy|wU+tVhB=FcgFkqugGzpW@Ie8Bh>40*r%xGSO#O z6jEDu~!%@-9s5YjT=-klPnliCc0 z^rT5Xz`ht`YHDsRqQVz#SrrJ zjA*}EEKoEC z{z}&;Zy>YHOJZut?G&*#*p3`6-aM}uJwnaY0b(|k4ii2 zoelon{Al@``uN9CZ(-q4EiwuUM25w0V`87$^Se+mh^vopRV$l+a$!lxjK(?_m&Ra6 zdEkiZp&THDCt>5`qj;MMwyu;e{IwD}@)$RvJps`S4UGi`Xf65Va1NU1Dw_AVjE3DU zn0)?xBiVEynm0Fw$F7YWr9-9kmW@at<)i~2(o;)#w`AU@$4X2*A)soYIVN7e&8cMB zaN)j|PlQN9-Kf1+`{iS>zXOpx;%4ZQZEa_jno3cpN(^jG33ce8UaCWsaRKLM{71Pi zm_*qXE>>z7H*Q^}Ty#EGZiE@s$$nc(@J#V78JxYZ?j#O`FbilnpF&NuL7_ZFPV6G~ z+s6EK_^YR@q<;GUt@^mp9Bul`WQg#Uo&+M^4}k6cJe{PRT-#S+@xt)(1@QKg7cE=cjiLyvD1m?AP2DI-7| z4@DSYZ*A=hIB#bDB%A7cC)YS*44WprFj49Hs3P7Xk5rX1na}b?-=?^bcTvch(k+^C zWhjkI54w+Ufz~Wl^=;{`Bz!0Gp}1z|w*iid>)`Rlk@{TRC|QIby9-f+q*I58Q^!sp z#mN+ZW>PyP=#q)~LqYK!npp-cvN!}|OXNSQh3~)kqa`wE&?(Wzgk-7{rl5->pQg-u zbm)Xj)@R=kIC&5V`+dmAl5piFtk9rM&S?H=jCm|>;3j&qBTr5a6H$406h=ysqHPbt z`KnqjByEMh;!AnN3za#cZ(K@?Y;B5Wn;8IgcyuJ}qd-Du!h<%A9UL4Y@A(qS35zK! zxgI8{uta|7u}*gNAcZ=49TDD-pTsFZUU-O!5L~$9;N%_IGl6g@F zpLL875z&8Xm3S;WVdb!5+3&hiXZVZ*ft%w0bn&YJuh32!0_C9Bsxh~zj=a2e=+7!->LylxqW2$WIbIKcKN#(bec|+#)Mxh(` zVoPi&?{zba5~U5jt0_;}KCW^O?AU}1WXWZ@N~5Q&ybncXr)z!x8+w*3&JA|R>t7#~ zSHd>Y6h#6w!_T@?svg;TrlASF-BF%bDRc6~$p-p4=xYD$a1;*z?jI;JF`n=e3Tn@^ zQY&YFxmzZ7!PoP1tql|*JGAn`9lU=DndynVw74%$G%ao+IXE6+`ET=^r8DzOfgb3I zcTl&D)iPElq9BwT%IHaKbYPBkGpkN5l#(l$5i9_ss3u7#fP_B^(J+CmC9^2T8TWC;9v$K$PqeK&K zFa{M}g-Zgb!!U8=8RpupTerUFz;CRax$V!?c6vYm_baoZpU| zV}02SgDxE|JTFYFQ?_)QoKQ6;_%j-m*``_90dF%I3Q#YD{~{|*{jOf3bc8|hnELhO zW4KTGe2G5hF#+bFxT|R~hHDk(p;laWTu|YhGUo}1If`?>AUc>#5g!qj(MK!xFp2KT zTgJNK)2)~DeB8`87gPCs$&B+C)H$)7MBjvDjHCq{L_FDCO#^MCWMSDH|=H}j=a zA6u%QEzKmpDWGrLqXIQ&^TBXU!+}xk#r|c-wiN}{@M2iFNxAcR0)LmY{_yN5sr&jm ztUVK-=HhLWMd*Zg2=crTRb(*N7p2nA;>7ncCr)C_;pZ{F2?;{`-rgSd*RMSQfTEaB ziRj-xr!`K;2~0tiUj-S7nZfNn!Zhq2Vq&{d`)OheU}gT0856|{5ws+4pBRi_P2A%x ze8R*tGTe{5Uod(t>LejJ@S}+dBSxL3$$yp1eU0^0E80us=x4hs;_MIzbJ#u0_ekEI z!?Q;mZ4FEmPGAT({%f2f)mp|&7=vL$6Lb*2M;n`>N~&ZZzaY&qcJ#^!?M>vc6d#bP zBX}$Wd7S!5o^~N(p`)yfAWlzhVVjxNKiX1u8EcrolQ45k_eD2}f zjyHGhFnCX(jrYemKF(i9FRP{L1ATHO*ffA-2WY;XwbS~toY^R;oDmnfD9Bo=1 zRht1STgendaM6D9G|n|d&C!*EILyW-FF{|W2;GHjlAhj2AzfquDTWID>MeOZKQ0Qh z0bnDx9dn-Pz5?v8dv*&;OM8GnK)xWtmjf*va#^M;iRb>yoSpw zYf<(~FiC|ML5H=nj*!?J&3SWk{~<+nX}1j9PcV}TAf~~k5EF>_Ycx}j5o_&oBr!%y zE$U(eq!Hnp)q7li2!?xN;${6AS*}&m&pwBPIAz|)`wNCVylrsMgish3yxz^_?@#4y6$NF>Kg3BNz7j<-MFxGZayl&B(#Gsz6jh|PcRLvY+jQx>Bal&tR2}#)`Ul4Z2p~v)dk*SH{bUb)l zO)72>Twd@M)^k^slBu!T3H8LFgL_3|wo=jKkWXVJsFA3A(fP&c$_V2?-{s zxwR9B#9g99Yx0%?F(PE6^MtpV7*Q6RozDFS=EZ^Y(D|O_RB8TvTEBBAk~`S8Tku{d zFu;*&XE|y6HG6!dZuX_8QOX_ow!ZtbC2CrJa{MnKuM0Z1w^mZozLs%Bg`gLmU3S! z3INvf&cdqAcS}n=9iKHd=ne%TQM>5hlFX>>XDeM9FJIV2)H>bJIOoRF-}w~LY?l| zUWzGMD_{`mJVf0~tfkqlemP;n4KWNFGXX~?ssS7OFl5!)r0^TKrs&+9HQo5{a^jrR z(Ke-@x0lD^Wh{!=#Q58p?BnCE9!1_?hakxC{UpeSc?KocS(kSC^wp!_%s=(WC2v*3 zM)A+IxCjB66T9U_7#q6`w-M*wB!2dJ!VpjxpW`*8i!@U)ev zqj$%N?J}49g)Rky-TqZ94k!i75LJ(QJ^Xwdn1h&_7sP*v*69h_j9XL1Sku`q6F>lmqhP=99@s&50CF}_yUhd za)szgiX;M8Lj`K>&B7bSo`2=!y0I>{wC~%cU>Baee0X0EitPa2^HBX^OG^u<*TYAE ztK`4COYY?AYPfVHYGM)`xg;Yc)$8{PXLoo((te$F|3~2Mn)YEf!8blfZer=`ikW;H zzGZDfyY1pS=arHFHO;p_|N9p}+m6e5Tyyjl((%c5n!ZE+oOzx8{&xO8fc5tJ$+XTzNS~>7l2bLM;=g~K+z`{~)o8a87 z?FIke&XWe(ZwOdCxE)IDG%15oUSyP2X>$JnpQj4hMvt?lhr)0`>?Bqo4fI&^^nL$9 z$;@0Amz_qV#6uMkK_@x*_p%j?7ssG6lxA5+K_Ww^O3Y9)q%Fbb1QJZDJnB)zz(^wI zB)EgmhjpmQI4W~NS|#R`mJJc%g^Dk&1u zyNwH&QQ*uz$y`%9GP=J0G`+DBKJbM5NN8S)bCrMM6+0w`Ww6UDJvkDGWk-(C793Jc z_cnd3TB(j4uoP`rIkAj}22v|psi7agWu||a((5XZl4cm2Xv93CF4_?*8p);_9CM1( zRr3eastj{a&Yf4z)kwTX`BNSCk>&V}sZXZ)QL?OLoB z1j-ilS0iWf&hD?-NX8TMgTPV)oCYEwd!~)sGuNHUwhhR|&`&+kJ$?5f|PZe6o_+y$4j|FL67>UP`8-2ivXgR53cQx<3qy} z1B;z^Y&SPIde;D0yb}_>x~c2PC2gVE;?<)C>FDU_p~?4|<1;ey4v=5hoBw@p2xX_n z_wB%UAPk+V8c2v^Wo7L-tCqs5m^>FaU;{Yvf({N>ILDa@8MNneojU~Qzwi6Gr@dS6 zyWU@y+FTi3&X)u5D!T|pL`3X3l$-&bAL{4eR&9dUltvn z|H%hq(kxLa_jSnYOQ*-D!JbR-S>5IJ%vc6`)v85#GLkY0q-KhWzalv)T+M~QA2Bwl z)f7o`Yjo(uT>YAzvNWvus3lvB;icH`Ss4C_gQX)xg_a?8&OuOYNTcUT!9F3Gis{WD zHbA~=-q3m81Q2`3`vGA@o7+Cl7#%BbU7JABi92JgoVVmwLo{E14!TeHl}H6;$<8Oa^w zFOd8KPPme#)}rE;e9=Ta#P|9>3Z>Xu^Z~<0Ldy6&%6KV(t4xP#h|o~Acjx`hsm-43 zm!i_JBAMq)1v_IqE@7Pu;f0B;YUM68NGxMk=+V&PN>35jEwZM9fc(8++k&K7)ujNd zn5e2u%G310{3xxK^#ct3|FoN4I^`kzd*4kTTq5mfwzY=C0Lf!k(g8}{wM+gP+3M1z z$O>>m8zUK%WPj}LI}-Qa0~H^=Od87~4#Dx%#ghf0p&SRR%Yxa>lH0LdT$*pd%!t-U zhZFvrFu6bL=RO=yPp}skA~~^;lr0XRF^asnku|H0S{&cE>zvCFffooau9hjh$gA7= z`FU&?#L=A#z?{uhfJx6~27qAT)2w5jIFkgg-P+wA5|E{^PQC9pXj2@KkazmAbT}LE z!3?%G<^zBmWO{9mZouRqd7Nj{azf{TOdM$x&9+`=^J$;MxMLHb1h3KZ->+^yC1b=@ zwVio9`s|ihRF#Fy?upW2rl`Xm5iS9!3~)h{ubn)DIG_e?UvBb7du}>1X1^cn?!Bg> zQ(5dfBpLvsy<`Vrm}t%WAD^4MyRTLF#?E6(X2`B8QO zz-S~OGXBZ0CIRkL7cYv?-Ap{SH#t^D;Xo~Ddt04Dn8_7-ICx?F3_d|Eeq z)H4H4a^P}!r=+0hJ-!}!X4zp$QOKDyZ*V*J+zi>+@UdEN{lT3$c%60b1NY;2LI1gI z)qaq`mHNNiecc$yZ_$jk$BgjHn#5<2jFfo)Hh8J}*28Mafqvm13TcC0xAyb0I+q${ zcEUF{qCm?1p4g$J`1tV32^V|;50orx8BX_YY*~E1KoL*Z{K~t)@&;*+<4HKM6%s5Y z^Q)bUtltThatJ#HS67MnnRw1>R8cT4@Q^ax$xbNACNnpWpW^IJg#b2f{7s0z+@;$}P4$U@WB22_#}0kTO7jn!rXQ9IWMnK--0OgZ z#2_!57Gkf=h}zipg2V`78+TS{_Np|M%9RfFo2wJn;tvw=Z0<+)Xls0WO={Mg z41Uau;RFia7MQ;tafNkY1PYa=9zbHu<*AfaH#-DL)5tXV4`#l6cBGj4)leM@!AH#M9wn79R{Jh=(hPk+@DiuBm z37_BLCUMm5JlmVulW=~WFJosgW(#1RxB-aYi#~MU#Qm60mjJ&E*@Eec4$nW#Q*|^>+)9UuG&B=saesAAs za@bAeDUWi&wo_$6nONMI6;s43lSQF`5U@qvgjh5)U!&J8N2;Y-#Q*B=Pa$j=ESp|j zBvb0q`TUE3H+f{)qHdV=D|Z0IUPKD%;k9nPT&grB&4wa^p(K-LqY)0mC#hY)ZhTX* zwFObn$|k|2#~k~y$!*v{y^0f~_2Eel+M%dS^!*O5{UYL=b!wA#mR?EQsMW5><5vpQ zJpOY1t(a(EjWK(AVQ)t8FYXGR=wFA9Lo||uyJi?WM;>V^5s3eKDJ-qI$y)6h1W6I+ z*TD5-SO^Hs*t;i1teaW+zI}$MkFTG?M`8h8N82yKPceB`P;c{WQIv>aT^A!umXxn0 z{D%b_yRK(KLDpp6E$r2UoU|1z#!oW69@CXC(+hX!lxRwT zhwFmjFI9OrwTT;UeMgD@*~4an-rDpl=^2F&?CKJS;(El7z_cn;m@XW@yK= zGs=vXvPu?KX!@X~Y$OFX+_2vyjX2;8)C^5A;si6^J8Y>oJ`d?=exd-<@&u*X>GfsG zrbjIy+i$srR;UQ!lBg)JrnOV<;I=v#w!vtLL84obWSR6bH1)SXUe0EWu+}0`Vo^G2 zNHl&FQmPX7EY^;HLoVGQP0DcCLkv}p*;&Sfdx<9w?CqsX`x+pVY&aeCVmNJGMy}1| zTtn!f1fBOmQ}aNu{c-)(1DPx#4=-*x8V~&&^Z%snF{(;kXGR;1SN=2yXWkk!d_-|L zd9^s`y78aZ{pSPIep!ci*NaYh8+x-drf%&G`Ca?K*XY+l0@JL(;8h_@? zNHQ&c46;tSva-3Jj`6_|cz>L{yo~Y1$K$Z>>-6@#{1-vVI`+S>DJ|f*(9HwevX2lk z8k-qUx}Xwe_w7U7{8xsOABX4XV*T-Zq5TFI?!$4tSo4kq6=G!Ct>kmFdP6%d1>hD! z+$7jNsjuKzcG$3H%(^deX4v9)r+%|sPLfmgJn_}HD;fR7-zZ_rQ2UJ9uuUk?6szm0 zxc)e_6jHm>43&bA#&-sz_1x?PEAehiM@hISzGPIk2mwHW8D=&KR=#%Mdz!@q>A3Xt zX!4qgW%tK#X=4{2d?T5Tc^^J?EO9tlH8!vpbToiq^~SzfxxkHJGKx7k;6nP9a+OrD z)BcSnN-$3-jh0byA-wt&kvorv@>%+{O)+W*brEGnGd)&U^q}4-%|yLyfdu<%)KJj$ zTezX#nUz#d^Rg-E+nlb%^ejp*6KY0w3cP58mQ|g^ zKBj7ajQ?kvq^m;d1F84b6P|BW%p$LvV551>AvW|hk zN$aP)^4qp1wx92Aow{i(Ow!zJ{H~VVD*L!o8`JRb__(Ioh+J;;>^wd%s~@80$FuYf zU_g+eqH9Z+C*BvF$B6?$qr&zV|C?(p*JJR0DS@4Khuh|$K~awI4Kk8&tKgdyt;}7M z|HIQcu;Uo{3a?fReS*mcotRF8(Jbkui1lS4m;6_KOQq%f|4By8QRQ= z>r)$F6EFSE{Y}@Yi@%cDBwAzoyoGQPrtv;nVpzu)>Kpk_FyLV$W-~$MqqykazbcxM zKE8Sn4GjtU*dx)RJ0$7rwOGSQO@~{T%$u8lbOWcIly!uod!FN8T<8y_aI5zKrL@B)@x2m z;`3DmdU1;eEdMYJ0-sCB3|zhfTDwO~7O|Jj3TFxC-EHob(2K^W@M5i^AVuk4Ah(+e zO$XZ5g|%G3V3hPnW-47^r0;_-7;e=!f7byd@5TMIu8D8!fjPbo{vWSF=znW$NGhee z&W7yhP*0jO4pMYb&2fDv5iZ}XwNZn{*G7t7i$)T35D6z4o}|hUU)B$28cE8Xgd#_b zdMT1w^YlI+D|4Rky@3$sp!u6}D@`L#US4Thqu|BufiOqJRo%>~<0!-R6@!{(V{B~) zW5tNA@LJ<#DOA*CDM5GI@h_`=6qoZfzvr;&Sg_Gv{6FAI4s$rz5qPu~efuC;uPQx) zLBh_UzYvoJN1m@45zd=wZDwwxqV)}`1xo;4*Fhd<9Nny+t@gL|XQ+S~I^Ly4idnWv zG&66>rSV}J0S^~=C+yWAWhUj3dxb8j;#sPvOm!ay82l-m8z$#k-5Y4BXFT|bYgjZv zQ%qAmL7^&7V~LkDmJxyK4H3N8Eq2St5mu&gK9h_vQA3UHo5Ae=cun45MZoyeRM6W}A zW`hmh`vL=GxzOHjlbp)O+4I`lg`*euiI;<lq;B0zN`cQ7pvTau25+DtDGU0&;k8 z>$v9sKJh%AOYAn%JJB9N7S=hU4gOQpd@he&w8%nX_Rea|24kq1*#z2xse$X92#LYr%?UuaN*ncZmNLBRF@%Id7TT?>uLO3#@o9>?4o9dCF;EIRDz`f+ z&qTS$xDiNA%g{?W*ebt@BwDDH<_D>nt} z>gq;ND{pkg`&t+Xi(b(+;ymF&!a-yXfgyY)K))g7*VJ2R4fvO@T!0

    } zh(aAHgd{w7vphP1~#vz_r!$T6f(GO*R>`E&q3Dw(7Y1vtuWk+xO-w z?$d|c?V?Fnn_V)cG9_iC=i1q+q`-z2$@&?Y!ne*7L7FJC%+Kd^+vhUex#=TsS)vg%nG1@NdQXE9U}P3 z*&U)^%6c71Gd$Xmc}{;^0US=|d9WAqMm~QE5t@*^k-+RB@6LQG>{}=x4^!`@a}5Wwz{O2{*2D zTU$|hGfx4=&W^M==U2P4k|4Fw=+i4oC(-cVi2!r@AGKRSR8#suF=j>kdln?BEBKry zCQxa#vDJ7hN>$w}nE%0Ua%?zx9>>x%b;HhTv`H!i=3W033&*qo9~$^3=2iSHr5t-N zMP+}HXSq-F)WMH{QS0ZI}-3;hW+s4bzOKhdV~(7KtYW+i2@td5f|Cwef+qu~vE z65{vZEU^iK%shTC6E*kX8DoW7`9Hf@CaTj8@sjS!)CscDu^hvVP<3A=ge;kP4 z;O8oQp2!uvxpOki>4bVUT!n;sDsYVN3mQd2rH3rkl9Q7Soii?H5i{0}KzoYy(#fjtgm#}HZ8?JUI@Rf2lj+0@f z&!lx0QlXZpr|@R1*vkVlc=^+xq+-3c+*mE53H(=fRrX|}r{`9_iQUB=v_9Xee<6NL z>-QmTTy!(rz?9Fxr+gB5&uwWRRaZ6GO}o8fY*>eux;(x0DCpu=?m2Vg(oT;J>o;hm z7_OVY`GP(10?#!KHEgn=;3^amIToDjEq3<1G#2r7yADUb=xdU5-Xt$t+#5^MOuF9S zm$98`3#XDQUSPiGvbE8n%hBe`U=fW6!MS&MpL(QA!0(_CQG;FaKqn`&k>RzlDbabl znt58nSBK%uN?|Nzg6{ZN0;D-aOZ7WIR(hShviN&4r&2BxI?~G_)ZivQeEw1mX3Xjp z(@k1w@8DXbCVv-?ns5%0U!D&*4OgZoXDDacE*xTudyApc_SpieSAHtEiKb-3a zr&s24>*N@WgsdVC7*G!J6O`hEl*E;4QLh+wKF1rDUCPurw_xF(h~LI~FSTB?;{I-g zrHIDs_A_I~8dv(7u$8A3ag)6NTF?6DU+JH1W{9;=)@(-VyVPDnXL zNDg`GlYJmPQj&RxHt$%(XN3A1@x%wMa`U9Tj}T%&%GD0m?yY-pViqrmWrT$XXxHpc zhKM*ag|EDp$o9VN?-&f%s_uhYa<{Ecs{AJwx5QVCzl0mfL&XmV#k0=OfbppL{;&KH z#iuuX)=p~w=yA#to@H3FjRUYg_}M5 zIO7W6el6Q=gV?tKl!y(8vj?P9@X-CF@SS(RkDGwRyTYl_ziXX88xb&V2^P-Rtn3E2 zPf?U~6$1LU2q92V2K7rjqHV**ib)w9q%$dW=&1wWN_-KaRdMMZu1WJ0BJbx8ooC4A z6g-7s+A7AQfEz0T{E3e)m!Dy5SUD^%JVXJa%&{3$T0v_HCqH!}w(M>F!ReWbmMP>B z3Y$1GaZUJqaiIWM)RHX#{7Q|cq9)Vzw8$=g9llDG8XXg4)zh6I(u_<7OAS($R z9UsNP_n{2J8@->gSAQF{EaCJpliH^VNj*=YQ^O(^+@gUf{~r2jsq&7^Fi~a8o0dvn{qv4hypf?T>w;_F~_l(j3({eR_Efvg(_NJ6a(`v;@@A#ncB6&zAld zbSLLJ>F&6rCNW|nd!l$TDa0+WTOUZ%Uy?T3KW#bU6+kPs5mLaW7{CX!@MU$u+XZ6= z;_JW7X{eUXQ_|9l+7A;4^%7~&x=_{1@t&UV5V_XOa(+Lnbh){|8{&!`>&x+%@-U4) zLD|RANhw{cIUrO?e>}mSvY0-*Y%!^rxKzl#h;V^9!$j~#=lm3!;Iu|+ta%D=yt_k4 z#i@EXSpJ8nz{Es)^U>=}_`kciUxHp)s9sgFpt4Gt7DW-&hX5sdWnRzrHNwmj`u!Z9 zWJPpvWD~0KH%zWfF!RGh!z3|UiX={0t`5poz1^9_FDc{2Omqqgs_N=cM;2xMk2N?T zP(9`W(10s%m$n=_y%HXm-rtY>?)Z0^Q2*Fi;rpT49Bu2jm1*CE-Is^~BVmm?rjMfL zg&G+xkPHoPYN_1L5YtKHE!S)y+~~)&3IaLCMMUEj+L}d z+yUT7rI6>9y^2kLXgzc#>$qsFhD{F4+nv%jAG?e#F3y(Qq5eyID;)Yv?fwnL+p#wU z#KgQAdz9~hwUy=C4h#5gV&dZuRQcS}EVCi40dwWZ%M6sx$J6&*z}$_?jhl<>0&sn! zmj2tB0T!)!;0%K7fx@{{R0cs7dKP`6LqAz@cAa!yq@^blDz#hO$cY9_e?@jur)s&w zwb&7L7e8HqafCvdMCety0auy4vV1gQ;g3wObnPLZR$&=C-l!_#*Z2FUHvDABQe!he zwu`av-c-XPRixS69mmFHK{k#$4~)Ma2K<>#uWCk8t62}+nMuoOk~Zt(_pB8bBYkei zf5b;i9F0v^=XlZs|Jf}gv;E~~rJf|Zv%H3-6+vs9Xg zZMll2eT@2{(GCA;EG04Cu&CBW*KzWb?fPrilKXa|5Pp>V|24=SW)}CHmAycNhcXrKdY}JMo0Nvf^ z6#&Mk+ar!d@l=uij=K(+VU#YhY{dUTqC$VBn*Y-OBU z4D?%P2;TS=$TZNjbk6y2s4HZsd0D@t;GSIG%3UgWNg5uMXU4@Abd`8WDOn{DYXq%l z?JJbZ&1wcWe`+n*!U?4fv(Swbo!{Y0Y$T9~`Hk#{)xuZ%XjPatN0UFI-BC&#yrh+$ zyjGu@;!5VVG)^EsKeTM(S1N1mGsGjgO%6t}uTnzjVGHwK-!PYymd2i*yHB)89>drg6~9hMr{So3Ns#aaS;{0Y<2 zk4&h=9WWHFp#yY8;Kh-7Y}hTzVx%z6F!f@zVFqRyKM>lxiIhXFz7%<+hs`PolPv}x zHN~OaSOgvA#`TUG$P1~fuVCdpJ0Zm=|1^mzFZRsUYQZ4Jjv3*L%Sw%EdlA}+fPw)3 z?s}v2ZdXt+#CF6yHYV63yS!DX(cl15Qknty8QK`Sf-HeomHP0 zjC$62%!A{^kEtab_TAwCW$12gbQJhnu}U+dpV0rw+QDMEYE_cM8* zuz9NH(C~_vp$3=xD033=ic;7jcedJ|Toh*B(&{UZ4MQ`+V&dLLRM7{XZt3;1@Q7UX z>#vx$x`#iuC1Ws0$03Y=o8?1uBZzF=)pmInDwa79(Kg}hj{71R-9Kg$S^osLRZ~Of zyNDs^@?3xB)1Wmy;kWy+{uJ_m?915SQ zbtbeExu`3%@!Hp$-NoR0DGk_Eh1cW~_&#hC0J~CO{N-g%x5wSX(&O>J4M(cZGA9)1|H{^R5~RqqRoD*dJ_D|p5x0Ql{iawYb-SVZ(&G)&uqIOv+023ix^a*UFEu_`#7t^a^00pR z(w&b{4+K)81hF&cqb4TgSC@P`LrRu0XJwg#jmLB=*Jzi6gpoo0X)fa(aAbG3T7wsg za3Xjb-kY~drcA-0)dtrs@Y&x_y~TSlpE+fxOC(=y)Nwc%_t8miczj%3&VW%RZ#}b| zH~Ov8=5Wa*B^a`KdYEoSL7RD30FNt6;-#?jrU}vM#J2qnyhssyHM>Dxb zgx!Dd>v`CUe(q0!d04v5zZIYe;KuB|X2s_?aXE12D!d)Bw-BN1Kw14|xChB{r|BAhfF&23JyZIV<((_5b>T zO&g|`>3So_X(VkpJDReBi4#P!`GZ3p_3PtL))Jitn0~TC!!BeITXhT>F)0HVY-F=> zLw*LmT9Ji!9)cZOT55VR_gyAqW8?7aNiNhxx`2MuU61UsfWVn_Wwi*PXN+90ORW-> z0~6f&U6>BzLxwZx))R|3hYeEdb2k7$^DVawykeMtC$r8@OX9iUPhNeV^j#c;t*0qg z)Gic$ju43t53QmEJ>rWzd1D#W&~tF7gOf4dXpzjfZpTusGd}i0iW}_D;=g(dipEX9 zx@^s<5y0NyJ@Z4iS}+Dh%{nf-q+KqXrz{H>&h%J~_vfh+C~8&0m;3>RH~18`fjF(s z+wb*wo(@Q^9x+!Mtb2iA@@lU~2Ne~S4I2GN7|76&f+tmpU>4#V zJ||WGbtH5>Fb{yQkc*67NRnI(G$Dr!zZNAk$v+dQAvs(kx~DC)IJL0s?h?qZ-Pr+X zhQZ%IWgVtu5v1}@9N>phYh1*cXw@RENaj?M*|YrC%z_3_19}aTvA|@+P~zg^jYo)K zNQcLUL*;HF5k(s!77GeZB&H7yCqzP0T}k^GiJ}LM#NorX4P2B`3%?nYH0DUOcr!p| z9+!61&+q-Xbz8>!3!;q8ioh*;9n|k5$Yg?q-ae;UhSV6#vZJYK_S zqJj+_u$AU4qC+v5Z_mOqms?SfCMyfV#Kw<1G>e&sM1;8`LB5Ju{Iq*}OnDP+@u-)7 zJ~9TWl?gGNTE;l{3j<6)W`?UX#VTU&w8~}>fCat108pe?|LqFnFoTYcE>Wm#+$R2d za&WUZ)SzCg8i=}2?Jh5@hX5>O75B163zb-Gf7d~)9{>E2oE$1Z==c8g$ayjm@N(W!JJ|1Lny$w=TJ5?Vw)aK*zhi%GJ%TwA*wf z7~M=~HwH*fxBT2M9v)m%>x;12i}_=z9CHK`e}IYn4`+gJ;F)TnLDc^7gE8Hw*n8fb z!YcIoQGWu!A9(bz=4JA#*0%*6wCgd}eg1)CrN7kQyi+U}%p=}33d4(s9^i_L{Gy`;EmLFB6eBb@w zN})7l(4|J(Ojm&pTWZ{kucQ(SO>d?B+SW_&uXV@X&mKdm0q&}I+L?Hm#3UN1@PuJ3 z^0wD}njA*(b^aI5m#4nP#AfCEp&HE2&NB4dR|BuB;qWMkQ!!S2UthiqdJGTG;{B&Y z8)n4~BHk?TJ#$=Mhfl1mtg|ksrPHZDl71nXr{cuM`hvz5cuMN?cPqq9cAMR^E%{KO zpAm0dHs|?QOY6oM^iJOru1;9kcVu4NNWkt&i?ia0&o8$J?e{Y=*5F;=S62aCwS$(K z#OEDqeUQELQr2Xm*=ns0YyDx5y}+-{agqLy>v{V~hGGfic__il7d_usXCQbEj4vAj z!FS8xR0KvBEJ>#SuSth8*EWj5!)ol0cWDn8>>xXETV1mTv7Bf;*?UQrr#`HS1TkaVk zOpZ9b%n%}5|5aFLtMWD+m*crXiCO5?82dYbV7ZSW!dKetEqg~fFL@|oax&mhD2?0A`sH2B{1sg|zCJi<(eJomw&$FhBTJ{A z?guyMCAVrS<*!XMJvw2csED>KL)!s5N3-1<8;Dt+Hgl3P_5a)7ahkGlIdr=-N`ee9mY z(v}dNtaPn~2XAb;J9Lu~++PUnf{<3|Lx^fRp#h7on=#s*J+wThY2=-q9qCJF^8Quj zFhx|+Qzh!Pf*qCSEc7zj76J3u)M3HE{hRMHwA%G*XU7FQsQ=+Kv8*H{!bNk$f{Ayw z9H>aw@r+xzNkYfQ&=9Wxw4j)!v;F$oesF#kBzz*S3cl2O?Cey>n%|l)dnO+M`2|(y zE5>nRW;(+?|NPbX*qE4kzY?&{kZxos+%*K+DhRzBCneKh8_aQXd$@^8KPh6sba8>q zRxfp2O|#a2ree|s8uGsjh(QXCsNR#|pSr#FDRWszsT0_ze6tGYJO^twHncwxV7?ef zp$IgN6i^WFY%S6GJSGrlIq4}bRgD3}v~b7QyxpkKXC%k&e? zlf!}dM6Cb91gn8$;L8i3t-hH0!qv*P+XhA8g$SJcueHXiuCDAp54{9=jg1&UV^<>c z=mi9E=QKBCRa8_sJcbvURaWp)S)Q)})SyPa1=`PrD*kVpe}A5$P)*rs9kq^6Se%@g zXXl|S+X3HJxQ_e!E`8b{fpjh|YTun?S0PweLaFnb#$ z-*LkWr0{`hk~LuYCo!#8%udM63@b@x4xq?W2P{)1bz2!b0TVg#x0#fpJpUom?b5f? z`InT)TbMkWo^T(%+nKDn@FG#`M7pKH>~WC*3y|utYeztLl#vBL1EAf;%OkLmVpx4# zA>aTI#{M52vX)}>m+EWAZhCJJkB!wK43TtXC`)Jx647cvvwa_eDRGAOG8pu{1l;5k zo8t!!Bzm*YY(zR&f@0n;XG+sR*l1^($6eeD9181GZi31mAfOuR>$jx!Ux+jx)iLmv4)^>OT=JO)%?#(Rb z-{n`lN>RuEo_k|_zm7JXTg9gqX2QC=eW(tm$A9-}mYVH-Ol^MD=seT{tiO8p>~b1g zrHg`P<>Z1Va*`)grG>-e0tETB(s6*4_8~2rLhFVUr0kDpr*<6Rk;}AreWXrPqD+qV z5(29ZtFlv(-9id*xC07hs!Y2ro_%D>3Lwx;WOp#$Fx7BARc-%wjsdx-W5xuib zP7X|z7EN$5pv-pvt`TDm-0FvF zGO~P&SJOwX{i&QQ`edkPH#q5LcAe!XvII*dlG7>!t-w1>&IpR5Gw;yx%0D-tHo*3LgD*j zmggR)*PUawsOPiUg_o2P3=l5vUrO#CJ4xNHN!LlIJB8qtT)G0H=?vlQRD3O9Nc=8uQc6eJQ$|;hu~Fp!qsa9 zg0!pRS#6xTuF99Y@f3F4 zB$o{@pPMmBY?5cB&U6Evej~u&ZCWkf_l@wPLjIF*&Z|fpiZf>q3 zWCZ`~&FsUP(Yk7qMvBVn4X-h}4nqTPv0WD2rN(E5*E7=~@K-6=e=kzc*R$Q{RH&QV z`w_6doCj|5Go_!>`O_arx30)J9nFOdagJ`q+yi}i&|wRqRLS=~#7bcL)MN|4X_kC! z`w-T@t(387L6ta1nUIyLq#GJQgb7Ek8IulKNQxbW;R@Y38M9R@y5w{!OG!(utR+q) zzIpUBDlcY9;BG;Bm`(BL-GC?`_tE>}Jrb2j0(S2z3Q&mrJ5r&$?s z^s{8jPuIZxTe|qwNq|0b?aT#G8HTNYyu_gf47RRZZ@SLd?XH#-mk0jMep&5$kM5)S zQlXCUO!%-5?l!~ERU_>+ao5`pIm;*7fVnkifFeKs>NAp)JI-Y|&TPU0EJ`@pMUN!G zpSRC%=Z&4+){QpW7hCi-?};%R%kLE;%D3`}7)Is}meKQArt~tTTf!#u6p2*->Ui)+ znpkB&rQwC_a(`Yj(IQqN%1kTWQ)s}(Z}cg6tnZ7Kj8YvA2`leM(=u6m(+NX)%>@I z$=Obh$Jwc6=B9hNbF9CIhIs)tSJM83}7gk#ItBO@* z6Y*v3lqV5f5vnoT+V{DW(p%Yof3A6?d|^XZ!j0GF#>F`!R!FUEKBvv_uv9B+Ohkc* zlNFTfM__)aNvT^WA_lI1NU4H+MrR7^6t6AR?3~ATQ31 zjbkxAy+Etmp5Wm8c;swIm5Ay;hdt65W8Mnb?<;i$>a-Ak&Z{7u4^ z*4D&QY2jPbp{OBX=dDntVrFd~v}~MoA00O{!^pG5FcF0TzmNil%CU=YPfSsTh#iF< ztAGjYx@+aW{QF?$yViA|8LBbkO%ztWh>0peuUTKXuyr&V_%K$a)`IaeCk;6`9-W#h zr*h!3I&J4GIR0Su*da6V|ATyZbC@y zE97vZ`qwT?SUqYaRXzh$*nc~Mzhr{J9y?%(@sU)eLZ=Z70)lMHVt!_`VBRcu`mlf| zyqSaaD(*tO-e$6L(1TN9=hw7Zg0qjL*W%$#_3u*$KZ)x(tteEgp$f}-%}qzoX$4PQ zy78#3d1w_{J$liBiDV<3rneaDNy-RsJ@_2&XG-oI#m`C zf`0xwMch|OcEsHLWpOW;Xh#_aScN_QBVG0^Hmw(5V8;d`i^;N%70Bs3DFUKBFw|_R z2cm*)dq*oeLm9Tzl2S138P#}Z?jhfNb_WgSe%ckRM&=%Un|^o@4h!`jQ5suT_i$W*!+cqU zB)P2qbCq)&_LetaoMo!raDdO;T=<_)BDvW77CQ-pH>1<_TswD`Vl4aj2{DWXYwCVy z2-nTWy+Ndi%+&BhB{veAre3)lR@1G+_j9)IbLR?sUy^%xy^ulT9Wiw$)G1bvw3pGs z6-7#4NF+*B>_E7x|M%W8`~>1l`jdNg;CDWextal+SU|7_7zp+S8zD|?3K|>l5ymPI zp?}MDC7&)~1t`$4!7acmU}|v|wrYhem>1avPf`-_4iwPR;(F;O1d#fOy9V;z`Fvo9 zZUg`wIkn=XEEdilDN&{znSo!@#y&&5a(LMB2XqgE6jBw3PJJ4FEt=JSy{=z0>SJX( z@?+QTuR%_x7j$@3`q1BR0sY8p12pQC${6Gf{1{Y*?>|NO0dD&W6J!c7&&s%Eaw@dC z(I+QfeaMU{{fsip)bOV(WD|)fu5--)Mir+DT}S-yt1$+1+JMT!U+nv_L&T}u@yF3A zCY``eU!RZQ)8VbQs?dz|f9g>|lX7ji2#)lRyRJs_tnXA$SW*6m3k0L>;cjr77oYWB z#??ssH2&5MOjEvI_%(Akg!B{rq#|r@ylz;pAu8l(lo2^YAvf?YyG*5p6g8Wd&NKlhAu%;M zdH}mDNN>!~2SL{`gk%POrmiQE%$Wq-VSsu2;T)NNR#>DpIt)}UJ7$5Ofg@?}sY~~9 zs!ke}De9q%D`{>{$tTgmU8aZbuXCfQs|^LDoY`4WuY8~SdPy3b2{+=slaXag>$P?> z<%B1`#xH%NPnI_4#E=@#0J3Z#JVOkMAR$H{UVWN$Zmwrw#X<0T_H z|9x&_eGeD>FR*9NQ|X)7aAEc*J;UgLT0WaQ=**Oz%|K!oDlzjLK%K+o zEaCw2GR_g|BqOsN4AAYMqGAnr_s~fz-!NV3lsVGkA)>sL*jQFj({fPIlTNM-9=zb` zz2G)(z`$`ZHF}_j%tdA|-~cQl{NDsVMaDGMBUR~n#zMJ5_h*fCo{g&~Y(V$*qH~=_ z#gfPNcr83bvp7T0YSO39^+HnFQq5#%Dn;W^p5^{2aEV#nj?I=+Cry{G2RP5m3RG6<&nwmZ?_bP z;nR*4E+S(7?>?UDTOH^M3Ft!rsx02zr!?A<5;KUGQ*t3FlkOmmw`i6)BQwy>oHGwg zGi(`G;sCT|s8_xO1U=V<;mC%O6%z|Z8?_35ukN|ZjShDuO+LpB$diwP%twWcGUPt) zdx8q^S1hip{fS*6R%Bku>GEm%AQ*2BBA5*Do=mvalNI~rmI;qtFBNgSb2cv-S}o;+ z9v;i9i|4@498ZCSv9e_4-<=aWZWB1UA780UyaCK&N*~(>r8sbt2IIyJ6Q4KW`uJv! zqpBnCr6nZ=Ei7PWW@Z5u40XR}{ZjTdG>lA>u@iUi7!&Htj9sl*kvzpdJtwo&$VmTY zaj>JC-(>i|S2zCaa_ibhc`Zm7To+PJ8HtH62A63v1-mJm_;5Y@sqZ}~5cFpbkDLigPe;Z2KP#;YHm=JURm@F5uOtmP)D^TJ2>YHP4N>-OMvbP z)PDb+ei-Z#&|XX+HoJ>nG0Z=c#!{g|lknlNcW&GF-EalL!Xi=AivF>P-&$0WIJgNb zEFenD0uuoTTxfIBNYYR^nTDICD`g!LV^^4wxm`cVn5TQ|buQf@0pc-{aK;0}H8ZB+ zxlyoA44`5i99oDcKS(1~4Mxs=m!U#r%PNlr|6(nD9;QsYNVay|Bd5RD^XVg)lWRkM zaVrYZB@Zv1G}ky4-ra@(f7=?YczOJgw49z)zHDGEGh)0&lvt6$!VxInS8^%S$RBz? zFaYHQKGaF{=*DBZkuI+@Yu%bplTt#kY@z4tmoUDn#O!V%TxQJ@baz*Ez>v5l0i7%9 zwVHy0go+Bn9N6j~rk1LJ{cW+}9L?k2&N9s$JTINRNm_XEca|$8YSLok%m=odQ@5(1 zE4vB7*BwNg@hSnc3m@v4Y? zr&kV4hgIpWk3cR<%E>v0OY({6|62P;DA+dU5704>qWv@e7*Rn;kz$2m9J2~^fZrnw zIGQvPdurl>xj;oyrJlph&p-5L#5FYZX|W2T;B=e?!(bjnD$r=VOh_jv|QFHeW8ox#H)z>l;H>?jnc&Cp&k#dn*r z!0Ievw|n?(A_KllBEDuE;I8a`$dr)wL)(1)ZCuyaqTqP4sWD}M*i?7{V0EN zCZxkGeXQg?W?*ECUFPdoi$;)euUcuEXMkWhO$b;h{r}$|VsRrAEG|yD8qoWK3wF*h z{ZjDAEK!S6@If-%`t=RlXj{^ZSFdCsT-6b)Y(C^G$EWmu$iVKPtTVPl1Gfn`Dg znr!0!`MMjp!>K}#!UQQURCs}^+0BF8*O^<6J%If4zypMkh#7gF$w9im>31yneQpS! zo;@e+RZREy3=SjeXI>}1p!A!4iF|9p=@k~18l_a(_Ilm3oYK(`{hooF+QYe#ow?5U zzt>D^xR?)C*MSD(U~J4 z5dBvqGD7g$n7i^uOqhaCPB?au!_4PDC((&zSnN%JPbaXH5EGRI_;beBy2E9vQQ&(l zow}5$QfnU1pWh4S&kUh1`*cD(8aKGqR8G6* zjO23F%(x7=GTED3XfC%>IY$=kcxPdN>Oq8u{H9aDjwJ)&?P8Y7?WpCv`0R0Uvw%eq zSiKnCVsHRR;>MXn2?(bET#|@@IU!;joNJR*;edcXLmIYRUSsj`cSi*+4{`@snEw6a zA8~2ai~a`W0mEj3Mz8iaw>Ok@#kodQ$kAPfzj8b7g2o)W{`LdCI+({ZyVZ31VD)-c zbs3T}I{MDdyl(aNAaT#<9|kpqfUTHEGz1OXepi}Rmt8hNZr2?1n-0~`@G(A&pe6Js z|NC3I6pdq{8P5|5D!n^K9arRxL%rZVD)L41%7!y*6x%r1jLq*N9`5le8V2ggN?d^3 z)@XI1dwPC0S>XQrs4ICab{UvumvAL(@i(n>PekgmKaD06+GMT5UMUDN=9QL8jODU4 z?@Se>wT#O;o7q?ai-#OcTyXF6=?Nq>qE$sJJdz ziHV7Y%s3cGpay$vy+-3!)DI%$=AM1h>HUal50b{XkP(c&v?C2_*ehZV+UfSk2QpPg zhziv5MOn~e*O$#0dkxu$X=ubFIss5%JE_Pcqr5c9+Y9cedS*sOz)x9i04|B%nqhiq zo@7Q5DVq)7E+TmK_LdrTN6hpXo=F5eCcqmsVOR|R7O&K*0-H6M@&18x!|$@&Ctq1Y z0(re3-u2u;2>kDHZfi6Hu++4=+2Qxz9(XnntxQXCa3hg>AM?9sgh_atj`0>p_s0_V z``4|4*JpEObiEHil9ZZv_ak#JJH`CZRM^-@mxuDcTIQVb`Tzl^=XH4nvDNAOzP??i z|BMY}P#4tcxR&GM|p|h~DZG}^0B?#S# zl*^T`;H>#UtEeA1lu+%BWVs%_q1GUB*f|}+`l`kZR?60 zbQOtIuSo@`Zl3B*$xAuU$(l}U2SPAduUtfm6fp)FJBX6^wM21A3pGKH6{;IYQ7nbKnu5(?_Fr1kXR;mG5eoUxCf#PX3$^RY}X@kiPN6_M=^ zckuCXyUG~eAnFHWx^}UX=${Y8@~5Ss=x%#AG^u`5f!y*BLUR=qT5w|sIKx(}IwJx- zU2?Q|)^7*ar&g!M*z7gR;}Mn!$J5uItsX#?ksbr8?u1%&RyG&6y6QA%^qXlEyuk8LrN zbA7BIi3t*JY2wJu%N7s)Wl!~%I~+w#doi~_zd`OJG~DNg9Ji8KKN&z=iVd# z49kEq|C)J0*dKe7NW`|GsEb2ldU~PWWzH~Tc^f+ploUXvqQ;f26aKNO(f53oo8Kn8WTT*fVrvB-*JSNtLi1T}R|8_Z!yamR3U2jf12{ zn@d!vADa}?%$_PGsY-zxwBK4zwjG<_G*>V696q;8NZ=yno#=8N*$`r2mcZA&N!hU; z|7asAqjeQuC38-GQ~^Qw%bJ@bm2YW)>15roX^+1yH-*mr|J1QW@$QQ&8yf0l14PPj zFc`u%zvMz`BO&f9bV80{V2!beu=R0$+F^m4MbJ7khH~*w#LqDs-11%usiu3xjjN3a zT!BXD=O<&J0Dm8+#Hi zal28vl^t)W#+4{DTFAgPzi-)|kophz3=)gBiUvp)78dra&Wj`E7Qm(!xFPjEfp8Eb zMNM!_`jpG&&1`K$C(lEtzjpoS$+xe4maw1s`*-|Ovk}zVbH{zR6&s*;!|{FDCa`~h zy*KLH6*5pn>e)neIsY9+r`^~?s3%Xqyr2C}!v|>RN!Z!d*RI`mcawL$JY;S3@L8}y zSuFfcHPFu?`VoIo65TPVJ6X69AvI>72F>gdoeihPpT0ZD~-=S{RShXQ9|0dbuA>PN+(pl@U z3-h>od<@)$+5=qMpLxwJE&FRtMt3}Us5%C_rn<1ID4@>&vzncYIBh9#facVSzb`%iZ)csz`&Y)N9EjI88>9(WeH9U5LN^UepyUZ{SSFx>4MbuB zi3?V#2}NXYR#0U$8!lfpjyU|8sIBWFm3^|AjYZdVFO;3xB)n4{+pi|>$b){-|3Jl}0nqGxWr_jTA96RR z33W~hiOEKa{lozFqS1yC-e4~ABaDi^`j(3qx50QsF9b-!QuH?ChkSZ6rkf&xy6--< z4~KP#^5RDhry?|59$~G$qn)0gj?NdqGt$uct{kP8zp0~sVN68i?p7kd(9w?R^l?vU ziyjFM(j=SD#f@JqL+-L&*?>jwcOij%U#{Zek0c+{wBxT`F;Bm@FCx05G_Afxc{sIx z8FPd4$cJmlNf={EA!mQ>5@686#z`cbke76aP*b-?{^Apnbc-_jNXh3-D3*?5SyskonHMgfW;(1&zko$K($$T0nCH{C@ZmUW2@^a z5X`LEv2c31wU=(26mVKwD1FJl{z%aLC&u^6$gPdf$;D;JnaF?zJ<_P~fnGcsw;PAs zMMBVn)|-X*eRf2?0>529%bkZ!m({ZdThq%WRNE2@XpSD-`Y1^sp=nJvEke1{;yDt?e>75 zvnXnHe9}r3E7Hp}-{PuARo#bCd1tqAC1ix%Vw+zk8?<>H-oBv3NdC5sZ=d(80z$8! zbz}_R=`t-{AFe`=q5%My%rbk09rT-4<=nj_h$M$|eoX|EbCtWrMbqWoZHO@ z&|oGL!MRn(5^`vxS(-*E#HNSsaw-I|#A8rEzn-%ah^$_kzrIeEhHR`drh^P%LM zJ^!s1D%DOb7e>Cym(Iw2^p`-@CBgTyoaFoS+?Rd1IAEIE;(mME{LqEL_VqeFqA$h5 zWkg&T?rCE3{GDoRi-5T?S6~Nkvcqz&+f&uN4LZo{b%>@@IyH;nkIRbn4B$ouNaKbn zvPFD+I#4-AM@Egqi(a4arSC1?H*$2|rg8(BGB35)94O!*NkT+gWxsFo-ImI4cD}8@ z$M05_oFvTd_C+tQ|ES_5nB;kdQ>)YpW?ysr==*+u9y)K)?YZ`f-wa<`ikicREugQz zPH4I9;^dOsTnN$XaxU~uoZ=+Huf=LvDb>gQn00Yz7a+#x=7QGN^d3I?GY5o)7r(zG z&>r57&{S<`ufLEtSg(Z8UV5Jau&>v%_PUUm7-VIuO!NQzfP#Ku;R$MJaIsqN(B(VeG|`Gwc+4AsbZggRVPzkErbegM{(n@x z1w&R{7qzQMDBUF?-Q6wS-Q6J|-6`EAdDGn~-7PI8-QC=D$Jso--#Op;0f_9q_F8kz zImR_O5aSm}V@QgAc8BvvbRae79q34a*$!OqIAgNcoAs$IeKM#CG|5#WqC3p_h313qq^AU2O)%n!$70&j@#w{r_~ZE~ z0Vu6}njlWB@Gk{|P|Y|16Rh7DWf)Vnhjx)3(%akta&9jDhi|&{v(UtalNYUS4K$*7 z_!M{e8wtOA+pF|pCFF{q3A19hD%b)*h&)QhY)oKiCCL564zGYP4s$LaV%n47Z z>&u3`TT6!`ysV0br*S5_2gj<~$Bc7WlXFGILyPtMXMw)+-A<~gQJn!cH@pECA5m!2 z5q!7AuO%gyBVe_{U6?l`-;s_4L%jl|_1W3Ro|wYYk>#?BUe z8nw!ww}vlweT4Gu19QOY9sY?G4DsXWP;N6x+a|7xDDGZJu$#3b-}&wt{QASHsvWcQ zX{O5V#CgtmsX=>kaf(=9e(m)i*p3vx)f^3DZ|L$nno&74c(XsEz^bvciZCb$>Q@I7 z-#%AZ3((S_ql#NH>c7Ca$VBIg8q%?wj^ZHh%zo$EaX+SXMxe<2DJdywc!xvfd+c<= zZ}%tHx75m%kszqmZ$F6FBqUO!SlJb$pf}oxO)U{~CW+08;5rUgptm8Xzd2Vg;WHz+ zu%ZfCiX}OHV|GL_k-^Zy#X>O2plwEI)?aIn)cu!2nFxEC;Ic^^W~T|0dtXuVeR`hXFYS*ehr7vo9+KR)pBxT`ju^Gsfc%2_JA=>X?Rd}3uKD8}oK#BJ+( zZs!-ET=H>paqfxR?%E&`FSwIBUa6Jmjx9MoT>x&<$8Ag7US7AYYohAv96lHES%WZq zzKUMs7OcSq(#ad^-2p(u10nNn3+--}qcdnP(;E@klhO3B)^>KaZMtj6c_|v^MlRX` zGi<)qU4?5W1_SRa@2ST~Mp1{b^R;60e-B;<5tu9oho+*W@BTTQXy<9xF>9rw z69`GIPO0n&=iG&)>`nJ~dVQ4?#?(>@7v3xaTcr;efC6`HZ>2%FAfb4Vk-2!YOO z4Q|tt=qk0MM5>7T+>Ah~tT`Z;%?AGJN&?1O(Vj~RQ&op?h8YUCPn0lb0F5zC=Inu& z8TT*oVn8=?Bqo|ae@%zw7lN=MA1Pu>RsvyKmlvl-Qt0?c*S?d$0XBaPR$Ay3XnVY3 zWQ;7)4^&d}tRUL=wFU0l>4Al%}iCQ$J^;?46{d%~+sze)zY5N54%qtOTRmw~IKt znTJ5aZ))jN@Pji=rO$4L`zOMz>MdBKKU6twuHPUs6@t381xq2*Px+tj7Gh`+M!mLo zJsWzh^M2Aw^+F6B*$BH{I&!+7ElG_e=KTMt%8)<7zPL`&n zQBP5}J|C7EJA?l}(~^upEp|sUV-9x!8Ck?S4h7{HI<=H++Rsv%F}_VB?Y{BSI3`s9 z7`~2+BeoLO>-LfHwsKZlmzc~`ZbuSPshTq6^ z{_-ht9+4VDC~g9(U)O)u)XnW{$M4f>5-vXFwkjaV3rdoTD)hHeyxe>F`lu32@Y@w> z=wha5xo`UykintR>I0Wlsq+Cy$?CT>^ARGZn`te?9Z`XKIOZ0`@}F|_Tp@tJxuv92 z9{3U+)x=4GgoyB^v-;z~=F@-OC_t6>yQTq_`oy|W64Mx&Dfle7_ikp=xaqOcw~wK3 zt(rPIsu6QtSbsIJo@0A_9-nCVuy6D9X>VsuHzsgCSse~jo8LitE%$#phoj!CE@>wb z!;WUKu~y+q6>`4;o1sxcW^;B5ZJ5-^vhe3Kp)Di{MXS=-!M#h5YTw(>`=^J2<9niK z5H?a~HiE=P_diWT2MXCgvhE}NLZs&-4}mQ?IGB=5`--P~QX%ySaue;$^~l4`kSn~O z4eNYvUn%CYM>mt&qK&32<+F4o9nxy3v0v-WX6f2-AjXXVB5j0hU5jLn@DSr9jsdUH zk8X*B#p@{)&u~cs*z>?UXd`45$pnF-US0_7d4JLTYm59=(Fn}1Kgz+y3gk}f>$@YymCtsu``F2& z81Mu81Fe+2;Qgjbc?Y|?4h2Me#WY5>oL?R_Z{waPwq1P;JJV%qcGYLiphik%xX;5b z7%@TXc%0!sz!x73i=-B1mw@mt9FHB*9UMn8PEAi#frm+?8uMF%f}Kq#CzrviKMb9` zsimMd;glJy%b6Z|!qf~0+^Mb*pr*91r@>IHQ1w4d;>M$zIAFD~DUL5m z0o{w*-y78s#^*C~X|h_Q^~t)N5@`aQsf*}u{{kRv1ju$8(?HS)ZcrAWls z9|x_``YfV!6U#G>lr1rI>92SsG-=B>IkSz|EE)z|=KgJC@CMo);jmuR%IeXfO=kHQ z4Dx?xH%>Y|QP&n+-<@h;YlA6&f6!kDRGr(Vl-45T{p+ z9eBl)5&6@4YGcBtAA@aQINd@XoSdHpt$!B(Z8dX0Eqa51GskAwP$GP4RSGR=kg8c2 z(8IkAFhEOo;kzTG=LtU*Pd6%TQQwNb5A zw~ZglrbxO4Gb}$r1wA>bTVP-+RJpWXgV%qyF!=HmPO2;|lp;1Mj){h97j)n^75uG^ z`|gP!)Z$~k79?zV<>Z>q(Peagp*k^?YD*0&1?dTU^U(0X_+-i7T#s}cFy>b0s}u$n zvhML`iJKYzOL=czWZK2(Qgq&#V$qMRVG@cM2`W1JJi)Xnrf7+(Rx#W?T*0;Zz#RVa zX9x<+-}xG{@7h46JSs%Iej=#0F{bVp19Vu2P~flezD}%_)s4}o=l=JBr-Z#VF1`wd zk+6vtreu^Cvl;fOI*smr9gWLp9o5b6`kXcIGGS4#5OE^r`~?QaW76)I*=_?7%a(%d z;&wiI%Bb4GU*px3zyQPaV*W@8lf$^~zsYsn6*9fN&@*W(O#ocU)Qp&fLOr~# zanNY0h_-jg~K!lzt{H?#A ztJnIM5JSUv0Qrx&Q!6PY2hbwBscKR|j|ywE2iJpu>EA<*9SHGO($H;pA-SNm5G)fX zCP*HboNrFR+hrGr6%y=}$&itAhSdlaH69!u0{F5iPIP*x4hPT9+WF>Hq2`w1Oq~@qe-14b__jKPv{CUWdiZx2SLQNW`vfIF4j@FzJ zH@{lsS{yDy8UVceZ39!+e&%mDni_3RRKvr`UyEjlBF@C%NtvjedwFrO3di5 z#~&7PuWt2ui8=5PyLYR5ZR&d|XALc?k$ChxHDS$+V>Nbx480!Ef+dEx1{Vya{$(WC z6SFSU34Rov^ooqEC^x$pT`V5w+(N~N;JZ2y)Z0+<9+4>vZ({Vx?@#%>kKUoV+@1RtqT0BwhcHzF1~<#Wo~(7<=r41*E)?ZOBqUa+Q`pC%hy+|P@$SvP@@i$kWDo~_%7s=o7CpRE zw(S_-Pdpd$yM59ETd)RkTPav8D&>wK526gkCK*mF9tBaH8F1(vl%`X`8>N->yTHQ) zgod7o*_dbOQM~?{caH#Jux?_9^&2xPW;u9@tbu!hem3u^qi%CS1a*zmf)sqH>2F3H zS!}$0@oUHhW0z!TwB4lSYOjF!7t9`39SDj3NpfER^{+U(iG*; zC5?19M2@M6mnthyTP5EUndDJhCPxX2#bo2zK(!V>^LFhO~4TIl0UQhNniA{E)Iv zo6%n#R5N)M$Ef(QfS9Cj8udPCe~lpBF7B9|Tl(UF2>e!T z!~un-6MKk|q1!V3+wk3#!+JivnA$#g8e~ZR;X1FoLoXe9Z!O|lzP8`L{)i*Obkm%Z zc0YxudJiFR07@iMylkf1y8a9H$1i{`YDBF<@GGwXp^AL#?mWtsQv=Qabj<36lB!2> z_IoP|VMoR8QP{1ZI@|;@ij7r_ks5l6&-|{~Jel9bdMDp&W^Q%*x*EoXYPv1o-?Aml znhQp>@!L}1MnAnfarRXJ-qg^?w$8g92Ky7BLAuv%V8@!GQEmBI2?(==z^wT@7Bu%jQR9_Ami_wTSU;im%7eQJh+DPbrX1O6lpV29orWqNy8@7mhJKR0 zX-Zz6{wh1@q<}zS9PI}#&CCB6WsF>f{O~O}XtrFFq<=-X)itNI6!vJYD!GTg#$$$h z+52|o;vdaO9TAYc$G!OR7Z;!I!+*(8i@W40+eM`=?d9}~5JhdGG%fG9?5*j2oLpPV z8#Tm4WyPkXr-NdpZVC>G%Sa3PIRy(a+6-qF5h%6mGywX)%E%P{(IsV78}F4zZ{*+C zNU=Ol4-3L&5`yh*tSdtGdtZo~Bih%hM0?qxV; z4#ldLfyMywz-j1(3xzimMe}o-j~XpzS!AD$B_~z%B$4T-7RBs1`m4<;QAS)kz=q0v z=Wl5i(zjMK&Wt0&EXxgbsL=~Q&^1|8XHMGVfC>pt{QM9e58klhBjI1A7mIzw$XJs?KodNy6`?YAD#9MUIQo7 zZ`55)*8TH=>TqeSXNdW45)Xhs`>Evx^q$6Y^c108^V*4gTcNMX#6sF(#U1^4|HP^3 z2=D1?BaT&cu2YSUnH(PRLhHtt*FzUpnPaEWq9#e|FBSFmY|7b=A|P1lOGvN9w^DVj z!eqY}{&Y^4kG`JgT-Lt#3~oF3=Hv-Up;HWVGX&z-lL7PB4`rP6s{z@e+VKmtM@h`1 zCOIu*Dlo1?zh*SrtP5lcyr|xYq_bffyy3uH*3JTK!+XA-%km3!jL!%eq$tNqo49!?!vz5(I?N;h<4xk~Iq z+KDAPqb4wt_yj+*zxeB|Z=%?)WnRV2Yl1mkvKudixMcw|8^`@pnQ!a zFIGF8KqsiE{OOp8m-w0|^@WU1_ge}MCB%)=f!%oU6mKJIdZ1^YyOfOd_^_CV2fI*C zcDh;05NcRp+*dpR{5y#Je4qpg;e)r@2?In6MOQ|<9DE@RNN>6qB?HX<7~ZVV0y7J$ zCHX8I^bej&O4Pgr9M+qSQR$uHH{iE+1x_)`{2E-9tB20rznk18jWceb}y5AuUr#rcu$u}#3+sdRZ`^}4j>i<(!Mr3J6@cre#=3X&4j;Y$79`dXuyIdaEWrS!24s{W>!9>peRR!94A*lBE<)3e1Qe6J{xjsxhW!)b|POZ2*9001-b>t}6bIGvHY}8H-|;Feeh< z`)3xC!FotQXR^bZyMw!#qVik+nst%hym%g6N4swTT`~JEf=(Zlnih-wIB&exAArP5 znbp|Puvwe+OsnT{KxP^?^j~<#oUUgDx|8o+9$}8<3b!=?4AOr-R4)J(SbAd+xUIi8 zJz&vnb%|Ejr2c`h(D68C@sixyY|6z$c}itDM@Nc< zyNI}ZjI43fLJfe)NDURrGRD{~TmPFWCi4*0xA;m)o+Xj~2Pl7^z#by>MAcAdxu6BF z%Cxz-gvj#rHWsBY{nE+CL*a>oLkwTdTuyOvZOzo! zrACsof&9N;j+X_FZnP^b&$6=PLY&Ayr{P(26;^bH)2prfwf04QGvN8Nu;lh)@4Tma zNqx#F*{}rt5dZCUqXkT%M?QU9!+(WDf^s_fi+If|T`X?|a(T5=6!7)L7adG3Pl@_h zz}`qee&os2w^rjlIj?#-TjEGv+0!)A zvWU)<@ZPQ=z~M3B+91eBFSM{_FF9w!*|#|}^A3t8-_(Q%8kVg9)o3;&frX8Ti`V`Ej5rOCoR_LSp2=&DnL!s^Tx_a^@n$Ip!OIQN=rHiXL!a6p zuU`vWa1U1TkF!Rc*ZyY;B`EY4DlW1^V7Cnw-Qd&AlVMcn@%~;#j7gYWZ{wFU&9g3{ z{Wf)ZIazzb*Jig(T1a_$+7sAnzg^+jsTzg3xmHuCkik5L= z4lYW}+7bg97HWgQ-VjjKv9i|}>q!Na1ut)8}bD;d>YN zKPigN%}>HQpVh^dDFP`%cU)wbsv@+wqLkRN(bxC>0_*WY-#PL8Nw{#VIBb5mAZRPp zSVLhl=#k^cCj0j-SkO{KF?ldljU!a(g{1rQ-e(ekL($s?q{^n=$XIuC16?+pU-lI^V29wQv`+Oug!N5?xvWD8HozS0Bj!OyG*&ixVeE z>^Y0Z=dpXfp3AGO)PqLY+u7O3d%cn$R_Ypfxi>B@*CEcjMS>sf+zYS-Pd&!nJptof z^?x2pkPT1^LJ@CNk4}i>QqG9|wXA1uq2Iq1V(T{|OO=2R4)!p$yolv2Q!B~;A?;76 ziyZyJw?ZZ%fd~aL<;T0}VrXK5O`nW*8ix`nEO-vY(YuSs?t_CC+_+m}Ox7SvdPh}1 zToaZqaCN+nQV>s4>f~lAhaW62L+p={Lk1|rWq(O#D5#AR`{T6x8!hiWzFMv9tR#Yr zpj#R|;1754{K;$c_}G&FQI;wxr7YkFr)yE6nGryT26|&sN86#1(yinFM8Puf-dZge z);UbL>wI^cmlq7Zk&3Q&Jh`qDeAz)7Zrty!lt33=Hi{}bkRiQ9S@H9pzz`Y;m`Fbd z#Ma}1Q>0azwOXrXql1H8mgi5dozM7-i;E^=#W4I=L~lu`ePL*B`)Ei*O8jrP&!HIK z@-~kITc52ojXH}sbl0%&OAR?qP1v_9o>l4p@x{y@fRh9h8(@>Gi^E-Q8VzM8_@^&> z9c;g4r;hP^FtLC8OKlM#n1U-ujer&ss6(|H9B|gMa^}uEr77W$R-i&&R4G@KxXB=T z+;4KV;Zg*2|vwAH_VIKIZ z0dGN|!vG|nF-D7#>|waF@iVB1BjvT`=!Lh6@MdDmzNTWgr^tuerluxQXR*M+Ik*+& zo98+#Py>wu$o4;7o2QUDKj0mj2GE%1XifB*(dd!Io%T8zCPlUqNR zhY;#1vUj!G)S<-MC84kG`ndj4&VxbjR|hx>V-xkyI$g~XQ1rV`b+a!ng5j-@QEPOP z1;gn7s07PE<*u1qU595?+VEBOPqPKOM?1h_Ifm>*jJ;^&D(iloGskk_6A_YJ|lZguvtqEdb{M%5YQNd zj~^ml0Hb^!nmw@@9}>+rboJw{#RZpN z3JWKpgSjGdPWeIyw(>Ge{c_X}44l!al>ZeEjxZgy0@Cm|H(&5zg^K3Fs4(id@qsk3 z{!2(eAlNz62)j!gRB`+TPfiha~&f7RYqw zW;f&%RU>Sq{bm4Zt7pSbV((YCg@}h4J8(ZSmC`qR`I)T$azp2ya=*LxXpGFXZQQ z{u)$tb{HvHJ^z0Ki%xTDmaO$vGFezYu9#5l;c>Z+nbnpD0eaE66OuoMZoKp+W_wa0 zq@R8%3+afL^&2Q1*$eZq{s>evl78Zvq$K8X6OoV(CKZOrtc7tzeDn?a^ zu-f}AgBzk)t3Xj*a*usXdV;n!~zSF%B6%2N^)IjKY`;k z6|^=t9TnYxdFAZfL;6P*I^LcYH4Vfu(G0w$+=_yOwr@B8yPANAPLenTy}A6B95FD~ z`I`tk9=Hqq4FB|-42enorZ%GDvG9+ViUVQA2Db}yu0UI(z`y^#_&Vc}b@o9rxS%|#XpUnaq zlNA%#(d-{TyZ!X8TwIOZ4Bi2^x52?t0G#WP-(CJz>S)Xl#C+( zuZ%v9J1^wvd&SBOh~sU0mKO-4jDZ0~Ab)CBXu2aXwKU9`)>QPp^Zb9ei62m_G(X0V zfW84Yt;^@XMrRxVJ3$mPp!-MUF@(imORC>G^xGd<53lw)eek-Y)%J%D9jy zB?=QKUv$+-l?3X{uT?)|KepAD8&EC5e5*^S5r~;TbjYfXIXSe%T9uc3X$_4I%ZMMf z6Z%LLi0qIqboU3N_B#)$5{MI35aR2rqkP2YK$+2Rgk7ak`WSyiSBYU_mI5=Ak^_Ce z#eD#NM5rf(l#h<>0=JJAVriT^8Ad3g zLy3-_gNY7E&ZSGAUg!64-7jnXq{M+=j+(oSa2KP{M|9~a38P>~yX-8OkeMDUUUP7W zf~EsH-wOUF+mKNls2<)5cCJ_G{VLZNKb5;dd>VlZ!FS#>sSx?*^Z~s%4@&dpmha%^ zYaI@E#1XU0YIWO4L$43V&jl+jWBA(B>KfOakK)s)Iv~X~u{P3pskUou`l6MP zjG5PJ`~*%zetUd@(d0ZZI9c})`LG3?s9aBSFu1-?!uD1-H+oJe{Py=d8jU`DMn*<= zLMr4<`+vjy{NCent3-+uxMN2}MLqp0!ERk+vzq5}$_Leqhmmkiq3lu1wHr2MPwLKLcZceZd7*NFDUcC?|f$14NGA6pD zgha4b+2(tcr0xM`?S=dwP{vzmsQ1@qXm(LkI1>um{k0bIeW&qIdJB*g8o4t(JHXZ2 z(9a07*r=UvAhT5~Ma7h1BuHR=>zQw8GcMt0IFRt%bK(HkDL_5WgQYR?7a4y<8dN(@ zJmNGyI2^20vAF=w`R!ljvthqYoyaIzf7a3ZX{e;lm;EuFTNlxXuUY0#8GK4431LE% zd6sQMj1j2g*zpf$Vf9OQxf4g3%zE|GhTZ)Aj?IR1b-9m=r^`e@qIaRpYIA{_6#yaz zwr{nL*Ql_l-e9^VWMrScyx!g?SJD6e=-ptkJ49QJRz%c>SZ@F7yW-kBgun1;%h zL#d~i+s*;!IlTxB8nv%gbH2!5Of?vj>OGAF*Xpg{&W7ZDP(e5#P8F}v#`@Gz1Rxw- z;AsP?X*bpC?paJ+{PGb8?v&Zuj|c7!Xftg*UH%z>!qWM1dTLYGDE}RW6fTqhtn0&D zk1k+&S!cg)aXr@^#S_1#rbeUFhtD@dD+3V*2@jnigYd2GQe!+2ZC{mEQd#*MNKK}< z8LPNjj>w)RjnIzkJ;4jIuSUh(`iq74-$EQ^g9TnC&rv(iJW`Za1iWESu1e{|+|n3> zv8l4=87UuM8jOUQ)=IGKkHw`_tTxhLODCx0>eR)7bMs5nWYItEl2eoXRH2UU9|y3q zGlv|5pk&duP~Csi!*$h+!yS!`@iQ>le>(fPl+#BL1NBpr+{RLioS8Y9h>s*f9jSW3 zdb3{R(>FqRj}Q8xsQ73IR3i_`66Pw0b2ha?1xlBX@x$A^gS<37R%f3c#X84Fkn|+T zP&A-zaW$H)qojbqG0Qr3HlMRg-NeqMS1&I;0U#}6qmX$FSf(F|9K~9Rkseg7{81() zh`nyv)zy3Gy~fk2FbBQYyJ5~iY5W0AO-;%WvGIn2i~jx)<#e<_&~!Wdx7gcMD}FXZ z14rg#4@pT$PJn!$5}8+AS&6~`nom^M^J@h+!;CmO4nR3m^p@6tUv5HKSXgkoo>A|g zZ0?7c(0`apcC&jjxx`tY!TE)p*2c6M&g#j>o+AF)0FReE`oCvS+cv1B)iPL}4Kq^B zhBGE1Ilf&GIRKA@kX={`k2^LhwN$NCUhYahQk*8uZI}z}fM%w9MnKx6My(4Uz!b>g z5DA<6SXx0Xt~rEaA3+N(S@JCw4o!b}Im1&f296(m{__|!9tGHl80Y8sY(zaNxzZ6c z0b~}4iI@3fZ9i#bbQN}2C0eW$a#p(k_2))nbJ10po$11WYk$+KqQVxuyq*r(5{0m2 z86=wL(`rq(`;DYsGgc0^b8FQIcl1?c$R5pio;9j*vzGNw?aFk=#ymV)15o3daPK-9 zx>$;+nxx-89p=Vu#mP9VWz)d>AGP(W%PAn|prh&rgOkWzc3SLKE1(T_slA3SUKp%e zXU`dUKl-gSm#l99FhxHL5a4BuX7YL3Eq&MDo6A7F(PHShGg|g}JlPyvZn;^slBXJL zLk@n74&Nh=&?)qjVrjp9_qIh1>g2rxLl_rCdU|pz>MBCd4qS-P=DE7%BbDMn3ZqM5 zjQ-wgXAzD{)Ya2%dcWj)+U@Qs5FVxNYUC_P1a$nXU7pDa;I$eJSvEJ(+(7yb{xje# zU3o)hUk$NlK|&}PsG!}Tr7bbD8wXOdqEM1#f`=jic zKh_&V2EGE8rPLF2ZS+YwymT+`tkqa>KjTg=Ey1*AB>KDbSg__am*DWN=-P3abz}$O z|CqE0h_Kcu*|ICZxM?qctx+loBzrXxv);MMjf@Z4=qZQfQwcDW4smT96q zR;Vdpz&~HE9p3;PcAKUNmzS6Koz{;t>UtX|c5=V{bF=RHDEcbSHFnSEY+Dhis0Q}F z!Kans^Ls%y`kYujHP_CaT}{jP8Zkx8eKZ;ntZdqZB_Pd|E@wF7>M@ofYjvwcxW)@_ zI@T4dWd7JWu3;bXw)RPR6~cBIyF6@DWzk@ay=@q#Y8~a4Y|V&iDNXS3dj`*9IZ?Uo zKZQ{)wtbL1D8W7i_tyL(*|)F~RI%nwclkU{kVLaRVNoX`VdBlFe&$e}M?%v5bDFfg zrfYJT%?bq{4F>7CV;5>f#bXvDa^UN5o5rSqvJ+pjNYg z^1zVqw=?ty0NUVY23Fz1XJ=(&mu-Q_g7Pd-`Xum?#1Pb^+~waw-Aq0IC|%G~ebyos zzP4A8kD$nOcE9VY2uoAXy8upw>RaHiFRT5aRtr*hv-ob)xBhjl=@^VwlkMdtrwL`&=@`$EdgH(F>t=rxL=wPxZ(FQ2dYw&z1)uv^u=xQ-!_kLkPtraH;o!&E_=V+ z@14J8u3TSVdquWGtA)F}xnZZVf8QNCiyqsAGOV zuxKJ)Y^U~qY1D8Pt}F&*&c23`{I?$AVwl}}(|Zj=gyB==Le>WSDJQ4(x`!$W(a=Kr z@=eP1S`o`;%Xf;DS4_12c)DKnOO&=rNF*N7%5}#p$`;Zh3 z65^GC!d=@qG#oo_NJzF))EZXx_Xh4)bf3=ZaUAaN?rdfT2FR81)I{l#iG~CtUtJdP z8A0N9b#4ODcwSk_qvr2tPfz6rDLe=q1MwM+#={b4%=hvFy*cvc#04vqgo)zw0MKH{ zsxO@L%z%Qrqs)BO;-9-q1DLGg7y?0U<+Code=nSexdvAz{}W_%<2w*S<46!imKUtL zt~17}_pPq|l?qVSxotDV7`SmZ?K{IC4WzZwsxRY$0ctaoP4f=s)%A5437Y3|&469q z_FvSV$w{X97Uzg2=Vh+FV;n4aGa#P>0Cu~EYH#tK_r>3h`@ZnmAPzue0I!hS_~u+@ z#ceBU`cQzE5aRvKgS>#crWb@l>F-A3G@7dR^I0m2x2iNYOyLK|Xw7Pv-wzSaun)@H z7o0gW2LlzXd}#Gz5eV8Y2Gb208tQdW-*C7j#s-D{T=1Hh?1j!jMCRocm++FyWO}S$ z;%7BgcZCj|1P^fzOUn^*UGZC%Q6pnuj0Lny)oV4qp3Jv6a=c+^K1)AK_xwEbi650+ zQfG$Zt{`Blv47$n`C_Vh$8yq-FGb6Ec-=C&tij-wY3>>u0!1+*6>f+}0DQT`3?#>w z4-?Z1%o`BMF-uUj?q1EcLvG7@9i3eGWeb75k89l%}^S$c_Fkr}JUQ$F%k|q4iYPa^dZ z$%EKf)(-X2gY62vsQqG#d3+ZihxrQLv_Hf$$PeWEU^jA?jhlcE?ZuP~8)!rYQcxki z-5Vv)kvYjX-cSQYc^^_4Pla)Z@Z?~uF(aCw>R4w##b2RVTzlA?ywn8X zQ`f^rU9&NU?c|w9B$`*2Quce=w)qcFkx(*l1+JdbyOC2a;UT}IS;kInIbROHk2ln; zDTibqvB`j^xgC9g1n}I0`Hsm$zzl_Hel6q|Nl4%x>*&CIZf10}T3$(U1Q5Q)&6;dZ`cP?f)bK3wsvK z1rkC8S(_as$Qf?-JgkX{4uq1#12l(;qg;8ANR5H8qjCo01{Z-{YGp?zeKD)$-7-OD z+~C8dhYtNl&2g;c&eQ$(rJB!WaI-`tG-os7B`m75D~3!&s;XlQ$d=}Xkmmw%Af~9m za0$cbWPg8G+c#t#9a@M=UxJW4s-M+lMXAuG$ebP~s{WciJ89xvwWJQ)lPv=&(C%SQ zWn+po=A$|Tdf`EgNt#!!I`VwaS1k4v~!F5N{&=T z`+QW{ipb%6ZI+OjxRDz{--G0H=51nm@e6=KQc_3;PRKAj^mPQs?_*KC zOEPpfk?Dw?YXh}z##?fPUku{YOlj2MVweQaD8I-UMT*%Qn=RX5Nk!Zmzw%UV6*J;c z`@G_>Uj8(#sIO-~pW>s=z~ow>sdjKCLXB6Bt*6EM%waq55T#v`a0y`mico?&A;9z> z*x4nEkT+pUQ_%EDfN|ez)nQo@sGjz^f-uvpx9)Ui4w4GHyJJZSU8`Do zV9Q+41`3cjPx{*9s_XrYwrzV*c)0Oq-hYK#`efV|TC zF7jg7{=38r)G&15-1H)J;09@e6f*1d70TGK_fN&{Cwr^MvQhnJEO!MB3#jYL>KCk( zj;^*4>6=%MS+Lg2P8TlCo|8jhVEnQEK#b_k!aZsxMe#QDWW7C-z`!ICcGn6%%*Zp< znSsu{KULE7?Qh9vz!s!!w>Y&(Y$Hnu7yfcpBp~eK(!h!OS3y6f6F4e1XAf$AP#=x) zpp~a802<;ZHlD^+4>+}tRp#(%!hHAJTSX@byji^bX^drIw8z(ja);Ax6Z1m5nX3eP zm|pO3v%iKlsybe%BgN1NJno199WhG}o_2I)CB4@sTGqO19ew+;l8*aKqTB95k^K-^ z^4X1b8iy_BZZz!G?X@v@HKNax6j+H8oOvYe5kIC4#f87K;aXCENgi@nt5o8uHwX~u zV%~fL&id})3Z9zpdtCEP&M*zf^FgxO<3g5Zm<-;B4qR>uw(vBfq^gvYE0aXgqcSp1 zcsDwChSu|SvTma*gPJ~Gs6UgEqVdf$B2HRejAb{tGm8r`^ghE`S2O=%kBBm-UDQ+% zLtQsD;;>!~c4T^%k^pdRtdY?O zlks0XgjGo($dI`DK#&TD;_*KuP|~; z$igdS|;Q24rLhJYM-|w!yZ)LHuO_OVmSJ7%{m)qL5_-rZSTWN0-Fj<(J@o-O$u}an+ z>b32=p|E_;xaWCKfG$Hnnmq4NW3S)Z5$>&HH01G&1nEY7Xu$L7w9@o%)8JaY@#FSg zt^>!B-PH1NCsozNvkn*G0wvf>b9{d1u_Cv3oc#O*Qi)Pc8Cc>{(b-j1@@-^qe?bpU zza3^=mt}BAWAO_Rk5ABR117AIa7>$`j1p^!U&w0KurX z&iqw{UDaQljJ<)FL@(8O+oUndtvi!)4}T(ZO!hR@I~1v)?^F;z57ub^edTx&U@EiLyymuBr`0{Qq z%ay+hl08@z!PEEE$Lsk>KkJG=EloR+Yx2%T)w<>&2rGlXwx+l^G)t}!bC+6ivR0e1 z#eAGV$9raGi~4iTR2z~29zg+U0CIlQz(XuaU1mix!+-#s@4Hs31C3k3D_2>Ezy$BEyWf6qnT0+ztXPx9#Nx+3#f zbVa>>rPdO|ZUW0T3`ke$ZQM@8v=bxb%*q>R9TQx%wG7~12(~culuQW1s25WL=&nx%g_ zqH5cA1*J>6OS+}IC8R;R8>E||B?hFsUb>~EqiAWgxKT!EALq+NOOz>mx+IN!sK)u3nV2gW@G9* z9|GP@#J!ap0NOO9)!#R@iQ5o>tvbAH9|4Uywv0rW#aI6Wz18(t_RwTY|I4Y)Qwp|p z3@Gjz@bX_GI-j0SfaZp%QW~8=s~?R`RJv=|HNv zl^-Z$-=?>6Vamo0!o}ScT$XG>GygJv@PnBx{if?U9KfjN3MsB7X_3as1|ei9=}M8> ze-G?2k#MSi$y@iBwecOstCYbY@ZwdZyEvpKcoH+pHf048lN8!hhyZ;t@vr zj7mPuUwiFzj*`7TdD&hwBUSukrpwHD`hEnxo#DpLCwt#Bd83f$LXQthCD<>w1ENlA zYcS5{+w<)4bsk5M)#qnkz&|Up>2V`9GF9QQe$Fs>!49u6Nc;5e@2j$Cc0e{lflgPl zh4RXIK;v5Y0Qo@7ksxS$bLbFVFcjX>kP>jqdScZ4sn6g5w-cf)a%HZaY)RJhpsIYz zseK4*hv|`aH`Cs^PPozB-2C|DJfop?4n|=Pep-)Y>p$Nb@gm$-%-~t?Fj^gOtn)lE z)b~89zg@ZM410X^_5a&cg9tPn+s<>ZV-VR}U=I0VpyLm~zBv0m)`zenZm`9E8^S)@ zqYBXF1O!6Kmpoez0VxJwi2@ZR5plDHuZ%^~X`o9gT2{O>q;OfqiLPOdJMFsS_e^s* zrz?$Lh6rdQ@%5M~vM7QRMn#*|0xw5NoDcX4oG*i!Z_3^uk*Duyo9n-)bu4@xwqW@dN(^_^8Hz~!FO*6NY} zI}s`~Z^fi8XE$F<>cxc8J2g3|SC4lV&JZVOp@P!sm^uI#`PH|S|6jj=1=|K23ldR7 ztdc3qUVOubvRnJ@_m0R7KlEY$7F=0@z{*7YuojFFL6z5yr;Ue$vzB`Em>_yRB)-M| za(5E|B3w$`!Ltjrg0{FfU5pDlpRS3w-S3w-9UU}Maxz6CcrIKi8-5)5TX^fsnNd(( zI|GcZWJI;KhmRjr&Pi@~QOulI57=pXeka zw`658$+<-}*{M1#EGw}E2sZ_XgW}ogyaGb+l5HM)zoL#PnRSOYg}kd+tcE+_JrVOa z!JPP@Fg7f%Yl)5=$zwY97Y*Vbz`KEPInwZpV6Houz^hZE0fxS$M7}ZztR;3Y%Q{%|&-&P&YK_ z6P$`ezLq|Y3;F71jwt!ok8ERY+x&= z8hQ`{QdAECKPrB#9XTlVl3kdk`l5O+b2|@NY#;j^cjv83enHo+Ei(uD2Ua_t3_h%0 zvPBzmQ6AhmLm!rtN^jGJeW1jAyw~asnh|(t&~+6riVE+oM~C=OJaT|uYoyv=s^55F zYi9C$f}emium)rFfRy+>K2MzMkLEc=l~Mt&%z&$pep^V1VpCR+!&akb6NwX_ofAK) zFBT>-c`Po|d9PlaY?zaZQH&^I4y^cX-TQBSAt6f-2THLD0oTKR zvrFiM*46thdI$mgxcLUZMFyH^7CcUW*Hyo!o#R%ZFfwa*TiDQd*(++g+Xk%N{U2L} zdO8N`RtmI?TWM+RmRgMvARCg~u4xb7-j)SQd_W=i>9qrn40tm5aj5B*aw&fZ` zKX4d-Br$e0Z43t9fbeY0{J1m6C$D~>ai=sd&HjFuemM$bsF{*|HE2LD+`bIi2xF}i zFPM=O{G8sjXPOS{u7PX3b+aHoFj`?(VPF)p#iS|j$mgH?{a`N$ z&FA_>hn{HOrSE$Hnpq;%YPJfW;EW)AV8I zNNt9Wk?HJ)Cn^d>oqunv@O2s=RyNK)!I?faQrC%l#LmAu9`Y6rluDnHr=zD4Q~SH; zV}^{E`9yAPkml&VMfaN(b8`+Xr27_uUNkHQfMqi^^A{G);tovHIDi&A7YRYj@Z$M7 z=77ry7h{%Vu;Qpuw4Hu!R|InOL;#}9dBw65`hK>ZIY<`NVa00JKb+gw&$h(qyfOIE z{5N(jx^{7}zQ0_0bE#?3Id)Nv+0 zx;b=Rx87|BDpPX`42bT)<3$4!kfcX{+6pXG~tVtlv(K9kafW7pDJSQi^ zQ0c}ttR0NIo?dwqH@7VcfRLk-TtYS#H%kF8{rxMj_jPVOYrQ_Ub-#>hz+h)GPZD&= z7JGh?oSgiclrIiy0v4`^Hl}G3ZIylazB(s#Z6Hk~%)iDfofhEOhSZ2D8!6K<%Ezvs zc6+KA=)?ewN~j`bpjzoCb-TmD^mb;ZQFD$+J?aF$terl8{|kz_DbC*sacpA|u&pq~?7ZeiamS{kj? z&E&bThU1!fQM(G|`qS(lTD8t7)A%0YPWzhUAefA?LdaFYP3RFO_h$>1#o@OU zwl`S-iYSwWKIzhn?)BTJv%HvU%QB2oVb$wa$VCnO97WZyWyIjct?a?@IDwpq)Z#1a zJM$ZM9NR$MaG(9}22Kw!48FfKdY+HY0+*$A^|t>=_IoV8Owjzz9WVl*(f3()zfkjT zs%$?>@^52~^xTR05?sI;pVMinzwmW7wy`!}Z3)@P==pbQ-rRv#|9R~3EhgX^taFyI z7eA#H6>7+*ik~()1te@9greO#t|eD-KOwv+xg!w^LJpQL9dYni}pG(ef|v{n|sg zuZS-~bPpBxT1H$#cHoa6)@OMC5}A36?=`1Z zcDj5G5jQXmHuaGv5@~UPbC|D2UtMg+z6rRMc)Zw1UF);0>Ls2t3LX$~M)H5iLvbEx zw%SOs&p0dPzMJ2Q?5~wWz=`GUIiEJYG`bOWb9}=8`{m``#ui(6>_Onlooi!_l`6Tq zS=k&6@-s~RxKsFs?e%d(BLCr;7)#>fzK2K40PB$60UC(EM7p}B_a6?MPa0B4Y|#RG zYUw083nQRX6<}vBgWeIlRgMhETO*f)YeRN2y5C3VkLf{EWxX7~V0CB{T2`GB3VELj zgM=K&2r`GQ68u(t{Y3$%)4urAzFJRShXt5=r2$SoIxJGs9{dtF_g~>u7s@4bW^>0V z#x?(WS=w3bVG_v5+z$J-iy(WIUr=h%i|o$0(~896hhf0Ww}FwF#_V`vAWTb*&TeV3 zrGIS9cbEqNwnkr^yRIkFX4r5EAE;cHSF112y#7Fo{hjJd&oI@??N9QHsJ|)) zCnqxYiY(Wetzif=U8j0*x5ld(ptH@4Jtbdhsu^UrS)oR;h7BJ{+W=O>1} zbH?rJ+Fo-B7Ew~SJZ&HBo2<&QwxqfgD@1sPkfDM;yZ@Y>QWbZ#CuD*tk&(iOw2gjY zj$CL;Q*Bt+a->u6St&>Kz;uC5WD zx-RHY&gW|#vz(kizfb`ztg#~0+itZU!RrnV7`+-)C-hHu8)^YIB-AB35t|;ZcOqXY z`47>7RDt{;Lt|%Icj`kJGO`yk4PD!+IVfWaLYOc9=69SKGimpT`T_i7~U zGsQ(u(}#tfi>LC%tssrtQ9)9?PXqlD<$@hm{~{pem!10mFw>-^2rEBUjYq^tsM>I_ z4vuw~%;K(Pv^H#L;b+Bm8u+tkx8GxfuI_D5H4-twY=*RPHU>ng`os83S;h3riNO9e#D_ z$F(9&(>1^}#csJpV@cp=yWe%Bkz?nR2jGSNc?p?_grrygp*RO_4Au$^20vaY?)1WX z(D^)`(e)cxJzO8{k`ugVgZtUBzmFluDSA7A&^ML-S$1(8pG=0Ra{?~aR(%PX9H{NM zvjdL#h0X`51}7%SZwLjkuYHKfh_D)q2Pj9~Wn>^HJL15lV&(=8$~ZkY3n`#EjoERC zQ1?}X5f@Nyo}8K;Z7h*wSn}u_<`xo6y8@dh3RF#?!Nhdy^VEJE7gElz*uuJ zMxkO9G?bBeWRL>55CrD_Abv)T>XU8l+=#0L^SSVta2X%lji403r{Pjnb#QP{+(nlN zBRBq(Dp?jh5ey%FRljR(zn&93-}K4QRFIMqQy0qFU#sUHN?*+l2w@_ihhcMoqYx0UHa)vL69GI7%&wXIB z;>W0k$4HK*OB|+1Wty6v>G!#hN%qZ-c9+U9sn_vxN;QeJ<*^q;8T$O$$;)^5&|0ea z)RnupH?OfAI}5Vm;lZj;%k>&u2TgHXFPNzfFIAtPgaWM=Yb*3poXe#{#ba^WV`BRd zQ}@7L>?l3eWdh6;1@D0pJ7A!LGMgZuaHQp`c61S)a|x~Bl#B4Lsd2UcK3S|RiIQS8 z=dBXk8ox98=&|!YOip;U4@fQG9fou}Hc49G!$~JO`NRA`KU_{(dATzH<(g<=zIYY$ zr%ys&dU!b&HhWpg&;RhajxRa@2vhgPQ3BHE>Va}{+L&ozv)rQ~3wc}cgZ58&m-Bk7B5eV1=uLH&qdlmk)bXM;< znY$jcPJH#2kpH8X=fu$&z0>Om#|7tP94)dQ&NF9Omp&8gmcIZa_N-FN(-mMV30gHz z3F(gUtJ#40GE_n86I-otT(x@bPQnM;&;J%)ZG7(8d125&u(n{8vxP$R+Beiz(|5^_ ze^16=2G;N-N`kAF;)os{WowgFf4`Bi z3{vbuiR7UY5rI*{zuH2RaY-lf&mp(0!<0)_yKU>Ipg240sA7&A#8b&sD4)tLDIu;; zjx2G*(|cd*zQYfBaC#I8vly+d_@b!`%B|8O$qKOR{AE8!<}bFRy`YMUaUGdTGQjcG z)g|>pK_`0lJu^QG+3loFef57V))iHu&VT3+r!7|n`B_CU7aMZG+uQJ5e>5Tsx$+AvyL{?_4+%^H`9 zB8ws+z3b+kY+`(B3!PS=CILt-o)}fs9<>EB@=nu=yh;Sx7B`(gomk4s%FmvCP72y8 z9)rKlw_F{ZK`{ad$nQ?W;?mQ(S-*|_nVo$VI+wP!E$4GtisoJU?&yD!;Y;>0v|jG+ zVD&jP=jqaFeehC|w`;`ERZow2_NT$f0A0(mTc+R8#&<<#tZ}K?Jn4*P?0T61@IQo) zt5q4yie9G&)6b_r^$@G|>W__=YrjWW1`K|T? z4j}M|Qt{OO>nZOO^0p?A>$7XEnPu-GbXnN zF2ohZP}*|*JuVn>r3cz>nD(=|rbfcBgTjegbAiKuNmoi*+?k-FXA*^=S{?A(%Osup z3$a^|t)#j`td`jh`Lrh-TJ1du-_+H7eb51b?@~kEH^v-{7}LBH2d~JX!*pkSp4t8yU^DP zh{N*-0vkWoZ1BzeR1crasUH{j>_zP$z$zkK7^(4fhrv+#$oxjX$%JbBub&8yqbM

    KB*V^W~%$A&t!x$G`i4s5G%Y3Gp!|CIowe#`@?Z? zo&^PFs=vGh^9xK>b^OisfxK0;ZpXtkLG9r11D9+LFzgEI?WML`uE{{i`8Q4&yma$$ z&%bf4%D-5mo2)&g9Gp!_^-)31=j06{o6UT z)$iE;CK+&^=}t(;F;noH>&<)eN{XRM_(GN+jkLcR6il5CWHC351a$$}loGV#@prAO z{h{zn&(VvL-kq*rd-;L}azOfNydcn<*yN`y2C$2Nz}$t@&q>Hv!EF8xf*QklTNLD5 z=Q_zSbVa7OHxLxI&B#i+1BNj?m+A*!Akp3NpitM1Ue(yY*8QVs$fpSmCNMz&c!dnr z8cWGL7zXcxUQJD{#_NIgP-sU8$8H`FJlrB6BMZ_>BcP@(Hty-KoUi^$j6CZoW~0la zpJ@KAmcqqGlP9STb+~q|TC#~P1uiowb2Nu8UAVk2=(@pjWfA-ipLzGPB<1=)R=lLF zlLB5Bz+thzD6i$fU&2$k!AhcK*5l zz=MjLGf^~l+5|=uK!!hDX_7KQtC-Za_bg^3AD0^q(=Tt9mb4=QpwZfO%k6~Y^1b5V zsO~ua7W z)1{lH5Ub*RROGEEtGb2;#58?nT_a`d_R)3XRWJ(e>-!W9UZ1l*eCH=L-ZhmoN@q7y zKy5>4xw=!*G&~(3|@0or$k4n@<-wuq7cQj|~iGR5bhn6^<~g(i*bnsi`w3K$h3IdQ>t6yyFHg zF038dlW>{!SDr$ez3ckJlM2|aA_t`4wDvFy}GO?at z0|4n6kd|D3(?y+ssLJ2`h>>5L<7Xy`2J9K~rVdQL#{^CviAk6yoOo%*$?6S1I% zT4$S#dXv+Y6jHEKYIhrds0evlta`#gbJuWcmAq+AkS(kxQsg^b(JMhCqAMyqLp^uT zXxKQs5TO>Dqt>pV?MRa$xA>-s?`1LbTEIwb|ILkpBN~9!|5E<5j-dMP{_Yw;dx4rC z@I7B44Neowo&|-4I8;;x*zc6uKc*}EsHo_Diy_oihpF>^zt^xMvH6L3b?wG)b5Iq~ z_K0qE#5*G-A_fxNdTRtUA=Bf0sF8TK}UGT@GK`~m>; zO~N2=J73=3KLp$RYB#U$!Fx@o1~3P$T+zKZOqymV5UP`{5%~iKAKcyz4@Z1uvEwrW z8Py#c)Gb8uuK0c-$x72Lf@lB>{+(lt=QDBVq}N%gE78?VDv zjoPmUu5;$@)jp3Z-gSo%e34 zuha?9a7z*(<<>W=@^QbbdM|zH{njJfPXrdLi|tHuJ++JB@lacu-zSzJAC*tjg`j=e zV4daP>ljpjbh%BOUmwP7{2<@zOTbGj%;I<1e%NcDGnE#v&piu+>grq)sCC7zYi&sM>z&v&gU&R*?X@Ac~c(Q4@h<)Yv znlEK{RpHsval?AX#n^o}ULfhm5M5 zNs|86&7e#i%+;{%Q?1pu{zdeQo0oZijkSm4i!yW1_F2;!-ot1u$B|m8?+ONEwb~#+ zQv6XV5E>6P8QfwtXC09OwmN_I?-nuod;8DrmZm?OCpx6RQ@om?Uw9FT>UrDN*`Uw3 zA>8<@LWYRt>0dxeZ*aJyCrP-|Gv_m!_dGyl)9Cw9Qu3Sj?0EoF2BgSi7THw8cQoG- zOlMk6)^gHulg;OCiGQ>_65Mb|VDwcdoKJv1Wo%rD{N;8_NIv`D!H9%yGoRJw&uf^a zRZk%g?D22wJr@hW0I1$x{EOi2Y8}-k6V6%}mp)7mY-Y~d(hm5m`eXv`Xo&(~;>dDv zQ$D>PaubUTFNyPK7;MB`oix|G&Ef@x)=cri z#-7%l!?&r>YwRBE1v;CD#Qt9~y_Xbgs!sG@gCsPh@+na~;_7&)(=4HgMZ{jPP>mtu zeK=J-6~!o}+WxpeEzRX;f{;m9FCZLz_fcSo6R1 zWNXW!|8y+>P2slDfjF4Ce{dYC&~fU>iPz=CcciURjSeQ}rD73ADL+T4aoE7CSZzZ4 zO1O{&6+{D^JATj$M|D5@1Db7v790T7N0mNV=*PhYh@FG)+s~gKfO*sf)*|y-p;{S5 z_+XH-t8%GIeoY6wN4W+`I0#IY&!F{En7!{6@LK;Xo*J~-x>ZSH2CZfM4B0?X^-22;*+g4Au!q|OMfv~mjYz~6xnYD`AZ?fy29);J@r z*AMMgQ>a?psj6!wb?;o9VO3$9bQ^i-sH>xL>5^_DYl?V2jw+W-0S?9mtp%ig2&)?w zo#i19mE~n(@?YMTl@F_WT)zLSmjRMyODCIU@-a6@q>_BQF1txcN(Omw>ODTz>qB{V~5O7C!h{l7LaLZMGeMQj3 z$B`%y_Wv0BG|D2KSp9(VoQ{V0;uSIhId6O9gx4>LxN0;_Mx1qAVD;UHCBLM!6mm$d z#z>T4^_70?;CxxpQAx8n_xPpQu8;qko)HNhWi7$@9T?l6;-yJdJ|uddB_!_V*HI>a z{cve8p{wBq{WY;_x`#3$dXqG5S6KXx>2r;ZGEm!Ee!wSZmJSFI71h*KRi%u99ZB7h zsGL1LTj?$GZ1iPWI_SzXGo4oBPjX|NY@2%v@fk-bQiF>e z3Mszd$G9h{8fE(=Cr2c-vT@?5$=C{dY4sH!vMVaKGVUop!oD8iCdda5IOSiSKJ!ml z|7-s!2cBN@=H_rH7i^D#-PC%0fd| zBCn+nhAIKe9?Ai^b6VP>7!;=v;%0@I(L)O%0{#@3!JrUAodu_P=8qXc-9#?l%m=eJ zHO3&PZ#TQ7M7ukSi6$0VM?8za>g1Lk@Zs;hgBL<8$9DJjL;CE36mOr3ip|9sQ!h~E zVSgmqaLvq}f|03z>9f*J@K`N8tEER-b=7uAPt}~A-uVgrDAO#9OGx2itxMaw@NjqU z+R0k>NlO0DsMVip!djG&t}ujY3T#ESXcoArMXx;l%MchvWnAK(1}ZoRSi0hbZ; z^H)CVnD?+aM|U)Z34;~iwmk@^R?leReSVC7d_7JOjAUzC*U)4>AQS}8;dgW!gu=PL zg+T({mwbma(hi?VyZz)GqJWFi)sm^?Z0o>B;^A*9zRnInDCqfH$T>b2;)VW4Rw*64 zl8x@>-Vjbj{YP3R)OmB##|h~~N)vfu&qbnYn#!}!W+kJswG}(-$bRympjYn=FnrI) zRN@3kmfi1hqqmqYfGlDO62e9Z*GX~m^h7ZF^%_!ua#SlgKc~JtTDIabgOOsuW9NMB zjm~)j=LGKd8lyAQ`E8pLL0DNI%fA40Dgk52LASnvUG24~)JsF#btJNa&p}e7R!kO) za-AqwT#G8~LC8d-fQOJV1Dg>Xq+6jpZX7_an?Ve{A;$j2fF3(f^W7NUOI6IqGvd%dQ@(cHGU#wrdcv`H-H@C9YwMpc+GxKw2o{|M%^& zT$r8W8#&04lZntD4j&Z8xx1OW2(Eo{k$|ZTu1v8sV{-UT(0qsQ*1iO= zs`x+h*`|WG1#J^%b0o7401x%_Ugi9}8S$ApggU6)`Yxn7dF(fh!#_$#2mldEh>KKK z2xJvN4*YtpX+Uq7gMnABvqUrjj1fdqkvnp# z22-@XUz)xD9U+EtH4mxFUm@)c6s)_Dc* zt@>y1B2e9!T{P5zysSNj^|E5?#up>)TgSysrYtLljUs_`6W8hSmd9Qc#U?9Mbe15c z`9S6kGPD6{h~fW8k^G5fWvo%MRE_RYpKcu+&5D|&Qpzs3$gztt;ssx>`DEDtcxwM& zBoxJ||3KL@9LPEWs0{SzW2zCQB zGcdg7783CJQg&{63chORkAhyqu2lIn6*o6&K~M0AbF^7Tp zw4XFXCLq7~b+_p)eUMjtPH~LrULI70CL_BR#&;B~a!k=#bjz+{HapxvLPTe+QX2XN?tapy;3W%4vi6iM30pDq`g=PM=h zVBI2V1ADj@!M}Z&wUdv5Z>ZIf)1))u_uW1|7D*&Jv=SNHo*iI4DW(x;Rk`aT+JTcMYSPTw0p*dyV?Bs_Fm z0#$MP#>}wD>W!!tuCNsG3Cl!eQ+y^bCw%eWhoE5`pwF_Oq-3agSSiU347luP zHK$EfC&D0(Xz4I$Hw+i|p9m`I%<3obn2of){)Z~qu4_uOHbZhFf`qgrfP;68RA)*! z>!VeyLct>J3RycaPeP{gZuvX4IMY`bpfmIcj6hG3Vn^`Ad;9xLX7=j`M~A=?rCn=) z+A%!s$>ONo=bIako;~vk%3A>!7cJwB6jBwG2g#h%$1HRN?PjOhi`3+AmM|NMH9M5p z&zdSJ|5~sVWIr*mkTOU96Ol7D*5~T}tcU;t^oT`shI#*~oQ1$#24)?Dwl+hi|H@yG zr=6mK8V5M_SpL8&$}*a?T3Kmi4MypOx;sJ^dff!Q^13~^^cEKSmak?Tm(@-}6b;|g z6I_yHL30rdmyU(?C5Zh8V)j=XZe2bS9(`O!S2bH_~MTr^icn&Mp&bHv2)r z)cLqst{D02v!^F7@lhzRH_{SAU(am;PoTcwA!5&7cC;Qjb;U)6K{Ll(A!V8-j(pjTh0x_SJ5nbOam~9OJAM#p8sV!Dwx)jxZu%$2f|U)N z9El(cw}m5*-AnIVKS&|#dFM$^P%^yI=drcG7-0U_OIJ+6P6OwB7Ty-%D6NTpsXA4y zS1IHqDKWt(0Kq3LEV5E8uQ)QzRV(+}Tb?bJuF+>j^0dnfoOY13yygH2Z-`znuQ33N za4#Lvt-S7Mq~Jv4X4r)hEx_kQ@`L^;UQ)Gx3sL=bQuYq>^WIyw_zKw20tIw z)ojtJ)D*9rIrCGIP{RTQ~dk;mI~Z(g26ZZv9c`NrnYUsDFdv~hypfTmg_i*+4aO1L1apb!-MBt(q` zbrpQ#xH&`mOt0UGG(<@FF**i9YLeskdcT+r!~Nf``w8^k*1z`HBkRI*&BznG!@$Y= zkmY)Z0uiEQUB|cqEm^v834!xgOr6dB{SN*cs3|{TRSW)WH6Ra z^GKdr>DmR`7*=1!JH`=;jiL-N_Q<3eVG*;WVyW82n!K+m)g%clM&6F2S*J;vtyJxs))(R z#M~4}El%M$*dIFz9~-_5=~^E0 zFiA^?8cz~en{3c#W7@N4^veI+|KP>QulI$Kz)iv@0gpT4ynKp|vp|QPJ|<2!A>EU| zR?DcFdiMOG4gF8*GntZ44j)ISw%Cn%q;OY8YHAq3ComC98)2<43jnVFpng6uoZ)Wo z{swW+$eocndqYPU3+Jrk1b*VhTN^T{K~@XLq1`})^OB5$i`K>?9|1*2MuySB))plr z!vPGfSJr$?Twe$rg--K!MW#Mq*2dd1J1D|Pp#@$)!A9e05J?_%0qx?L$8wTk;?`)v%*DA$=uaOXMDQ+|( zc9BPdTm_gDGQB}+Xm&YM?xA!J`IJz{<_D|xdGk6^B!0k5+Wm~JxAKm6=FN${Q72l! z?bBNV5+X4Jd(v0xJzb7B7L(>C^lHuszY3Sk;idlw(8BHf4sS9(|NHlcnCyjlTW>&W zwC`V2kV#)l+#TnINu1F&g4Me0_R)_~d(sR9dO!4akDmGOusmPlq-kLOY_T_VM`%=j zn$^;dQcMgM^@?qD-vo;Y;Aj7+ zao&Au6s6A+>Sy!CqlTDO*N!tI{#{<^f8Za%<=DjkDWfZ$0vg-UzP7c}W10}M?7u(e zsJL;EH(PGP+C{6!1>IE6O-`+ZB=jImE>8F45ckM^Rz}dv?KTV^vlJJHN^de7_0=WP zan8QTm+-!dW_;}J?ZH1qs^Y!nG(>*t{+EJRR;IXejqn}~afjv`S*656S5XbHNhmPQ z9;5<76^QP1cB2+8Bs?!foNf1-0Ytm1zJAn*sDCpb7SZa%^G&tIg=HJS`(A(jWfBtN zz<36*D<_tqjR!mz07)TbB<48IX=^vc+qaO3ao7y0G+8%Kze&-=Q9}hgp;=t}z=2kf z{F|B^Su+DPfyE4Mz@)5oITp?Tph0MAs|WP3+Bb~$aWP;LdKnd*jJQG ztJyIA{#_dvpB_AHMq}-0k5xq|z+63CCb)|>B|9=2q+~^apP5~jHV;gUn~ZMnNQ~BU zXZF0ds}=IZ0#EDg9BsQJl5O8(lMjq2&1q@@G^g&s!hgch&nZk~whx$CtPJK<>yF!u-veY+1OF+@Y&o{)EC zc`kQz`s%+n*yKd`nwa&!m_*!1SST*_qD`|zHhYl=~7Nqk5~ zbZvoIQDgGFb9v6xzA6F;_sES?rdRtKzUX(aLO@`A!?g+5tzivdb>2cPZ z)1CPNuG}tea`7^O{AcS>;p(r_{3teH5Z4G@81;2o%<)H}&=P^FB~8z(_LM zxtKWk34rfsE4ncNF!n3Q+HRp14h;=WDDI&uKp4JY>Xj6T4@jur-c{-~uCE2Yy`85a z@3C@tM77go61mL7fC2{co3V9DX;pr^J>>lbu_D87YwF#(o3_8qb>+@U7HDqVbiR<5 zl?S7U0DpkvaK7fP#g@e*yG};q{5*j^ZItNq?FQdXo9h|CkC0MOU>3PZpI8Gx{mB3j z=VI|Sac`;vC1f3K;?P~{r~3cUb0?DKHbUoizzVFvnkCo(Y69@8k!Th>8B0o1r=~6b zuE$9oe?C)B{aOQ(0MPNLla9dsG8dc*Hppzgo^VZC(EO%1cQ zpg~2O3ozYBZ@i_v93{w-V8=Yz)+ zAlL^=InuGpAti~7l#;TbAp(18esN9wXmo)XTfT++6hp!f3s^)%nBm6B7RDjFRs{x% z3!U|1KQ@>hw;Zr$XFULh*kTN$Q`*LN=~mg@bfR~kp*(6(=Z(pgl|aB3h8S?_fcUXx z`OyLY5Qo9*Yua|LEP1;f&} zI***#N0C!3L!e6n`{u)x&0|YE;HXv`YH)9pK1iIp2gGN&z1pC>foJ_`s6P^OMJ zJ$vl{JUuGUuh?fec2Jc1voP!j*F{vVSrF#wrGDt<>KVjRA6SN-QhwVLi30#_@Q_s z>h;i>zcw5YoBG`R%w*_ckhCIAsMRp5Z?lDk?2LLbzq!5=-QPu`yZxy<9J~w4CMkWNKSYjM_DunXR7=_e4>S92-Xg~rAg|b!kV1865^CcFO6nq9vqWI# z7UYw+MTgT9{f|HU)!s&bw8$kT{j!?4$(R;N$jK4X*GF?CJ;YQBevA39=fi(}Q_!#K z_KWmH%ASMJi-(H|!A}6KUITO#Fmdq=XpsiQHMV?vIgDtq!_NMa5BlF^uz8x6T%y(V zozl?n($Sv%hC}zw4YkEkU}nvgQrUr*&cwQ*lh(bu`FpL}4Z`u4-T~ZMlI@NBV7L?p zKqJUcIxf&zn@%O#Zdd(4NA+`kwox~`tIxxFvcgZ7(?3c}#k=1S&vW`{@sz+22CQyJ5?k z{5CFaj<68vUmpYM>6b#jnV%gUZvuW?(o~GYG2f}Ee^>t=0j`*#qZlAN^@oTQL%)`y za5h)Q*X~1wCg*C&J$R@xG}#${e6hl#$p9U2$U9XVQ7ZY;CL>ldhjIgbXS;WB<$Y%c zlqHZW>AS58eRdQA<%V0apDO3S&+@wD{OlK+iGjwFqd60ydcpPlzI~lLX#P1?@qQU% zzG7L2IH!Rqnn*9Zsm5o=13-~4-Q059>%VGRjNk%GXde58z_gHeTz}LHib`Wr9W4>) z|CM6f5Sc@8(|9dfX$OHb^?A*Lme}nHQ~1lL_Iy!3S%|IzME9`6?JR{Mo1tnTrffZ@ zpg?3^%Y*W@0qk=fcsgIz3g3YYyh52{4Sm`D0XW7Qcqa#6=Cu;w$a%dDtlYxbz>3(5 zhcTV3NDbVOBK@n83)ruyH=GC{AVYUXyh+(;U7ATO6OjhwB7n*+soKszrMuFk+b|2= zrk#vKmNM~k?i5ijPCxVpXte=PbZS}}vzhpM5OB$ zwWb@`As1ADZdVt1STa;jK@RhJRi}*^B;kuSJQAB*UJz|0LJVvM0GRu$6!Yd! zeeiz~X4;)5oY$Q<@FxfVXrNd&5#LbRE}zKNVeYVo!_BErWqof|_8r&opQ)gcexlF2 zXt)rJy0^>^PUxr40E@kUM$2eyq7G}6P3Q%-Ow%UyS3250rgY+Wsh)4B+P7ytrwwz=Iwf+zyE0 zg!Wl)ZZ&E<{{3~yY`(ckv36kwvPJ~#&V|13i%`B1{BkIU>2ruJ&roNBad*H&!NaNq z3ShdkV3usY*M4O|_SwR1RgTMy*Ctp09TghU`jBXBZcPwfpIkS*X)*5_8L5nOJP^&Y zI3ZyrgR*ZMbCdJGy=9S}!j4%Y6N1i)wzK(H<5k!rEPPg_Cj+N%Aw?KQ0XQyTlW-O> z#12s(T_cI1j7B&Fym`~1wSO`PkOH6=#;(ZO3{@0d6D)m4m!3(azyt*K znQjB}iSP&gm4a(70+Z9r;ehflpPii=NA;f?d=i1il5wVyw0{lLUe&? z-;3id@}~#x^}*j9%=OSj28;+j>P&sNBg!9tinv!bHc@@Z$y(NxcP}v;D>PY@3_~?dWq2g>%44NO*tB0y(sXHjiw&{J;ggg>SwGhh(OYY(aKU-@`xL zdok=_bGqtK%-NAh$$udYMF@M3$gH6J3m`tej&mqZ%(dfE0Vto1W6z|D=zWVI)JY&N zEiL5d`2VBot;4E%zIb5-X#^xiT2fLxVM{@a?+aPn~{|#d- zOQRxKG)D8`IOkGba@VN`$qg39z6EwyXf!Ptp_pdUd&HxxLD5$}#_V&WQT!ujgFE z`3b}%Brg|HrEf=>@|oKrs)xJAiA^c!UF*5tve5%!argO`o6i)0>WsQj${vk)5CRJ; zUqDcbRMXk@!{r7KPMRDqIt?_p3L}T6dHl1Meor-AD z7|R>sw)UX7Nt+|twB7Xp1P-U(^I77RinHAMW9EOIw4UYn3*UOvJ~or_&ZK0kT6R8X z4LXZ3$`h0Q)!QEv^Sifqkk>FspX&rUld2vFfXGHFQ;W9+$xha}BgPfwX`n;|AfPVW zOjQzUx$KMWACKAb&e?J80)A%~&;+ma>3@r3Jq_q1!@|*rKD$Fyrazwas_vVfi(Vm;J>6ZL%EIKC^UHk_l<}`eR4;7p zE$wHTJvo5~STM+UwC|7lyA%#j05*om!ouSB^mHijIfM!m3SKT@WKHaJS;~IZ87k{8 z8@Az0f86F7`F!w89H<8kFo13pexH{j2qa{eoVZ7n^*a0)jcmH8D9J4~m}cb?xvDOo z20W~yBye-zS-B-x7b=@)MMk{y@Cf3P>NyobKFCxlo;be90=-Yp#lU{z0X}=rS-^1U zSUGQHZc>}_Db26NJ|8{BHBD~iDSh%JGx7ifETh>Ye-@CTH_q@(elzl;5MGKZc38X! zS1%kZAD0_3Q;jtedJK29)mhD?cQ0F%L?AcS%@VVLizR0YJqcbdUU_kOeF~x-sr%}4 zU{-k2XKct+f2ug^ypawS!7nG_e9I{ji z-xUiCh=|4BJHzwY)N*;y;SH!*a*%p4QDGGx)}3;GhK6qG4y6V~GdQ;5-`M7q?Y^}s zOs%e8NwLHw3ZVTS6xX{i-dnocl{)WWP>gX>itm|hnB{7{@7~@*39K+omhO(MKYs(6 z`sIU%OWq-#9R?gAm;&4zUtM2cU#8hkl<7>?8|J(19hE`uJ*=jh2z(%<rz9nD?WghW}j44>g*|XsK@%yd|LP3E-lMf9an62%>eH z4de8@fTJn-m0on)F59C~`4ZT3>6YWu)r88gBXK8#1=kXVQ-5Y^e7)7ht~@iqtNv*C%wOE zM_t~uSBY1tJ4?{A?~dGGe5bPxbbmT{51RUicbs@A^X0Tjyl2k$yjp(QTyzWGg*^1j zL8TGVo?%eX(V;ZD>|>S7LWf8o6oJF6{yK3z2mug2NEWsG)Yl2=Z9P725wW_0Ml4yp zxR{Um!JR0*^9| zPcC|S`^|LYV^ScD%KmJY21^LsS5wlp4BngJ#l3@wJ1BX z55;5;Vbl9p&+1Ed6#+UMM%{~tbsxZQ#pPVMRpHXfSCzA{vg!mnF3aPE>Va=EZI}CG z3SYNfy`bOGR#p8q%m(TdWpJO^luUwZ4B{RJjzIm*HA0Itju$k*3q9=vv0fcC6U z#pCGtor{E>tk&_~->jfqR9p+&2#a7<`iC+@f5fQ8*)rHYBO^<;f1^l2EXL!FmkMv0 zCvlTM(fn&cj1?OL@MEd~Qyw_6K{(;6Ud~B2t?xIph9lmi`0Mk->q7G$W_66Pv9GO? z$rQSg_yQ0NAX@V_|1PedX4#=W3b-uDYPpiJnNEFsr`_|JD5^8QnQt6`NDzz>N zs$B61I!xH^{V+<$!Wu93Wwy>dZZ{)%D_${2l2W)|ttGm{xV&<9u4#Je1O(1nPP>?o zeW&(po7eCFOZ3Y`3egTmlXE{_hG-Lz!TN{M%oYO^>;RPXM*e;X>oXKLV9^R-4pERU zv#Ori`#k4!eIG~plrrW^Pn^kA6c9Yw+_%9O|D{ByLOWdrw-bo`_nL7AG+tm5N6B?P z()zbL?_C!HdPN9erIVHEf;DqHif)Bh%V&^MDSq6%3V!c)fSlQU`}x(sq zG(yD_M=-~|>T6sf419vMI_cJ5?0WMOkE;grbMXZ7)pXo(^=@w# zNojo1po`@Il)dwrg+N?E%^Ph^9HR|5S{08R&;N*yfUo9n$DgwskPBlUVPRnx$^8cschX#=6bJI6lLJ#_CqDLC$LmKYVDC+>rgtBRrK+jFOT%SN~27$aV|mW2iDl^{;`v9=D9mUhEC(^{>v( zR|4b;M98GnqqKC=5v?|;3040x-@pkDju%nMEVQ`?FK9;h2R|(-6)Q|vJ|Vq#qI#=$ z=;ww^pyV{ff7$bF?M)|Be#Jf|pA9Nef{hbLGg$-!aiWe70n`V!L<>R!mKAyaE1VXW z8S4tU53)dYtLbk3q9yp^;$Y*G=G$OH4G7pF^LcoBTsk8lAYMUe`Um=i9UNHC_dJn@ z1x`x1q@aPkUg(K#RaTlDA_C$yRIZ(_Uz#jhDhu<*U4$-BipuLO%`~Kau-7)AQPVtia^upytARkx~OGhSR-) zMkvZ3_gFQg+kRhRooFQQPXY@pQM2khy78ZXH_40)6IAjCM%G^@)Eka#y|76e3sDIA znT_F{Hk;W9ju4d`Pv;ktsa64}tczH%!9P)*gn*!n`QVBQs&e!tF+*2FgFwK0&RM;0qP0o`@!AuR6=2I} z;KDU2bg|rV9N^&**F(&maGo%fS*g?<&fD6Wi?~a&=$-0Ao7&XB@KAejL+zVgXmZB4 z^w}f8UaT-QO#XBC-scYE;9hpY1H_C$OIC6Ye$<`Nw-mrckLjY2s#Crb9Z*T4Z(RML z&tlc6J1*T#ZO%_1S%ZkYa$yd|{ri&#pOKKo1`*`QF-c0+)slN0rk2W=fio@LOzMj2 z`WMTD#T8A5)g>~qhbLLT_qQeo<~FUp2|AjCyQ1?9HX_oY(prG6;13*(yjBSHx&cXx zL6?VZBg2 z|D=PmmmvvbVa;bD?L%+FOiX&UDehKi6#VAF6F5;H0twQv#I$WtYF*N(g*FP$cc(ho zT*@2wc`~m0H_tr0_QuPXis;K%tt%o_ln)&SV-50>H9}0zFCi@l6F95T`pP;Iyqn~t z0TqAhw&miP$a;2y1s@#g89oIAt@PH`MTQTwHi%Kyfi9Rtb|BTbckF{1}o3 ztC*4ME%&z0SBXM=+hyBf|GC#~Ew!_D_3{sQDs<5&tX-rxR&Ya*We!Ty40_$FODfaM zuxe&^VK?iuTaK!Fia_W5A(Op#gVB0zYcDXx6C%=#`^n;^vPaAgJ4o*_OG``h)7147 zr|K%dTujMINeM^W32;#1LXDB^7h9hwtEmBYAk@4>^#z(jL3w$%yzeo#Pa`%lmmADX zt!?*wv**>hYs-l>39X6YE-Q2n1%OyBss8cZ{OFmfcF8v^f?HiujK1hAgK7;Rc^nE5 zVfK_w1u8Ff+kZmKWDUG-%&A+f5nqLpt)q@9IScYmXNfV& zu3T_G3tFN#X6cwOzBpd6-u+FHlAL4dj~`#v5C~tq5K6Y2x2VmotxZhSFc~`o`RrFQ ziVV+l?pdc%S-zRadK9WWlzDMq$Y&&}2{ETf3wm*R8%9HGPyI3;0e4NDg?$p>O|G&= zcPj07j;hW-j2R$GqYGA1^5 zSlm~c`Tn#-9`vV+PCWRc>-!>qUowJ((4tRTU*Ns`_J^o`T-wx^2dDR~8;(n@Ejuhc>P-JEnMCk3;@a%;-7=yo+F6Iyv)b{=r^+ni z@rbPlH}|dZ#e2LAJ`HYessk0h0G%kcLIs1YT11zd0oASUUtNX(fj&uH-z-)5>$g5B zU{`>Wm*k}n>sxdH!4|Xdpsq?}6bCki0HO=j>Y0&ABTxyychENl(Jnbx-LK{5QY>%I zN=eCy&iBsk!O=(hlfqot1!Q<1u*~R9^0+rA?N*+dR4AzWzV4&xI6=*j}k!xF^&Gg<_1NrL- zP8QipR~HRHq~q1iGTBq|Ram`?9r>~yilv+2!t+CuSQXz!$jXaocRU2HsYKaU^5}^= zqX_`(z^Z02QZW)w)zfEV&m%G<^;bD}?A;O5l?=b|9E@iOn_#Dl7$Q#KXfodcJOC;X zd7qrsjI|FZu`WKg93c0sb`*+UBfp>GEK3+ESxbnlkL-NV-sS6v){Efajl9TuU0ck11nZTs_tVoU3R)`Y<-x4( zk2mj&GPhOddWk{{=U`7+W!&V7tIRukSn6q2!F$`@!-q#_GD@|yG}$EiDjMbCdI{rl z@kD*eA))N~^DRC*4o6?4TM(qLeeXPS$ z2GyFhzkm9vyH9k+DNDe%Tk(9Q{wtM-A{Q*}=JS5J=PzJ|knvFa{24}~Uzq(fi-c_) zF8(xGJHmN~(_ktTH%ijTt|6@na;ylzh0(E%M4+@pz0#BRV69Kk=zrJj^^gv*L__DQ zmtN8oNpjHC@9+&-HPR>^vZ6Q3Z$#x~Go#RkN|+HnjmU1j~;#0q2;jWtLv8%md^X5^tsM3 z6=yb`S2q$~R>k+7+KS^cbTkM{tmcf9P+C>C(&|k&^Z?Q*s2!MbXzKc?6^~@+W#e`D z!?ja7Z#^|^f8OupG`-t?K-;9++P^BL&M?Z%+dnUlvbMT5Jzzo+RB&O_sSmMD)((o! zHsI2hF2{n|QR3%e{oJ`~)PsAX^gT*NyP$}+gV(kREwTS~#3KfCAQRxJbJPSvpJ*8U zU`qL-TrRYHw~?clgw^cZ8E!}S0h{3)A6_)BCv2uu(&y!xrBB8>TC&6i%vYuV4d*H7 zaK_{HV~%FbD8xd23B-xG(&gC4)p9Re8)<zX@{y@^0zq!-EcV?l7e3 zi9>?SATRG@DZ-w=x>wr(C3lFfeqJPUa6-XE8bqp}0!#U39b#Hu&9BEX z@6Bv&ahWNWLgV{@@={sknPX@~$V&2pb9}dct^9-jvz?vJKDp`}p6B!wzdl3w=i<0Y zUaO1!6fVse5%!blxL&LpeujEn6zKiPZtGDzZ1|2~YqtHH22{qP$&Xw&-sMCsAK~lR zHNN&ul*#ND_#6>r`g`p3^S}34#STqk8571{42|-R8`kDm6FYOnS0qtb#t`=cV>F=O zRaXN8i>2E)vtyt8y$UB7qa_SzHIe*CVJZiVk2061w?3U+R6^OxZCR06`~CiJmjv9o zEwG+9=`sT$abSYf8J#z{X8+Fex8YimSC0|vzimBb)gAdYBU-Q38!-uL+W|(=4|ts` z5ZgNa>YFFXD#hfZD`(RN95p!&m-zo?OwS+k|Fy7GLEHa%DkerG@2v-^1v}5Fvn$YT z)6m92;ahsek(nwn^ z$VI?v;@EkBg~cLF*5mDv(DgpP{e`#D@$=w%zMK zZEpx*PyRA!;y-8=Bvt<=Im#gqO|I5cjG!^rU@b{wVWaO)?weHE)0VG78vO|rytW)h zDA(2AuL6bJq}TpI%y64ov3*`vW7r_4$}`L#+#y4z;6h|VeFY8zGQTq$A$SSkOU+*+ zSS2voKQ6sS=GhcolveJ|HWKYWL}H=7yp?roGR($saLs(NuH>{hbU%fKW?vaul;EKP zps&Hpyn$U7*21q3+65v4&`6b#^3fUf9_NfnEDzn@$bQ7zh~PA_Oz3?h=^3N0A6`Ms zRul|LEj)+#ewWY$?=l(mn4UjSzSvK%78uHyL$9!FSOK#$g=IVqt0npIMKhdUb!z{7A(Z~ZNf}&7>Fe59mySsbcVLK|2Q|)?AMnwfrdVLrS ziVVC5vnLfccOLeZ`|11j&@|`~KxYsVZz3ll6Tl_|XCM_%Bp0kR`zlO9$(xafR|{av zDIx~={o7z-qx*VelD7`FKJN#FTq@ES=S?*+{j)kWGQXA_5IF4}co84;aI0KHhj-+< z7tl@9c2eH3c=W+8QAQl**OF#jlY3*GY?Ao>G15yy!oxjVUoE2KSy|5cfXs(w{JPz$ z{-f1c`Ru|%WO=^(r#?p~nJW~eS6|#pvjD_!5s1jWhF0gkP;}3EU+{A|ZDI;MObs6a z9bTE+lgjSH?c#Eu!vi2W!m;G|_{KY->p_fWF0P!%(oUlusQK{tKPe3lub9C%g-~F1 zvXVDWYZ<&9l9yL%eiu3Z9RcmsHH;!aCeq$WVv-_gLBKxS>mNO$0FaX^ zM8pSBbuxQ<7A7Ei@hGIvn9A8<#bOAR1UZbv_;|tHsGzJI0J&XbUS|A^PAc#@o!51l zUaww*D7huld)JW5?U2mo=GuC>XKU_Z=7z?L2|AmSlYl;Je1c3&#Si;_bTcQ9%R2#k zqov+ehsgnIT+DE^xG5lyjYG`)9W%$)D6nK-!+Zu z{dU=Q;fqu~6|lOB1GHuVN?)A;FG)sBB2Uq+S-{BHxNXfLySSK8K>^`*d*0Ljibf!U zF|`)yg1n;*=n;503+Q^@aab|X2?K~Q*vVl`qCb0P0D4AltJ%RvQ^UUK{}255_WVY7 zI#`yF)BBLCyyg5QD;sOzjds_@&td)>qAG`~=(waWpW5Et+nSpbobPfYVmw@tdmZ=5 ze+2O0cE`6zS3qNvIlH_TKeOfD!>s1z>FMcWVSYyYGtSvJ`}U;3l!(af0cO8x2fai+ z8ZolFqdIN^4==*g>bx4->&N2-kYa-{Z{*P}XCUDdC24GCZjnW%^OS&?0Pt{vm039( z-vb$2xc1K6n!Mj*16o-hVkOUwi9sy`y~4E2CQMe8+NApRVgz+hb!B>CURJCy?hm`UcDeu$cE7PMDy6 zaG~^Neo}?2y%^XAwWg8gu3TjNTRca|$b6_t{1fs3gBI2IEvlcoh4froQ&S6C{>sg( z53H3?Dgq+J!)rll)>9DY0v4#ha?r}3}?H$#c_TaO*#B8%>em5h~l^L9z~MVvGg z*Xw6dJ(O-TYn+Tn;eMW9)|nZmcHvT(oZrE!_p@Joj5tO`FTK z>tjf3k8dLL`>LxtQR=mUrD3sELTqd}Ds$5ZB4kaqI&|)S2VjX@3x$yrxk8lMNK)ei zU63vo{vlaOfRgRxPiI1eU}^!?WtaL2K3DDomb6B`L|{7*mab!ik>PRu+Q-wS;bLAd zr1nK5ziQhw?EJ8+)y?W7yY~c+kFK*ckOF|nw>wk%So=D^eh|pSpPNgM zk`~718a?b4hY=6G0I>g85m>CAK%#1rdB}$x7B!|Sevs85r&O^pd(3R-VfBZ_0z6AyfF+E?iEz(08%iIn*t>6sdvt7KA0D2bu|@OJ|K;7 zAjt5UqVh__MMUO~^&=J6g%I4O+lIic8tqJ!Z>%L_5b?FvVi55>ZJY}lvs69VW9dQ+ z1I4+c*vwlT4FUonRHW;Eg-i0(`>+jhIoLpR%YJi9r zZe|lK2M0%!-a%fXF5UdcCh>=JHC=^0;3By`!I3JXLYm5pI#zL5^(1@bALuT#q5 zK#sZlW_6ZrTCPl>h2WMJ5-9Ql#GYk<1aEYE4NZ-HeLw)=6KwiYU3XI&(R9y;1Z9OH z;pu0YXi^Aw-28xSLS5a{l7$~Y^dTLI-mw3(7Q>evJDx?1r)06!0*xq_UL@)=VrUrX z*}2Wh*X*%TVWAPC_tQ1MH*=Pprn^Rt)J=k9$XD|AbeK3{fe$fbur^Q|un=`Ne*NJ3 zR#9=ZlE;@=J44@_zcd40SG==o)o01^`L!rFU@)g!Gn!cxq`N>K4SRuZO2g<;Y;-^7 z-ozIQN9HYNeDdueufK0^jy4{+7SDeZg`{PSvV6|9o&6epuLz2yIcSd-pE9`63ZF61 z>(ea7treE0izXKk_=JeQS`~6r*0<)6Q6ttimj_jO;?EH-#1jv=@Dpxh!_HHD4TYAL zngGaMyVc9JytGnkwgw)}58fqcdE)5V&7~oq8;#_QjEpIm1l-#f%aq%%H!a)_M-6H| zy4hi>h7o|~AA0ID@8-FJLb^<6psIOcTsxC(;_VrD=O`}C)?|Zk#M(s!?|Sxv_$B6f z*Pa3HY`pBTt3NcjQWB|vwdm}U<~Jj0pbF2$)Q=QLw&%`gbQ0gNZg)g!v~gysO!YZx zmVZCkXdkyd)*_;|ve3ZJM)40T5TD>5PC(;G*!n)Uv*^U7&z734T!@LC2vhjx$ypu0 zo#))21k7e~6nfQCP_)JKB}F@R$t|x%RV{{hNtJCFz!SKzN*bn z`qkD>0$(%LrjjzmN>Mhc)lcz-j(?{H%$m@N3|?UDw=-@nrm2b-5l>?Btm;FBPwtyC zzrl~o-rny6;mexaTk6V+V5wsjh;-b5;DFVFbJ^i_7|UZ*sWj1+HoToaJc5I4wko>AK;58z6B{27{xux07)89 zdfWaA$jr2Fq~}g$9S%)w0tpFm_bqu<4>h`2;oPy0S&+=cSt@BIZQ!Zw2#63A5x`(r zk&QJvBN{G51h%|;5T6V<&W9upVbmW^0TkQ{!M-KRc!y05>IPL*k5QYz7OAwXYMKq7Db24LSsUQ?3@vf3G7-;IYo_ z#t#U=oMhbGxJ-$thzp)dM9@6NdDXxAV1kmw}o~H*74U5loHqf!icN65?X7Rv26)Hl` z6cO{Gr@tR`+zvf~b!={49z5v00scpu?S7+t)33jLw}&0K=YSLkHSr3`Z50 zbu1_2S3=~xY?fCtzX=@VE}mNlgNJLLiS5%snU^GZ<#)2KDrfX zpoOY1UV8mm7%6%YAiFKBA7oy8bde4hq8b60XM+}@=#-cylmx3TTUw#jcyy1drk}M# zd<2Vy0!*0Nprkziijk3#rtq(GHo=;uV#10sZl!EMBVHf~@U@Rrg=nDA&GAw_=79^G ziYcq6l-M@?R`-pJV5pdUe*zOjyb=M`6_+Mm48R=UC{0rWig`TKTF^QNG{+t_ zW=;ORFbWU$Idpjz+Hcgz)eiskTcoQJ85lYMpsY`Fhe5~UA`IZ8WaZXqG>Kh;l4GE1 zad5BM=b62C096Y`&Jez}2H4=nF3ZQXodF%xodjYpIh*pzf_1j>#PgZ1yJyJcCpr!i z7q=31+S7dQ@hoExH>xlUvrcq~+_n&a!2B{TGCZF8-FR(F;OVIo8XDT7xZw5k@e&Px zK#tp;t;dGcA51KB$jg^ctX%Kd3dzWPdzQI|Bo9XhI9r=lyD*eH>oO zY4+^0gs#p;0?=SYRXm2Kfh5gNk0aHS=g=}8m9AFE-t_JJ!iK0d@R>o;3jl**AT4rF zzL@@l$0b=%@aG%lbUEf-OT$G6F1JWsc%u(=%D=ar4(s?g&1`;UUn~fN{*r;7cEl$D zwBjT2nX#ja?Tt!HK`3OHq?zCPaq?C7T+?uQ8JHChbVElP;GyYtHH9vSK%UfgA_f~- zEcD{QA4y!#%SqrU@?FKC$|dT($b(^iax1_os6yJ3dc8LkO<&%GX00fGMz;ZSW4gTmrmICQ+#cm#~B;UMj7Kh@GtQ$_(}CZc+-G$}j9A5>g$jKxDo zM#j&Bm8 zf2-WFm*JDpBi!55*9J@)qLb566Z_k`LF@Xj6o>Llj%_-60Cnj8@0sKRaL=XHa;}*o zn!bp~y1T=yw z7a9oBU6L*muPeW9po=4!jtpwBSn4@j$>phV1EH>Axs9o{X=XN9q&P3 zl2tz_bpyj9O=@|f;NsNj43^maP zmXP^?*=S#q1IrA#t#aG4huR6feEHIDX2P~(jTAxzIB=wo&a#y3kEJ-NydXJJVzlER z7}Qm|csgkDut)gl22Tw}Ia@h&qqRCBHI*<+8Sx}`Cx{#su=6e_`gF-s94 z_Z8ks<1h*Sv+dn<=?6O8Cgy`g$Y~yi6sP=pzuq;gG950-?TUZXKf124KlGJXqR}SK z0I+?gVquV2?%LYNRTOR@t?qsRP0~*KF^T=dXI#iBJPCm8u;QOT(LfBzm|hN&!be1z z|IM&lV}o3PJo#eM*jLF(v&Jq&1a1FkZeBJz$?)=PHYhL?la)BW&&G>-tK3a@V4WEI zrawJOgx>wv{>n|-p~q`S*TUnvlEbUn%>rK(TmCzPucz{*2lUCr$ue|a_n(8Er#24d zeecyWqX6P!fntQ(_9PJrjCvvATCPH+s;_+K z5Ud0}F~*UG`Ayvg4oE&|DSf&wl3F^zjW>D(ey)1{tsvD4^Cbd?6Fn}JSZw%OK7h7B8mB#mBi;9YV@w+Yz4qu#|ElrtbthK4vXoja5*L&TH z0RMLifx9jFlM`sXdn8w$298KJuUTveLOd}G(^f2OSlKN zB1sk~5LfV8fqrlWFY%!pNXT~rJ8Xbphky|)!7(bQzQ(>((%0My_0kW8>_D~>D2s4d z6iM4J&T;-8og$xq#NQj47pR;sI)?amER@=|6CQs2OVs)>e}dv@&GX~OHwlqTGk~Nqnw1p;akiDje+#}S1_tD-;}Ab$ zd2@?iQq#?%eP+u8bqLWXp$f_qp$SjG7dRQwymLLmVqNI#>u2G@EKyF3i+WQg;~-|j zvvBUw{6_8PLC*0D4!e;l*q8{tUOXJegj?* zvQ|mvm;OCrAOKG}YPHc()o$d#4Vs96<~;0q4Ho`nU&Z7!L}!9PMdWy?kcJ`@G>o&8 zO1sv3U8D8Y9J3SjP8w>c)PE}z@0e-=5a~-H{U?7#{*IWKxbAKo7@M>Zf{4{_vy&@i z`xF(4rgjExRN@&_ZzHbxhPaLht_`*Kv;LDQ|6p{K6C4bOMCM087s+2nU}y+z5uc^Y z1uNt}M?5EO9U|sE0?uMb12din&G?x&vm0*pYq9be{I{5y7ZupN5PQStfZP97@OJ59 z(sM*~nF8+h>(`g@c7oj8+_z>1Q_WhA2j>!gtp1JG*7_CE%VNxxGBIF~eM5~qJGA^lmTKx8&RQ^cW9E)5{ zrW^$ySseqF}F_t1@BS^(A#96%Px1qDg5LY@LY zW#F=qsm+8>;&W+0^4r)r0dkwieDbHCp{EfbxQ|GF5jK*XERvFTdP7WDW<2B0Xy_CGy&&n2ais zTg^!qOI5b}@BMOZeZn6idS|Pf47k?V335lia4vXZBOf74$V#tiG|I@!V~_yvlUtCm zuFWVeL5O)>g^I_P=Uf-MipyL2y5)ZwcB2DQO<<;=$0;p3G2hdA;fRtF24DaOq>WtC zA_k*_0_y*?JnVP4LN0VNM&ut8d~t#%N~3JsskejOkJ1(Nr4vBxcnhU#m<2?=6AZ@gn8w+{n)qvUK<&(~M!QEc0f zo%Q@?xKYx{iLnZWo8kg^8}m?6RM=A@?w-rWN4~<$N>F<|VCf53Vy%GMai#gr&}&2& z0#)i?d&jNJGD4a!cYvZXBedjW^!nyuZw}E*S>^uz$dq*}TvPNPBFQ6hh1F6=6fq^-MIB|E;J>*_aA(b&a^-@8E-CU&4fnl9Is%EDTI5@$8fRFA9&A2^j&NK1w6c$#rH zNxvPuEuUxsMxqEXFm~VBEgi!(!47PG{@w98s`DNHz{Gyrl(KGuY5Rr61fz4m<#f%R zY$GDL%>4*Ie4F0s{Cp*0{Jkc z2p5@ECVH0alDu83tE+z49$fVGP1;621=pU8Gip_#`Gd6Bh5vJ8PHZf7jz+fr#tIZ;h3oXBQIm)rao-R1g-#m}#y}xy5@fO<+ z@i?Y^GrS+}Kb`IArXi21;L_3aQtCn8?9E?gxE#32yCc?4H$#7$9sIT>OJ(@qrCBCA zI=TuixxxOWwd-I5Kd&b58jrQaK5nPq`%l1E!4qol?-vhWW>#BCNPJD1Q`0AfK}Y*7 zx;ULG&6fZj7k4+hT(1D-_|Ff|?#AgZk8s0R9+=MZ#wlj z`;U^K!aKQ`IdD=xJvdn1x>7$sA?JfRHRJqx!~=tI*1<83vFS#7m7DW@1@qT8N3hO} ztUO{}fmd{|U;l)TMVQ4?5q2*5%0YzJWnFKul{IfpHKkEkR!j7DB^>d7nhX$wc)N=T>Ma~d0&r$ zdc21R<6NlI{dD5yXI`JQw2E?Ee)!IK-F$~&ITk7O_apFM5akyHHRIw=NT2CkjE%(? zl`$kl>hWJ)22JPsqyxJ#7Vd}e9)LJ|o zqMQtT-ETQL!i{U)8kzcMM<)uJ4prv|Go_)&4vmOHI#mg37w2axD#m$DO-+{-@ZeZK zwj5m}UeQh`7HJ;wE~nVhMwbN*+l3FF=BC3c3K<92ntj@ON`4wHS08@y7@L;Z&y}mq zx0RmLf@5!0!Q?OHCPL@1d|tj@I;0>e89nFW@af&VzG;YjD&%V6JgG8)vq}IS4SX90 zhEH5yf+A4V*=cT?{?+$l;dZS)^86w?3*XGe(`PZYu36k=_IIYR5>)BdU zHZ~3%FTcOK@fH)EP|KxeR9275pA?ggOOMaic`XSYV&ae210%mes;)=AbcBL#nZ4*S zh>JC@_%3@;*3;NHyNI5iGB~mD{_Gsxj<}J;$VbWKE^=ZiHZ%Jix#aiHoT|yQ+dPn; zzaiDXI6jW9mG|4h%c+WiqobQF&Y4wSTeDKj-f1DDk<9DTsF8;Qzjyl-Oay*gTiY7* z3CU;6%gWlfqn|AG^`oj-&n>&hW$6S5sZvroBGppSiFF=q9DBOE)u=?Nj?bL8`@1sh zbr153gC6I%pJ~UUJX_k{|_C$1GWv5VsxyVKG0f2)e|r=uTIHMjpR6~;QrhA&9B z^hxD>M1hcW&zuze9Fb@%YUCm*W)^z-u$qWboK(M*ih{1m#owwTS5S3YTiMA?NwJ_h zn9U~E;+$y~926w`a8x>D;d@O|yPWdjJ#O{j>p-qapbkJ_CxT_SuIV*hv5umEI61&IS@El0H6EE`c8RVi)-!eo!3~F&)1h6 zHaUw~`ta9?Dcf^t{)q98n_1i49Eu&k24$R?{@v1{C5y@K3yv@0Bb_1GV@>XkIu5;5 zF2l?R^Edk{6DPwH%Uxk00>CVytLG4qbT8S_zAdYqcG>^781*JTJ`PkWq}THD=&su` z>fb&2M90AJXP)1@Z+KY6M>iuLYX%zp!N>20YmO>~)N_~R8R1)*^7|W==G*eb!9TsK z@CQ-k{)6^bRwar`il-Be2jd0NxlUJK`f)Kav(nPE?;OWvbbjYYrm)*sWfU891Wngi zCMGcHBk(34b`r zWHk{VmhcYQ9_!)2w&MLqI1gpq5Q7u$@zkXtV=*{<@MVB4(XInAo6t(VZb4?b?M zilr_hBx9WhIVNb?PW-4BSR|vPqrZEMqxd>HI0DZyYaek{ZS8M0mJ=!6R@W}EuY(R9 zc)*a061aE!gvY2|Fq=jcC>~IplcUHR8#^!w%oeXMFH;sT-V}QPTk`a7K3@ZaPgrWD zthmh@Q&Z;>(8LNv=oJ-JRa%gnjMJ3;?ki8Q80=fS7T}OXWIf;cVDod_r&-2QyEa~r zain34UdQ(dzvdcPw;wM#C!CNoB`@g?4i*sqO>0S16tzoQTgjaFrd8V7+P44J$AVNu zSy#90@C(v25>^p4UH814oSgXNcq&p-+ZwBp92cu@Icg%N*RLxx_eA1xXW~HB*9~k$$HNOQhxJpWElR7+sgW-W`>9zB`++9Q`h9F;*3CGMHj6JOftk>coS; zg-SJ+YAG5n^;K0;do!-Tug`YI^7`F99-1#yKB$`s&V>B5nkoTB1hJLw$O+IIpb>n) zes2OEp9$B?UtQyq-T$rt#;=;}|B8-x4)aND;%B+J9BzmDjiN8@yO8F57vRcTrczkE zgXTQ0v9Pe%4S%8Kefz!{Bsi~M3kz1;Kon>S2>rAU|0&f{W4zg>-gki zzEcg&5$&iI+Wvb9Fs2$hDu*D|9u|jZ{&ytwPd6mk|D6c@?GW>6)BpLuMRFv!|E3oB z$JY0l(8K@x_yvHJeRp zVq#+l4S(7$l+`B&F9QXDSK`*~iBYS65fB$;scz3tW8zufR02gu{B8ea`pcF4T5T6FvC7 zsHiAdQ5DtIlePmVs>Pqc_%(>M{_io6P%`k%22`mE-OQd07rLLUi`xKT<@nbvw%uqN zKpy`CD#9E-?N4j0XH<0>oJJ5&Hd258eCLnwlIIl5^PAHRajoTKg#q=X&JVNbV%q{9 zr_C(KA#U*ry$8h7Ymaz-ERdN~!RjuW9v&SjsH+EDNi+U?Om=TCuWtHgW@ZF#-0$zo z)!02w&8k|K%pA7ma zBvQipi~p1kl`=V-76(vRQ~bQHwvNK7qAaV?>vnC7PoMT#C@*Lo6_1aJNf?fWIFUY0 zb%8pr)TE*_3P6B8m;+=frW*H5@`FVk0gDpdw{M?8YtSMI<0H8zILN7^0ufueplv&& zcdum=tut?7&n1(+3>8DrdGp_=K=D91iFF8@J9O6m8c2#g!{z75CeqQLu_D70s)ZVsNkynIJXs~A@`DY0l8 zskZPO5ZF2+s*g!$6&T)|etv>zvO`JG63lM1(FL5!`eQ);_F~539XrL zCOFG|P#!-l@Fa+5Qlb4HcI`E=>$v**JM)42D)X)fV9WpPHlVem? zRkhR737`RF?ocf5a^2HPL74E@QhGYUWmu|n1>Lh}63#VM|F9T|{0tF) zjvQ#=-cBS!$Yqx=U(S|hUW&6^WlIXGdeWl0J*Foib|-8RQw(DAt--E&_V^|)L?r2* zuxfeoTpuqoEG&%G91s5v=vXltcr>ZEPyd4OT(MKz&HrDR8}LCs;HYvZ_;ZLn4fu~q zf5;p7v-iG=gWjW~qd+Qu-LrS^pmeUJoSa;h_xIaweA}PrX+V=q8dSlV$HMC`pT_-S z)rn$FWi>Tj(@9;+RE7<){3|W}QD677ruutblp#z!mipe3`F^j6_oZRq#qgeCwM zbWf(UXP0Xrq@JQ?wuqJpX&nN!jgVhm{d>jY&8^wq5h8Td_eMVT+m9a?ucrAgw4L$n z@*f{3r02X>SDPPT79xOBu#3Rpk*jdo!CIvgOqKVH$+_upWw$Aj?ZpOEjg|A)u!p<~ ztJ3`I);BiFoXGh$R|b0__ZxT)imID~bOe2XamnS*W>EIJ+uB?spH72^JY{8TndK+V z=uFKC3ff(}&@Sm2HvWr(=S#t+7Kg7*FPw&I@S4v^_OA^OZxKozoq$b4uFtm;g~0q; zTy+iI2@_XP(6{k}wGjII359ot9TNWpvx;6Ns3-+dCybSZK?oZ z&Mu!GkdRfpckm?Sb?*de3$?m6QL|W;>lodVkHOrH7S}N_GRoEn6DW9;(E@Oo5Fi7H z>56a!1^XF3vleEeyE5`2kayp{Zpke_4TbEk^QXq#x}Z5PU*0d+j( z=9msvIO_*9SFz)ZEEc&AjT##rE$HhrUPOW(oH*YUb-|0i2@}Ir9t8lby#szsM^_ib zZ`Kmv&ZbRXdbFWWUm+Y$OjW&i4~`B;L==-NAKApl#5g1&bTLky0QpzdiNF;6;~Iyf z1uVVqP%Tw;fiLAw42#@f$GwrS&|(2y?z6$ocAc+Xo4u!F=)|6(vzm_Teedm3Cr>s( zxZ7H4-ONi&hruJ&*K$D<_5#o8fyBb1ni`s#jFj3`ka7_&y`XS)Lynpj&omX5|KmM~ z#1SCTF)`nkpDYB;k3y`zUfTfSc#^hk?H?7CNorv_s18tf+O5dF?Fg%GWarrUcyjpz zs`(0s)AnUeR!z+uLBYw*Y8G_mN5GfK@>C&dTiJlJoClqnf%=M zw*}z7MMG$|#bRaSMHgDGeKss(jg_%9i71@xKcV2>D(saYW<LEq=;~%mvkc zl2knMC&>pCBbC>YZ8zHll^ot=>!ssV#dYLQ5i~Y9h}j`%wn`tpkv{5!QZ2J-_0-RL zuty&VL)o)K!ueuh0?Fsq#30QgCJ29I)&4I76|RNKZj9Vi<`CUvxK*}(}KP-_vUxqxYXvbRBvy#20p4x~J)dqOgJh6tyfb zTKWE^u&NPAWQywTFyqrrv}WXV_*h(EZ{U$%ngx!XJehMbg38I)(#DA zsbv9*zn*U}_{{hwBtH&9ZS9{v-F|fQ#r_~&ae0aMAdC?t-_UAeZ0W8;?QH;mjP#+2 zDX%dL3%n?I>4KhO*I_^8e6Rp{_FdRg{1zvSu3v3Ft#ee|q48O`_{u@|jYQuK-)YNp z5-M7!PMxY^;;NUH^!4y-yUI{(Ht&H0y**jlI`^k;0w*)}b&?YUs2rNXDYLxQ$ufk2 zv2iZ6nmuqDp>ZvU`6Wc;;#+p^os4heD0dfHEX%{#Y8^r~&ma(XCHc1gK0R2i7k(0A zkaH-t)MZ1ZWQvU+Pb;9&%okZ+-@Atl&cHz|`LT*{wmf@9d4HaO=f|?~=~3r=FRz)t zycC*{p`l@N(F~@lc)+|@+O+h1>=LDC%*YVi%=_M7N#MBT&%>pT(fFUFLJkR&?9=`7 zQ`>H~w-dNbMk#_S(@U+@`y|KtQ7YS2##a$FT>0njTJf z*}1fMq*MPj6R-AxFW$kAlUhOKI8LvXF;tZMyP~3Nhn>u~Okk>*R%6|ZTN)73eYh7W;cjE{m& z(uFnyO|vI8Iq!G2kz$Um?%jPB?O(NX=S~3Vj$%#mTDG=XDvDpso%yE`N3wO&>+=%Is3(o^4P+C4aG4i7PW;v(%lGit#}Q}&a=@Le=8 zFi5cN(bF8)6$UPst%QC(XGXP}b&bN5g4fXuiYUN9!2Ra4=%Xf>_X9}1^}epCQA0dV zlG!K;MJ-*Rf`0MJ6-FQ+_19QA=W%?l4s`5Y^Zw8}IqV-0hi1k8bVx9Bk0=_`92Vbq zT6ZQnd>90G(p{3gqkU6`BnorSYkxD`n%n+WwQ56~*y0poeP1dT$jeC(nf;);|fZwS-Q2&ApO=2OJH)eA zTqo@TsA-QdN~V@ta`>ngIXcO8kjQz1{{FqJ)p2bPP|3=PUgZ%Q`n(k7G_9o_+Y1?| zSYnNGEi5d~3_`Z_Fleu6;LNjW1FAkRm}|vxKb3z(mlR@{Od>($4bK*j^H6C&nO$XK zxgtr0IHKW&mDWu+$Ny-1Ee5n(+NXT++VL5bITamc>HB4mzOobg(r?Pj6G8Y&CQfx) zGc`?$T9bxyu?LQk`JJd%OYK&(89|#pnUtZyMFz3N4B9JB^>AMYa$L0RwmBEbM?keD z!I|SDq5K_@iEfCi|{6OU4CN%>yc zfZ=Sw>;h|Ams^Wko&Y5WOU!;y9}iV>xA_R}$M`P){}3n-FT4!H7DY0zMb1Dkc+!6H zaHEHW1h)+int`({AtOWKGAV8pDQVNnZV@y_BkcG&b@d^2ReWaV?*~QH`qUe(0z>}w zIYG{b1hjbYvuB?s+>?A{rKA8cb@Bp&Aq9X@spb}P_ujn-0Pw1umK?|j4w8YBcoiV1 z_b96qfN9#8Xo2Mck7W%>mI(K-IJ4pi;Bk`Ls;-6a{C#C1OXS1$KrWQy#^C-O4;dt% zJ+r4H)!%8$3TJ=MJ$rP<6tv2I`t)hct5IJkI$Wl>%-s4CGjFY zD^@K0+?C*vki>^nYa;5#ja)8w^HfigXS3`(315o$VSOr7#i1Re$GEzE!Dbt}<5sI5hU{J1{{#-EXhzRho2#*zg}0aQyNvIQt4UDZ|XQ){u+C zkxSqI9h4xG$#x*aytK-TX%_)Cter!0Nzwh%*txZaC%ZIplBCdxQ1!b|`0ZDP>+8O5 zFGU3opRkI%2=leDwYAMFF7BE6fxmK9Jw)czS4IL&%O517JxL&MCI@5&yFHL@o*HMm zM(~B@i((rZc-+kOEi&@+2W}t9DW4d0g^YbTH&FQ~gZ`MLdEj_L1I=2RF7)#;hX|;N zi3z^kc`zHa6lkZlx3^D;7-O7#n6=BxgR|e;B{h?@TvAM}tfKl0*Fb!OZ01_;k+~-P zW5Z)s40JZWU)CGRV8B6&gw` z%Hc|BC#*ho|rS$TlwJBRP)1ZTb53!%+~A<7xKv(LM}>k zxt%}9n;E=LgX-gNH=0{ol14!ywEj8v)wdr`WfxPer^OJ4SzrCBIdHf}5Oqc$H8*k@ zYgy7F^g{r79>VOQBhx_C0eh0&7JUXls&0cQ8H*~?)IrYG!*`+<=I7;F=jZ1^BuPQB zVCN%N5;(HL zFn;5b>Nw2J9rRL=P*Q4=>U|Jg>ow$)16?51)Yclps_L%8p{9V$$>ts~_J}vYiz@Q7 zTiz35TyDLtu8teI$-d>&O@RJAJA3RR;B#WDA1i?{hN{@_zxQD^$p+-JVqzL*6)xm= z!3WAbr&Xr=YdN3lYU8-H_(JAQ-b07V%^pfn{924`-9O^T@9g-Cj|1~o;!BRq;f%{~ zEiyWLpYAzOYTI$#R#fe5PH!I28C*xT3%0esKen=KbHn7Iu!=#vB{Hu?FX2rAPB2Ry z%}Ek_2JFoAox8qFilD09OY}2Q(;DxhL@&u-!CmBPz|`KV9DHvDuJNo%aJ^Z(Rm9&< zGc$qNU87)6?D?j8hDkAVg*SEtF~-DAZP)r>^xBVS-OH|9r?FiA911Cy#x-63sS-W{-G7hyinm_JWBM6D=L5WEh6;Si0K=#UDHucK? zcm&JI3nR6F$MR^M_ByMi)aRl+xo|k1Sv+hZ4r0u1X^By9$p!b4Z8|`q;lj@ug~eSF zlf5~SF4Zg}@cXV5Q8o7)aNo^fV&%16unMdB|(rD8Ov&;G8KQz)QEra+UU!&#b;@a= zG%rOrXQHd4qZek0yy?au$c@APfO6viRd2jp7nLOYpf#lr0o*(;vraH5_0DHP(xJOeIow=*OUqV*4!VJ;akJ)8{ z+w{8NL^?}Mfpp9$PnHCypMyZiQ-@K;Iy&LJybIjJNB8ZJu3BZ7MdYn%VEwBYZv6{m zD(+`n2`noL`+ip%G>O$^A}D7a#OO+P-Hru-FMp^R@$69%WEoKX+oK_zyn2MV{Syca uZyowi((L~p6atg~Z&$ILTUTt})9y#yiFwb4J}U(&aqN zf0%=VgHvDc#yt*>{n{KH`{EAn2YwMbp*;rtx5ww6t~N(mk02iSW1q8@p%w>61?&j@ z(eJ?Dho0(L_;7IWh_nCg(Z46Q&cVSd(7&N|KhSn%@<6z?>5lSr07_5$c;s`A!+S2? zi#u`SrdC4P4XOLwzZW?CF7@CVW8aae0gnmQ%p%RTGUw zoOK+x164`gdGL|n+eWOSWxV3@OS`8xvYrw(eyH zcJaf-!NFJ9_}82xZ+yrI?2D~?XjkfkY?j{eFPVG~3PErD_#ugF2GNizK(sqS6O!Dfh=5;xj5SJj(4}E zeK(VbcpcNyK4#H? zxj&!9=RuS;W!#QlycR=Cww$wP^v3(30e$+~7;AP2?#GzKvJ6 z)-$zix3}MVB&*{Zr?zQr=Uxd74+qR60xRhV`DSSo~RrgZtc2j77LdyU9#_-y$JsHJ8yd-gWC3j*Y-qB zjUmsUyPpal8r0GHkq3sLUZC6-TCej$FYI448=WH5)rn`{D}L+$D3-Rs4W0rYKu$MR zGGFkAPJ_YBzPtUt@?|r;3M+0|{+I0C=}Ud>%b^m?u{ymVC22Ek&J_VN^g>x?Ms;{JSeo5JodNdU#}{a;{`Z7UWV;Z8?kza95~8kRq_VKhm*!_- z{^`>vY{`}0*z(Xh$^K&Va>{BzFU(MRQlXht>ZN07Sc%ox?Us_}n#<=M%_fL(u-2gK zNTsa4^3v$el~(3@?y3NiIenbi7lX3Do0R;hKlU!Tw+-3$npb^X>Zk?!0_LgpO2Fa> z&O87X?XsDMdDppIi6V9j)f-6~u>&=;7;8?_yG{EXJg#{# zh*VF(i8i#4lta~R`II%=<7v)Wl^*bNdHc<8MXlns3<;gsTibCk-qj}6_{ru+t7E;h1+!qNoKC)7Ib-Dh4vkZ}6>LWd4Gm-+Z>vB;E*w)|{7RuOAQA|1 z6qE>y?*J70HeD_(_z}yw%51lf9%y)oJRiL9XDbOjHQgP*gx6%+r5=QU%^cJ?E$1y)97VJFeY;EKsEu_t&E99FiEmt>KW(uQ^uOy z%9v1t(3vAhrx4Le@^l0%{s5ElkWQ#yc37YOHkJdIgEHwV3oBLF(%Pv`%kwX%ybUIT zmrKXY@S3|l=4dh(KOU$Ve#>Oi!(;OCSEZpd|64tZf zr&-wj{g5y4D55u_}!2& zeB8B|g3D!|PGfGc+9*VveO_EDE5|xu(vOH?F_p_2m@flI8m3Ze;7ygDlkc0GHPM~b zqcUR$*ewb-`bdaK$i|2?RLk=_YQxAT z!;l*Ap6$pce~e;7^|qlfn&MX*zlTv3BTd2tkLe|MB=OrP6_Nv{w+oOTx0Y;|L|}fB_~bKB)wu@j%O_9RFK~-w5GHaDc(LZ+~YqLltvjUhYDfn^UA2pVsdW7C49kM z-NX?DQ(9@_^SS+&0*Ntz`^~*Z zFv%oEnVg`CM@`YWvUUp*N^r(Sa91R&RixSH{z{_L(G(MrXb^-ktunh@t6U;7(6h9( zl-FD))1!imRX93kA0us#GgOMw45K>!Qj~8!s;y4Q(^uQu5XYl7Wm!6ci6!9vx@KLq z+*s&HYM1%FT%|mG;;h@q@LqwU@(i9i6woQ%IjM%Z+!bAAoQx3VH`<@P_3>aqpT`Qe z#m`Cb_`S{4;7g;2R!P<(y37i~12ar5M!rz{Njj#^$ywrrt8_%U3o&U>Nc*otIyfc%XTk zJ#kc#S~_z+-Rv}nbS$8duJW(;41>Q;zjXPmgmEf&LOE${r7cJ6f~D#u$^_~!qaVBm zWV((`EJkp}b-j-bT%B7P7*}>3JVKmY3suYJcN?(@h|7ytz0^$X_G%AW$T?-Fz7u01 zyDQ!kHNxrV?m~MpX*RJT*yH9JLO!WC?#pDHZh`L1sjN+PAV59+Rp#18>kS?zC3M_Jyh58(_*=uvUXl>%@RezehASN(~&JA8klZl%tSDG4; zJWOV(5%0hozI^w9e3@~Rauw98bTo>sTmF`w<#CKTO{+3+Ge7w(lxBsAwqsD0E6|<| z&ZS(r%q={^1c23@4|&ZHmx;|=rY+5;mzT;HT7xiBcM<%;RVd+1 zWQ93~-%e!kve@IEn31-dxoRqmj02%d%S5Cuf8ob*dU$Rd3B-ILC8AR0m$i}EezRBf zlCCXp5%d$WnR)J|SCE!p65ft%JiEj6pO7`$*#SAUmKL3cX4lMqDlU(j46xHY`HO^) zU$+R;@_%FGKG;i+JLP$+kPofcOk0DtUqmZa?`5~|n)xt9RQo|pdwX7sz=*||CR{kd zX7}ZA8KV=4dwpKo@<6jPJOurp2=*DFY<5}UHC<=d5+nO@!-dwH<)LTeH8#RWy{6ka z<2EJQBd*Iv*>Pr{PH|}&CX&$1QwxMt&tE;6CUFoiR>&Y-A$Hioy5YALn}Y=X@Sp2e zesou{JtYo~uY(V=TN{qiZ-p{`Fzjj4%AJ<{?saot`RE0?Z9*^&nSH-lDNpP_{En{3 zf5A(s!Jf?zeGs}1I(Ed>oz*CytXRR01$7-VK?; zs3I@n2r?npL-(k#_iZW65=WdeHl~X;=NS&`2SisH`jU(cL)=ic@g^|g9};lPtqu_vmdJ>!ZF=TXUdSt4%cSuL*Ju-%*vNTuRSGTb_TJ$@bXOtO zwZN+i>BhY#uq%b{P4S2X{2a<*a}WBlRk!h1-tx)U`#8IcN>mk@1MZA?IjAsKgaDa@ zP%i7-CW&mYQf(HnqK9iYkGVne8OAXbgRUf|{?qk_NS`Y7Et;d2Ru{h7?D37RELx$` z1g7eM@;=VqqqYzbNX34P;pKT_!rzX?mo>$l=4)I?=c`z$xMaN`@d7z5F~;c985e^s z+Z~3P;XGJ~a}4wKCWQ&+$2dYqn1L{@p%D2xu9miWOiBCK{2H!E)Y4<^VK^A=47$4o zJp>cEGM%Lj4W;P;j#-&mt-V11JGT0CjjW9_s^?7H6*0A;`9EN*nWz;vxGTm-V72Rj zZYzwxCE+`1{%5^1Bzbb!1uA@s%^)$6d_?Rj_;wNvF0TZ_`gE;&ojlwY1GV7UR}&1f zihX}(!Z*0Y7b6G$8UC_+e@F0nF5P1;jXH%xYfk7<{}?%9+T%P;sxFJ^V<{rO3r-Fj zYy8KG{q6#pwOQjIyT#A__&f>+E3~*YI1?m`SP4G3A7YD7tQ*66=R_q3Zt3VI8^iEc z?gCv%cu7t-?1AQcu~J_J9Usx0GbpLc`g>zn~R_uzxwvF^Jqsr5q+yvl{Liq(8#cv3+sclDASwkJeXQzdXr z!O)QRm>pd9(8WX)&EiDD{zH-q8ZT{7TTC%6ZGSmV&zEhV+wbJ}hdVyk0p_18*H+1* zTT!0FY6C$?``yde5?zI*olAon$b3{-!Sc(A0Mi)S$mK9I+-cjc>g^_lOLTW8CfC@b zVt>c93b~h8`S{CSslxv#mi-~at3Ui%uke}W;}}sK)?Fyt@%0)PO{wh5>)2I_fmF2E5Z)8Keyqd~^~C8Id3i zmDpnJaVE12qk%?$37wNQ!M*7)s4O+D>N0D>!K*Nt9;G%7VbDK3+NQ0s)(scGFcrN} zC>14#x-_sb6K}O0O~BOH3f6V)CsxR82eQX(w!`)JbLQPKA7tp6)>poG-{oeO6TL0o zrQUvU5~kTu*JmrTO!_0{Rd0~_yOj8ct@+~MscsZ@1j!jW311aLggrF-X=g29p4;d* zoadu&q|Vydv}%(!?uJd);)M>Z)noezAX(X4#=$x3?+kI@p^amn67SRQ54FLVS4D+$ z*Zmu9EJjwAhX;p|gx+RuWlcGdCgaaI+#t-0XEIS@Ky`y68H1CB^~8Z7L7Bd^>gB@r zGY33`MaCa7d>it1NQ^3M)c3HmPak2+MrbAY=#$A8=Q`GKolK+BTNt=^?}r!QHiR>h z96xnlb3Lco1^r_rwN;j>c%|8g!UJy25h(BoGP9s)>l1uiQ<}ssS$A%M66do(7?b0gbCspD@1>>luFImXhlf@$JOur- z8^eoj#2;6@*ik6Ul&0aCGd3AP!2?)IdpGKRNNwffWR;W>9<9*~-AX0SwzgTodR$;0 z!APC3`ZjnbDLM?k*6{rn)!lkA^Z5mW_#rK$oy|doi8_|r-m2lbU|-o7+%{UlQ)5{J z--~U`Eac8n8|(2;ofv^?lFe4CY%mYX*VPgS-;%ctBQn}jmKTkhBHkQv#g;@U!$isB ze>86ujW`T{&u}-Uq2C4|HC&oMyjPNG@On(2D@M0U_)lII`aN~<+ZyIF(|-w0>|j1Dug6!as>G`Qmto9MsxFh63oGhuAQTkZ!m432V%D%rV2G_yMD=Tn*z=N^c?}OItupO=t z+jn)XaDy@g-iuX6dZpMJ6($EWYs4#-%?P}QeQ%~ss!3*VELF<7*L=VDBk@!Pl(D4b za(Sbe=Im5TSm-Bu0bJTJiZrs!6M*=9Ryf27Y)NjayG-3$;mK{7ukmdV)nB#pM%0ey zJ7?`gb)&dAm*tNJQFYh4Wc<`&@pghD{B@8H{754F8@gNsW*DgE)=`8}zpTdjOjc!M zvcGCw-EGkOR@H1!Mr@*iPBa~BM_^gAspP}%60;MD&xJc8VTD8GpJY543ypORcQS{E zkd3@k@yJ}L+R~AF@g<&G0 z)08@VoV$-u@FgLqJHm*okZbi9en9q)z`BeDPb^F+NH>QpXM&lp*Ls5C*&71!cH4Cq zV8pjE!p5=zie5j9<0Wiu1VO@;PQ#U0zjKL6)gU!Ebb>*D7U=ibX}Eq{Lw=P&A!c70 zaA}vh7|L*bep6n4ZbG1_?M&{dI%Io{N!-+COm8dWpg6Vmj*Xd9Q$|I;^~`Dy6h7|c zg5XA(iZ3}1n-8jn@@@1P#0-3X(g%}htuQx^V#V7e6YzXguK`h^J^dN8`K-*%B>fX; z6PmEZ+L@ZOW$G?pZy9Qsn=K}(^9rA-{lhlXB&B9vH`tna4K0*8GUeuSAxy}4)n}VF z;K(LpZwrQwX(!$liL0?Nw4vj2H{ZhxHF;#Et(%?v)vpvjGEA67R62_3$&>E9+w9zT zuE6N6n8d&VA*h3bn-G(MRWkd7Q_Is<_?f~|f2mY`T1uOjG2e*>uO@j>?M_@FuIiL? zTumY<=D6L4c5LIUD5rqr!GeuH-rQT7J?_OH7E($#kv;PoJORmUCG<9?)Rfp%@ebuL z7tnVk(XBaS2g{5JO<;8>(TMn6T&+z`WK_iiP16X&lI_MX$WRcB z%r-(8Novlmenm3JwN5% zJM=ykm&|!I8?@4;wkPh5d=}QLKQeaA4h-e%{E1cv$*VJN1ECN4=foixsFx2in5jGr0|ncydEbg6Qy@ z2RG<$2DmJNqJncjqK#sC&{vy-MvlnIUkyqf>`PMn+56tg!s2$e6?da3xoYMEb64TEl{09hMS8;GK5%b zK2~j74W0=yWnt4Y0PeW4MzVIP*mX z-gq8uc}V}qW#YPuR0aa#r=mtUxz;UHX3}v$P&3R#g*xYycj znrEf%_H>+CNL)g`QgLaF+G;wl;?US1udDkj$={`HUc#8C*hg8FvrN%{w$UGg0wokov|~%AACzW$3eNd}QKFt_#ZT#}mVD=5}`L zC@Hw*4meg{?=pUWA=lk=!u$gdDl%WxJeA-T7M=FeMUNjuKyN8oA$l^N9MzHmy(`sD z2``3Z&X%%%vx?h{V@h)#6SuDqag5?dl9>GQLzu!Db!{$RjgH)@!)bT`$g z#_ZNc$RNeX`pn#M3@>=p0zChSi>xuRHN^`{)Q^wDcQA+J<0J#K-DE;mJpY(5N`iFT z=JMM$@FRwwW7>-j6FNqWX*RwN+p3hFaud#SXU-wIW(q{wW}E*`{<>nboOpAPdCMO# zC-~K?o?o!*fz#xUUc`(dZ6ZWen4&Y|4?|oi^MHpr__J9<_?+3Yl)1O6(jl$YdI!(@ zrpmF*50dl|2lQ0G!?m@oR_`t87-5Eh&a**hQ7wKM#AakdB*8u{dlg3G2QjYFn**nR zh+-E2&>dG#&Tb6C&D42)p8>b->1f9hBaB%}@P_xqQ~BgpuH(S^5GwCfnINxjGGEPl z>rLIZIW_CalCbY7BRbZplf&HTwz*tSb*|*B@T(Gq`6w@i6~v_;3y8Keg^V*X_Z+$0 zq<0Tr^dP24N#965Ta9Q1CT}7lk2}|%=~@kmId#qB>>;h5X0Rpg#aVnWu6ZtZu}KO$ zE@_aps4>m^0=Z~aVWM!m!@DbOd==FQrEDnO%%ymiLhKgNwq}o|pWO@g^*R_Z-jY0) zQh^SCd9lK*y~m2=Iih$f5xFjFH(B@;RE!-6iQz3X`d)}Chl)Z}9lJ~q`;HHMl^%{c zgvu<(%dd8KR%^VbPl+ei7$kBj#vx*sExm73hNb6-#W;9$Q>9D)xNVGstt7HzKMuEn z(WPI~P~wTNRii6u4jo%QVgts8Q|7zpi0h*RkMt^Se{|~qMvD|Z#(!e(G1c?$*T?Ts zY3}c4D~Q>43mKB?{-u(9Qb zQ6nEOfU34gQisdmjS-YI;+4aso0fijXY8QV=qrgM)a>}ky#_*wsN;HKd9M3g^{*$P zV^pNRfUft(S7mtQX6?qI9)1}*tUYCF#miz(6*KYc8bH80R6gsI?>H&FIrbc}8I&6VDGekyz# zdsXqwA#Z?EN0GhKYv71-kva?Ob(k^^@2* zI@lhhY#am1sWc3I@=Ec|$>JUGyLUZN2P&K5ko{K#U?XV3)4D4P;)ThA+?76|o0W6t z{Ja|h;D6>3`fSp2|1qYqKz;ShP^d=2?3cP_Gs&v>ds@_{#}eD9wW_w|ZoET+fl09TGI_2VAuPjHYs`+2iH#gE-Z^6@XFri&h zYv7ZGt)%GA)`}5cKWQUf9=tH>)S&Hci{`B6ivS#9MvFgcUh?(hB~w+cN}nb$Mhb6LvD z5HjYfixuoU_{p+iNc&f5voLA}JXuN%p^sSwFWF)AikhfYKd;uu0$Y)#G}6!D8~owE z$tT2K-;RPWD20tb6w`~Ti5RF?J=V2dSm~0^ubr5O-8f`eq+$K%Y+$C1wF!bU@^dSo zNHKTRuZ7Z)AdT{So^dNDrej=1QZy{v5*|OK_B-#I`w)PBgQ9rX&TD(U`zm)Ow z80F?f*k~9h%}l}1!rQJYMsjc|EaN2Z!f6OIZssU3XkRZqC_S5BdC6iiPxF1q4VVY@ zh6Swh<%@n4mxzU;#VN5;M_)Zv?fe;~skiX?d$qd0C6uu$|w^)R4;M6tmkq zI$c+Z0)^DTg^xyN-DJ;9;Y_c-yfJl_tdYk-t;COB55P?No7{@)-UOSp)y&m+v=!>&aE}NeQTzbaaUUwDU zb1j(@6*7A}M)dCv^{(Ya-DFB8tv7RDw~QTi36&9sBRg+@NiFe6xqW=-gtzPwk<}*u znvp*(Nh4nhZ|%D;T^Mcsj+_2-f2hlo`t1GZ-Q@koD)Hr&gu(%rD%Bs)R)N8~R#auF zrN6Tcx7p}oj$3vZ1 z)J{t?Tp-0=s3o<>feB4<%ju4A1D-I$-_lbb>AfcucHGiz%ermhJEU)gG=A9~>3l)f zCH>fP;mZ?_-G$8-6)$sjlaj*lxC9$d=MZ<4MErzX-e{c{*(vv{@sdWSG|LeZ61+Cw zG~f~d30;USacWC+(t*B1>}wl>KtatH|@zh=!6Z1VaA#;B&qVoKWkj^IUAt z$O~3_&dci(p-)i0d&rJ6gjr0|Hm16-*-zEU%v-xDPyhHb;kAf3vi~u1ncJnl?8ZzT z1hP32p-B8jptd6e#?Hz>-v(yCxyPRya{vKt*$Sc?@fTIPo)H#vb5fAXnDUk`St~jM zseN2yw{VYB;f-5Uy{uy#hD@w!+Fnxg^>9m5c7hK1JovfcTug zuI9=hw5e{Rbq|s49$G+idD0-w($^DG-S#-1yR)&W*OF7hphs3&T8WBT>52#a9Cx++ z?6R4W+h{yITQ}FSGd5fw@a?r#YyO)Q@TwuoOhsPoszuIi4FIYso6BL z5lB3@&aag|8q_tcdvN6*WiptaGUxVirP7pE@@V7xvH@=8``SiZ?wI$O#Ad+QrvPi{ zIGl*7h{2}iu8B;Vt^I(vC-!S1*J|}u?-eG`5)F06=`%AgKQ^i+wkJF#NDAs^3Y8xj zT1vhJD58Km+2w%y*3H+^f+7MofwK(`-(x!|+kG4FaXKb(y={)Fb!#F`H;3!bcbv!L z3|^kbj|;kt<`||7QB>4@Z`4nd<)vY9ZtJRPdUnf+ZS$yQrNK^^raQwqRVuZ)gdosA zOY$b==NV))LlmY~H?OCaTd;HLK1cr*(9Ns;8AHvP6m4?le|nl}$YW@{KSY6<`TV@$ zc9ESp-h6%K4Z-JLt)zkG7j+Ma-xgp*aZ@F?K`A*|Dz=%TTB^?+gY!Y$OGVe=u?Os2 zAMAA`mxdsvjeB8s5YJ*?HSi7)SzJYL#YY5qJh-Fw=7OZfPt`XkKWQk$3I<-$X=+xm zSvbFw93=1h7QTMtVy?LmOJ;&>b%cC%XOJojz)5KprO_}yo|1LcXxJ!_NfIX#vy~$| zsy<;8CY5f3t|D*^0!FI{`8;_WiJ5n4ylvZSOWd&75VfY<4(;i^N;VCm9__b_BT-DH zn)OYB$g5S`Mm{RGv;G01#E@6y{V3oq z9Jdx|n5gkL4jOo4(Q(Q$8T?Q_4cQDi{~ zQ}@1*Nd|twp-0P91aW z5qCwisnVl!dvQavL?`_)U#N8i~^vEH>ZU6y9?^Z{e#RWNqdd z_j0=ydAuDN143WzG+VC|lb9ki`=9gKERMWZkWs;C=4qSh(Dt2+OFXe&w!oV&8sC1~ zD&wW=xc0a%ncan74qsdGh+hl7;p&$adH!=g^ItMm|CZNG^`J$iqkfimXBz63 zjIwKKlW4kvi+xs5JD&Jw6FJ%@VC?EK^>rM062s)-=H|A5)f5rI`pupnsmpe(lU~g` zk3;8@O|UsohGfI=xbowzMHT9YyaA|lZ;sF_VQR+~lTLR|yAc)^He9TQTAQI^8ZLW; z%)Zvm2ovdWpk;eO)#iV`NwQ^mK^bmYf!~S5VJoi!#%?b>wCN;7CM@X2$DT4)Ii~{? z7P6y_kKii1AlxBqO#$@nT0~SXb5_Dl`D^A;> zxs<@2g0#xgc_R%{^%jkS1G1TEhisUtxk<;t(YUQEJ&}3wn)Q9#Xv(}Yf}1=QVjR2y@mQK_3gHh8-RQfH z!-;?{58FW*qproJ1B86Ih{|REF{hEh6`};T%T7}q=vdNhl5uNe&?a`h1r}LZSy`fJ zpXmYD7pZzJn%iZ0o>OkMX~9nJ;n(o*I7(TG-T?%?smwy6ztIa|pQ>^R6jV{?Dnwi-E6!DE#h;kH9#1|!^8yVYZ>{l36${#~u z5YZU=g{eSX9AzV|Io%UVHPJ=ZfgMoHsM!jSi8S?jb8GNUC9?YCY)B9`O2U4Gi~v!| zYq>Q_dgF;)=Q~c@q@<*{Sjnr3;aMMzMNT!*w)D}Kw>*95bznK-kU1{ly5^a%N=U^1 zu*+d3x=ria^}E?X9Lu*d4*>p{pZRXeT`4e|nVXnbxVI68s(Wp7%QecC)kya0eQxZk7xK=7VGFgCANsr&&D$ci?A3L z8AX|Mb-x*9YZr94C+)!t>CJ})LKyEf+Ua4uwE4}KcMwqK)@Z!5y zZJf&1BFhxTtt!xDYS%m?iN(b)ePBr0BxlCXFpSQDB6+H}eUWuVX2(_4L--d#!9(B7!j7E?!NOGo9a~x?iV)G;D=z)o%m+%DQ-B?B?fM(yfG++D$N{P1TyHIt>K$BF+j) zC&Ui0k(g}6s~FTd>uXss(;^ZVaa>cy2*ijT1tW!URzS*JBa6{cP@5Dhzk_5=@{3G3 z=lV9mJm8Z`&9;=z z_6^EX3u|1fUoN9e9{}+&s2-`LCuQKcgw1AR9G~h|stP%)Dotax!=bi~$EvmD`^YY8 z!~I<1A`-;-J`|V6txnb#Ji1oNgCrtzPax`7Dk*)C2q4DARQgn0jN&?aT$A!Ji#k-^ zDsfEpay;$(g2T-B7kH1KIU15YQV&k35gIou`w#1L^c8uv+&Az-F#H?kJS!M^44$9f_xSVC6r z&6yZQEtex?Y|`lfy3WcpPSYu)NKN6|33&z2x|ucn>042T%45}!eD!Ah`HiQQ_wz(K z&bBLAd1c#@XLN<5bYFqsC5e3n1=+yV42Ci(NKhfU{H`}TfKwnf=Q9haEOozfhr)x7 zWV4RQWXDS-j-|2L0aHOKi23@2eYzdm^R-8tYQ`8ef|sl@l*dpUgqQ{As0ZB}9W$9ys=rt|>uvud;T#^pYQ)6{PBUpJF76I}s-vUs`7`>jV-Mr|t8}GGKSWx2esLO$ zOz1ws*dBK)uVXdSu+-%;gON{^on9#1{khf}0Ax`S#uN3;pOJNWPiY+olfL*Yyka*?Pr{If_AEXD@Y&)-WabvZO0mS0q@Kq;(9~pfxI_k;f!rVPugN$yb!r3}O+8d9KN;Bdl?`?2*fZlzjq*;#wxGQYuoiym4UZ z$!jr=ThHEBI3U~4y%J1(X<2Gf_f(5NLkzJO(Xc)4+gawwMSU4|#9_SJr2@GclE1r@ z!tuGRWMJ@t2xuKx3@J!!3vLQ-lZEcE27*WCGm)m|w%iRX1D`Jk$!8DsLYP&Q(LEw@ zfTdIF(O7F#@KssqYq4KzBFEd&=?ma-Ku=}+Pq_dcCFXdQ_3Q}l>)zwh80NMzc-z9c zok?305utoNkZSnFZ$MuHd37O2;QFg$aSZ}ClOzk8j#C-?> zrO%KNF`K#p8+z`|7Q}kt4u`Dg0(rK9@5Ul?3KKaNPaOz5Z?o8l$KB~9%QRk& zSD}BVbbCRBXaw>*N*jwdS2-1rM=*m!cMR-eVUVrx zI!dBJrP*++l~)rt+Z6Z`N#zjIU`dUKxK_V~bM_k}WB+e2czNP(?_w@|yShE5pf&|c z$BEz-3_5%bI!>En7(KNpe2r$<&!Q^fl8=sYX=_l{0lAf)M{)o+EU6)gy%{gP{;K`` ziz7HUJ6gtxUpbh5Wi7D>zp$7zY-N{B%$qBZ^HC}UphzTmK_#|@)JG5b?F#;|#&`4| ziAKZsU%lb~wTbI(>EERMe{IXw-$eNDyT1&J3G@uu@(aniO%$F7B3Ck9+PnMNZ2PjH#Z0Fhd~4Zs?cNk zYqZMpuOB$qp%;HZxDK@c_>`=hh38b`PK6^r(Y^Rf)G3L!bh$iSNmWmeSQ&+|>}yEDxd z=1lYc+V6_Ic7G5B!7|hh zwGL{V1JgWexuw&mJ~W0}0{K$M)Q-mX3ev{v=9h}4laK96XY+ua@cX63^#LW+QqbpT zLLH#V?7xQZc`>fasdrM1P;C-QrXLx&+3zK!s&GtWrEk<11#x-0fdEvv2y0dXue4iF zUyX0{UmN)z`uQ%l4ea(6$8hT{*ugVby&e4z?LPL_XR*@6LHt|KTdj!7Uwe$s!fwa0 zw=@C{;y>96`1cV1J+J=LCg}e&6QIVJGBW z2J$IWFL+z&JDURp0CG0|L8G75aEUQce!%7ZFEfRDcD7%a#T!Q3?uMs^007NvY*d$_ z_QUc5)}}1}@&Z$Qm(GeEQloC+PcZ-%>*jJ9jLqk}^4K@aZ+Oh&m%8fX_8UJd_J+Ci z##yKJ(JP_U8ijNccMh3tTK;1S_4szNT08vviSD2Z&r zT?Ex=1N{xGC6|3P*?+F%H@q>3be~Sq3|s$}tp zDuMspuB04mjs?2U#YF!A-Y5=Sc@cnoFRoElIv2e40j8za8`Z5;_Vd>(yVw%n)tzTW z{;hx(esZbUHLtm_tnSnDd(XS3!@!V+#~ZQrz4-mubS^)K$GoO(n^o@%>4XyY##teo zT~%ekRwqaK75+f~#t}aMIEVW1zOiM3hxCX?L{9%2mXSxEvT|grmS3P^_t(F+>-gUo zT>pylD{k3;4nP^WqYV_7WTbws*?;__9Dqo7_es61 zocm}t-b1YR7f5_Hgp>~ACmRB+xAH`ghRT?eyw;Saz^#6kQ%EY>3vs-FmNf318&)~I zU;pwwTicu|9dEYk0@T(B>SAGghO(FK*7Arf+V!#*kT6o|s}CQVXpKs;|C!zo9=33H z{-y1&nGe2;NN~KbD^C~#_SQx^#Ggs5ks)uH7z6cRtmH3h$@m+7F@VVI4_TA0WCtKsD~;s-ibQ^0dVuFT*KrWoU%hxK*iQaj zy`f~qlr?7cE|?mU=UK#A$>u4l@+J;IorenB0c`v@!2W}M?au1A2I*VD9>u06Nq)f1 zvjOax;(LfpFPCRB9+=*p+|+X#2J}?8I-Ab*Io&rM;bk+|oeTfi5Az@G!~g#{BK~cf zHslhK06<5{NR{}!x~yqC1K4dn{O-B~lOBYhd(^TTYaqjPxqtuuU%uD1kpbWZHU;&p z-$|`zTfn3XhMn6Ade0I!Ha6-ObwTk!(9^kecN$zXAHWy2-_i+@vZ+^~lF$lnQRyn+ zd$DJ(r~=Wym4Dd4Xut+0?mOF2ZN8A><1gqxI#Yo!WDIP7*_?0hR-WX${_?1P?XL-4 zR*VA7pszXbthr5?;e_|5A^!e@sBWqUk3^2Ix3xdMplkT>uSr;6XarI;I~lpsj1(R- zixBeXX z3HxhX z6(OkOE=BG6`bk(IHWme_x!b(gjmMMtuLS$5`k9&N2UgOALt6i#1FjtyE-Ji4y`T0$ zn?_w8a^96`_nef5E?k?PxT=MSQPZN>YCH*6n zrE~QjeOIV9jnJ*BkeHI+ADEy(P~*WK+YAqB^Wj=ucW}2>zfVJ46<~=U_+{Hy{GtHi zLlpy}+KF7J0V8Qq3Y}jx(|s=W#lAMuwi_fmNJ~7_?_n85ny321qEQ$DKQ)g8MGm)5 zy)PW{+#!DO8tbq%&$~h2;_ud)uCW!aSvEVivUn08+(K#W;)Be8EAGw4_Fp<&=xz!7 zXP1KUOB*9F%RG4i&w=E7;qZOYHrU0T)Gq6=SW4{Z0VSpS9WfR;wH4 z5mnnf*=7H=>H2&3rd5mU5pRk#`G%5s9Id+i&~Kf$8Uk61O=KR6BcBTkq0F2Q*-Z*) z%d!$L*eEt5;{AfZ0NV}tyrjyoXP;^XT%{I&6X23zkdJS%sCKG#h1HGn`CP80u#V@8 zN~NvAK4A^IZTPjg`fQ~i{Naj23*Rg5Dj`&XnwtY^KQul>en5ZPsZRiEzQl&vwX}z> zQj2x$;@5FUHXQ)2|MOF+{+>Ah6cc@q8kI`nL!U~!RoTqw>!lOVIr<(=ka9cg*7`ra zzctSO^`YNEZH~n|pFS>jCPmUi}6@a}&DdecItrsZ`&rEl}t+9l+C4~OF_0~4Nivm+T^ehWVsi@)p``!)PXe$1zpply*0p{B0j6D}5*-~~QlK@! zjN9zl^?6I#EZYO&x7g=v$9CMoY(3^Nx>Jk^`7wE zly)HiOu)h|LX7XCtSl@BvV~g&9O1uCz48?YZ0yzf^mAa6;>ZoQCuy0Qsq6)jvZxnB zyLw_<^#Mh&sIpvA#kMKz4@oW!x;_7&n{EKFXH=d(q~m*``bBN3#QY>&zpjWOT6wwF zqCRY_AWi0o?rw$bxD@Q5%Y9o->4w3F|2NqF{oIIch+%zXa3x=`ytLUp2OU^^%P}?e z<^Ho4>S1JHVfBct3g*YJT$si8yE$Dpoj+cSI`qBO8sp&*`j#>x8+EVzmXi~gbMAz4 zeLydNxIcNpDy(AGbY7D1bA~k2wDH74I*xnEBT(TCH!GkzN7Vc{^M~S zQvUBi>}pbJ@eG5V>$C=Br2SU%5ub~YaCMdi!hMphxZ}6sXDm$==u&aaD<{$)>at{vo0)rGk*XWM z?tf8jP*m<=8m#Wyes&o27*ccF!x3)k4Cn~eqb3eoNGBjK77)jym%X38#Bi7817q+n z+sYDdQ`2A3Uydio0fjLfUCT3s6nSZuT#~t3_A_`_HH-sx>R~CqU*mmQS#!`3KPOv* zU!!pWC}v;(K4kfyF9Cg3`xF=)d_OM3^u8BJ`HE{Nrib0GYe-QbrZ6qUc~OMdj_*q4 zhxp7bd-uTx&1H6gNeBk0o$!FcrslGtrGAZNw%QX)0DgNL^ReWU-6M7dIe>EHsDBGO zR{Ep{xP8``t-WmS+t`HNW#67+-v+LK`82`4Ra;2Sg&e`L-EQZo=GHp++35db?LEVq z`nGpbEGUYKC`G9%O`3=_>52j(%>V&HC@M`#K!gCHDvE_Jy@S*c0-=QxN))8`-idTb z=ny*OEZqOS_wSzjoO{09^@WG5teLrH8DqTf7;}su7AQNHiUDK)7&RP1_qRO>KAKYl zaYfhu5@B7@{}1t=dRa~?%flbI^%HlS=G4M_0RhtVUQ8}jm`Wy@hml@e!A!RZNPJXm z3N%$B^_b?-dGfAvzdwo}#iw#niAn~=y>?gNCSZ5}l<8mm7B`Kit|s$nkf~ zpX>qd?BR(3I-$=>_5TIQyCi1s(Wn7H(^ct@75{ftMLTM=$Z zA$pNHf`EYa+_7R5eKRjTtUm}g=@mZS)Sw_SB0fPlcy4H&f?hHVZcNL(6Oi3lC1`64 z^`i4PNK){&o&Nc_xA^nyitjs8?M@<09Hd|V?a7XyHs0-JJ9sdXF+}u?k#`My4W-21 zu0mlR&t^$$3m^ufr(0kPty>W8xVktx#O_E;^~BI|#CbygFAzZd#?A<@Xl4}xidsvp zaZK1Ntdn%KzWhkt`yLys>D##m#mSf-)p|xG59=3>pR0*7IekJ( z$j~$=a1Y)5>mDk}jxoyv@+0JjpyH?MI)CnLeNCq$M#11Fj8WwEY-kJ+F*nflbZ3Qr z-mB2DwBM;c9?D!sFuMuv7xwA!Zx5CvGMVk!uU`lj#F+IEzYP~_uO#@a{*2E>qe6jQ zb(hUNAm!~iE~>u5j2HnEmO3h?1dLSF|9Au;aICKoyzh8aS*N2jrv(&uxAi}Uo!Ytb zt%w}YY4Lv|TrPiBgtB+y^}Oy#Nq=3&yX_3QX=5C_;{Pk{)k8#~#?CLc#vG>6mgJzg z7w#14G#QjS8*uKlMwRVYv{M`4CdB|c^by~V2Lh%MYusyls_WLx?2#e>kSGEvK_6X_ zJJf?8?tGi_IG!CrpQp0x-GadL^fkYI?*g_Q=gC*JxOK0T3Q>(T!gdTAlIR!*6)!FW z^7|y5^!=5&MP}6WT&3Xifr!oo;>FZ-AcRjufQo8B{^Zf~;+_sB%_kCAKls+!TYSfd zzKrXQKQiqmPV;F4VuxxW9uNr9MI~wZNZUMm-~*~h%m91(9=<>)B?7}T2{XMu`5KxZ zXbo+yo=Xfw<>&v)*7_L_7=e$@hyCWzJTblAm)@p%6?MrIiTaP32;4pSOvAfa($q6O z3u!8XY4$kz4M3a%H~O)O_+)~`#fA0)&?qtAafIKl0J zy1gHxa^jyA}}pfKLbuYs_(Dl0a^_SJgff?ckVN*mXeVhVn4F_Pg6Ao?$`H&V*0|bf!_d+ zy_ci^B)&f6+`qo?b&5r{P?B`&k*W^3dg`>%pj}(gf|!FohzFQWsxUskFeY1DQsBkZ z>i!yFPl$Ac>~|Ljpx*T@p_wUej>>>6)%TEhPwi7HeElF*zheu^Qkqb^g!Z*fmw@37$9o$ljU2Bs@VyuX1+WM z4_xg*-u6A^CvW*LDzEDlc?HbGst0a37sZ3>((0++1ut{m{=Gy^ho&bcg6)39O{+C-*rOv7u3u)FMP_auCTjlDH?b+})1Um6jf<{TE9EI9X+c>Y# zb+gK@ZvWvsV);X_r3EJPYc>f|6q-5A01hXM`siqaG~!OR z>MucETLZvG>WaJt=yhy5dJWHny#vSQdC{Cr^*1of{YH^91s9=EfuXF7ogHstOE-g+ zm9bmjHcotb2p*c|?>CD{`ala*2#{?{H=}a4XNaf7Hk z-~81QE@9<2ISDMg!4eWLxUlySQrJ5dr;N2L^FKj48_%zXi%DR~AV`0efCm4`egt;u z2^}C)@`VEvV&`bAQ=}4{_t#LNiUhWAY8^5O%WZ27&`qA+SZoNc2o?X8$OJZ^ToH6U zaqKeCC>ipQ871-zf+He-#t-|nMGj47PW>0h8S;#qCeq6{bO@kU(yguJsq_iw30}hI zszJtTo;xcLJ}O)YZXb#8e$^L)%wU%ZZ(+7p9uF)I6tK}&cz6!5Cwc)-*nivtpD$O6 z*}?Ar4pj4wj0w z2S#pPP-$sxolfICdg!sUl7t1sVUjWg@;hYHs?4bCJKD^o-1dM> z<+S4)ND4VGP|N|WL7x*U=k1@LyS*utaIHZ2|Jx@h9RHj)HBTc}ueg?Y>6rW$3`pT3 zi|RuZwfrj+mXhwN-A8+U;n>b|fkmcN?9c}fGA!Xt#q<63upKZK@T9xkJMoSVI`-a8 zkrcix7EV?ISd$ZKw6v^ZW5Z@R^PC#~AE7m9#!cpdM&D%AJxFs+#}w8Et4z+~7o-}g z|2=3oO$Y^-8U4gbc$&f@JJI|of5$;!`A{tgowy;4XglF0OQL?H`e2b9e?zJehh(Z2j{JP3c?l3vNjhJWSp+YLh38vt=}I>E(%~*~g;NTL z3~`6qPrfvZCclOmm6UI#6$DckJV>+#M9v#%l1HJ-d&Zpn91)b~G8?x!yh%}H4jE|qv)^x;y;9hTb;)eAP z5DrUL{s;Yh01KqLv+qvXcC3Fd%mlcHOcQE+f_z~S$XvT)d2Yo&FhaGsE8&&HlR6ed zN>De*%wWnO3;H|UZu{%Pitc<>v6R(zuv3Ioa6A(}_nVueKK)16O61#4;*hVz43BkSw8rn6dIQXFZUuW8A4qr@Lrc-_LI|H=N;04=ZRZc>$Di%mFKPI`~YdE?8M_ z-suS59q(X?f40)gcRt1%_{PzII(?w}p+dd^le%w_df$%V@i8u5^tx1Fj@SW1u-)_I zPFcLQPnBEl9OldNkaODse5}2 z)_>si60HMdpw>h#|cQO_R|PBYl-q#@T>D7hr)zvh1R56AlFbJG`B>#`!H z9Mz+u>JLieIA!g74?UAb%d~@hux8ymVPkdeQuzVDDzWacg@B8zvIk5)4w;{u88`+E z55LG43(JJh9CbYDy!3V8xJPcPu6@v5W2@q=ePp|cDJ!3RgYk=p4fg$qH#QGWd=J6ddx-tfXzrX2n5m8asHu+{%QXoqvj%1Dr7S|mV`9l1#ma(>u_Lvj zRvrTd#)Ol1dR|>GG?txdu*5+Y4iN?H-jt{-N*lZvT>nNKC~L&&v+gJw0qjFPohn5b z*T@`V41{9506{o?S&Tdak{tY{aMmftY%kHMN{a5y2*O<-zVTdZ2wS-sX2|kOEwkGHBU!>k=m&${trsI#`ou3O|~kV z_X~`@9ob}aC(~ciIM5OAxl{CTxm=;!^D_Q-uZUh_Z~Ai)i%Np2yg9x)L6HE=IAUjR zd}=p6f#PIVi4@4gZ=t}C*sdmoL+Er+p3d8+9?POXhO3LaZ# ziltSvP4=D@HYw$K{kJTBp7A%==$vbeW&HyFJ+@bGu+X0?q(J^geoYb{-HDCV2qy2y z3Z&zHn@5gii)jn_z}z==>wrk5^;MlRh4Ja}K~9eGGQ-Wmh>n#Xjk(jA2DyP+NWRYb zP@e+TC9K`S7v;f2Z?(yaFqn9E^;(Y?asJ?G%7pOhG792e*IKx?UkGSQ)}$&s`>m)Q zYv8n$_Z$5&Z?ny{qV6nt;*=nML}Ao6OiqNr_Rg&@My7!w+4>BJoaCsHgK}f68)fBs z_q2R_sOXM@&P_~}K6K03?qS20z~3EmQ@%##v!ZTqi)fZLAPx@acZdJOEp&bgSH(2Ds z0EQn#uIIu7cTxraNzkRX8m_q>UHl8{4(UI+yb`k-Yyc062t#};tGATasFH?}F?LgP zuNZkq{mof)CjhgF>+v(@!E|fLy5A~Xf${Q;0T}KL0=GUgY~{FN+Hb4rlP>v}EJI&D z0j^m4UupX{6mznWyxNR@GtE7dy=nF>epB&>`a<4Q?Pz8f1x(Cf!>WU+PSNKH7&mZ+ zl0D^C2753IwAZ#8+jaL6)%yXQ z6DR^OVgP`1EnQgNX9UP^nCjoah2nh`?0)3v%QB(L)csN+0t`ZJ(B?=5RFw-LsfX`F8tNMjqL0ipDAw4Tm zm<@3QbaW;$ZpQ~*_H zijXFq>Vo$R=Y$aXY44bt8S2@{0)k!)7!1M8*T1*^0+u-;VHB#+x!ANz!rrJtTr%fw zenxet$H1@CH^g1NmZYtWL6=#i6iC3lECaLg;=ZjhJXgZf2sRLSN<=$&Cqy`Ze^|Yk z!$rI^I46W6Kkjkr5tIZ-KG#G=KG#Hpv=ic_YvSzfI8@Bs)8)eeB=iMDPeP2zx>}}m zt9Ru3oT`SssinWs{z3_w`9(|lH|+XQalbOTZ&Lz7H-T5P^m?;zS4gnC4(-cb@8;05 zb+Jh2>x;a!2M{j5%_yL5TVeOVoN&R)1*Q0*KeLO4i@Q>RD685kv})r(wx`L`LCdG1 z`B^7nTl-53rQ9UylC09w@`WK(LuVjPikTVQPNGdGM(sf`+q$xDHhneVn{e9P00Eox zMh5FkLC7Q%_bWV|=}b{_gQphUZEcC>-J@`2FoXxl1uet$_}QF%LSOx>Uen+wyg|Y! zu4s*R54imqDP+iwP$K6lQmYX;&2A7dNBHODWP!j(@kaU zajRGn$0Ic|J+%7J!(P_a7S!Lq_2Eit1rNoOi`dw94~1g3%KRm;d>6u!Yk3N`lIKs( z(~nxCU-$#i#|DPWkFTD7l#M;;kzPL@?hUjp+Y>YY*#HM#sQ6V%(ZeOOlT%Zy=nI<5aZ)jv3rEcD93TRy5C@rfSr3}??WMI{qCx|Lz+7*{I=}aplnNL9L z!C1d+Yq%!hLU3V%!!vWMX_OY;h9j(?`cQd(CgJ>0sjR_LBiO57wIl8}N^ns1gXRlQ zQ(<~w=Hmq$5NvTW8#RsBW*Gd+%-(2-I3L|EAU(VAL)YwEk`%;^?~hFQvQ$p+ui~tR zKT^D9NVP&=avPc%?Kx_%!~De5lV9PehgKQhSIZ9(kx8@h$2;+A=kcQgT3qEwR4^fF z)wLa8{SqT8wD%JV_@-|S+@{&1y2{+=uJTo-m`w~tuMy9YFM#r-rS8&u5J2+fLP7K7 zas>`Q3cH`VtTS|NjGwxAcxb;#71`gwMh-0F}#}VA4$8{xbcp zI2xr9kT)3CXE4ZU@IxN*kf90F5;Om_z0V(XFgKNkVu4n@x!>h8VPweZd(_yY9~hEj z5L)z*h%I#bJ=CpCZXS*(GVKx-GGq|-^zjA>n});RSZjx(0%R#BxMVgPmZwxNE9ld0 zr<&&jNyFU}Vl&NW>T;oZ@byz0e`Qc&CP)^OhP2IMoG``!B3KsX^-8}FFJ6g6nF<|3 zCnM_7i8f-y*Bh+ZJSO(Rj_K^*2ddh4QF&JR3Cb$DylsK;wSmuDQArit0?A@h@+Rua zmUS{Z!ns^P3KgQ{3TxpjIN0703^A6-s?35)LUQoV#^EfECgzlDsvczWHfW>np)$NphFy#i_Uq4`qBP@U z$c7St(%h=Z5viYVlrzvXixn4;gea2E3Qm5Q1g}4uR4%ZT7wswdy{#kW?bIinb3z$J zPZX<}EGalzElJvWfR;gpKu(yg*kji!x23+c5!4GHNJ;+K9uVy2rPOH&#Am-QbvXqi zGG#arIF!XHK}kCY@3ur;1HIz8Xdmqdo~9-Mudb_y(Imw%5Li6g+jTMJaRI0() z^b|y|cv*UZ*o!QT2JHH2lwPtY;8T74`{Pl>{j{_rJ#7!c{h$PJQMh-~FI98>rJa%A zY5QG4{DqrYN)iLfHevt|_{c}tP_L}kmiBt~K!dXgn7Mz!U_*A~N8g3$Eb4-+!=npm zG?aoZu^4|>#_$Oa1PqaeG6wCYqJ6=UXy(R*qKa3P)v zbxjV#Kqp1Qi1D?aNlg8aNRQ5el9AfeIgQ)N;o_oBN=6 zd_|hYxMCG7#8aeN=ekHx-aP?6!W%j`nXHV>k7PL-C>ijd*&8;hmd@Q(0PE$I8^zzR zkThj8=(U{%1CAzuQ&q;^1Y0`Z`HUbciyoQgX;I|Kw;?wrI?apZhg`c+2hI2 z;jdD&1;KK-jzkMk;SrH#;|ATfQ5z@Gu2F+A`2$Q_wscWof2m~Qi-tRZTNbz0=<5`m zwD5^NOncnZWo73}7o-YXkUw*`JR_^B(7`WkzM(IYEss1@ocXb$OaGGCE+MYA$jI^6(Y&adQbg2it}Aj!0sG8H*R|G@i+WGa z#_y6S!orYDg+2*$SCcUhZOh#Lo7}V*0tMfqA9xO5iLhy=t3F(bE``iz^x5-i27+VS z9(?yQ#9^P)D5cW6JL{WFwm);?SoTrir)zSSeF;FWRuToO1uF#E3 zJ3Wv$^U=i4j@x)rJ29M3j8$;htOcdDYH(sUuU{e5jvN-473IIMi$XK@GMOgnBqYCu zK}ao6wDs!cDT1I-bi&Il!RJ}7UbEPE{oF{!i6ZfQoR3=bbHAR_g7UProgDmMyGs|9SHbHkfG?>CLUqg7bpVyl)t0JhSIqJ<9#1 zI~+*o`S}$I<+Z>QH-*8*n@pXlpXTk4N+fgVPzMeix_M6c?QiYrqQY+}V0bn1LkclW zgM$9spKfK)<{~zik!D8M$&B@YwoW*uZ@ST(!N};sz?g2Oy1bNGFJY&qCnv^5q7LH( z)ET`L0gQXDcKk;pUl%nndjXBL*#LT{m>8jm47B@|26xsuV<_MJt(y_dpQ-gmQr|S# zJ5v&1>G@GHyfX)mWvG^YB+Awlmf6?bnbptKgNM#V19bg(c!$%K`CpU$>nV)^q#sJy zto$`|TgZ52j45<&g`!_icGHVQJ4G1zaz>09^%6C#I`TqQRrI3JI=!pHy&DOpUkL7+ zll&V-2pA}Dp{{b8c2&LcM0D#++?6{|*$)i}hxZofGnqk^n^)gH$nCd&tla1Q`Dr*8&g#fo%%T`{+oz&I7B5$lH`BJS4BeCMBE_SCZdah=BH z7MWIXx>}@KUvHIPudk$?FF+>#!~(7bZrd>xY;*hW zM9W-=?~7fBZ6zCPJZmFwbpr8;1D&Yq$Xot&#B zc`7n+z2d+Qu>^U7C4qxTU z5{E+k!tO1Nv#NTnU}L7mPFxaVjn>sKXG;z(Gcr?gPGmJCOI`K_M!fyq_>Z(^av2e+4@P-^xfE+3w#! zpJxY^IplIsJ%K(uK87K#l?ZEpT2X}Qc)e-)4aC)Xk_DW4D%UdAy~}UMaTG^V2d2#+ z{W6$@*WmgG}Oy@iP(*2ry$n6d%p2Jfr=Y1p4WD2Jq~{FbJTE0I!st z`n5H$S4&O1hYRxo#3$ZBZMIYB8Vi|^I$Q#&VxwMlU#sUL8-dy@O#P;`SwMiYOexq~ zLQ4x>$_9A>9lg+b<4oi&8i*!5P{6#o2?CNvl?$kJw0VfSPbRE?FEkG%n(LaLcy}L- zs%4)+3xg!!AUk$BfcOsw{1-YP5dBF6>Pckg6zhBv>*jo?`bj9N%kaq&5sd?G?@^;p z4oj!8PxI5|qMeNW^L$ldX{ZOB#dH0yB|HB~Ci1qfShixvGF z*l}_S>?8#Ma0*PdSpIS{5atf#yZLW`+=wfVnWJKbOwMEKs?ZBgV*QJut4)*Re2N&T z7T7+w`S66W9@&GE9`4n<@2E^<_d40jdaD4z*#N47*Uq5NhZ#sX3I(8?Ht+B<8O#O( z0H#a2U--F#p^=HP|Mmz1MtKD{gd{zrxyfF+TBGW*XU=(G$l@U$a(Hsc1xEqSS!Bs?38aYyE2ug zF@*Er-g)m&k-tBvK&7OzKCS zKJ9!Xhlti))Ht6;iw6}YrTTy>D9vb;>JV16Sk3pzRPWKxiASdx(fB(Sj<=mahPEZ5ILFZ>vycI_<8m0?|89&p+nzNol^2bCdv3o{fJ9K9G92)#^(sqo z+Gg9s%9MAzDCKf);d&zB$~kBAgtlcN2GKXvmyJ&`)2Kby2ruqXQ04I4>i%4)^wn#* z)T;Ut^jN#trU{=A#PjuQDNBv(#~{OF$725CBIgd#CrOM&o;I&GbJCuj<9isC`St4? zYbV*h%W}9{vQ$N1-vuJ`>^DzuMDd03d_#k!cvkg0ckbAB;HrjvCyU|g$5lfK>cmEpc4RzuAZxJ*RZ-`gQn@!TbDz z2V!EZ4X1C)xrb>azblfXj5*6%rn-zEgcN53Ji%(k%@t{eLd0{9s`XF51_`yt(EGP% zf48(xE6eSpK<-LjdQ?-GHf#}>VlJfIw|A~l*76PF`z2w1d&$dgNO9KpZ|&0{sFgu% z^Ndj84RvZJlL%^j#q*;M-iYGFLHehCv2euqzGDb?sbzgTZ>x5aGrL$xzTOo>Y}T;L zpU?1yYrznoX2wB0QN|Nyldjfhu_rxf7=UA0VjT=fvx+cB{OF?;P47H^I__UNaeG@B zJk^r#Ao+j7UlLlI91SvL>m&0t$`R@>gCIvTnTs1eFtFsV!ugmH(6Kd|f z?6N1SoS9V4>xlT|o1i_JE6e-L!OY-xM;gv5;z<&xeI@edeYo$#tgXEvZ9FbkyRyMy z{fe~R5#in3hGM*?DsCe<(>3ongk{kHGU0{F2|K>f-mCKbtF8*hh%4PdGNtEwct@xaw!X zERm3igb$pe7Jf3d{2&#jaZWE%GU1%s=A%F^OhYff2ar#Y8v#i0HEb1oTc^2*7#cSrY%37tW_PvK&rw^D-Hy36;Co)TkxIE=pY|5cm zeGDsBlX~oUN8$Ml676eQ8xL;JO5Z#j%yPi&CSJQ)@=munhY;W1aP28$rU4CGT2TPi|JvY9C(^wU-Il4`&dN zi?Nfe&*lF$c4&Ix@zqV#oo|QPdltHluXH=!<@O2lGmPqxJtA_B=_rlaS4vaoydo}O zH;EvBK$<^$VOC zPG31~VlynI=Wc`_97@ncBKsLmUva3^)y$uZ$a5B$df18%$MJTq&gc!AjGyv&;)D@$ zkQ|Q5ab8&!nje9jb_lvkgrJFORSs$&9!4`tCT!Iko$uoNB%`QHE0Loj-D269b~qP- zd;dgAR#Q5VxXJBtLj0!7#aii0ytYnv~O*F2;p#%so|cFxrL zT5JU1<27|9^TQ%z=YYZ_PZ&wYgBCiQGQ@Ll(r|wg3v3a^i(d~z_%pcEmans+9TWJgI2gHt-}q^Xn*aO%`dC)+)digRxV{+o0^-w;-RpSz~Wf%>Sdx+~LIt z>F2)Eu!yyDu?=O)esOhv?9mL}xfnUbxK3QrYqjFVnaiy~nYfzngn{PUxr5>f+x)AE z`QC5a7mmwHhG&d*1(+0n4J;QD_Q^$^0l-F2I0^-2SI*@+C@lH~K0habgq`DlIQywR zcV-u?o}l5|T1akRWvy+ylZ`PE$j*_=Ty$ws(Jt%LT&{75SgJTASoIc291DK<@u)p> zg+5-BIMMRGa$2|!^k}g<##UxhR^|*&*m!pQQXnk@l?t%KEv4 zaf^*XFn7%;!CFeg2T&@1$_j2+K1RMNNPnB$DEeu++r^f@N$MrpY8W>A*-E#eVWnI7 zc8~W0>hw3$Uat*<$7dF6OH1|?)|S46T=?`l)!v|HWJQygE#Y{(Zo-L4+N;j?CO&_$ zl8;i|p$&*r~241PR} zVU~zDw%r)4m)r0?TRjFv#cP)Oo++N^Hi!aetCfxLYVzsjpNoKYhnBu-4(Dk||7jsm z60o=WoZjM4v;6v#dQqHO?zIHV)4u_VMc$f}2ZsL?K6BHN)H;b>a2w zjP`BoG{@=2eiskN7GCbr7fun`U$w2#jOYpevg`XbYn^25%~dZgFyKB1409mDse(d4 z57axk2dvxYh5`9*1ATmo)x0nHIKP;7^`6_~d5zlc4d>zp3hFin%JTQcPSRHu8Bs#4 z`s$;cLvJ`;4tQYYUcQOGR;95lrD)Pw5#DdjdBago%rNm<+JM^qCQIEPk6$Ya^t%^< z2d=?YyK2=c2JZuvKv>N7;(Ud#>#A+C-0@IcW#n7Aq)p<%1i&3~(3eD$C72i&!)9JJ zT>qHU$2+IkSD%VMVzOgu9I}{>`vRR!iK2x%>~koVI?0^gG>$4I#amZ7U(Y-iVPvQmwTMtu>N`a#)n~Z}$fIZ$D_{us%T)XZ_wj{qR{-XEJU!T& zBkN97ussgVx9U2zsyGL_(S8;H)1^~h@j~gf>^ZFPD!F@MZj>t{srR8VqrG`&6#o*n5diq{$GkYB{L$S7j$iGUdwLAa)C$m z=NZiA%=#*Rv}rH@x(ct#F>g#7u)yaW@)*vF9hd8IOxwpdBE?^s_SC{PyuR|$tz|~j zf)GK3%>+ z$JbdM(I#b!$8IG!d7+NxbNl5~l5)q&2iEATj7%Dl=J_|tg+tc)w>7sDTFl!7ybq2p z6N}k_);zLf=X2m2#lbG7z8afHrB2cvX2HHO280jr*C7sx`kOK5bJ1-SxSFj_($gJS zm0Z4g3o*e={gFliSm(2ZsR7&hIl}07Ah1TOnsB%z>Fw}PVcfkaYEKm#+=qQ4HsnYg z=}PKy$3tQUNuH;Cjn8oLc)gfjex-xZcuR{2g3gMD@FIfxWVmOtbtv=aq8f*eW<;fZ z&*s=sO{-mB9$jx9Yh zB|L4CBFZ!ne01@{J|!{=33H+XCVxC~;-WWVC4iA$6$u655j)5^V1>4rN0){*BJH>v zZ)}8h!eth2RpsR^A*20ZrLR^8cND?-)PKE*|;_)^=Wn79T6Gvhof(`BEw&<0ljep zKY#AfD$+6*C?%DcX;mm2ziR!gwdA=)gxyM!Z=c?vyO{@%3WVEfry&KLlHH+7JZ^C` z#cV?t9tUr7XV(iSP}WmQH3i6*$13+KhNL@vagR3O>1{0g|0V>czd*yt$FA9%Ym_UQ!U#=ChF(^K)4YP`L+(j%vc zV_`$PLjn+3_{Cg`mx%Ppo%JUyzBOu@cHT#et6s6Fm8dKB@7Q&-^A(+7v-2z??5K_X z^ut8f8o{lU(*E`7hsLn`xdv^HkDkq`-YlGs+ZW3WDf&BIKBeFHyRXS-t(ayi1Jp}2z^rPvT-{D6dsVkF-VvA@;5 zVR?{Afc=d4|U7>iq`$U0qC^j8;J{k|?W}Z2L$_J~J21F7m*x)G;Dm~-R zoa`tbdYZF`rsv{I0+-1xZ)3M*2^mdse{sJ-@7}9D{n$a{ULpA@=Y%Y=i*nDNJY#;! z{!2>xwA{{|bj@b9m)Xu7G%KJ?c9zj1HDx8SXelKn>y|YJ(F#csyblp{GJs?*cH^>XfM8x*kq07r@!TWi}EJ^ zO6eCzqb*Il8ek|+0WpQ#n5zBwDk<;JK{upz^wEYt=D8jld-sEN^o>v{x_>s4-z)6x znwy6_b8yH{6h{PTaat#NhX@%K{B*a>&G^lYSlOFT$ow%g!%cRt@VV6F!qi3qU5f}0 zl4kfC7BYZ=@xFs+x%`LgcTnVgWoXJF=>r$t+{V^ssB z*p9Tap++!naL$;U-gR&3Xc@qO{ydR+E-;R4CT3U1uOB@fLW{YK%sYPf#m~*Iq^i0aXt&w$D>D(0bNrr?a zQRSYfC`eJo@25Y#SZp%a?b{%L7Jx|aMd}7gCqEia_FS=%8!c^Xn;`yp`vQzjuo~!26m9h6funDV0y9ccz_=VH& z7@kdfGq@kls!dK#K3GSl2U(APc4p~--M46R*vFJfev@*XLgdf?qy`uvwp`kvs>RgI z!wVQsyS5t2@ueiXJzGbkj1{_r!xJ{c4s#GH+IVJ>3WN1`O#b9oe}+yD3HtE!Gnr&r zHZG4~q*m}9)Tr6J>JB|Db7`N^hCnLrHQC$YGFDm%^0F)AZ|Me^=vCg=yE$>#@3T!i0W~% zB|POA7lvqZfMP61bhAEfM(5v6>oEWMAT#;$-j(e=(MC2d!Dx}eMXF6N%m=U5kTqt+ zwUx=Yl)380&Dx3%Pxgsx=af8XRxjB9{`wtO^Cm5sI_{F~7dG!L(FQh3!6m=j@2?wL zS!LBUe^m6Ln2fJ+A~|*cC_U!dxTb-eU8sJueV%y;ne+LL+`V#dyAbi&>V;oLcfYd8 zdz9R}rTT%v_K{BK=CF0jqFfHvk0V3X@jYkQy=tu5@$M0w^dG7@HF@d|bEZJ$b95YN zT6SnI*aB-bTdZx}B3w3+waI3Df4W-OM%^gm=ND&|4TiH$&>nGZ7CDOo1^lG(x6|BJ za|bfir6Dy|8|U6yYxrt+$ZZOl-y`ciqkHK4<7E*~lW*6ZX4b2VnZRh*)Jb2zKB4Ho zcJ+vbTEQ_{+8; z?Pw57oKEl8oAmeI0V(u3;7{OL1f}GjBAsz=)?ea@8D1i#jUnv0z5Ojwf^f~WPiH$X z1fRaH#U1E-1YW5jY02k-`EDjw8Tlm$8r#=>rRQSlXS2EZ*ofiE?IeUqRgQJ7@)ca0 z(#SeFU8uL?}FYYpl4l$)DMz?``N8XZF*$ht{uOC-*tu z!pBmkLvdL7m1WA&4nd!my_@z^nG*d5M+uv43l#L5^-X%R9n|u9ATtHEnE`dEfuz)V z2}TuYZN?t<*zS#tARzBM;H5J;8r? zFJYyszU!{~i(flqizuPCYtYdxS9{Wa)q+X5|Lqn#SB4Fzr#qd)8mQQHX~?O;_@dr3 zL1wdeIa;)_Yd1E3nk9ew`FWKjJv_WG>RxHM38ZA-^6#woJXBugUz;?RGHS;$$4B*1fNFPXh2&(!ae4gmN$4+>t7^gW*e`ltfI1rpV(`1jxVJ- zS-Hut8iE%0v#J**!VG}1{d0~}V(9%TY;ro*j<@f(%Fg8`>nd}_64&-VhWzU86iKqi z#Kk9X9xr2l(pQ;(+O2GSl6qOf=6lCltjD>t@(sb9gfPCzs(z#7Po}r3{KIL|#9^6p ztV_x~3=FT+ZY7=?NzN9wd_EznbhXXVL-;o!37QiO+#7-SyeqOZhCx(nZ%$x-2(jgT zt6H@aesj8JR^vp)@xGWo!^doKrHT9PFTd*yX;z&In?Z$tPQjBnkBRqwa7;ye|JH^UmDg-u4fF6L$O=H)%c1qB4yN9ywz+#bKh zxn8}ebo`?-e%-m9fr%-rGI@PqO7+8wUZ&gZ-e>f3EL&N6E@o|)8a>55b@p|H z`CjzOGZ8z5`>8bX4oJ49ruHqnt1#1!SHvsJ?GpVM^PM4r&WG#Nl0g4v)1|a+SK$x* z_!g9|?KlWi>)c)YQ$yI1`*aja;$o28Z;kN6q+I>;CY}!gMIvbL(<#hcH9>sZ)9I{x zz%#-@)3KlYWsSMh_W!+sh@@m>Or z%jO#5y>`ak8WKaw-gMu&spx>#Nb>MWuidv!Mi^}mdy2?cZ+47M!NfN= zwG|gQRwKoUd zsAo=Tm3Jd#&Zl^;Ac|%%c+35un;Ss3@MpkMzG8b)*kofySG#qCQE(Q>Y!Hq@2>_?$ zQ-zL~-5}L-oHrGHs(chvQxEItCSumVaNaZX-Nb(S@}-&6_uh9#L4#(9bqY+VUjfK5 z90f|>4%b%L`yJa$9(SW0ZKRNn+!Fk$fYf8gw{rFK9?UJ3M=M-Ea3mAK5A1i}vd5m3 zHX$n<5J?ywQT}E_)UpO|goex_cbt@4^2`iy#_HRDW)PXXSn`O*NITJ`hr42{N8O^Y ziGG97$PwkaQUNWCEk7)3bs>Gx)k;pIEs=509ZFuaS2i6J47WM3eES_=+NnpwbX*L`(&ewNBguOgsD|z-^BUS@w$o^`Q+t}^vA#zHT zXddo40} zE->>NM6@kDnc1BViHZ|b>?VbJf80v={{6OEvs%&CDxQ4spV|6~BrWza-DaGfeE=I- z#?3ai#fe#tm9KBqjUjZ5jM6@yeqXx<#2G-f;^iP^zugySV|ci^pE8>&uFvRBxmLh$ zO|53O&g5e7-yy{{5z@|c&mQ~KcpWxt>;d(JEXHxzBKy5}khR{$;nRX_FX^3hbrD?m2!yuNGJ2cp_DBmhPF`N9Qkv zMMg3JnUYd3u}f-vrsD*_ljt=@cHzv1^2>KG(OrD7cn4*K+Np_A4pB3%a~18I8zCFD&s#+r25l7eWOE1cJ0}uaG{hoTl($byMp@4LW zfOL0*NJ}?J2}*;2bVzr{p`}YeT3Y%X>F(L*{odc_`_23{Yt77Bvu5~{1?xO#KYQ={ zzOU=L?~7~>CHO)N>frV`D4dW}xjKnkTQmC@9zM}gG4L8u(Qz#sojrP7Q9vEce$8oJ%uYOEpyO7*+gWOB8*;xx zXgsO2^eh1*ig~s#ZhyCo2t$zi`;@;rCx3IpBz+-$h>qqg$~;5LA{iXq^W)D2Ju&G# z%PHQB^|C_8_Hf$Jj~k5~5gBQ_UHZ)%`wNei5lG6{fPe?H%^uYlL3$3|@sMB?h(J+c zVT{P#wJL~GCqcbiQw5CqgLG`%#+k0|ZZum)l@tA9$P~2d@#>yrN}?3R#MG`$`4x-I zg5Sn-69@uWQP$igB_;bqg`}j7m9uVt|NN=bvS>YB77tCfGA*2HJa!8q9)XA?4zk+S z4x471nt^L!oRzILLr7}TcT=Ctd4Jc!?_1}$iB^S#L<3LlHe_7k&Z{K(Cj?K3q6AI7 zDVOnzguiO!Vm2dhBQ6w`E>(1BS-h7AW36^v9}MZdmCdS&vUNj9uyc zFfgg9pNoKHu$k_bjzRysW%_9nFdyMEALz#+Bg^ge7Ijm9tL?B7OweBtLu3BiI0T9s z#h@TK05-(fSE)h!Fap>V67X^ON-m3-5yIAZx^(yc13u$<`dt1(9s=vp#&CSgtB8s5 z*3Hci_d7ASM@aZg6q7Et#wWslD+%q?JS4Y${;Ze%EL z(ZjiMp87|3b-e_&Wy|`|vyteAh8GL^vooC-abM{bMpu1oWXp%-_<)1lTB_6c1R4yA z@?Ko*`lgjr284% zwHy`|A1{5c_C(=r5||NIX7M9v2Le<4~ZXV>jMPgT}X{L{T=GVH9I zFshD1<0uQ6B6@o~pTtSf!2Q6F%lF!SRoh7+Usa=2hjGdKDB>FOHfC*eQ`XkD)R$FI zP|wr+%|H+;?pn>bLfrB3BOyPFg7Wgj%?v+3$#)pqxqb|u+-=E2YO36D2@CN)A_Gs+h!3#) zGXs|B12uDY@yW@=tCNxb;=U!l{i^hXB;{?3N?S|glt%C7O6v!*OkWLxbRnx=#@N{S z>yEOH4wJ~;aU9&Z#Iwyf2_tgcg|Or-oM_zqy1~J5kd=23SmP~#4-)JVZ00$wkTAdW z+B=!?`SYL?Nf1d&#Nd?-@9RpuCr^l+e!dw_o`h7iuqsL4Tx@0xx=b6;Oim8#*47XR zW3u9Ze{u7?5su~o!^j?HA>0Q_em6IoDS`KArZx3FB%1;acb<^o(sXom^iv+z3^Yb08+uN(%$vwJ1F-t#R7f~GGrED2~w@C*!S1-YR2Yi>P^V2v=C$B7(CQN+2}*Lgx`^Qw2`a_;lb+qs-JIqFO4MA@y@^d`n&$_b{H*hOnm6WJ5NL=WYv>gtF_a*GV7NVyc( zCa^l0#YKbcO==0Ox^ITC`EJiw*MT#bt!5aO^O8#kSd9gUOAqOY)-z1u<7hZY$1ja= zE>zuiXRzC_dirXi@?>{GcTvd_-S1CA{&o{~$SS@ul+KF2F~XZ(JA%rP`t;f2ohWAL zPI(0hg4UAzxV+=Hj|{|4f=X}O=$HrH>r6*+kV+{$Az!`_dfc4wuJw@ETj7HZjrA&m znC{N!+TmkF1ows~<<|Sm$;kE@n$}XMeX`9oky?E*EUl(fLwJ-t7+Sq9R3$+YyBEbk z?(!MjV~sten2)B~3ParDUj1XqUA9G~H8c_gZ;n+TmvRI1#PYkkCpvl{IbTikbH4#j zUv?Ultq!XXSI15}Hq)MaRC%AAOgjz~<`X-4vDG9?ACKRtt4e(Mo!1n97@wFpU7#-M z6(654Kw{rIRxmlz^--#y-0Qcopmo!wXYtIA>uQqp%a=jnL_&GWSY7Bx7!-aDU0pVh ze;biamFZdw()`)HX{Cb?#W@O&pDBuzT8|t%r{mSg4-Y(R=JzM-?L}6V=a7(* z`}<vhEqg!=sfqrL`=y?D_Ng)IVn-Hk616DkJGPExzFoV6yCuYMv+1 z+zhvxqN3N8S}Z-!6pg)AOtKG3b}$5NO1$@1LOeNK{T4*V>aYz?Ou8F;lPd^_9!u;7#s&*^gNO`jm%%Z0W-lZ!Xg!vK(2YV=%gs& z_V)dOc;t&;(yQ86l&n7B7LRy<9YW?h<68gleooXNTbmwWacqXLwd-t>fa{ecJb8!6 z^2)h;uOO+epDp?ECg9wplh`#oq^wT;;mVYIw^jVH@F+zN&i%~C0FKIsmd5_Y)Bks6 zuhLC34duDAfdL!3->o)V%bH2!MP5oyYpX%qhdqI_=A*SQrcsk4mYWiqT3|qGf~J9o zWTe0;;l+vONNWhVuKM)dmRc6X3cJGy1_25jVL?4MHb%z9g93T$1>C#f+1|5_(A#t{ zS5Wp<a@z&$AkRi9EM2~|oO zpp{*n?XkNpIhDgPu1x`S$UFq3PHR`QPHPRTk#j3k4{A(bg_APw$!Ab03f+XmPnXl& z9*8J0ZFiT0?i;9OsqVi%l1+6J_r&wv)PP%OR|kx;_U2o;i=1Xn8>Rkp9frE5v0VM@cI$M*Rwx#gfWR(z*KC*j4vd-|`0yAon+4A(DP4QE^ZQp;d;5>K z$4MZp)|iMStrwTfg@uKj8}1MJKsP{OxP`!*@2Px_-Rp_{JrN`keAJwr>0&b(?uRlS zAOTs+4r7}t4Q~bmE!T>e%cDm`?ovDcu(R3v1>*=*grk?B=y{7Gnz?bSuBp$8OD{J% zBJi#CYKH+HD%11i__X1*9w;SyipjUAVfh*OeT)nlCDs>iuEs9<`e^|EYTXrvo=h7) z+xX=Bdq-oy&DYKUKv*I5d7<%NQ4{WFQ=LEzKdj3LXM^U62Gn$PbUpKR{lmlYNa*;4 zBZBk_fqJ+ZvsMXcgJ&n#! zuhT_m_WtbKwA}FrR44)PR0W*u^!YxWWg;NCV%MOMR0(16OaKmQ|E-o&r+#Oc$%>qN(B`X3uY0do9ALnP8SLMy~ zdaK&72R?0okkTESG<*~=y*ZJ>_grkc>P-AhON!jVU4lSVKA*X~VP4CTdFV+0jThuG zFe7ML`|>r4C*7k&uTq@Hei1;N-g|8#627|4S|+BZ>mdC9+z#w>!*`Bx`QEt6gC=Ku z?`F2zf@DOe9%S6wb2Zu_V z{sFG^+OquLZvTj|xw4NE7H3BvPg8v*aZ3vlmG|}aKPYix)rFK~S?7eYH@=K=!08+P z2DcyWc^36M)nk^rz*sJKHo!B|29_5u+k@@I3QL%kW%_V(Ow{31#b zLms=g^FJO0mb+L|Q2$D9Ni%;t+`YpBbXpjlw7e<)}CFVl5|9snz zz}pr}6t{0XD)SccQb=KVl(UEjp2+Fvc0TL^*kDEUP*^_hLAW@sRs>)4<_dGvKfa7o zNJt+bZag=HtCB|Zp}U9(t5**n=meTCd9R+lGIeOD3JK>SueCXWPV$HTdV+&PjZE&I zd0^9Pe!9!r;%N>}RqMrub-%6o@)2;X^8m*Ryd$8)A>w#9=O4Y>y7cGbg#^6cA-3Ka zQZzf1i8I@sr*K|@h!hy#9rRN4cM}*+6ok=C%!q8~#5osZ8J?#C{9F}7aQPll<>tG_ zl}lJ|PEMD*%O){^xq&~Wj7U!dHh`*sL^UCV*E?I5=zP zcUK~-Nxd7xDJNdnND}+H`3tVaxB9IZBG;ijZqt)#|GeHbu|`dUN_6WL%37gJvtGcg z_u8QsD!%Qt+bX-;yo!;;YYr+b5?@?$#TSRt7l5RV$Q1-h5(^yiA z;e58ZPycb=3!Wj`P||WzDZ4pLYJgnFu{X_aAdLN1@z<|k;f)ay#I>5$Bcxnrp-Y+l zk>Bnu*|%OKlo%XE>A9~+_UI{U%6thyEq9v`T^7LYfl7xea-`dm)E#^QK=P{Mn*n7h ziiNx>+}T+^2s)c#XULwV;7^|462D~)wJ?7l<-t>-2;Qa7)gyfQ@|KSVftzS0mru_X zm-7~fX_=pY&3~Sb$3Z|hRK;@XQVCpYOdZ!^aF5-wTZ5wO@beJ*uM=@*YG|5q6)4(OV_82q zg6=owSGn8ThFYq1v`(kG`F?GLAJP0pU_O% z{;nC6O`moWf?Bn09Dr_bSSAlzZ%#?zIY68F)APkZ3_(!SE1uoD`oqvADGD>!bVu5PINn1CbNFX&P1` zit+$oQ_nZ)clDV8#F9Gs=`F|~dy3PEvEh`0+>1k$1)Bp=7tVk;VJ9aikj6FOJx;RW z2b3C+5BHO$gb&VFRn*n#@>2zKvt$@IzFyEKD}SqNool)VByLt4#o)Z-;P7LHy?ADg z=g$kfECi2+#yy4qULPd-8a5F7Jtg?MZ?ATkql6EoB{Ve_%d!pJS3EopKQcIb+#g_B z^n}UZEGAqZ^zPwM5HP@b=x|bQ75t$Lc3_^~Q#?1NLKITZTm%?Q`NX(;kfLu~TM)F{ z3yTOg!w#p<#X!|k|F{j)&kvM>Eu_m{--TgvH@63?Jpi8xn$X zzEi)HqnOdkWq0kqz=g>AvP7e}>sQnVCOMQ0=MncJg@q0@RMf5vWcXJ;oK zv0_J2aOLiJb7k*nL@1wP_2^#P)o#=7kL}(ol7o~MR*Po+td{-jBd#~cRFLq2davhi zZONP)lP(`Gj@-4aMonKuhKBykmv{gK`yP%b>YCd_cYwSDIvHPG@u4?90jF=~_gb$a z=Uri}m*UIgBf@bh_Kn&j<)x+ZKa+_)03Nmmu7sE@CRHgTvs(U-i#)c;daf7iAp2p4 zYqJF})>Lt@v9p#oClmHQfQlH1Q_2MM6$Cfa{93)QhIt|M_t{D49Hx}FCET3ODgIhrHNQSTh>eS*Db^@^p72)R+MLvS`j#1)!nwj`v028g zG|1)J<)HkrpYaXk1cw->sHsZ)OwVoJx9Qer$xlT0bk@yK|F+Wi#*>kmbu!~4TArft zNsZub7jBhN$MuJMVIp38we@VDd)?d-$We|-T_%(vxsqjEI1`BBGQZvFgmnU)X6y45LiyhIL+~ZjJ!gyB@j_Nkw zUcxQ~F!+GXtuBa*{xi4F(T*Ej3$g9I4>UCcpy>EI82rn`)cj|Sr6-B8kUiw!;f?O1 z&z?}@Yu2MlO+(_PjoBs8Fkj80F-Ngb?gJzsMA>yWJJ6d}e>$7#w%bctzfB2D5tE^l z{k-mksg*(Y)@UH4P=&)tHz}aJdgodw`Lc$LpY|^#laYlb+OmF$$`nIL?R3FS#A81z z%4?oCjBXZLldq6g=-%hPz-NyCy(_BNIYR&1UUL-uI{w=}sg z9AbVWrS*$bC5MIOLyIi{$dgPc*D4#dxxJaj{Q~46(HNITsnHQBJWwt&M0pNZX=~Ur zx5=7xz16u-C zgY-yWGz9YV6)O$Lh%VzZKthX)OLVPNz&7Q5u6B4;^!4e$s}J7o*&5~i>Jt4cYRPXJ z!Nq>CZr}w6#eIaDdt#$V_c3ewp0YfR_Pf21!W@b`Q2OoKWVX4s_5Lv=@ke84Q0AJOLswCJ>Z^eTX(WxTX_dI@}{9T<1>*PwG26O z-}9^w2NHj0OiwG$ne#VP87DZ|@;dlTnuRT2^+wzB}wBb3sw$My}Jj zKR5Ap>!n@|`AmXsyhG-w&qRT8mFFbW!opd_N~bx%rANgcA?jLLS(}}wd%bpct~uUb z(CvvNV>t4?R>r?RcIpfgKQUb0@jwBGq9 z>=vOd@tO8q9iGnZZJpK90$>f<4%khXyn=RX;@zzhrPM3~MzSI)d1lX58469R!1 z>`|->BWwcOHX` zzUM2*LWKM}w#_FSDR9txA^QQ+wLymW;YaU-?o9~GY9T`gR?1{ilb97+i>%S_NJa+5 zn2%CqlN?#26s%~YI$d+(nRK>{t1o_!b~;b%KRpJV34+V0@l1s=Bo)b2_IPJblc4>p zbt$;r3`CeN3r*jy<>L~jHrbxBQ;o8UgAMdff zB1hMm0pK*=frH2i_OQWu8hhJy>>_fM@MS1DJ7OtibH)yAVq9T-L6K_4Ujz4i*wF7J ze%`(FF<`*N7k(m&J#h-vM%Dt}rDFw>((m3y8`M8x*4T0ovMMTG&kV#&D4(zx%DDU5 zFyU2QRo53n;hib6d9T(-pDmHRoornN@SMTTmjlc_`Gq@KQ%LuVEYf{-_6&1kkjWbi z^8;5S1zNSwc5jXDYU?mEifnmdO?%GEX!>#7JC?y9Bg$Lw$9j2gugs7ND{InFq-eft zeWa0e3$t&|Qk()gX;P}!_u0#}01x-aL?V|QT}Eoa4kW&xA&r*(X3r1OzfNS4PGxCn z37Os68MjN6z!Vrdr;qv?#jgWkvRqwDZvb}p%$I_rIEO<_oPAY$4U(}qTtz{#a@@-$ z8_Q+Zzat)Wv3VVjaBt;nlyEGr;<<>&O~mwx)6f}fyYT6Z>3WKNYmBObur@&aXrgY; z92S^53D8QEr6Ut)pLXsCXQDmCG;B2qHZwOTa=NjWCF%ugC>Lu4L@o{u#HlA8$d3kE z@9rZ%|7?-!bIRukoFn@{xMK&DL<8J^5_0n30p8o~_f?pm{ej-)$>G2t`yfEC7T%yg z4EF)vDuy>{DBs+T)3Dx)!O#(9n{{-N%NML{%b zKPpsZkFEvdci{3{U^-iDGt(fZX(LJWW6^7m6;tRu^Dn{o6?qe{6*d>>2@-n4%5=Wy z3M)0KorTLCV&fE&S>PgXxIPy+)a$h9V}*A3_E2u|@y$9edTc^ZnywF-ojH&?7@hr3 z+U{-?UxgDEA_q$m!^IEDXR)B7>FB8k?|kwne`aw7GP$>C54meW^Zqw<#|Y2T+#Mhe zXMNUqQ%gttUvHp;L+K=#KrSB6dayO`Q-f9}v!~(`<AyNzW(|ZsaM`!V z%Ee{`-<*b~CWC5zI{S#=QTT0XEAGbXNrL;*)oPRovC~frsU<~y^naqN3!>VVg?g^r zbU*414gV5fdk%{n&L54)0^Lhx*Y~5_t7mKJO?!ZiTLJ+kQ49fjAVc={GiWI=wVMkk z z{ES#sDe|mDu?o}0W{=0EtRPuCS%s_0H`9GI0L?_wxZOi??4<}$7(VBrw>RFP(s3N< zS6%x6D^E0y6n;(axqttLte4!W=K5ljf`7l#yW6pGS7cf?be3f>k=6RGgTp47+tyz1 zA+u)L#L*t)Na05JJO9xmpayv6YiO;Zg+G#R7FWFH+~*yX$d9Prhb?Ios+>d4t=!@&&s@5R1g^ z6}?YqEz%fyi%wqLH9MKFjEKO_d~PN+FWFs$|JlS1@dvVBfLQs^2@1}CSv~kZXCF3e zlhBsP7FXVS`wE#2Fzi&^wcHS-Zoqg;x6~TADb{XH8=4<~;jD5$Fd0c%uuD3*vGD*Z z{q?vgk(hyj*CXB(piIxub03rZOLh<2^>RMbsGs*NzJB57KSPEAr+spYAUeQYirT*Q zqz>aPoV-5VajP~1;_zwzsOV@ccpMHV5i!7L`BEN;86BIP-F6p*tMEBW_*!XWuFMj(SqtGQ;+CTU$`kQp4RX^45~3p&`4|#?aJW{`ddfrtiOeMgs6D9{^?AiI>z) zZGHMQ5PPAbaoJYSG2!iRZfpz;^DfZ#l6i%fXt(GT6&KO*GwA?7a~cqe;Z%O#dZK=j zZfK@@zgu&C zl$9|)JlvpaMEHtW*2CSe`s~QK{r!DF=dlBI&?PU;d0cF4_681{Y@l2`W3-<)a-`P-4PA(SjQKuqR4H@AhVs!ecdJ+J!*HAStP3 zeKS}jtaBy$Z+&}LcQ;Xaon7~*b)Yr`f*@xsN^Uwy78m?Vozg0Y)mMz{%+C_=93Xn> znE{u-fr>*3E=X5oP)N=}K+DUdydjFqmm4cp;@AU8XpG;~H4TLymumflXfYZh4ruwa z^0qSN9OFFf1@-Q30T>>Tt8|l|hvmLsk8yF~QDwKIV_H}z0V=B$py7ww0)VegR?RHu zmUY?wDvy={WP7@1ogYp-h3lSBQpSS57Qou&f!+{bPxAl%K(+c@4d5yY7wT$~y0_nY z4t;`^wY*Xg+Ig-|7{$p>pWz()mj;!DXUJU>Hd^(-)O6mVcgOK$a=Pz}1m1wfgK6G=c@GkG9<+T~|-_GW3jHlJi)ik@+h#|9ca#A;$60^X_vq8G}+p0EmUYdF&O=%ZvUb9ccH!JH*;rOrjap# z(pCSiSuW3ifLK^sI5tSF^xXK{OL#2~A>n`$%h}mm*!&|z4Z@}CY@ZF9?O{e+0th;v z^?=yc5mf#C?)Wo%Sk99!bGG#Zw^w`YaHi4wWIgc^V2lH*iXsa(f&@^~|4@!kU=Rkb zLyOCPuxetEJ=6In-nrIC!>~2QQQmS|r02B5{V2eh>Yx8H@sa)8Ya%|Bu$vcc`m)bz3C#w zp%1&Q8XVe#(#_c5I8{iyYeffze0mv_Ld&E=%g-f!7x9rxMo%s}SuPfK7FbsPfs?Fb>de)mrIW*IG=r6 zzG0N^DZ@%*mHuTO#|$Ipe#@2gTdjhUg|3Q75u z4VTfUNZU9^=g=a_yh)b%5gSM=M5o225-ns)Qq(+ivB1c_$FctP(OVteR;OS47B5iBd_uWuUyj(UJDRb;-Fyg$e1CDv$0kF zl;`IdXVCYN+B4dYGmgDY>WKZ^Zm{F^X$LiE0^HfEio%R-*Huc3KK78DoE*aP=NcM1 zOaunbS=U!1B3za~Xg#)8q{1}?d2F=U6$Nh_SPYuAC}fk8lHdvb08m?${;;fo4_WP* z|NLLMBqScl8W7ZV^;_BX{06rVnj={1#?@1 zjC#H_yTURD8TE+JNhp3;H=Q*v-&(#%$>Bl0hR1R+f8%zHj>oBO*mc7U+w29~YTCs3 z6TG!S((QYx}QFU<(7S?R>&Vj@qFRtn^k&n z0EM|GUwXzA5!Y+k+7*^M4T_MY@^c)nk+?YCNYowUBzaCw_F*)cn zGCdH;KG8pYWK+c#QYz_*=A6ajzHj7l9wW6D12UqG%Mb@g1K$g}LiJwx3}K(}M%_}q zMsa!OT>GU~N6?%J(iMCl#%IWI{Pc*TH6Q5i`mzmuITPrii-agy zcrmA4v52B!q>mmpnA=d3ZOp{P7T^5Mq9iXXnGtfci62Dqz|-=vJJtm6o&U%Nw!2$qulC{fH^}U&+ze`bO7$+}}NvbZX@|8VGzQcR*0fUSlu1sY} zen|6Scf1sJov`pH@rUZb)c9)zF z=wAB2_s4=_k899VzazH|uXFD$Nx`p*Xh1k%lr=HwZX%|?Zy zB#uU7p?2h?haeWq+;E%najysw%3yHokCrru+tMH^)ve(V^!yf_t>BY_vYhn%{98A@ zL-^>OftnhN^>pcUN7UgbG>1&btntD<`2)km<;9=$IomCs7EI+`S~PYpce}B4%w&g9 zWc#%hHbRk4DNQO%MGi=#;#8G^6wHp zy_uysc%#0HQ{u?%1#7G+$O6i^B+9IB`iybDsG)70jaGed)HrNZ>fp645-umTu?D zTAUW|Ja+s7n(YLK9hGIf*BgzVWz~Kxt2BunfD$Vf#}-*JGL}!2zCa6;o#g*4Bc@!K zJa7yHr}T4z`fFFaESv8G(;av$ni|T5Y!9u?oLv3YCa1RF2OA_Rl^7NnP_*1a?L(6T zCiW~J2as}~3(L0bs@CfGys7=^iXWza^RQmWtu~rpHaS2Jr=%7A2*>0r-7_J{J74x1 zxej~DOw^2#neYpLvG2V0i`mG0XBh9w?4RD?{dA=x6FT?o z<=8fob}7|GmfESA855OQ-+8#SYgO4P z;nLH`<}&c$wSmw2lceXCv4Y3@G(CFRWgo!~PSAq}$nb`#mdoI$oFFY3dAZoN z9CwEzbQ;80R+F&Bb~$CsV7uC^rg@dU$+%ntWa`5S7>f624UO#sq0vtWZIzHZ12kDC z=TSs|%$m~z`_A`TrKo6Vr-%*{{2?ELWnQ{BU~B{xjJVOf$Z-sz)N`l)V(RvB@=ZL- ziKn?s>1Pc!n9&b>`+6O#Ihe-t9z!`29&^~zs|kFR?0>D~a%TetQm`cCM9SDWtIRUe z>v~rVOmTrhUEL0(BTOnAau=ZqzXkKX>)V-l1@&ksd`;EQe(UFRqq_(?-`#et-o?Y4 zzmWhYB_tKjVX&>m&0TxgaGBn4?tU?H!VCK6A#4xD3+6SyWJ$ujot*$r7a`Q;IDgrVsSo)Pqkn2hUH1KKWPd-;OFd+diQ` zI2eO^6dXWLl?_V~#Ah_#oGg49g-ZIh>0p-dmhFumc0ns(37lJ(#U)im#)5buo$HMc z)o^e5_0o51CN>Tb9k7(P-@NM>CBhmV_ZKi-_Pmya(c4(0un-5UKABuo5^a_nVDP2#zV@F)$D#7Oy9JgF*fY&uvH`tGR>RR zH<=H6f`q0{GTkd*A))LIZj5MPRW(2*B!KLmQ8iC4#%V;LT=_ypHZ?M#NhvHUDiQR4 zt%KMO;WL%MhiZ;Xgi&q;>TWd2n3c-&!s9T#eFCqAQCbo zn7+$ILPD!j4(o0*@EOWq%tNVRI&dDJjIT$~Sz4xzstJA` z*h?sYbTyOr1J~CuRL3ue8S(wMP6>5SF4+n@>hS|CBgYw1mEs?&p+uIlIp3|u31*d{ zCN$5f)hNZ-DypY@2xndV4UP>*{eY5qd$okHINdzI2|9S0dTpSw8khbEuCJ9YM0JL7Hcm% zMNQ_?wSv*A*~0v9xN`0H)VAXjSPm-3(nX~i?2r+g;JV?TrkPhJE*-YDv&ZMmDb+_V zXO@i@!O&W2#=?S$L7jhAL>hw z`iG=7EazE_v);(agvWJQ&7JNgQngIhJ*GwBqU!VKv>2sE?Pbo)#S3_g;=Md0rTLC< zl|j?iD?IF9149;&11Pp`iwYWEmbf;NUpLQ9cXMw;;*%lf+fxHfdMY}*u|>p*L;7ZM zx_7$FBG)FWXBIsVCRkTm`Gr{J0q-|%1A0w<3@)>$_x3XM6~ugXzL*uUo+>b{lWW5O zoefp4J32Q%JCMn2hHNqPO|q<6oMVFTp(<TZg`Ba&3MuU|L6lnOyNVOc2U+lv&X@^N=>IEJNAAxz+5 zM-pG@f89Vi6?d>~v>Esw_p1uc1*a@A_6L(tI_d*r*RQA80TyEPcnu+2?K)qQN9hQA zM8%Sw_(>u7FGFX?^|gzBPH!`oVzSiHD6KqLO2i^yzVWh*ZGRg=Fq}`Zr5%x`Gk0`y9d)2#(Xb2N&u0TU(;N$Mm1D6^(k* z;H|#NY@$CQ?RXU4QOU~FB>$TyBqx_v#zefNRoH2p^0DxEZqv^ntIsn}KS6NXExgdJ zI3J)sG~Q$6*!alz6twE#y6|f0WB-u#bx6`;N%+8)s1p$2#uCNWI*O#BV-@={D5S{a zm5%sZ+s)$-lJc2hTx$%I+_eFnBfIS{sAi-T;xpWPicueOW;d zKZ1Nsy0D}uK_^T-)ipkndMNhumrMkE|0&|H0%BNQx`Sv}nD=8+1E?#DR@KOo`b3Yd z`Ip``(Y{(2N!n(#9YFZ2NGdSB-rMB5cs58qd7@A`Gmk@V73+if)M_0 zDFRXtiWsHYqDhMPp+4n9@w(RvFSSE;BPl58k;6?ybC{u_q9~E$OMX}KKyZYu-Da1T zUJry`fSFsM3w-!^YUJaC`v_DMD6t4SZka~d!Cmg}-%DAkh)b+w55JjSWijF-3soA- zd?Mw@jI?&H*G%DuZ8W;drB(XNxxtzFku#sVwmQxFmjPxv>H2Gwv5t?lCrOK8^fg_g z`$(lSqxu>Oz8_!AyP`e|DI9SLmG?1_MaWv6enIMriXpyCqh?~7?NW@bI4zN`L8evy z393`6Yio5gv4@Vvg=TValfDF@xKE&e)I+BD2nyo&43l!(51 zQQ+OJQXaX3QoA=~<%cZu_9?RVU#%8DwG%d{2ASJF%UDLJTG>P(ka4bvajjkpUpk=b z1b_bB%t_$JZBMxtBFS@ceASK-B&zjACYw5dmeXME{2;4p?%tvW;PSdeQMMiMMpeFo z)ELU*Vp7l7of}3h|EorTj+06U6N5aj2~C`e>j4oD*>h1|acQxQXd_f!gC+87m?b;#tf#de_9nv0+;2Yx1toWrnk7uE zxhw9#mU|Y^)u(lU&`8G$#sc(C<4V=7jI^AJcX#Px5!Nth&Z6CP6pgsJ^R$+Bqoj(8 za$yFH+`fxW89U~ZQztr8^cfY;D;|q=nc8k@s;#o8eY73);RxBn(&fBU@}&))qSh14Wq?gU!mR(v;s%!xAY3sMakTB zUia;DxFFz`QKSSql(>~Ymxo{AHO0f{)#Adp#VY#l#aGB9>$QH+p90hqw9oQRB}c}A zoQR1oH@7EjLAOoV$AxmODZ}P)ay}gw<>2)v%-8|q#MI}UsjDGa%Jttwr7?q&_ZpGt zRO~CEI(tv?Uh=A;;AHADI)7AG*Dp?ZzFihPL?s46XF(LhSv93In65gVsFG^$*nU@V z7QB6Cni^?PnC>5cZ!oLQ)j>NK5jklB#-5ET>?7(t;*4pet0Ythkuf z6U)&%f3hec>{E0&Fzh5F*r2Ki5SI_<{^iKmMM|0-$W3@I*hR{u5h73O`Y2#$YTSvJwC|^t$xU)=YN2B-dg7?<>sGB!=q1*@uGZqt12xmJ`@)C_*k*Y3GNf;*zwYVL-FQ2Wg73-VA83_{(3f;OYP6$weQ&Xnz}xE z_FFaT3w4abYUA&9VX@za==sbuwD@c@+PjSl^g92Rv1x^!*v6U&>{O`RGIk#EcI-7 z-B$;;C>ojcFM8bDm)6c-$b?2MWa%uTe9N3;_kMsDBczKNRqsnbHKMzvr?1K&nfnAX zSRoovDOS;fd^V^ym+l{3HsB?fS*sy0U&^15%HRF#yyw7w^^yMk%1qA@mQ!?Bch{Eb zfLlqbK2mARXaah#f~0zcPMaq;L6-I!8P5W>thwZ?X?^I6>S94zvMZDv*XN|YedV6H zdD1E-C7f>4;_Yu#HCkI64|mZ^62FH$sd*W#J=*ZsNo@AA33PK8#%lN5@ED48#OXL<{ZcaCs?hmL8 zN2>elkG!lX&6r&T7(>XgnDR-hYjcIMl{G=|;1)GbMz1XyP7ip7_g79ixM=i_{ZgY(OIKO90|)6B%knrKw5y^~)m_85`)ouH(Y zRFUcPW~!~RBv!QOe6!7s;?z!Bg%H`&XNR%+B%${e)BUID-ntkktOX&Gt$d^$4G z!Tzr`=CpQ+Xl^Z#gX-=e7n>VHiCqU4D;;}${l}SJB8yYgtQUJ|T-f>Bk&mygB+#&d zhVL{|w!q7(q4%K>`iJ5Vw3ICy$3AtITK_ku&Vnn-_l?#{OLqxKcOxw+-8poJbk5K@ zgmjl6NOw0wC`fk=DWC$pp zuggz=6V0k8LI1VjI!e@BDj9#c`xk9(^yR}I-7YTqK3N*Ymx8B?AvD8gq?dT}S8}1B z+e&#+80uRZx|r$9rMiI98KD!dexaKi>=I`$1jN(FcX7d-2H& z)f$19n)0)$!KDCDj-sQdk$XDH5qKgPY_zmL>|IGAHshZWm&;dRbdO&YgRc1?RL!HT z>>xpAP|H*tI1zfv4N;*{h_>otL*7Y}NKeyIvdemM_whoGGYXgFL}((F?|=QG7t8QN zndep_S~xXMTpZe*ulf6HQ=h^!k6s+!VSx!eU%-ykmwwX5ai^@$-!_`7&XvX- zh`%HE?oV9x7KX>ZrjgY(zj0aK5UWd+iOec4FV`O(?R2lgO;y+!7vF!R(dxPBW!-oh zmsCK6~KrgU}8S}8D~Rh;M^)UC&c zyjmcLh#;vfo{au-t3T)p%PSFToe(?m*JNqQtK=tSsqrmZ@yqMQem}NnD7C~Ues9y zI~`~5_yihu(Gb%h2i3_7J%({-i7yb`W~tUVmh&W_Lq~>eJ|7AsJf5g(t4CJb#(7Vx!(l^yd)(ql zbMct=I>3l|%ws0q`JM*Xqc2Kd_=y@4UsGGNSZn0kHH%eoAJHSXsQ+cEVdQhfA$b)~ zYX3ksJwq@32X*w!`QphMb2*uBEy;5?iNwk|z!*q+7Q6694;TeY|m?b@b)1PkHe zeW!B0oe0$tTWau|aQ09()GDMx5~mkZ5YzL7U;nxWR1ifEE#uf#%MafMOhBd$oOYK^ z9mhqcB{atKzYwOJuv4Pyxm#Q}PIwGNS&vMT1V> zAHa^VVw|KF{T;q+eot1X;|>e_!Nq4%NB4ZFGgo)E-$lv8H9T?CuHMQuPeRy_N7Zw(7H7$c~f04AJoid5c z(q9T>eh#z@r{J#iWbMJj;|Bo$A(9%1FA*`l5?(00Ct(%mUjNvW!qYKecrqP$RiHO6b#hrxqhWhLwC4!)kIs%0DLPG?`A#cXu(=PN5c!nV4j{rzm0vof;nD zB5X1wMl3sU@$Kp*%v25}b}$%1Grc4?D;>XqbMON1$*7ykHc7ftx_kAm@8A=kwl;kLD(aE^3u>l1g-ZD8 z{?P)qm2Q4c&HR=OW%zPhdYO@W|DX)n$yqhY8Fsb2sYUehdPS3A$szmj+-KIOz9m`_ zBlr{d20?gV$b~A+i*OKV3A9(CxJpzk-4;{x(D-1c6m>4wO+rke{q|HCS zi|l3i>}M?;l&`O9eT#XX(szFwSXnzS^EL=Mb_o)#B!z48K0IZ_z{b;;9V@pZzO>fG zR^vhf1IGW7cHAT(xtHHxLk%bE0lEdRCHN38Ph%`0P(Yzx;bQ2z5L^gVXw9M7%e}iw=!tND zP5nry3OF#rrGk6PwrxL_sJRb~zv{Z;I!m>8w#_>m8~RhsryImkXXIACgXZFcv9940 zLreo$7W_;a*c~#;7?~6-r9U4JiHq<`qk@6$;_jtPZ>?)DCHm#`UH`S`%Y&E`Ox_$w zZ}IBZ-m$XxrnQGZY(-?i)OrqZE zvVI7R9!YYPtrF7aDJ1@42&AG@-0%Hu377OeV$GPeZnmVz!ccBDtIo=xH#LsbH$JvH zNs@1Lltk$ur3gc&Y9n3Mc+yQjsr6~;40{%7fN(1*8c%*c1(T(iLhY-y7I5M?*@1zEJ|`&wQdh(=bCL|r zJ5%}mg4$NK{d$$8GP$-nW|{LokDjlugLzy~#c_~5?c779HC<~w3A-#*us1?|@bV>9 zKd@`p^xzn)wOGLA3%3=WoQiv zTJ|=FNk(rsH?4}%YBc8?5^08Su`$YlQL3P6 zlCWg*Xe1!ChHapIR~DxtCUZB4ord?x;%qyH^~W~3a`%3K`*z4Eh zK}HWcHO6UlzQ)XsRg=-kA+KSWRuAye*KdM;t3_#P6tvmi=hWbyL~-~hCu2^%W*)5- ztUOlr?1TY!jK8%=sAynG^L$BuM)};Mf@qxD-!b3fesJatr7vM7J9Nkw~+F<@Wl#Y?T&B!#UXe}etM9fI} zl0ygAN6K59zva@>TV%e~?*3{$eR`ki?KnGjj&@&MZCVls=HY797;(a}653~)BdGR~ zyc0prT7_1!qBl+CDb@4?+3ZYhq)Q5Jy=17*v!rw)CF0qU``hc2&N>lo^r^dp*!NXk zx9ZNWl@zXhZE)TaVFJSz+Y+(D4jTA34|Ifv#!jpcJV)%(lH0vzBpY6J9;YN9A-E`rx++J5tpo2{kAn+L;B9aq7> z-In8pYcv+)N0Pg@##nOTVu4ZP4`p(BCK?W1OW6CKZgqdp$jDNNtup>W5h|*yc}))) z=UsQ_M73#)3b%_~54OuTR_hR_T5s(lCFMm!d?$T||st zr3ARl+TClV7}?U_q41F(+Dl0KD9C=y7rpsyr#v%xJS_8$OU69=!Z9J-kH~7jm!QlF z(glPLdtN$bH#hI9nGkrH|5n%5&V4z;qIj_|WJGG+w0vo$zQ}HbQBgmh@fo2(_|VS@ zhmhH#MDv@y_CYK{gZU+8!4c`0^x`WJ)4=_Ai&gX;urk&QbMpG9w9L;PBVQf4|Z|*NAr*CCGNSf*ynieFwBe`|o zq8c(|9p)?_|CI4EO)k5X!mxiK)f2wNtf&w*HwJa>d4CkvyrZ*2HP5~Z-@YGqOb&9x z?)Am-?GS0IczYszQt+Cy_zjY*hVP48{m(1c(Wec0I7`?HUz`=W(7N&+xm@e<4k|mZ z_APv${au>!u;7^pUdK&vL+8pmf4VTU4C94_>M`YcEo{hbjLtJ=JCOrO543*Q@Z0o` zO>rDzI#A*~5OjKLy2q(9+o=~RBRe#VYPLAmCqag0Uspa%y&PO@peB~lt?{t3UYlta0zUMz`T^IKf4 z(I{(Gab>9*$>ae@_(sdh=pZEV?xW!t+HZ5C3b6u5g|;@y1qam);F-c z-WRj$A*8cN=r~7eom9p>Ro{BFMb+D|`@CB8d4_}P`{iVn{q`3E@pqE|dH-!BIJPek ztRC(RrT%0>8Ma#Ko|t_ONL9g(55`m!{z23dhdG}Z0Z$T)I@b>yX@|hd3QRrDCmvUBHRMT!05-G1mNPvRCZT~) zyI!}__uh_)n!Y;o*b-BSMeA+X$!;>F#HYezwb(zu5CZMDT>bgaV=+$(>wq19+}t`T zM7H#7^$fs~s)4Znl73wB zNT6yiTRsBK4a+VqdPFv9Imts^k-3N7TqsGKA}ZPR10i~33clrQ1VU!!y7FqxgP3pO zCb&tGnW~&jcM;xusnFW=Dsha6Sm2k=?+tqBv}`n|rPevOE$ZN&WEIgk7H`Mp{q&kP zSf`!Syzjc8Mb1L8A}xJ!w~rA?bDF%cFgYFw~Zy#Rs?24fGcWFrG zrpIQmJNQ@b?CkTuUcT-`KLj1p70*RQX|$-$=;~)F(XB4R)x5(VtSZ_R zqm|kqtVh&0zf?DlA~uotbQwefooL-~3tDZgW!lwpggCp0-1N#v628d-0@eDW5C{sE zYBE?`D!-_lWro4O`;lb+%&MKcP562#ckN|g5xqYsyZr%e|85J9@P_*j!E8j?YsEHk zCjPBAgT9ENLGSv3He{roUKxmZzwnD4`{r*t$`$9yB9ZgH$e{$E8K)!Y3~zsR1MrX^ zAty1Q+qaWdxp2y7VL;Pc*Eo}Haq3=TS*JtJNlkt6>nhzlAuZdyW>5+(uTAd?x$oJ~ zm3MN4Xk^2C+U-a>Eim#h)@wmu(_QTOOZyWQb!zLu%*)1IE?{e@rvgr*A4DA~Df_4# zz(7~vPTHwhvCxCE(;g}G)$TV^c~oVS=d53o{~efz6L90SRq`;)X*$=$lS=fgr0Fw+r)CQ+??wmQGHw zo4L&-3*P2mO&wP055A$_t<}|PAN)Xe5H`Q3)eq19R}KOG2ev@oIcv!;rhad()2J1k zb7jxamFNL+tITF?Vh#KA3wM>>e5goJvYO_Nk+u=jfDKW~W~#i+4soSblZy9ZSy zWC%*cpu&`M#Dk%M37Y{c4m#b#PGa5At7K;dwrJFTE_=*6+-<47w$_{ z5gU?3q)>O5eF;fl=pI5tcq4qv04p)`v1=DMvs8JFwDKJsf+!^nN%-z7BPREkib;lo zE5omou<{&XJ<$_o*4|gQMLh2>y}3G&fIZv%{gLh$V|Y{+LO$W0WEncE1`pAgJB+0bDi)pGheh6Hpo!2t>*i?#c+gU zYtShX=tLXM=C9fwy2Y@*%nlZzN1M%l#t1{d1TAd9^Qh4%{FW@9InOTMxJVwJp3m^~ zJHCv^hc=$JK)1D@=mLZ5CoxcV4ZCtP3Fu1$= zHHR$sbYs~n4|pb=`~cnpiC+(MZKzoED`D8DRsco@ViWxg!Z%D6(Wm=uGJBjA-1U&y zd9`oXzXkJc!m;s5zkZO9$7;cW7=Hi!VKg+^Rb z6}Z-^S4lNRt9Ue(RbD%1vN#zD{J2XcD47wr#N*a48MsNEyfVzb42PN`{bj8>hPI$HJ3tglABV$3KT zc&z&7#xBoo3C)5NH1YHj_vxfS{Hr3TpxDdPazgq`0h9wU=nDHHoX z(uT6;#d{6U#SinT9BhWniH}|pY4ba6Uq#s^+@^X8xAc5n;hXy_a)zi~@l*x@(Qb97Vqa$XxqaAEO6_HTKQT8%C}o)PxXc&-0v zpNF%`kO4a+N{t%{hb=VU(*Y84@eL9~!~e>mdgm(|uT6`#0QAZHn%Np;C-<&NEgM`2 z0C8k)fvDJJyN<+Tqas2D70L-DVsPGxS|J=H8a5->q z7PQCkTsaK%SpC;TMp4tc3dHYIzrwxEfF`m3*wenF)?`4w^^?#q1%qzCmec4w5ZBUV z))Ro}CiSdf+iwlUjpIoEl*jt(7tMbD#k{}~c0gy)O1d%j#dk7#Qi6QgLSZL^RQ^lk zhTW>}d?e%=wT2=FG>1Qtz9>bq7^&q^ZWR>`3NBI=PLmUhEp8aG%8&v_FVlkB&;%YH zV0{4jiO>?xapkvmIa&Jo9VODK;3FFPA3ECakbJaNz$6LseiK2=2g)g0_Ma|9Lauw| z-Y{W!uTym*8A^)6!o|X&H-@Zy5~s7~tgi7sF#gZ911hp(x#AaXjly7cQwznW?31HV zb6j!M&93}>6B6i2;X?wnms&f?x|mV<>o|BXHJR}Nz7Z72JAeLm4V{{k(a<|{K`bFF zLEBW5BS+Uy1}499<~7$^Mf25N8u`VGrwc_HDV=WLIRSKMLECMmAd3oYbU&No3UJjG zouLzabsv5T;#?Mv5HW{JuQ!f5>>y<$dfFWC_nj8C5 zPyG74DVE{5Uws$Q$^bl=FO=c8FLp#)wVs!&c@DZGC%mp>Di!sFd!Tm8l66g{Db5aq zg^ULd9*bU&34L{jkt?3P-i1Yy)r)SWIGFko)jTEcaoPMEQ(G_095_dYU*@~>4A})I zbM9gexkR#}Fa#2_fQElNFh_uKD`PwLXzJnNVRQ9a_zVCHjT*UjKU)P;T)*a&7$sO2 zmyOlM67OAan(h}RN@M^P)Oyd=Tmbopg$uZzbG~N=kk3Pp_wCOqUf%1E9WdqU!$T)B z|D^(6r(G(M{Fl26$0KEVS||RpJ$Gkpw|{c#7(|(jh#z43dBMMAzuIuBZag=(3K)Gr z61rLqmf$}@1)y^uFYavvC6u3mDgc_kO`jd&7non!sO8dgOMH8H&h-ovv7RY3+X6CG z8G2^^x_`KC6z?ui>N3wSr?UCAD%P(T&4TytNB&=$`5ET_oM+aB!+EWTac||E+x(Ba z)qy@7!Asw|vFFZ~H$fK->lwi9FD?Lp@eDG>Jd@EpdXY&+ubXy;`4^2H$4hFLn_`|lBWFoF_|_sErnIOQ)g@4+^>|wE=v|pwnZ}6xonXMUebG=@1NpHQqkypI=u8~wt$R^pp>ahFEog*I>v~@v?3V5>_%Y1*& zY8z|P!rtOj0nL|9V_d9)K-C6XXkg4BElV^{%JP`DGWyE|C=?%ZSV=N3KA;-r+Gd*9 zXXBZZ(AnBIWEJ?2(qCv&}Ia zV*XYHx^5>M5yEfy<~cTk+-RYAKeFvF!OVo&F`P9QIxlu2hA{=dM&G4!9M8XkByWSB zDE2e{JOGpXBMn1GXEXZgkL`l25Tb7)*a9Wre`V~f*QTaBl3^|rQ}7K@cvk=W``wuA zoln#c|0yvMp%BS$?n6{`-fO-eSMt0J+PrFv!M~7sZO#<;TV%DgjfyrTT>kwMc__pL z_=TtO$G>LIX!-ed3yU-#BaahI;$efZztZYKyyo9ttnm(X8cRuqQUpx*0`XkBSFc{B zWaQOmo^PLssV?54wYb=&Ll=n9xU0>+ngYd9I6#q9EMzPLpv;)GS%>yK+$lDWiUPhb zh=HYzO*#;GEI%PDACpDFrYO%0+aTrw$Zl)$Z3rF5u!CY4Oet`^z)!dtA9yYG0Hk5f z&>El^z%1MAQhr-@JW4F?EpP%%oQC-YpH_y?-j6!B|IVkLQP*2IEw%FyNR=d-1B1UI zuRhoj>7x6~X9})lyn;N0z!gRl1wz7NK8h{R^>J+EMrI*r$6sO@mmGuxWj+!Z!B&NI zidhInVKa1!@c%r@G@CT~{@ zEljL!{s>5@mKUQ+Wnl?OCd3!|D1rE00+mQ${~um&tJ z&PzB)q0S-B@fi|5B%VHptCaXqO*>f~Q_YgHW4B))GpOw}LoZs`_M9tcv7rIjW$(G8 z#9=uOhN6^H4O1FXu`Z1c`}>f)_lurFr%R;j`0)pz0| zA|e2W3WLvO$8B*9%jIKd3CTv&a7?go;5so71#R4k!h_{hNBu=x_TG5diskw`%Rw+* zh`6Sn>$S4SdpK*O`~Hh&+UCD}{S3Sm{yj`*1K;Nt!954^4#U3zqLul!YC)mBnoEMy zO0#Ari^~NWYQL!5@aH#w_T80v`TU<@%L`*P)J?wUwqhvJoLrYICo-Sn$M$qK?qP?m z_s6iy5upFevTMJgGaKL@ycsRYG%f8UD5|X*LzYf@F+&-*)1VEc@nCMw1P&0}?a@C! z5JotdQxN#;T1(Zut-|}hA8Sx6bG#qa0(=LEoK~1A#qD;A%4%tGY4mF)1cQ9N?bPei zHKn+Rl2YD2`sFT^jSOuXWpthx5sh{ufc;E6Y8a^d&}1_77J z^dDWc>fU?~WSB2ZbwDh>10^OsT#s5UwFBEkt1S{5-xAGHprkidLx%RK%??^S>aSj5 z0X80?y)U0=DiovfiSSA>?0Fcm5U3T*c8{^_1?$RX8sP$yqf(ik5&NCFtR_YL#3-!Z zyN)go9jb;Z5YDz*doxpmn#8u!7RD$qhUUV?m7_e6#~|co0w1_2+6wble3HZ`&NFh& zHuGPhmKYTd0$o=I0E;XLBoz7GG9{x%4_7B zb86yKpk~lS4nuMQV~3w8Y`9Ux`0Viu(Ootce`n{rmb`Y`eqAe3SG z_jtikpop6O`$w$wsydhw_h6(%kBOB<9A5AkWl%rfb17sIj<9~>A|5f7OV=!K*N}Ja z8~+Q#FWbtwSt$?);cF`B}+KUpL(Ke6IY#*tKQfg%b*e7w`D(5+r87Lxq+> z5FzTrl40OLbWCHHOjG*`d?KQTi9ScLE7T?lTVs{VidASnUBN=JBRrd@HMAlBjXsrB zLU=oA`noa9{7u9k($@n=;60a;6#Pwyg@J#5eOGzAF^*C^!Xafu2E_l6k<|0?IApkQB{_;~|%zxy`S)(>tP^%oO>B!!=! zMEoWCBGynNr|}GKEEt9+BZ@Xelu(z1i+Ohf8sdeyeCIg?Og*{)JOPaL#taP{Ssp;E zLz&n;tGxoxP6n32yZN$b@Iek^4~q{KJ$V341*kk8}vA0|Dvc|!^*36JvgLa zL=a|a497ri#Ck$kJ!$1%GNBXmyb04ZVi!P>f;GVI`~ZAh((tZ=d({J}rCiO8*2pBs zd{_;g$Z8t4Kw8GZ0!H~jPOedLry_8-Nlj@~di4r>-8Ng2KoVRB%3lv#ppJIunHA(y z?R!6wlAKq~>7=zviS)8qmoU#;CcEFyf`S6<3;*gJ3CtP$QwcGcixKw#KHw!df|!h~ z;IS}0vjf25U0LgpWp+rV?l>kYKE%T}-4f7?d`$F5L zST|HM9|LFS8$PoJ`j;vCDWza{Y<58xAZUI5tU6J}RR{4ZC{oX-_xgVOK$W*j5f`bN z_+!A`tOv_TmFA*I@7YZ|m-SN|U7Vh12rQtoIb*o{>t`++DaMX7Zpa4tOb_(H@1s%a z>l$gTl(r8)FHMH79U4YTOLJeWSvwE^?)LDm2Xb7(zyF@XWQRL;@`{Y~&3|AO))p%R zz8vXZ3q|{g<39+F(NKejrM;A_B?Xgns+Rc&tYcLZ9Q0&}a3jn^G8Xetkn+%@y|}&0 zc)Zuhaiz$OvIVTk2&gxzv~=GuW%2THzQ^aB_fv*L|52OlM&QW4Bu2oqlO-gkTG&M> zVJN?K1^5z%4vj7^L!b`9h|+DS=xsA4IyYWky4w*Ou`az{;J{X7#4W3ko0xra6Vi>9 z)8eos=6b!?lv1Di!Ud*C*#7FdfbS{$N$X0g=JN)rkNI05&#{GBg(U2#mH|MLw1LME0kqVT z9D$Q200r^0=YCh}uCnT&xVln_B+Z2_(E%gw)o(2$!c~IJMD7sf`P1nY#GUB*Eu?fk zSr@*fIPEz4PnTufBxwE2zfH?pK3MZem&n?^g_eDt1z#XKJV9K`UrOg>xJXo|tRbh&Un1TSx z;3aW5O?${&A}aDqqtE#f=ujen9dI$J07q=`MhZ}Ow~tWT;16=7Z$kmh5kF$%6Q-@w z4juds(OaCS#R#vy0C{!|&!`@|gqWz^q~mrG^hQo3N!CgSu%SoA(fX|Uo$5o&mip~k z?37NPR?%F(i)wL@kq$U*>ut$!e5`1=^l~?tOt)i+waM;MU><0~JEu+s{#YSPz^d^PRqg6C! zj1Dwmr%t3h#xZzdRx%x@3Vjk3;oh{S&?X^C#)DxHfZv2)7rBl7ajRsIO|&W)O4PJRI1lWE^dZw2M(XI&3|lVp zTWR1%ZY8YTus8%xi)pH=c4IdJvNgnRMVfq)jTJzt80A1w^|_i!71WfHmUa~$R)-~= z*y51Gpi0Gjm>27L#IMbQ9zXqq?UJ;(?nAgSSIJ+pxoQyE4>+TzY$ixZVT(Cc=gG^6 zq9zE6i6@A-J56PYKTmgqY^%4KIYD|J@I=Pq#L- zOm)gSb6nVrH)RHWpfsl}zqEh_UFNum%9(=zneriNGkS;5yqL#vUfb{&1LBVB)hlrF zb_NZL#o1OGrkJ@1YnOkty!SG4S=QH~y&k9bq5gsY_q~UAYMzS; z^GJEi|6&>U+ROg83o7qw1U6LWpONPkt~uYEk$L5dJvugZoYI6>=YkbGIi6<>Y-Jkg z@B_P<5W|1&JTocFY_fOd5QVr{_#WDt=qI=%kjqHPPAl$V($-2P5Pj!Na|5iL%4#=P zyrg1I1gkEU;}R`!i;0-IIhZ+9XB*Keh2F>JT_H(5*U`ojbIeQON(vg%ICKiS7}#pn z8Cfs1Z76twGI$cBya>;K?}f40 z;0;bkrKhxR|Bqw+VukT~D}D6B+X4n%6>5MM!B7|mt2%uZ^5a33pm z$_(Hga~P)qIN54g;WyF;Nmxc6C76N#PzyrlejGz%7xLZ0y*R-(L~lqqfXuaGfRjpR zr>3-H)Eeql>Uf+EC6bg>+N(vPeOE)J!efC-pfK&;5k~;^AQlHnjC;?WX1*(?(t#4U zxBX2BXJUPThvnzvb$UKJ;2pm_00=381up_VK(51osyua2X zN{8daas#iP3kxiD?a`8$@)e!u0tRz99ULlc1~0sUX6t!VyHBA3uiIjWW8d>Ure^QF z#_gS;gMJ+@O3rk}L6UsN&TukH^Ui4%d)rnP(+^agYsQItWA3H`ECQ4);6};p#{TIG z-P1qaAIH>DnXcT$g~g`4MX19V1b>vkcAp#iufDIPj~%7?6X%s3SE+a`7euGv!>=+r zh(8WrNU(x^B|SVEdD;&CcH8Vc+}G-9Zl^J@QJigB=J0%sDnEj$07c1kLM7o|KVS6i zI-r?2E<1ZQ=vQOS__b*Yg#oeV*D7%F-lag=$OPCX6;NIG&m0Q2 z>ypP|Vx$7W!Tx}9qNT-EQ8#x})7p9X0@)N{I(yRFe{ij#U4fh0%2B0?D#!a5!7|N6 z2$>a%r?YK(mB4_JDh}K+@>0sf;z{QzhD^C2>yjikiDzTKi>ClbU*HD@dPR1xTjWU2NV?!$uY_lRlreeX1^!iBWi8K>@BvabxNXc-)(Onq3j zhQnGDB?zJbtl#$6L@`!?h$k&~C~U0$OwD6FO`TD;=-qqgd^0>vyRk))k*>-*|Q&^6j<`nUYF)*MzJ4Dr$V6gQSMeUdqiL| zCAI5pSri4e_Q#ss^h94I!R~^UxO!&Eh zxsXJriEw5W=R(R2O6(6aVK9-A$AT^aVBBO>!@hxjxqT3s z-RUnZ{i3Q0AUP~T8lSHa;MA-Gf-3}RR*bggn5FozD*8OGz)wG(zf2HBGH{~|C4RGe zSMPr9^}Ih0WeN67|0f`-e7KO%@g&JGv!YZLaQEAzg0pSpIQo9qTtU9R)9Gw^CDTUp zxQ(|^FN=cj-Jp-nD!W%(*R_8~&y}*8iy5xX4j(_Ea{XrVq!nNpy-Wmp^tyJA!%LJi zM**U9#n9Xy95DBg+uGQSJQwKUh+UX}Omn8qhfkA(~x^{7ybE#2hWbmkX(c7A`I&S-hZCmg8+@8lVzqU0k{w0(#z1ZIoqR zfD&i;aWvJfnnb}Neb-B;eX0=Y>Zcr&X7X_b)!ANLq~bBws!N_o^H<{NHA2oHbqo=( zovx7?R{@RfUT$7tLg(AP_+tXN|9j}fV7n3~6c{cvr?^j2AzHeB$WH2uek#?H_aJhbcLpe}Jr~9Tzp4=BRH<=N=2Gu9IM@Bt)7nY9J#YYEqDp#BM@n7Z z=|P-f_9T^c-Xm3Sz=x;Pxy3-^4sdb|U)k?;pRt?7PgkA)cJ2-!>dc0e=@)BUt&7N~rC;J%aWIOoUzRR(03^uIVvq4);rdX8x_WVz`|9baF%qDvY+eJMq zFO&Fo-4R}O`XuX$@F73GK{BnMBLw}JRm;WIWN++H#L29OexJ4&h<&H|GBslE<;rZn zbAnwciks1tws}fe*wB8q+b`McojI3aaQR!mraFnQ^wTe?4N9`&>v4RuH|U>jo9KP6 zf`1%cVP#>q&uT<%r*SJgcN??h|lo)Lg=wN5Qwi%R!W%Eqx`A* zT_*aDHpsSqMp%}=ys4v_kW1m++n9q^xFr-+mP&x?_nv?tdsSqb5|hpGPHT90wD5iN z(Z!Fvb1u5|Ioqb;tA^T@c!NUqdN;4!3oqIe=KXo?QWJ=cF!?^~eQq1(cW&UXWK{Xd zG(mwn;xp+<9O|!Qq{qM^rl<(sr5-<^jB!hIJGlW*<*tNOnm~PO)$?YVas-Tx(_{7* z-Cez)8h1bN>K{VKyK7md*RCJ1gMF=SV`y?*U@Trs?n5nBwB&4*Zr?(AuaZ?5@zksD zP5Y8VhiqQ=nZN!0moDL(1eG7@s#9l8V}?a3SE@*Simkr#reg`W5Qp~BUx7L^6qDg` zA&O`kMzwVrR)!B>QWoWvew<)U>`un)X!+7)GblA3R#pAb(y6F}eBY~AY6z1_EEvVP z#4guBv~0@y#o`_9tOK>i@R!vsS6G@_A|9)v1V=O3UghyKcyKHw^{bv5+}PCa>h zi8UR4i$NT9WnpqFfIo_s4bR8hxtG*%*z58=pI)C~SpCv)PTiuGtw;~-i54f0o|^&$dHZYlf-jQX?+zx^e@AZz_cFr$D7tRlm=G#)qij$6 z^zZ=4O5xo|Lc}`nyyT~u@%|L0ozqhi`>y-bo7~rP(HhM3RTe-|7(jkvb_{iErw$*_ zkuZCtbQ&)ie0cJ(t6xrw&DUO&IWLRU_6Hi=X%XcMdi4Y^=&f2aQrt zP4^3}q|c2=%t^}{CJcy7Vj7@mHD#NIL8|=XYJ^edg5~nGTuD7~)_YCn0e;WdMlEt2 zV@a}f?ktA!sBay!8kyt}(`O1rF4I&SJybEW4ZEZI(T9|AzyaZfJbT*Tnp_h?3X;Y<~}L9Aeg}!hiaG8h#i+4)HVK9NMcN$*)+oInk>fwdO4XK-I^n zQZJ2)q?q_dP@uN$t_=gkytvA}z{iheAaOlTCd(?T0@LP0(y+dn$*@+@D`b>zHCyGG zKvq>*0unn)4kM00u>!l_-~KIMHiF^RcdVZpq;`HulDUGZW)6$5COL(r3IxGwGyXjP zd-#w8CN#TlFC2=s3BhkRPEiLgS@^b+MI~fuKYw3uO6VgJjb9@b{uH~Zck&PSXa;`s zILSFL63OJy&v)BmK%+gzCKI6fyG-BJXIKTFFynr;$Q^w1;TT7Hvjc#GBP^PFwp?He z|H(QTnKcjt`*fe3s0yw#W6idib`hzGoXT`PJ^IVyT|76g9=3nKnpF?)0*$DLuYb%S zvt{Mk4#$O#PHWVsLVpTWk%8PXKGG`K@On^Ah{VTcBv>ZVf7bZc*f7EN!6}i1@LxrR zS5eO>-G@=F477=q+&z>UUTk(39o`7iYU>%hf}_+gvAy}PA)D-D_R+7SsSqdrmCal7 z9()+gtUbnsh0(C++s&X5xB^j?%Wb4S1&|$H{gLoJv!gXPO;`edVj2ENDoEUq$e|YN$mi`MiB;G~(8^ z%;M6FWZi*tj5w(dD7Jt4kHDADD$`GdI*K@D3)m7cgd*h)Thd4i(nuDDjK>`#8K|PW ztK}f=+pSk#1E<53U#N*DHbu|X`jA(jOnt#=QO>1JEXL<|BaKhq$9bIFp;!b;)~Dkn z7E8_o0FK>h!OLvm!|&5yI)#|QxuFb=3U<`J7UvTJ1Ih9fq2|ot{>Kk|04cgT=rrN% z%wv9Wam*=MhL%P)i4W)_dH3}1e3UQdyTs!u^}6r9^N*mRT>VDt=;!ZA6m5YR^_TeB zCF)YMpgNpKa|Kg7b~%DSZ|D1LnrQJj#!<>rSC2d}aWz=P8B?Vu%}dCt2rmk>g!yt+ zIAbS|L&n?f?2jb%sF}y!%(&{agUKh#BWeo}){$;Sk?7p*o2TM%=-(lI$NN+xr6HjC zE>Dh`@cp}Vyq(kGL?V2tc)2jbHiTcyDqT`FWz zl{cq%)y8=85i5T?IHzN&W%%Fo!Iv)h#Skl4G~EvbQX#bTA^tmbI&AWVmJ&5V--mH> z+0X6$_OIk2lE>@6i|Vf53Y93aS7%GB-((k)&WhcbO0ILA=%`N@Okjr#B?VnJ#V}hlTh`EA-FWpW;w@KdJFt1>7}8gbj~BWgk{ASPOxBtHNJZ|} zbw5VF)eSzcX*<2(o3f1MXib9-1Kl49$Hy+)pR6_k6y4yL#~XS3(Meh~KB7+^(r6Ro zCx__y9W978N8(5Wyf!8}ontl?SiCxAS^{3NuWHddt2NaacXe1l6dpv(-6!Mui-B{DYS}4rY`c%Mk;91xWDBkQWt#mWV zMZ=HQ`Pv9UltK__!Rt9T|APJQzx%_uip6E7$<0kXs8~Cd&=uFDUQ%9#y!->cjgU*~ z`RM~kEr^POvcd@=*w~A|=kM3pId6}`Uj8m|ySM2>sb3;~)vxArczjJ);v_*zkp7Y? zlL$Sgd6W;-s*zKpNC|5GEk~r>*wN?u+pE0ZJORBW-G1YB_3uT8v1SSfa%E`ku*mC;5t z|HRzfva*d@%sbAkz7J=i+QN`FFcsSyr_Uqne~9t$m-rf*jEffW>*z3J2sN6@-u=A& zGp~OUA1)!{$2j&D`NU{jWE;zFDObssvZRDHIGn-JP7C#$3)jtz1~J-%LYXA{_cT_p z+Pn^ESZYm1llkKgTO5Yqi}de0JGxn-owh2LEdM(xFdebl=8QxTLa=|pEK`IA``{kW z?{d%9kd+rdZf9(KexAQhmzN)Mx~KhjKFxKiDvvI4ub$KBW#<&h`|lym&){W#clS?k zZZ91rj^gv66Z$8|}t=KePZ;(8V!P1yeA6_MzqMJoMO3e!K|~|LoRxiWcL! zzb^5F4BRCv&J==&uQxw?PG&IF1$p%%3q4%$rOBfw$q(<9<;I*(J+VCg%akZ8Ek$YD z2>SThXOvqzS}}TEnv^r+Id83LyHKP+7ZSDa0=jNmNpuEB!4ySux~ zB0+w16_hDbPTUG5w_MD~{4Bf7I-?#?L}l6?3$?I2%VS4M~ppA#XjD=67*&6_D=CfANB zCWV;owWlH`g!dYIO<*%kgizQy%Ve2rS#RxGsiM`;)r{}__nSDuuDT%uZwF(V{FhTS z5x7oGik!)z4{E>S;Y4#tF=zu(DT8fXY(Nn$Wb76;a|^9HP>_OUf(snHJVT6ugDx3t zO}@)-r(i^ybC$vKYklw{?40HS7Zw(N=|Jb|dZwUvJa)XO7AkP)KLPQ%L8t}6%A5u?#K@BOMJt_eNRr1$z*k`cU;voYRbpMglXs+W^hX|$xx^(MkrS_1<;eW zV)op4`yZROkNKLq=iHS4(ER@!n(wLsXViHv!7AwbB+Rb)_iFG0(sYpLs_s&+t_Pk^ z2q}2F>=ilF@;ARsdUWo?XSH^IcK&(;rU*(J`Exmm5;*+ls*HwY#kP|&Z;m(yVh6`7{O9t*u8yE$b@eLcDxDjT64^YhWvg5o~8J8j`nzs_*lyg%w|P= z@qLI6MYX@$T)M|S_+y8Ny)grXdxXOBM(p1oCn-GM+78V5&F|OU(vFXK;)LGP$NnCg zK%zWax1Wqi(Ibp67xc{TPI$fxfNC6CPC2=cVTFXb2~&?H5j=w+-z%i~4EH|ol+qbx zRttjv8Y8hxV&YVgaSMYR&5P^8iwDJ!`j6($i)yvzZ@xbP(1 zCnyW(+c9wdcOLfVc2%E6O2*h^6u~E`_ow^rshK%SXbvwXSv$dtyr8;epx$qLj?rs2 zMn5&1i{5RxosmZRNeNQ|i_qh*x8zU|NeA7o@^eO@06J;;QoRqt2ldVbR=L zM_EPDRm9gfa26NEY>qskmR3B3Wk^=%7bv{Du@h!jx!-y0muY}hH*^Eo@ZX$9 zr7oI62Yz_|MUoxXY$#X>ES%W*WU<0u?e{9q-||GZKb>Hw4rvFNtHt4JH}E^k3C@EEoSWtdG=#Pt^@>DXAwDNVL|6Cyu9a>Lg$0z?g|A@IH zzYy)`EY@c^elA8shZYdmgF(`R^ykk{&n?~WME=jKuU6Lf*xhN|D6_QU{R7<%vvC$A zzQIa@k5JCo^ojc|hc8Gl6r{UuUWi@}VEhC_Qd7``#Ty8uT1tHjTG2r-Y7Y`|n&>aa z!H7s-52)qGIYL)3r83ym9Y&Pv2<2~&{FpLKK0AWyItPm?CJjfnJqIlQMxUGfzm|0j zkmLVA&{z#1OUo_@aH!L}w1TPVKI^4g)ikT&kuvqXr`9HVlJ)EzmOe<*#(08}a`34H z-1;x1((^OJ-8A{EC-mp*Y3F14sv$gK)5zBrUIG?b+{{udOm=oQYi3dXPlTbj&ANwi2mh#*72QYvKze+O*c1aimEsiGH-IqWKVMD`Y?>t*{_cpN!ej_75ehHntXehVf@Nm|r zHl~gX{v7{1Yg+AcE3cUkQ-FJDM4TO|gEw<9p%#D*i|jHWxQDom9Sa`YMgfof5~^|M zrM&7pjshUx`B%eN8vBntW;J29j8QIBh!BE8heHFb``;93l0HL)FT2ge)e%Jq?O5vZ zI}@zX_HCT|DT~3v=yDAQ`S)toBwbuAAZRc+*Y2K=ko6s4o%L4ba5w{r$z2 zlXXwwWiq!g4d4eArl18*bjnk5S#8=%)D8Ra#oqpQWUR(i_@H~; zCQ*k(zz(Jf=~189`R`AaQ^vI8|IN%Mz)v+ob@j}G88DZ+e`_9f3qAH?mEy5>pY-nD zNU*iAU*IHV$uatBHhBmb685?MYY;3>w~87(`JXi~6U0S6=rmdtCgO;MlMq_|K3&wU zJD=DK(czXZYh+_%_v%D=_hrndX92Lynvj_XE5oC>w_#kW+f*Hj_+lxAAaYhn;4`!J zQDlz~Z@HnU|Dj2c9X)scSvxV8$>tj>Rw_i=z)PbSB#we$ud5)b&TTgwdHn@HE=qBA zt03{EdSDl%FWIPg%-^U&Y?--KHlUd+__L%Fs_n-!Ne=6ZxW`AeutXp}CXei$Wc zP@8?LSam)bq(NVn%3u+YAcfk5HU|?g%&6AcbkaWX-}^o`W(*mMv|ly2SdWe{l!h&@ z53M4$gxviQG^zpJn+H0!x^mzx|lxq-Z4*wnTy)joH^;rUc|I#vPmWdTE{ znhO(z$eTuStJTfMn+7f+=nbqtdIN`z#Z5hZt~9VWtN&;d^)b^2Mo>9g*W$26EavKm zs0aR(m#+~-^#plj_C8Ez=L%QM?B2Z^{`NWe11{_fV6`WJNMMQ`p^2ya(O~={_Rim<@9;IsFvaIMhd>qMD}|hdPw|4UNNFBqKorR$i4*2UTOv%C zuF%tKGogRna@nVi{N1<({3$OShM5b4WQFiuc-1|@`*6t^RWDyw8!gXqWnl2qg}bx-pdYioeP*m8X_AccqZuxTnP^Vjfx=`bZ< z3LVrUtrf8xrTK+G<_LKy97!Xg64f5S{HK(Wo*I1Aa(MMwJZ1+WaundLZscxQ`~8_5 zt#@%brlc8JIExxnem>$n>rUY+EH5F6PqZ}{daG1(d zf#bXB+QJ5IY7Uv3FVES^yM>3mE9B;g15R1n*sHx?G1YZBxLskx*d;d|Fxbxcn~@dG zOah5!NwRSnjl6U4s7YiDo0EwO_7)Cyb}SXYMs$T zmO2WKFSrt>Dgvm zJcJz+MWQ$Z$QkvjJdrEwY>OHw6a&^&f6p6FsjbpkwyJ$dAGL@Px)D$_&gw_3Qv94b zP9Ee8^{AolnRUf=bmQK)Nt6n+;i{qDHG)e%wwK)kG5c73SJuBYaB}d)6LIU(WAEumlrcAH zvuT-z@rI6rypFqIB=|*t+1AkTg}{a`f7Yf5&4C#+VBRKlBu}gPgA1(K%!hO^P^CoL z;m}3XV-Rac2!KVwWiaJX|eTF+Uq(r672 zj`Wzc^jNeE&uD*6kT0(FQNVD)&mPmqjrQQD9q%p=6=37_F<8HN44T0O0n-i!&Xced zP$Sfdh=?Bg>{`fiQ4dDF_N&X(bzBvY7~6N~EXH{SpDsSX93=RYO%WYl6U;g|)M?ia zr0OBj6hNjvpJB@gaa8v|6*%+uT$o4cidv%6hh$24+;$X{uzp=LIuKOV0pY|n(X z{PGxaeCux)fbH6t%$(55)-Fwl>_{Dku@os^T0Ye&&RFI|3X>N8633p66+e4Q~KxJpY~K9eMURY4(WBu6>o^*U`6VE_JHI5ga37 zzdOREKMqBeL^#s1>(I$o4#Zta&y zIbDuQ(Zqf5YC_XGyTUo)diDn61Np6O$G5rsi&T$Ht;#Ah%e5IS9&ROyF|>?vfgWWw zXf*dAa$(oG*PgsF%DmrHAi<>Wevj)#*tbxWj0_XVcKD$I7I>wuaK(EjO8m5*UlY|Ic=>`Hc`Lu) z2|$PKE4&!G6v|`BK9$|6|F&Y5Mu`kOf-GI`I00>^+!dEeb+a`m=>50bET`s{xUD#) zQ9$ze4Zv|pi}|^UE7EPUY+1E}L|Y7S|H0qaWofvA^B*fPbo-iT^`mA2)lwgcco&sl5BUlK!CX)?s{uQ88=kwPVTe07ok{R|GfA1fRun?@S+k zD^uLPmnIE}EupzvHPf0~#opN;eE(g|G&C#KVob5P0A>SS4%%yM^LhWhT>EB=YtLGi zH~W*hB6XJ!z?QTX9Z!y-L^-{*lfq^W@mR~~Iz8h{$l!o&=DAL8+LgK(*Qy)OYU6f% z|D4RBmZ?q`!y1EsWUdQLT(YAAL5qg|Rloe1UyV*xDB^iHHC5g#(zP>tgtDX6{fO1| z__x9Yjtq~`e@AA?sWdxdp1-=#1GjY^O|19O}J=SL->zV@wuOff}lmn zV?tN{3bGyQt@yIag^IUMPhImI@%=2X{IP6%lJ<&*Al3i;V8Myi2S{__je5#JnAXHk z;eb9&*PC4nMJWB8Z-tqIuo#>gVE(_E6cn3vkvlYv9eIfMxrie(~t+NyoHMSd*xw-I>{o%O{pr# zJX;AZ9tM;Ui;qeWyf^RjzB>>x<&5Q&0@Ua|bR83p5Q2rVtf&ID=_B>dT8WlyN8up| z{_{lpZlN0!vFC}3#rPaq+V}|G`K5;_{&Qj*ByoCp--0u2x=eyD1;X}0Wh=tEho}Ml z0XWzqgRoHp;lEbA@YL5))$uC|daLN|aOvzMDF8$kIpVul54aAeX<%=SRzg*m!riEP z*0OSil0;Mg;i=qMjlA^(DQ_tp-WL%_n}r(jMUo-##<(F}Me8)-d|3~QjAd|jIYc~h zBe%%`_z(}LdgOM4Ap!@cr*mIQkS|qHI|8Bw|Kk-tcQlv4PpkjTg%ee_K2WC$YRS}f z+;(Q#NyJIr!Ek_`%V4$bh=HZnZ{@h-_4;_S-@irRl$KiDr)Acx?e( zs$}D#EQ9DNjhAskSa{jk*|%A70kPivAtr+a*rJhectvU#+44=)fvayGTQW2xM2#N#0OuOZHZmyLpE2;r)1BOzysRk6N==_aD5KbOmrisxY@2VCrC&VQ1p!>Tv!K*f1| zxYt{CdPHQ}wVdqwfwI~;qvtex`qgP>VAXU4?b^ikFa<{e7NJM2K`g9|K*{zc5HHKf zz$$c=!&y#DB|jc#L!MS{HVKyGg|B(jUXNa{Szc#04FagcrWtre)U$hScwH;JY>ly@ zA%rAzB%uswR=*ES)@^n@=e4!z=(L-7btO#-y%X}C)e3Mfd!RK#R3P@9`#{BGitfFI2f z640}KT84t45xMYH0i^zcpOIf;>l=|h3C-DNra=868*G@;QF&XH1Lpm`JV-NB%amuO zDPz&5i5TbKSO{1untvKu^V0=L><3v1Ji@9R(eWBu&TAHwfMePkY_`e$p)d8pgm|=c zEVWZe%CR*SeBtxsr&qp5PT=V64k}=)GA)mLh}_c>0H&$f#V3TErLp;W`y4@flY|aK zW>NfqLjrEe@2hHipY>&q6TJDGj&$5jpOf3|l{BNixLhwtoMR(6u{-lrJw%OZlh~V3 z5C!}BCjHR7-o^=ByhRP;Js$UW zU^m|{<6xb}=e0(j+fTdrAbC+HOQ&va{AezZuiUSVvqf9Xs0<7Y4-ik6Jwb-&Lkf%2 z;j)^Vp|3Svp*V&<@FYGLWELz4G(#kTGR{Y4>z?aV_N<#MlayQs94p(r- zNC4Pe;B5!7UVKqpwBf8AfDN5ivBo%NT_$Pw1(b1Y0iQ>hB82|F#t8e9&VW@em^jIz zKHVt{tmNtzh6)#o29UBS!CXIdr^pXv6{b-m`|8(c&Ke_3L(lhEn&rmJxo+!>3kVeq z`i#yiPnFbqaTbv6zO136r>#UDi3=+oAokQ5z6sjsh6RH!+@bd$WhUpX*lYF1l_UI+ zPvuw=0<)If>H0WPU0%jB4Z@ahHJCG>p4{VyAq?*R6F!Pf1^@S6%m}`|5J9cX8a1z^ zo57>TKKlkR=oP?*KKvnDw(`hT%xHFQXNh7O)St-z{Q{N(LcJ6=bz)=(*wcpp>k*lM z?;80A&CyVqPcPBXLDthg35948WSRrdu=%uh8^5~$whtQ%8R6A{M#GB6 zW|(O8lCl7SZ1lZz(5NUBYBD{onmjumw{OM}9`7<8j5#x%HavxTo*`dh_a@V76eP_M zz-QYn;I?jINt;}xN=xW`qXH2haP1${MC}zIGW~`uRY!kDSt4ma`-N!Vbwt(iuoK1F zx808cv5}hOChG1!<$O8!fA0&yc>%buyOxd>c%05_)xG;YgXyDJ?VpMMa}jDgUGL{S z^n^?ztY3G)U#sKK{Vzl|dnn>w2%gUxxSChp2tW)XpC-QG7)5`PyXz<06u>3%z1dz_ zoVvbSGjsR3=z)D0xb6P^eBK>KlI_e%?Ds&zeHBhodv7S`__&`&mLM&CY1S~#*{37) zlE0>;E43;Faoe~kB*~^|;D^M<>lV!(`E8CowdylM^h?_nHC>4yvYVB0u2oDe1J5t` z1O)r{-$%!}YSv+VQG!G?qz|vxyp9>Z32{Zp8u?s$=1%^WM<&E${6y=d`uI6tu-I`B z(Pn7_B1O~YT2<9yYddUN!}rIEITTNjFEJ-=?^>YfM77n7%G%!$lW4=3Pr*tzP=inF zgAuUwlgGv6K1I#G=3qG8Ve&MBnwtAN@VA7sQhPRX-qhE*9pzg_=MImZX{Yw$8r>-G zt+{fR=K_k;3f|^WZwzN(MTh=IvwjDzkl?uwq0eysPC-r*F=2#6Y7QOzGh7wyUZNtxBTvB7KryqAKl;Qp&tcA ze#1|}afxuYfJ|9IR+tAK=Y^3_39L?qcKZ#UAS_n(5}g01j7b@uBqwY1V{H8ZkIMzK zSaQX6^?W}zyDm8u{chkpT5V!{tSZ)R9G_BF%@%|H{5HnN>1*CUW~tm1&OCTA5P?jC~o{17hycG^6BpOG)x5Zj>d^+yB_ z9gMjLn9tWUGifXi8~pswV{9HLm()eZmoLtfJ8#ctVhVOhhF;dRidd^&TMqt7xkIN; zyCBQlK8Tbla){U$GtJNo51UaxTxiV?mOO!`dEH)*|NaHB_3epZ&zt}Hgzd`Nu4&%1 zf0w20T$~2CUjoM<`d#n|SMX))bI0Q!g4eF3Tb%|VQrGL99&L%w%Lp~A+}?Q0hNPNv z($ZvFkq4Xi1YyVP1YhgJj@(6B_lty}yL7*0!KCxzy8G_t`x6($53J2EHvr_J4M+Q_ zYvRNFK!De$;CO%jD<<5Q9NwcMm=@TNWf!MhMqj@Tq99BqEPfi#D*b&XtehH-Dco-a zG|flUVkS)bQgG-_YJ^RvBPojI>8uPRZkR>Q?p$6ekCeh~bZEN5#}=4}u4DOrsITvN z+tj*uRdG@1>=%66vMigLn88(n>}|>9Lx%XXp&jfPMsoa48O2B;g$$P^h>s$bcEj;{<`QkwVq4Hl!|7R2BFLy`JhBi z&n_=ZPL4G1*1QcB%06Mx;~zKP8^x>9_wnsKYJ}BJM^~xCQzsJJg z=~GM(YVw%W&2qX$UV8k!JVij=y@sanY4tc=g3vRAO8>$)i9U|6p)sES1RHDP(ZlPJ zNcGRax0=pSqnDQhR`2a%9HV3%l=by>M@U*Mn`L#D6_5Lw{^N^*+d5XR?^8J@KZNlA z`SWK{%^+TBZs_~-28)%Qodj=ouOxw8a13^Yvm2_S;J!Nl)1kjp|905+Y0GA6@2CWh zVR%rNa~`HCx#?>EPE||lr!j0j`v@YpH5JXrbUt_Dm6g?L2*3LNbRgvP`|WwVn(sW` zO!}7{#M!F8H+06$rQeKVRgsR?>GEkC3*@;TJ0G=8hB$KIObR?#`q=kX z>Xen0#h=Su78oit-a{HLL!hT2b|h+K5{EUNLZW&CWiSXm)JZyiqb~X-oy%MTqq=V_K2TcqnsW z0UPSO&S5qqWL){(G0*Ao0=nc*- z<*Ah5z#LcAAMhbEQOO%5itQ5kVWTGrh9dsxhBRseU+vXJV~7jUHISN!=N4NBzGboU z1vhi49vYyF!O^NCN6Q91wu{Y(1%O>$UEEMWry{v=!Nf{D@cslj^Ab4v=!mq>A+oWz zp~1A^obM}D(kdX<>GDGZ(P)sT`2c*<#2<)?aI02l-&51*w5M{##&ZoRrA>TlSJF2h zlPH@_b9#i{eR=OGi~C;MhoZ-;R@Lc$!~!#0#89_xY%(qeCI)^}Jn0N^#MYg=&~KLa zCnn-|peNZ@vsN~yxEsGQc4Mf_VO)d=nJe`@FYqJhMv17-h`cLAO>@zCj=Q%f@%VWH zwXFAMb+jZ6^$G${LgZ-JkdjQ+^>Fo-|8eiV)@Gg#gal!W=+A1B10GYpYJm@!bQ|G_ z<6uz)A4r>*fduN2&-?pWt;f~v7H+WXoGVsn;QoiId+m5rK&KfcW%A2ze%NIYNmdA? zWTRk5K?}VP+9D>Xc%@boSCUe zc+Y?-d9z>EO*T+i7=}O_Q9LwED59?}b<#yM%=nEn(VjHs!m0JV{hn5w`1`zI1e>y| zK*Q360^uGC3MQuN^>wmJ-E}&N1ofY!;_=E`)wP8MSwP}wpC1MDWz$6T4+YXFnTFZW zyoMueCJGfer`dikFugMk{UmUv8fuyJIM|Wm`ytMxR#d?@>9jZOhcZ$34(Er-ID5C# zR$$@G#D>>-y5(|XAeGMa$I4p0Z704I4vHb#2{!Nt3X!;A$*}oA$OxLwRiW7o{qJf4 zYISd(GkeJ_tofD6$e!HZv3y`)ZRjXtxlzysdH zMTSl!6m5SQ6xRoW7*D!_uvcv*%^dN+PDEdtvMXXBAhsO!UQY_eL7puMpa5!aRXonulxc`!Bd&Jy?b&Q%t?fVghSN?2we)0Uk`gak zf}^%zOPGP%vP9}Mc{l3SGHDqmwgvmkAFl2m+S05*lJ^JwBlkM?5YK2^|y^H_-`aJ~U>6uAOll6}eBYuMQ z^Eqo%6>mE%h;oD&Y03zp=}?{Q$Q7lFD&N8SGHK~MwY}sRdL0ckh7L9@ur+A4=gt6>sLSa@=@TVR8_1%H`U|2avK9Ht_v$tl_);&P=0S4B%p888TLoMi13n5Gtdl`>1T^gyq|)(U$JCWa zgjqX7Q%72YzVw6R$+kl?fS0^i z1Nk$0f02ApI`egq8>@bTulz(4YZ?fEQ8JOyd)uP9uH>vM>6Zb1QoI{wpScrH5P4Ix zISJ^7NP|)L%)|l>6$ytlau6VR37F#l@8jh`oZz64(7WtYusp!?a30@EV)Mc~(=NJ@ zQwORFH`APzr{mp}P0*uF=4O461yBU;(=i#0z;P(7G%le?+r*S`4<9TBN1_iI7>3$$ z&2F`OAE$66^=;e>l&$FvMN!8IObkX7=T3$-_<0H}=h1%`y`x_ojT8v=L!2%sbpg3je>SrA1_kYz6b9~C?0^>@n{o!CFfFU1 zmuhNN(c#yvQLQL4mRhB*lX!xTI46?}41WLwMUX-aOk*UoeH2(zM1y?<6Rq1$waHab zKS+@VqN?8~c8Cs_b*(RUa`J^pN4*x_G8h`=tBq36HHP#9vJJl?T^_ZZ_@1CZ6HQVs zB}{Q^n)C2nPSUR&o+-m6Xm9eC|9>&cw$!Rj_PvM@3n{`a6z^Z!aUk)J>?3*NI>Yc+ z`$_1w*8S1aumz)8M^(svniM~%4vzJ;?adO%BALx&HZW05xbbS9!BfHpU^9j2AU?By z=1R&=pKEhZV+g7ITR!HE#jV(&5Sl(yS}A{6q>8OsM&g+I%O3tE zkvVZm(sa=4fWyKa*Tsu=FeT!7k3qBxVgBqpt+}$B3?+8bj>P$-&`hGI>J4hP0zN;g z?kz4DF~Tl>No>Ez>paY`BE=M|YL>v|+h!EVFdlBlji;yv7Br=ToiHYhKEwfUtzI4J z^9{jb8)1q^(ymg1u-lcx9^}cPd8kkNF@7q1cYbwRV>rPirtr7clzUWz)Kol$L)FdGuS+XB2RCH9}7};hK{YmM4X(jPrsA;$>7Lt38a6u5Q zRh=k^2J_(*>zW7^0aL5ZpjJzu@1;b*pA>Y0LTs<`L;7@|!yfF8T9OYkt)!eE zEBW80rE_MLV|Z>gSe+xP)dWgj>Z3EcW$5%{k-W|UI4fO-HEGWhQ*ARzuKyD;L1-^e zPgjZpwLAxLi#99t0}3O*m_p(=6uB zUN^lmvQVr*5LqaM8}xbkqV(4^T{Sc$o<-QgcIGicC5ml!>z7%XquG202YBX!bTib7 zp7!&wWDv3|2eCFo)<;$%GL~#SJ>vcTZ*QW?}WBcz5YE-t)iP zWg2Dh6H$o}I@!Yi1zPW`oP4?C(K2>&x#b|`uQOxpb6;@MFWi!3h^P&qoL9bPB1UhR z4$o%@^=VxhG!CAb3t`p#)!&7TgRnq_ArsF8HQ(H_I>rpaqzlJfg23`BsRLHxAMv)Z zy5FsUFuv30`C^shpJ`Qhwhkkp`_wSG+*B|;saw$AS_w4cUQL_oMbs!3#*W!gI304eZE*pSU->Cpkg%%ijMh19^>} zc#E}$%u@#N5i+(U`kD_kD|?UP-ch=JP8Axd3YT_kA0OVD_)HtJ&GCQN=3h=3N--#> zrmOA-iy^69G84mE$$zf2*}2jNsQvs;#zaqr5l!`4t6(D~#!V;*GVwB(QC@%AE};7w zq*)Qtla~~5kl-c8tcDo2{;9z*Z0rMYH%O!a9$IOnwQX%1H^~S(Ws$rlb|c zUI8OG@mm#Z0V1%WEQC~6SN~kc$pVg+1wD@*`X9wD>dH;VtNx@0 zqOykMN7%A2%>SM1L=kqXBWKA=otm z7B08B*JUi&q%CGxnKMQ#!st8IQANJjuG*H>xXRT8+>#|wW|w3xRdb_Qd1D@)9-ahh ztsOGqH9mhPtF*T6i<}?77`a{l{*3SBH<77<*uG3Ir=0-eA+l(+B{IJAaVR59owrFo zFw*RZm4C*Wu=~-rXzPyf;sqwE%}`Jc&)@ZL71_$cd)kGz07Lc!wvfLp z2Jc&DvV{EXh#^SOMjq|jgAamSRmZ(Hxbzq=JbgkY8fVjAxCC*H;>w(v0ez;a4H2ND zxLKf-K?(s!4#HSLp5KuPNbV%FyMV+CIm>d<4rA z4ey4?8YcXZ?}bajrJOFTUirN1Rb1{R{wJOL?9k`rwW4Cc>GT|dPL6;oX+-)x3&PEl zPnTr@rU2py1i);IDk=tX z7#x#D1NWYBuJvGP$^!mxL@s{a*LSN+{@uP#=biU7-(W*?p5LC&w}T;w%AZU-I)@=b z-(;UxM{0l8F?Dg@7~!_bXmo@Nn7|&v2Gc0`M=PJ3`LwCUIofX}jBSG&OBP{7Da9sv zsw2Pdo<92Erys$>11S09;dw0Nlxu}ZVLm+SV{4p!hloN=T6E0u80bPI-v}xFrl33c zP$i|b@|ZLAzr20@TG&^J+Fxvej@j=WkMprAso1062oh4%HM858lOwSMe(EvKkWo69 z0+HTiZ0F5dn>1t?b7bxxOCRD&^XJ`{PKt4Xk@K%4Zgii<_7(ZYsDiZ95^9Rg)@i$f zWLxBbpnjP~v{hUsmiR6lgpAR1Wxt4!b7xYMFp%NYxilV;dP!Z^AcX+$p*9KJRdoJ! z#XXDskfbhQ4QG_h1_>M_G-MWdp5k1#H|(lx`_u(M7n zE-fLFHDXB`%~!a2Hq@I9zt`1OK5aB@$+k3WAgVw^DxTVp5vii>v(~a_%AHIWT(!?1 zU}GxXdvJY`tVxRNGlU7#2no%IsL6ADAIhb>UvRq8%=~))bk)+m9w*1t231v6Rl9mR zb$okxb~YGB;uj8KHUV;XD{|F^BepdiR|t$O8(+Bn7tEx=h2W%2i;{=f8vML zO~>gF9I#!xJ|o0xo1K$$2a@a%)?@rzGYaP(Pm6WTC7{q);zuB8Uonh6myMV^OL5QC zjH`*r;i|xiBV5vrQabLFJ)azolZm>8bA2JELjN=tARl7k;Xxh|f2i&b8)#*BoGeJZ z$07VtA8d+CPs&HA{*x6d^g;mlsQKs-=oG7l>iPH+2zkD+o=?QSg^>gpzw2P%bYy@L zJZF!az7vY@qZ!Dav5=3vRTyKkAUpGXB7iPpvCX7pM8YMd*6GRm2e4;D;< z$11bQaV?2aOotJ&mIY={*5LBs9C|vu(WPBc<8`J>N%jA#@1`v;xsMm(94>3*>IOaF z%vvx$F%nH~(>|K~T^}mNKS@wVh`~) z?oZXT`!ZzxRjVrb7)g=>S!f6DKP0ejym=MuDmJ~m93f2lp=C9u^L|CoKFuDM$ORR$ zEo31n!_5711qQIC&|Locwvz{Hh6$2P&CXwL67c&l&|68MQ!-#4f9q<8I zLb?pw)sQG&rHM*_ilK``Y_O?-Shdi`eVW$(G;Sy85=K51;Y^!7E^QJlyOh9ZI_W)i zLXn~iojD))69MP%x1Z+LjOZ;41(zCwoI-hP}6oQbZc7t*y9gZwor`>2wRxqvr>Cq|I7b0V@ z8B|lBMA<^iJ)3o-XKGhW8lqdHvDpOjbpELS1s|ixdkCvP8Sgnm=O#D>1N%|tw{hVz zzMRv#509ngEUJ3eO0$zS4~fFD@gi(62{RKWfMf{*Cq{UuVJ6WQzlM#|r7pUDmQFrK z4%sf1XQ-RbiDk3!nnKHvE-Jo9di%8Jf1ST8@nlB*;0vh>z))^WL7ncmRQHsvty0)RW2BlV*G`e`iwiv zd?4F|s&ey@-v^C^0At);+{_f@U`4la0ZFKs3~&ItMsL1pa{CeUpURPT$p>T>9x4li z9wH6rO}v66>2+ctEkS?br*qrz0I*ep$!Q{Ca0%OR#9j7_{TMI_ zQ^n@%Koyvw)8XG_lHL_B!y6+ai+wrmmMb8qV+^EQbx>JJ$}_Da)Z|oT$|Ygt?0%^q zE&fq=?)Pj0VZzmj@$fLUc%Dz39Vd8%dgYk9!VTQlp;sMR7;-#boCw{POj@@B5n-cW zZ!hBf`NQ2e{0Le$ov8nzUg_l@5y^I;#-p27?RE^EF!#Vlzl}V-r`bmbTu#YdL78(dJhR)Bw_&q%%qG4)^y z$6dITQPtb0$RXYapT*N=sfXjql;U!UYU>zVTyJU0#My~sMwxc(J8BRv-Mz%ICRbC> z@p0lO80hFBQF?qa$rFq|Ohh_M2_jVo%QSW-5?bU6=-c^};drKSZWNlNN$Z9@ut8UI z7Qw$GVdFkcfK%No*Q|#p^PF3*0{a3>c4=|Ug3*bolq)wk1)7wAk!*r@ONI5A8ft17 z$lMpgYftT)J@zD>4u2sck!U^pEeHRVfpiAg&#D_c{j!r~u#jE}y#mtJ*RBCFSbr^@g2^foh-C0pHGL*byi=JH z<`#;eFfK%%H!9VQM3bwfuxUK3cIiEtJThLpfS~9^DK4OKq%3VRPJ9xOM^5VY>r4& z`Vo|LNRc^=%iJQQU1JT#m@NKXVX~DXnj9=i(asuzmM@_Fw!6OfGSSpt9SXy_~4=}}zC_tR^ zKV`4^Bub=^p?#Me-zv)pntg>di*S%EK6HIyDGqsUIewe?_N6=p1A<%ljsYg+?ahHU z9g=4H9jWij2jZ3o(hFg+JS|#6BbIP(ck&+aBU~xAg{m?MEb{#T7SeR9t&F*XzzQ%H zS})6nN=Q(`TgD7AVb?PQ0vUx5a8#zPN?77@#D#;y=E12IecE({tb)R?E&GNJ!upob&s4iXTYB3bKuA+$TG25kk9E*%ZK{zJ;Ns}tMMB?m@vW|yAL0Qr$>WP##*w{6KK zQ}T%XdC3$@EZO_>EY)aMj+&24W2$Kt(uOqA8C_H7xX6Q+3)s<=MZu${|ArK?*`+43 ztvYr%(syOdKh&Qs(@D`*6j%rHJZf>M#C*QqmHy((garfIo6(1xwM$xuw&8&#i*2a@ zryU}W>V{i&HilE^)Jru*qwrwE!X;xyt{>eH`K7EkUd0~CzW{}^FV#iR)TIxl<31pz?q!S zmXq|RM4PHpasY-QGA%X4+%yAJLCQxHKy8!x6~ z!qgy6z4D7~%y9F2G5FCR@lLL;Lj`R!N`#@=H3F#_o2;E3IL-kN%nkxa)zt(s;y#R6 zTy(wW`6jF+$U@M8QH$j~j@G=xWMsIcr!yf#_s#ISWrqf|0C&H#HQ^*>>k@QiqLMV8 zXbWV3pAsd#&35T5#5APYrT92Y^i{SGdn^03qE+aHjcb9JZh#hC?7(+tiGi~?M=j9|JG{W-nv6XMy%aUjpv9`=sA*x>iC5*We8sSHA#`y6SC}m)Py?Nn3Hp zgYdT`O&r7+!HdksAx4P+PTAz0Bj!8l}d3> zPY9|-1P&}l=CKpkzNM%`9l_~UcF0DszOXepCiRJ<%ySXCOaI-T0%jO_PuP#5J@cu( zSTw4q_>91*Q{w1%Q(y1{tvTQ0iAle*)DnZpFl40e5kPQ8<8@M{SpaIguHL7sSszsF|FEF0iS2S-V|h} zFvVBTCiqGDvBaVcLdh*q_ENBr|Xj8X62F<$cI?(<_c$1&Uwa>Bh!3FS#*h2aHsFi#(;exEmZ< z2_cj1N%wK!44Ew;4^c4w7N3j!2xv?5Kh$QwgTPCWvJ>MgaFHiStqfspDa2avX4jm$oY);`iJOS zZn|p52GI;3Tm3tlbub&%4ixoM2dJQ)R=(o9NbAaxj{*M~;-XDa2};s_R(sz|;?iiC z2Ajh7m?nSLGc5>$voqNu9ty``ltv6eW60}JVz{*8Q zoa4ix`H|uk)q;dsow}{11c2euztb)bM>hQcjsOVCdUNK9P%t0&V>W_5f1w;Rjy6#< ztjDeF!;b+4Ixa$whMI%3kE53Stn{2?cI*XTMo`=PL0TE|F{#>60&WPYw;>uZ8P3rA zrpQ`;%njIxUCjUcvc~_B)qL!RE$ag(d^M2hZ1~0o1NGKWl0yz|bs#1AP;%4y*N7`V z1S{sbVqZ0)cHkxF{3=HpoPu>bcj!^>@_A!miD)tB;|g5b%h8)7eZA-<@Fdmagh5ne z6J3H+x&vkW8Lu%_#}yo(wtpxYNdV55_9KqDg$0I5eEhO;hR_PwjIzUPU;6KJ+U@n{ zASb$;LTxaIg06sx{YQBpT$ainQfcdWq^uws)F`2H z1X<6D4lAypVjR8FLR^@#A8_Z9r^%ZwmyMnQ#yrYY<=4J2nlzjlxHuMR4tNab*$#Z5 z8a^BbL**kt*9kysNeZT8tBbYiu##z3G=Eh|`?ItwbtHWH6FOpy_8hm40UW2z+Cgo#6@_drm0%w6| zAffcG?G1&GaI&bxLzZ$$qJ~u~L=C1;TaJu!nXxz^H3((*d|!_`KemyJjFUrii?+PN zRibu&2YpC1Vqig0%BeicGpXUx(x2-bBC%x zFzt4-kYthC?Ni`gT8IUI4jNAuDrtiCSdR{J>VTPRD+vQcDyYJ6VX=x(%~-2d8{f1P zJ=g@+u}e9lu@C31owuA~d4*RkZYDo}`xJAR`^X$Vy6jTnH*bkJ1hjU*0Ptxf5AF?S zIXB$ppL@Fm97*5&O93h)g_5WJ4&^AviqVn2uFC#MH8Cn986E74w@JKO1eEo#{OvFo zK4Z5MmPeIBxOI9cj*bArqo4aC%vJXR#rWS{rRaKF-5Uuu){P0;Uj3?5dz_7%)ua~yw!!s(zO&xn z-%lis3R`vNY#TQWHMVmK~HXm10%owXc&w<5f!)C%oxaqYlHXcNo zk$U(T{Bz}|*b+;ua_tNIY2@SvGpCYAwiefy#9O6b54mn>INcSXl^Aa3t;cs{m2L+T z|BhpCEP8FVZC|ZX5K0C6ZJ@GLxpAvj2?Fm)cS3{J)z{|c&F1bqW$m-vep0_9_MPJK(o!137qIcqI9?;N1uwbc+ivrOexJQ3SiI3Q8kD3Vm%-!a?O=pw znp5=twO04@D&r@@EXS_a1}ih~r^ZEKwqiXxtk#(!OR`(|vuUS$5?(E;~KnWPDeC^gATR z&C=FG)o_~(u-`u@l#aocVU%o+nK71l&A%4lNB`?2exQuBrw3wO@5~i=4fh z;Cu4$UR{MWhDuDn|Ev6)6bf3&M-;C%Y{e?e^+g7N-OeD#%q)K&|)u6-VN?@ot2KvxPi;nRcjV($A zXncFS#MvFpjH&=e{D|IhCq;MSiX9+;Q4Z^4k2bU&x5}*CfpDk`0l`yEz+JaY$H_MU zc!A0vQ;ljNdgdul^<8UHw)_yJXivn1)qU89hW(;3*bSB_l#&3iMAjXFn_~pN0c?_T_2`FC4L6MIPEXw?Pz! zo|zxZaokGBw_cXmnZVNa_^byQuPXrR14j~@%X>^Pt%c9K-yN!T@foD5`I!x`=cu?w zt)&s*Dk?lQ)B9-Q3BT#Z0e{*oh!V8IS(sgvP9H4U$R$D=trX?*eq#4SY zUj7(79-IjLwb?_nZA2xOnJvvW%nIXt4&xSG2g#f?a)sRX{gi1mwk|6z9(c4UpuU;5 z>BBLnta*{Wc2W|KB^^dr5%FYI!{ig&DIHCT`2UnZy|H9D^(}6-U-Ny$!Bvcqk}c6d z5+HvU^nAJTvQ=bBwhdw=h5aFO@8nUWfL4au2+s z>iBa{@g5 zFi93CNP}1xF~fqvkcaR1=}=vreAKB))_e<-$_Pl6ye&G1UEuPWre|s5%JP3+^Bv34 zV*a6m9;%E`v;Q@*!i|qm%D$b9`8a2b6^>PbRjCE1;1gSh)y;&e*}z*{Y8GFxN3I84 z$cR2ea!GQ}bHy9WIN0y?YH351vKS?bI9T>F-#5rwjFCx07vZ%{cSmr&565{^c2OnX zIMP6p0_8O$#w@r@lqI;CwpcCo6}grvy0BLkB{`7V$Kl)iV}X@}nX$d<0kFMuOQek& zF2?T83XD39`#0IAhYvPQQOt~26`4^jMslNeA@)0RRnKqvwF2y6rUx2oFLIl8=Ik-Bcs2aG>V*bmvu+K{igwb%%*X3he(eNb)6YsEh_ z8r&0=YvE*%N@!?DNb-jR?4>b|^w?Kaoc?r6gox7l^R7HYl0~?CemZO&e~2kCEy^`d zq9aybS1rFv_HhWr*1VrAUyPny=DiF_m6QCC2WZ(}^@xh<5fYE&`fc7>LrQ`v3RofX zqiv1UD}+kEb1^*j+8=N$1$W_IuUKKKWVd{^#(KZsK3_h%^QBUN8Q#;r6KaPIGcec=*3R8LyL+??w9cCdZ-K@oRk#Da54*bs`eumcPU9J^96ggw&!M^?paqbh+$@kVN?xk zxKGDD`HQ0$JXTQ5!@*4(D}nJ!8kNL|HikPvC;WqwFfmjEm({}8K1K#vJWep8sF-p6nha}pFajP9-`EW9F8HTIvfQDRil z!pd2;-_RZrPP=)JnwT(E$Qy&j=m=&eYifIrA_(UeHRY*3Rt?iFV()BNu8dRI5KPU3Qm6ZdVk!0*U)=M6<<8{FFkx>EeFFv1(o10#tKa@skJ>cepjlF&Hs6P9Iew|5h zhe(F%XO)U!a-3u^t^BD50KE#MqSijj!?TVRZpQ| zd@ajt>qULGc3*yN?S2ge6{Pg=%>CKtby*qq_V;H^*y%UNeV9?zKnm?5{|?lQKiHB~ z4Zn86XW%YTP5tMq)ktf>4@#p%(z72mMTHMoSpT>op~oPq_s%%z8q%N%a2%iC3*Pl%k6_iUp0t|-hd?Kl z20csfgIRbzGWBN-6-2#GUv6c-XFi9n<IIgAYzI%$nZ~82(lrkvB`jV4^A3aIlVu32xcIyn7 zwgfY?dm#EX-?Q)SmZT}7(BLc?RDZz{1kCOgzn05r3zBP!LB6Tu6fZ}Gu0EuNP*Oxn zVx{#Wm$f(|+BMrTj9RX8lTzXwqa#f~3ImSUPa>$;VMEmR>tRh~9xeaGLSSwLCIgsa=)V%i<8o)g&3G&rC2yOJSYk;c;2#cDDawaW8@57Sn% ziip|?ZX^IWUvqsRapPbV+ieNF?S-1M5$;@AnDL~V{R%^_xSG2+1T5x!FSL7`Q-GNw z;z09=K3L0i5QAFl4;4#;w<>c?eC0KTRraDKdWI6{T5F zdk6(rvv-LPSK3sjH=Srsk+0QQSdlj58k@C3P#Zu7R2R+)Orle-85lc^ZWJ#~-Pko}T0AUC zP-c8~B(*e8Vi&TU+LhkF?ECk%RYZgFS%UN&86NA%pTI_&sIO0DP0v$x;_B)X$y%Q6(txEKBNT8pcMbgE-Y8 zVXxt0=+y&BWkU_$-^|kkOT?GnnxkT;&pE%06TR9;H5!;?*3~+D^(gT z&hez{kVWuj4LXwf27%0j?bl>pEfcDe0njL+5ugT(z8Zc#;9azNP?r0BJ3*+FN$ftv z|1|yddekn1$>ZHVrg)wVXu1?0yb){vpxc@!^eu>2E@pf=;M6v9zc^L5K8Aujl zIsm`D?;twt))T}&q-*}ON-eja73zRu*5X|l;M7DYaM2}I0gjJ|CHUWm)IV*usa}8pY%uc|Pqm$$n0Xa?u#4t|;)2~=081vd zexm9oVSeA3tZbjgt=%0VSEF~oUsDg6Zkj$JnoOOW5~DVEQ~vxR_Gw;P4}WH-k{RN7 zgx5+n+y2+B!ep6@rEckSf-b`!QMmT{k}yJTXoyhLxh?OX5vCXU-#jC0+w%s|8{tln zBlr6fg3x1E2>DMdg?7t51Zb-@9Jz@k9~O*v1RrGfz8|;^H`$V3!3%k<*uJIDyb_h( zNtxEBSW&SPkp|B@q&z?rajk!fC+-vB9Xo#{udb$`kVH+JrCI%$)ldCo8WY^jNWQYn zQ;q4!*4R5Y@DEhT*8eVRJk8=tM~CNJdg96;I@vO**2zX0d@5D1v&VPIi zz|uCv6!T*{8U{@eWAAZa1}5Hfh_~-#f0fJ_>Klh+%hShDe|nfUA2YZml`$p>5oR^(2QpwONh&yGgsUe+0k9TFekXOgMtco|3W*o4*m+oZeAW2D@mH;Sy z8_fWGxkTA)j{}ba874!GC!iAC%0DHJ0u1nPHdXQQpl|@P!Jf=D+*BSl{-ZMX5f7u) zyiP&o8eG-zCtb5!QbIz{j23)bi%&^}k~!M6sOh#5SE6srH5sTB&hb&rIi)!XJ>7V? zxtlE7e)ws(mVFP8`?X-cedk{M@@*|b-{vb}%Ms65WzF~MHU>SBppzqhdRR=z7IaYy zVy-OFSiLzJi+v|JNt`E1haGEW!PV?z$=1!w14YuVvNh~aRAgXOx~yUtvDEt#9R@pf zE#Me7?lf4EW*q&OwnlSKqG}+Pfld7hAT|(xe2nJXsq2MUzvb8{f2zbiMi0m{@87Kh zPnftO1b;O)3c6Xj2&Z0Xkuugv5^N;NuMdY-piPOuO9dhiLmby!%h>6*uO z+>C!`qy*Y~$;@JvcRLgsA?INg+D+cWpF4|@UV@%4qi~i1(zWZVV|TBzz$sILapl-& zvSJG|C1D!p@w}HUU%`j9%L{2EDz1!7`F3_i`d*n^t`MuRz!RLpw>IreWoZt5IFZ6BhfY{3v_b zOf=5M{OB;J7W*}%kRztaBwv{Zsq!xv?{O=_csrXcFA_TOjLFh*t8VBs?zv<(T9aap z%OO_DV91eGqI(Q$>5`bZ`XG?@?qxt1B{NXQ*_wAN+B4#)pGiXcnC_VKsf5Tf3zjM% zf&PDe2!IidjlQBQc8Ek_xz)=P6{!ah45p_6f7DW?69CQOo1wpOnOS9#09i8ePNRem zA6J$1^alaQ)7y^gg{;3Vy5jX;2`=x3w}hUCpv`LYnj7a2fA@7i4J0ZKSuz_+0!~sz z=8|NN;=s$SjjbL8vXsJ&zo|z+%R_3Ndj|vTW6Te0-fp*S#~d)0Yewl z;atC=#V@+`;yx*+@C;?R;stXZx|9?FqC@snX_Iob3D;1;ecIAhmoN<5c&6ux zn%blgSk6luryGD+f@Z*HK7h`_;9OpnLTTennS{UM|G`{XX0`(4!QZ&lrHxF6bGB&P zxYeB3p-k$7=NUE0lZh6f-=sd~`)hPTLk!eX?P`y)qlKwY_Nhme zOmSqRsm#4969R7mSPO7TX%_y@^?MOyB10cRd=IE(85BY#2q+>+yznO;d-MQ4!N|(9 zD*O^J4(Cu7`V>_%)m#O9QOMCH)g!4(~4QU4VOxEgY3${WklUnLP-otb9Hvuwhc@{>= zGL6jz#(|)QpTO&|2C#7gM-=kO3g61XrP!TNLQJ)4nR--q+^IYjnomzILsAFic}a56 zTWi}l+PyCdW*H*7csmS^Jk~}ri*8|B#)=>Kd3Y2uxfq8Q)O_^|fB*YL3L4j}5a&R~ ziK6S!P6Hw=)yNEgtaK=o4=FmK0kxNEQ z%F8sBjWF(^PG+My|G7F~=jI|=*fGO|RRlS^p53S^|Kdb$p9#utu*D2_cW<9gU)UTt zFE_E`q|a}o(&M7I>$Hi zKZhe=ERa(^^kYgvWi$0`QEjaQEc{+Ih~lflht*_eK<-e|s79P-DH~>UO1_FjR}%oL z4g!!Mm|wTdWI5a9a4M?Y6wu=dRp1CKg>1?z!~=jKhi7^m{QGtvw*4()P~ULX~iHLTW(lAZgH>zh>a-g)Y76t6YH7 zg7m*>wNlVuWBB9#pvVcW0|?#{Z0IrF&!JJwD_tMhvbwKiZ_fyX1T_fneg~kxD!>hP zE|vGF#bl<&aABxFwYM2V57Hn!%P=&X>Q8**0pL#2+Hu>ABHF1#G~046oUMegf02&N zY5tO8W}UGpXR+V5FZYPohabG=?^KVkGVp=ZV1N}j`7h% zk}RiA7E{nO>YZGpAVVI>or*ytMuOkrw1CF4aQk%>{83J)+<9jruyuHf+y$ktwg|Zbz(&XWMFL@WX z|9N1r;sqbv@6x}Urr^GJ&8R$%h%<*2Xg)OPYe70Nd5=c=K8eKvPxGgT}`oH?O57iT>IL_)Kts zPV-CkYoOpt7-ebqmkmlDrXgnTA47^shHUMbrDq_ZP;i2N=WA)Vm~aqS3I!lj#&hjU zn<->OgzlC^WUEoeM^^AdEodZypTqc!b$A;oa%D#pF|qjFi7=4M9W+v%%v{7M_mA4_ z#;|yS>;?xYpY+!D>u3>bJ_{(3Q`Vdv$7?d9KSSOoje3#-l}tFV^;YU+IZuaX!{lkO zJoF>KV}A7wn9+%82>GuO-pWtTbuG~`;>%WKxQUUmwx*qU-qiDcJReNqK3wwI%W-|# zApHhVPg1!1fqrv)56F)Kwsd~LB>Cc%&ox8`Qt~`?d;1NhJ9IBM=ymt=wR5rP?Dn;o z`0(FZX(5<(fOAqfQs`z)Be2UP-+6e|=Thd6k4@pc67O?U!h3$p;Wd|D)bff7wFN~b zd8oH6DL+eQ58J!fStXOIbfScD?=YeV6Qjy3e#VVJZ6FS>_?h5QqGqcv7@AS=pmKVE z*5t#w*lk+~2X<73Z=#Fbo~@E)I4Hf@M<8EMB_(CciU*vsFKD1hlYYfNt;YM^frDW( zofI(Ub2T<5^YBtrU*Lm$=XCs1xUm)Zb9w+fSip+%J!<*&5xWi<67_E&KbT${7hI~% z+6F_BaSXw6>{KobHIf(%e@%KW%oOZxns>YR=eb_mB8n2Nhy4}Rh# zmIgO>k^nvq(!ZKq;JIPpC<~rbXETx#ojOF)=6S#QtF>&<{4_TER{@q%QeS^nlIC*K zDq@s%AWlm4aXo++XcMek1&RHI$$*FvZ!T^g2K$&nG=Y<-(}2^Lv)Rj_5TL;lJo~m$ zV(Wi;bJQ7Foc#i3!=g{o4NO69)M79U{Bx_LX#(|#ATZ{mvWO6e_6(mjH_gPoN1ZRP zxcCO-+JbRE)L~a#C{1UxmFR#iQAl(mNNvz#| z^GJ?&EM2#Sfs}}rI*(iThpwAaZ3 zL={g~DbC>Qft?;r&6;g5Kylc@ca7d9&NNuTjFBu!K>Sbi!Cx)!b!M^2MaZ_X+ZXT2 z&1bXepWQK!*Wz%KbKVYf(+?v<973BQ0?(T3!So!sL(y{lDZusm^Sa9k+UizI9B&Vc zp1?1E!pJ|HxQH)XB;G3Cgv_fVQQY$%i!R#}7*E-FY_?`tom*Z5)UhuOrLQ1X$U}i&m&*45Vb5nk1i@JDVOnF}MjLeUs9_n!8u0 z2e5YE0+@m1TMK@w010@?4Ecf;4fcw>NO_bmhO=!=SDGIn24AgxTVFK!tBRloO*y@e zoCnZ}$}08Ln9y2A@*BCLg>U(+Uu!fYMmKQ7Cdono+wFr=1dxyMck(qh)N&pN1X*6- z0wx5QZ#?Z**5Oj#OkVIiKy_n`FW*+K-e85fN zGs+c#a?|}=+RpM-#xF#-VAv5w{rABL!%PoZtg0}St4*_mv4-f}d&V)N+wjTIEvgFykp2FR0PN`tN?lxM( zXS`N+LwI;2>TVl!0iL15TqFYPh1c*b{A`gJ5HYvqDygSTLIjS06#&ybyj_I}O4HNc z%Xaq?QF99T{~>|E+A1c;{SP{@(;={5!01(^VG3gl#R9*ZTG*7~PfmI*3;?~q9lLzr z{W`KcEt*4?`A&%xVZDdk?3{XQ7-To}vCpjUH@72Ox<_5~M9!?!?zc5qY~;bI>E&=k zVFZo?t5O<^+><(k;=x{%ZtNUufb9#4b!%8tmj^k0KA`?;_qVA4Dez@DyeUBBe|nvQ zI)kSAFsG_PANrUK_d$xtU?oxBx&ZS*j#Aornu;bc6wi4t-%Q!rrYU>eOd3*V2taGp z4`RoVe-CRH>_Xz0r)>K_EmyxCjK}U##W!;80umv{@;>lZZ2Z$sk9q7)k_E&@3O~GA z78_BhO^~aCkP`2Da1w4}K6UF?;c9KM*3iE0tDYTpFkPX%J}BQ~c{nxupduo?ifKUW zQjJDI=`rz#-0GRpyerEpx#1m1It>d#|hac`HmlM42-$~F@?qX zR)5RkiO6?`6{i1L48Mcqs0k%BvYZ{gr1_I0R(Hcjr<+TEx$I{I5J&f0uKOb6;91pc zoF$BfyHDA0bJXdbRm%3}^X8W}5CfNT@$$UpWS6xu-H^hSH{z7J&vY-CcBb4V&i^Id zlUkiVOq@N8GRbt(%$kODgvUiE>T=o%5=uR?Q<(ozGuvFwHNNCCeV?s^XmJKksfb39mTTbtD?AXy_WM9M=QQ7-k5IjMj zMuzwWv7UjQJt#2^l+mJ5!4eXmq@{EmB}Jubf9+;Wl|)Br)_ttazTdR^)5XO)^`FwY z`0-}6*7Z~-Zzu)-QO0hzyO*ZF3HbwEfC$oGsUx_S%9_<`8K!*c+2s-UOw zX+(S7{WOm~=-D5L1eiJan(fh4@KpSX^DfWB!vly7Gn*uH>V^?G6|9rHx6TU$mZxo4 zquozpZC)F?ZK!BhEVL} zFK_#5R#_@)V7O4Jz}%D1OnZ`@Lp>>8GL3VBPr?dq-FtR?2^i->WbmzgdoY!)WWN$R z=IM=TYQH0niyJXnT*Q^sA!lMe^6ga41Zgxyc1(el$={Pq1z-u;Xg3;_r3J60E-1fW zZL41fr#7Lzm&ksU1X3h)*XQDY0j`p2TPeRXGW$L^gGd$l;EZXBU^kU;2}7K?q1}i- zHYPOa$f*ECV}5NV7%1cPI|I2IeJrPPIBNEpO1}AR`ZFR%?O?O7a|96cK=Hp{lVR+* z6|Q5zFfa&kXC&fheSX7Y0?mXp22{B4tDe+FHz~c7TKnOSA^TY3)%2z9&54_}nk2^k zQ)o}!W2ayKAFV3p(9umCM;okj-8Z`|2uw8WSfq9=XsbX?PuvB|H)k^#CSLI4HTJB1->L!2q zZ6*XgQUOll`zt8Y$QugwU*%K@`@kRitJV88PQe6~FQt|lK9zizz!;QdBw zB0*#m)+bL;T$Y>wWt6C&Po~vaeu~`^8vEqWK*Kei)YoqO{9EUCzBZ_)nuHLG^Z8-p zWn}3a5LYW)s95sybQ+}FY6j=EW=ng-^IhE;@aX=G#jujKY4X%)f14yr%wGe~pQD@_ zRBsUHmU@2wS__L@b`gM(@p`yAJ2=VYk{Y5jEQ-IY0{{vj2Qn6e5Gb2M?@rSr{Fyo4_RUdD;}#{gx$asslGv4XFBL4bhRlwC#9*Q-8% zjEm#y#POF3fgLw#^O1u_>5|1gGIx{L5SFg{Vbx+P7BT3;_T0;B^baFsRP)5r!kN+;QYeu9jgi=RUBWvL^yj7)yfP49; z+sf{deOxK%Ll51GK)akHB)iJdemM1nHM)jR={-nNg$-d^ z?D$_0#ewt>wx~;sw#^0uWXkdorf}L!GAxmy+0v3u3D8%XGEztFBL$kABuX|&w>l7UJPmHk63bQZ>gpQG?0lRVU7YEKu=2za*Ovn_q_=C`MkPL{ix} zoEI7#iTqcjyLDK1efrh;9IoYl+T(WVsH+#itN-Vjmw&>a^uuCj+=+mQ^ihSDtpACG zFx@>kBO6Dd;RDi6A4fEKpC+c5?~qKy$toJ$9p2ZbCI$s;7^Ux5zMVEsPNbT!1ueZ| z2qav^h#Z7A?U7`zuufgOskYmBqJda%4P7W4c(Onq8*Z0MBUDth84Tk-3s4dA-#yB5#s30czAFJX zm!6auv42p8u0=D5);DePuvm)1IW%Q83Nn^c#=pgqU`Y(6_&ss$WFV8gobN0pFeA$* z*YPH)BGD!ri7-P;K)yL+U-#)FEpcw_tJW_#F$vgRu0BRC`XVS%YbJ0@U5Ad2VBj26 zHik=xiAU+ze9mwI7zadSc2h$T1A+j;-Q$TYHI-V{ zKP?ymL5e5Q<1B3yv!kSy7UG?*wy&4PldDB1yG1}@0xqlKZ-VljL(TB-E1DA2cfrkd zW-;~N=L-Ov_Dchopv}UgbC6#VmpyB#u9}`6eY4NHr^trMFasOGC{;N%s4XBxHiCumMyZP5sD8Jv;Y&`~^ zC<6E`>j~7+S16hRm^Jf}-adqSZ}z8Iqz=0@DLh<8imb&0?19gdwKX;U&VhbKw}MaB zt137^DU{7MMN>XDBio<&QCJyLEP@z7m!!~5gbV2K1R`(-wd-k!k9u7{Ljth^w=h=@|JKh37+NaqpN7g5LP=7gy#78<&m+ymI$&A|o z3B-d^cHhCl_U)i0#hEe9g!=)QJ$O&RvLNicS}}($tc2R~2_*S_+iat1Jkx}2d6i12BkNna@S4pt6S@Y`Num5{JG3oyag00_Mpi?LbcQSu#72q1v(8u=F zx>bt**mJ}+@{v&3ooKG*XKeKO5;1y0BD%=!tBsdug1S|bmec14HDlviK@KiW+?^1V zzz86SN*Xy%X)^u5hDD z&UsV>6^SK$F_GmO!xmBKm~+wLv*dYA!0@&xmVmR~f`cFhyy46b3~DShucOETe~ku4 zH^RkX`hK^GXt*l@0@Nwj_;P zmMo&6u$s%1O^|$kFm!l{*mJ8BW#n6R7&_*Jb9r28@3Ek_^JG3+W4+1ca|x8mZZ!_Gliyqi=31IiTDM;J&+$hci9{G@iWoE5=Ux>f=%$2XeuPB#yl}ZUGPA4zNKM7~S(t+b!__izWoGKulzL1wd=7ZUeb4(I{Pe%L zo9{5FB0F6}B!_|6`k3iT4(>ObbyrXLbkNX=+8+emUiGzv=Y+ma3=lC1M^Cc<|Mn-< z6qYAkfl&Lvp6ZsaS*Le(oJlt%@@t0d_f3`C5n6{;>$hS7HeVP1ob+y!t_Cj>YVF6f zYG~a$&>I5H5Fqs(G3&hkV{q~OJsiapiduWb3E6Gi`K(}>!Nic(Z-&S@Z$c49z-tyA z#`mpsfiw5m-ng%^l7>1nyKKhw^kO3-y}I- z1q@ZTG0MX4ItxDg3#C*@GM2MQ0K~mq zgnk-Q6%!?>j+Z8Vd+5ZtH)Wi*Gp#oGsW`T>fDL^5rK?HZ%C|Ke4}ak9;h)`(UdtmZ zg=&v={=67@`lUwmgj3PDOJ7VlendQ43=&_pKC82PcLi0k)T_R~ho769W3XSW2Qc3L zSJRPE(nY%WGvE<@aty?ufV=$jO*61*xckVaNQ3=+k=6|?@1Nyal0^X0bKtwhX>*`v z{NGaqCPG>@8S1KpfCF2yec3v4 zjduHjd+-milUzv{-YnUD;JzTWm@NmCnkEFeNVG7X8xSM5&pt*@t^H0extZydC$toRX!L{d5dJ3s;cb!!cuF<2F!*)gZkd_`n7a)k}c#~OS?cnbQr z2f()?VSW$^Swe{`+|~&(#bcjqc;1jM_dO%GgzJ5E^UN8KF3h+-f{J2Q<@#)!J^ziZ zwpL>YqR=ef$%>~9W5YumP`|tf=30OD)kyIRF(%S~Ssi#I>thb6Kh>|MG`CYl5Ozn9{!BXGhsu59JV_Xh|&{IQkc+ zh5LI~K_JpazHodoJaNVeUrONf=#3C*iJ}f{eY{{?$5tmimRLD4NsfX0@2dZ6|1(Uk zz(P}8x&R4R{9VMKBpDq#1(3$i?OFvLSoSPUGehoxCo%kp19TLMu@=!c0C2gyads0! zV_5kEI!-n%JN0+?-&7IuSE{K4-r@r{R}WK)kGUX>WVM6{Uvv_0H=ojE23B7IlPeoXszR;PE z^uVoGmY$Wxzq^4A8*G{-pHiW~=^`)j%U>{b|3w>Dn~gJfvTK+!i)FnM#9xDaJx|PI znXVo(X;ZqN=;I79EPz_D8Y}`S_*N*b0YC05CV?e^6}?j)nmX23G;8?df5(wIhKw94Oc5D2oP%u=4&w40JKGyG zC3nWQP}7~hLpcv(#F3^8@Xe$}%ke)%afZ#+sy5|z0;56+!nIj|h+k{nw=wVBz<12? z(MfTRrP$FHq)_|!RAHv_Nb#T9r6T>shUl_F!Zb)am0_UM`ApaEk|!vM<3`mv$L1o( zRt|WQqx+NTJ}#;4RwTkN0rtt=GN6>!gJ+yo;B!2`FD4iNe@wlFUsP?|1*#I#-6h@K zjdXW+cMA;N-QC@d)X*W_(jXv$q{M)9bPg=`#^hA5hhX}vhgCbD@=uyyAqEtp+HmhX}>I_41dP{^kxKtS3oe)dzEk?{YU z5-(@joY3XOrg`zuHVw|csIy~+T(nEoi*=?BRUoO${l%ZbN>`yw@S@j@W534? zk<)Bj`RV0vL+xqbjXLioraPoysdhBI4ru%!=e#Hv`f1gF#Acp^&d%N%vH-{tRUmYc zdaX3jmOFcH^urPx=m`?#Rokr_78C3koczz5m)@bt3YK$>>m*%V;I>i$v=BS!H6ab0 zSaxL}-%qMIvTCg}P?n`-!vS1iuP2M-xt9c`ej6x(G8*{*%NYfcx-~NY535*3$kegqhZY`#JP5?1E% zUPf}K#^pHhZW&9*hV%|hJj zi1Kq4SE)e8kwMWZR_X+)b6Pzv%2*jIdv^mu3!$B4WFHQq)vDRAQvyH{Z8U_>gSAeZ zJn1%b(l%Yd@o!pp8rZ+sanVt{F!FzGbn0T`Q&sBJG-mqwe~3SCi<^h1IgNaBsh#K$ zsiG0w5mvR`#)0)UWZ~LuHgS)`-Dr)82aNHx`JEjls{sqWQ^+4NX=|RG4L>;Op(qJ+ zK%{emnmK@iAJ!TH%jRpH3!q0#XP;I54&K#5>%38SHDml3IlX{A7in@~uIjSXURgGE z?r6mlH0Le40~bxO7b$UfStbA7{C#Dv z=q3Q@{)|kH;xsV@eroahUk#BRXS=1V(*2fElbLT<6Iq8(f2Ji2Yo?MTU<2jo&#sXo zsmB185C@OYpxP$EZQS*q6~SpTMSe$bi#U!nTVa3!CK(XsZlxfKkM(#7EtnooRwyf@ z8B!ok|2}BJDHrNwbu1dvxabt@8g!|>C$O|kJa~M-O_lCvQip?iYDP%GMOT>}sg#S4 zv)Glh1PrxcLzOZ{?QGAJNXYi!#l#xstJ0r1@iYiroWvCizeE2G(dhjy= zteRdUx8lVEy%N0k|A|&+Wrx|G!=`mc@VvL`65H(l#*~N6zUXySuOSM@V2ZS}WY`0w zn^swBVc}?23TeqSQF_RV(f1)p;aZi!TD1{13RJIlMT)ClpvdsXkL*sa2h(}#06|T%o4uzQ z!Tr=;qI<8}W#TrPwA9_Ml(t)(V*N;mQTEq~%MV7Is`{{v{j^y^B)bh;{p%bOK!WdJ zrXgI>fr3HUm^m|*r&o$0{Nh(qB(mjv@?Wu02;~P!bNGGL|9!lLaCR|v$53SqI+&{1 ztl7Oe&=2!)Y=sH8tw4)Y zH$F^a^R$D%X#uu0=%MgBbOaQ3OsMqR;%%qu7}YePB!xcw zUh?!Q)y}o2?curkCrPwEl&D$Ej2*oKm=Km8qkL*|Z;NCcD}NX+gj>CWIdv>$$`td7 zhh4d{;5M$!nHygfLWlcgjlMAhXx_`rQ)L@?BL6{%XzUtc=uNLm)7R?xwXqz(lAr|8 z{#kn0CwV#4?NB-L&ninAq)IV2_W$o-MMMi_^pOw8RA* zs%474i`1kV1^VoK_*T>U?ToOcKCu(>0&{N|uPt&AZGxERrtE3H13 z+@p^Wa(Ij*1t|nCO{di$2(`C&or6QVXn?L=Yyr7bwgwKr|JE*P?hK$YJ|2hM$!H{A z{`AMc$^yrcg5r$Of{vl6xXtccTa<*sF;>+dV}Kt7N4H$DbTwrR9-eF%Sng4?QB98q zDLbe$6`V7BPW0FBcu*c7K^t<6dxkX|GMf2PPABO;*(5k#I@@8Mm#^5WoHQgs82>ls z*Z3B=oE!E0L|E2$sC8qx!_ib=}k)^Mt9 z*@CUEdf{|9RB@wU9Gx&qEj9ouKx)mvcrYNbDvg#*vW*xhk_K0rIciBcSH&0ACF_{| zRp9sW`wf6@Yw9J+H>fuBV&~y17wI?jFw|uJ7RAM4St8MWfDv6I)6iomP>>}XqCd;5 zM%XtgPp(4-SE4&lElo>>urWiM%}6GPXtoNs_;gPg3i|&Gr9>FTU)U-t_3kTu`Iht-2Lyy-M<0>ji5*P?#+{u-2_|w*F>SaGvg3_&qHyA4dUXd2l z>;7=+OiSVawXFE$&ZyOu-|V;am=tBoP4E#r2@wLDKHfaO73d_+1i(+L>Re2LGQ^I7 zAqjV*s1AXBj^?72N2wb*ow<7&uK2FX&>0n~=t@!3$|NmoE&PUXH{N^AX>Nkrk|P;~{IHaU{;y zX{ykCj7Dnzi48Bs9jlo~W7XQ`F{wcGKj$+s+9(djE1Hf=LcIAP@ZCpM*Gw+{W1-A6 z8hV%+0{wJD?&BfkjUu!(ksm|2P?>qmj4jXSm`lgI?uOO*mWCU&;;ZVzibWiSZQpZg@L2eR8-dDMvn&*- z_P*}gz^p7=SM47Cym--e?(9VBkaZ-PBy(O)D`BBWCTJo@3&uB1qkv zKxoOD2rXTm&MFGhQJ#y%7v_A*p8T$Yp982{0&D?j#3rM>9Q@BwIM z44doFIsA*SHuqbBSscZS*dI?SS`M$e{qMBq7PLV2gv6ik$KvBWdEA(#FqdXqhQ^^K z)AMISqS&9zG)y9Uy#~RHKJSu%Ek`W~HWWuVP+O#lH~srKq`XBpJ6=ZWNJB5SF(+P! zw_OxL;(DI{`Tc|6|J{Q@zk9zuOb&~bh(AG8#?A*Ax>V5V!;jawb*K8X(6p`KW$MLl zMlJU2G+iuhBUhN)O>5`V&atyMSz8Ox$g;L!cs;Ij_$Fu*M&8&5UYgiD%+Igi|84+) z(J_%2%p=W4hKa?*PGM_<*Yu0&|}Z_E@>S#04Iv=$Trbf!G?NdoLc3S5A_UTmm7!c12{Em zE!_``0dTG7=JM_R$DMR-;{j}KqwsJ< z+#Th+pA6y2IqL+#C{8WUXZ`5%=AYMJ(T+_gzx#Q11F!k;OMiZTeivXJe#f(YGh(*? z9^)gC*SmnbZhcESuSv$vqXYd$0L?IQXykq|@})3A;MI%Bbr_vBhRwju4Y9!Y)%*Ea zyMGi|_t6%7xmLHaa~jNb?u`c^deZ%uvq&6T_fck}63m&>{OO_<63=+lP#)O`mdEV) zoHVo86<$B;t&XBu@g+*xBuZQX#+9f=#M54NJ(U&cXec+UWtslOHWU#puJ+xHWhP(( zN=}(TXs7L4w3|6SB+ZbLCIHD2sclFci(7UObM&xO4Nq$1T{+4!-U6~^6$7(RQmGGO zUzya?$?#%g&MWaZ2a>Lt$&|4kg=MZAV`sU#+X!wvG#41kct|3ls=Z(#I|9_n-hyG& z|Fa@wQxQw`G)+9fZP2hh8rB~Cs%2zbOlNS8CQr@hd$BGR4JXD`-fGsdkWt#D!JvMSw*o@q*$66S!SOHv}5NfnTIi1BK9un%hYuFb^}}I7-KSS z6NH0ZtscbzB%=d7>`=1m5?e;)zQio7YnnPP9a!=$1J;~#sixQ)mWz9llpX2-b*Jlk!N zIp`ox-1fN-VzpSws3j>GUdQ3dKYZ8iGjuA%@!crD`K`QV+^M1Y^%{B4leZ%vV|5*U2*k)#B z8v(5?%~~zFrai!Ig=fpLF_{1QWj>#gf%AOB5;(e_X^f)n-H8XK-!#L$vC}kGm~`&C z^%5vvUWswu`_zD?)79Pm+tFFuXohtp7$|h6|D=Cm0oBTW@3I6~WyBY&Iaga*$T=wn zj~W$Xl0FAJ*3R&nn0R%ltaa)Lvf1h~P2Y=-9^8P_t7tvPo0aJ#Sxdj0iTy+kH;0op zACFC-NROI~Rw@@kld#rCgTL_0rehCJh^24GJVVHAUc#l%#7-Pb!u%Hj1rF_P;TiwA zX)-soPr6n3p;f{0AOgr_%ywZ~EOFwDO2dJT)&6!sOC*;3f9XA3m*Q0MR_h1LgCl_r zzu~ApgL`LVQkOAyfV|w$>n5M`mu^OcoaFDpZ1trXh(_@`hrd`^dU|@t|ECuipX=NO zk8A7)Z)azhW_=w#sh{l942(Nu5);;1tak_c{}BU0hEl6ukE)OZ0P}hYk^p|@_Yd>C z&5H-?LeslVPn6k+aT8O3DU09vz+0z9sIFq^<@7l@G`Yawf~dWP0o%CwaCom~pZ`C3pw`TwaBpGQa~ zTBtq(cKrcdULzw|?0^sgZI7Y#=LSl2jhNtqWF&~chk;Okzi;s=WlsD_qOg+Z+Is>j zjD!czU9G3g|NDX4oIQB_pxH&Qe!)H9L>@&X z-3}ZNX8ZsDvLlzj2T*0{xLMIJOOyu2XkYiv1LM!9O}uT}H%nOs^NT8YF+mLSA+ zLe>dSQ%Kg1=?IE!jZ`U8(OAqkMYhniAZoBUiXL5}m5MGhJtw6sCrLg}^uw%BbIV+} zG>Q*sR@BFioxavyv-HM>vt;wO*!bLOd`2O16{032S7U$ND5r0%Z~XPq`TA%L*_#ia z9-nx&0VJ}dh`Tu%<8#?DT~=x8;QJ4T|E_NNAH%Y4|<9_5}zS+$y8 zcdq5UUJ96e0PpKYHA#PU;6&RV2OEcwB#d2|pB5|DywV&}RaJwesA@KSCb)Lm3iI+y zb8^b5RE&1F&DZp6YBJze>=4_aI7~!15i3YY{AE`$m}*AW`)2>N(;6vsx5ILQ)%4mK z*hy&?qt4cd2&j(f@0}{SOLTE;)h zF6nXSYTlq6ZT1o_sI{L7Q7TT9Z%Gvvbjlok>yt=EB9+d&B)`k8Fn7^e@`oW2w5$s=?~Y^G}{b1yw+cu zr-V~8T=by%&}sPX$M0xevD_#SG8EYo^-rZpyGJHu*J^L}s~=8aQVPu+C=Q#YjIyoZ zWiu&GQGN1>3AGYo&tor?$oe(vZH%z=1wER2KoPSk(+bf&-Zv898W~N!m^Vc$9~} zv;4YM(KAY)6S7y33e5@cXP``_?5~0*=JqJIhN*NG$16Dz1G>&M`c9 zThW!M4beIBfJzd? z={Mir|JWK2>X~p5^Qrl|Nr35T$pyZts=MXUC!kFp9~f=m{F3n$POi#nb1usFnS34l zCKwhAC$r{T4*%a};jSFH$BD!2DbvU`i->s(HBp!Lu_n#kTSr+b16n*)QQ@_QincS) zDRbcb(LHb`w242s-8HOn_D1g=kAkEn}=T2uWG2ZVW^ zXPs}Gh+UgRd|SB>(;QiTE4p^RiDOXRo4;zFFh&Ft2Gw%qZ@o>p@ik?!Q}nKJ08i3P zsU;9)^JL&HSx(QC{c8+Q}U9;IpE)`R1U^#M@L0P@$+q!e*}xI7`N){v9qD$t(@_(75*7G^DnNa0FW!B5tCm() zJ4g7lCKKAmyF)ODf7b>j@%Y{GJ_H9L~F-%ovc|3YPI+jPLXW*D75q-%PnOpi?4NvYX%t=16Z9;?2AH3_cgg1^#Vj{=?S6- zGxvgTJae+-jgz9Lr55oOVIBX)QMi{h6r>?HoD z#(3NgS(86-Wo2b~U*b5HZbCvnK=Qsm^d-dNFiCjp;-e4?;srh~7B0W+1M4z*AuqQZ zsI}T(M^U!|zd9?X>HPQpbA2uxYU*eRw#I#}^84{NtM~RNnp!f}q#S>!lIHbZ*ZGId zRCU_n#70~Fovi~tdLUb3YwCbO6g4j%>!QJ;FdPUx>A>O}ie-90nubOjy%z(%%mf{Y z*Jl6LGY6$;C)4+ly(d%i0qVLL7PbA;on*nU`Hsg*Z>Ej0mHv@}zE>=OX19$&#d^F6 zPwb@TZ|x14hDf^xQ>EeEh$oqWpFOhN6!;2|9T<`;b z$bHwnSCxlb5I=He^ z<5OBq@Xmu)n!jQsX*uNFFh_B=PpGo7T^FtyI=T|a&qD{ z3Z-Wh&T9sOY#0GNsX)@&smIMtJqpP%2fSH_p%RyUDOIzw?9kEkAV%8L%kjArLI@lk z9~KHM4=MGnqX`TNF4GrF!KMR$XL zZ(Cd=Fp0`IAR2%dNyB{Jdv!bT3rZAul-a7WTV z1}qPMd`xI!dk{2g#$9S{ghGT;VBukjp^@q@#~!ib%owrUW~~fexBk8*&jJfOv$Uu~ zgP7Ak|L#xHA&G--e?9=6c1{ZZcQ& zat+=fWOt`c5P9|T=zr5-5l116`#lt~lT-Uu3;BmHCFe>momHSONl-+D)EcfHbuG?4%8MYB&%oY_z?Vw?3{E$g=MHTvII# zvsHW)th^mtbe3?LpW*U)-rt(MR-u3oFaSv-Bgm6azq1YAwEFDR3?F)T?z2W(US8f| za~$q-J|oo_uu_T6uvzbuwr4K z|MIM(>{0!Qv0t$5VuQGkPgh?WZ2&8p81bkB_rOtO?Ju%5d|SJqx)#nhr)W+%ZUWt$ zDj}I1YswU_Cv{RZ4N=j=jkWt<;|iJsg9kD!uz`yC^s=oK=o9p=>!!&hNK2Lv_N|y@ ziu)>tlVGT=jN4iv$>t=BPfWD*qTZ5Rb|)Wd*nE525~mIW<&j`ZyNm@dy*C>#{r|fn zI+OL{!H;Mko7Wx4&h;f$%=_9TC$YhM&T_!X!1&dLQlf_Sohf&%49D+LQT)k2ByxT zHI8WT=QCPJvIQP4c1W4K))N2qt=_OpH!tZXi3N8TCmt%zXRRoUprzH1Ne5Tt6hhvW zA(l*Byc;PqCA~Q7PcdB$^nu97$0y)B$+5h5GO$snwe{Z5S+|9piZnnza4e_hOqlSO z8ifEs{+zOGlaI&^Ct~|+GRAs;`g}&I1fNEnU99kP37fdYq__v@l4o*@-%}M$v9d$Z z>{W>E-oEtyDw+EQw0beKYHSXmaBC{Z6a)M5NtCBVS6~ovw&%oAM$@ilBe%}A{YiM7 zes*+jmBwkyph-N2FWDcajTO3lP*Yc5?mCe9zn891>P;Fzi(vpN5QF4_=GHVy{|4#9 zQi5{*E+fOq1X7MIH}=J)$UM%d1V9edwd>G=oNJ_g2r0=?mO2Wc85D2a|5luq+oI3J zc(@p@sr{sR^#xvnQY?_%yC5JC`2(^;j4beF4I}wB!moW3g6O8oS&q6EKJj6AyodT_ zh_>|I1LVhy8%vSQI-~}%6o^~t$gD_*fLw7s$D|!s_yW4En=?@SBy6rBz z@jTmaefm!cMD+ya%7VY4>kPYbFlm&A0TF`Yvv#V=#prB~!jbFlGp%;%M3QHlJ9$0Dy=#}y=peVfU+KbjS7O;<)aZjZ8^|6P>y!p8v7hganku3=PkW5@~u6iZN4CO~cA%!Yi7hRS4)AJsb*~V>k%Das85(I@JVPsU0 zlf~`w?JbMI!ojIwOzwTU8-qd>tZJ4o%jQ=tS?FW9kCwZzHdlrJfJ~Ntxvnb{n3Pw? z*^!6h4-bwsp$+qRkUX9e{3XK@R)@4k1L`$cuSj7}(|#}oa~mtke{f!KH-ycsc1xX| zj))+gq_0Jbm(b)+@{6Fp47Ot>ics8WcUw?5v5$O}OA(^(RUkqkO!?`Ao%LoLcFMsc zlH(#~IA#M4Ywt=tFR&co)?NR_>76=l@Y<3&f!{&hahoogg04@{3!#uizQUWomY@ab z5{rsQ#n0YB$BqO|(Fn}95YC21|KWMN&+8gm!8J7mS^N{EY17}8ZoHE+ju$gkeAjg} zVsg6pmw6})poc`=r>0eU6+n{yMeiSAa`pTQ!-mlBQ+|%iD6V9xSd*8R?rn9{tS468 zYBFbIrdV3EWeI3%8H%$;#bFiF6R)o9CDHb~VA3<#x6YnWLQ;O3`fCEwtm=fm+ZLU^ z@R?*@@#Zn5fecbGlaT9S;!kKY?!ib0z>q)*3^hSwc zUJRGbKit%RBPL4?U52n0mAP{iV^PAr3V*gX;)J-6$m)r->rl*>bKn9DaYcVu(3Tz7 z#tm{s2=NlNS5EZXR@|O@FG`-ui%M*mlZNf6IT{LGBFbwdMoQ3>Ymv{hKJIy#XQ!iR z)MX~6unSyJG7iL?B4MMg;V*M})PyO^&)iw|x9G$HSx!Amu>_5f2z{$RFIGZPLm!D$ zY134iU}})Ek`{m7`jf=#SsOLg=$=4TgK$vV9;Jn4Sz`|oV4&dIZ-XE9{#}Sf!GKzX z0U*fj(L^Ki)Bw=vvl}x>p_<2|x5358VkKCD&Kn(zAFyHnR-9kbX(-iky6z!h0>(F) zS31f)ShbC;g0uZ6=mA!}w=XsUrwDCddcDH`JY#j<}V(AFat|_w>?>464C) zVnRk)ej&3}N!OAKsA)_cO}o_m{h^v$7Lro-<}+2uQ(rvA1JLPT0w7`24U@(mR2a|j z;URy$1;>|!l{YA4m@UV+fdXgUII^!7Zye~imE39vjG1Z7-oqDzH6K&HPx!99vk>Hh zZTW@z`^vfexwfw)lnZACwaGvq2n^0TsJH#F|&Iu6(et# z5f&hn49Mefc~Q4yT1xd9%*x1`p;4mXfhn|V6;PvF=DtoNe&Gf6xu-u1CEHB30Mc-X zfP($^uV-FE$@eriiPYbMT%P@%BcW}*tU4H%Hz%1cha}Y!UL$UP(#bxaSzUn z{ACZ#-Sv}R|Jq<_zbj;lE+ma&tx}DyNQM`pZJsHn4JEx0{h)DFO${pwtZD;QQU_MF zRIzmmb(jrhOcH3AI@I#0TKM`;Mtn~m()GzEvQeV`Rt$emT3fQN;Ki^_+&~Xve0@HO zZ>(h>C8>409>1h5pB?4f(h3y^iG%f#PplRE}{NZx3hv3ojES6Ozk9q+!_IBD2WGRjWFKN+dfPHRUpW-JjMhaf&nxz2!E^W~2r z$JQX98iX7OLhM9Yvq&4|ekvtqShh@l42ig{H?Sf^@sx`?T&&Qi&c3Eahy!ctY}WqPlPZ0}!4t(I!HD zlpI7)e;`xzrFsg*2wirtBa(rTvX_crAygkGrDlhm@!`uT$}WIz@&lEmO5YoOm4`tp zXY=93&>Y~?WqzV=N#;i_orh~*OsIkuhogr06UBw8s_9jK2z)yuL(#|3Qj_mD-MAB^Kemz1tI93HTUswr3EO+?!}qW9)LW=h{v56^`g zSORo$M`mk>;%`Eu_2dN#LHu#N0d>Ssck8_fh!RUTz=>bbQ3s>F_~fzSAy+xuIJhfD zkJ+#fm>p$J!&lCrWY)SZU6f@N4}oyW*WGwyKD*Lkp^Q0_ zN)%)&c70J5`@(nX!UwUjfjg34kGy6Fl#{zRal^Vu=*p=-MV@|oAZ%HVgM)he%cXGH zEBB|lyfB1_vS)v|X`$4=^O>R=8dFU~iHA0aryH}w2YBORQcM{ON9&e(m3k^*CGg&PtEvq3SLCIKehwk3OFd^!G(+;^mh>aZu-LX|_>k9| zm=gDGtcT~AHo{tHng$0mjC_u^@cjOe-2?K$*HlbTe)Hscfxo=zfBYS%K;12ZLj7;) zt7Wzz?)llzzgFr^S@|-C;V(c0av~qlVlwbSp}-Gka&mG>xwDtSYTAon)tJZeYSuXL zrF`vBtd+)WZoZnFnsoWTW^E2|nLVZupKJvd zS`{MB7Yv(X#|UV};&a#Xouyb%%+vlv5nx|PF=e~j;F({m*D9m--SErkP4kvllv}tX z%or&#q(EMTSWRi!P8(_hK&O1Aj?L&b(zLf0h;qt;PUqK8A48Y%+QAyVGDk~yU~_K-*EnqK)4$Bg&+fc`MaU?^1?} zEtiGpRG0gx-yM%N3{AF+6%dlUN}wn=G$eKccwIC{V;#C3juy839gg|muD%6(HX721 zuJ{*7i!jqjC9(eHRC|ld4@k|lu0Ap|545<<0*bI2Z8Ha@5A&aNu6MIenGAxjG zU+%VswuexL`k-LHW#+~0Pi0hlEC+}@-kd~wZvFe@)Oo{w3SKqxIzGaek(XCDcT9mH zpL#u?A8Wk(^|I^_(B(&ZUmffKhdq)g!lc=+oi$_i(`N&6?=tW~@DkV>d%621?&w&r z*Is`e=l*;i%Ex>AWB2a?p|iscFNV#;>{b+?+u;sif&&0!!G_ttWPs=ZkMNSmWd6{& z>S@xuFzwi9`}N5c(rT;ocYe%n@Mti+uo}|t_fy+yc68dhK-5;3PFTMKt}vht&3?6h z^Q@`*WQPWRq#Wo)EMtkZ91i`CvTJs1Z=%$)HUsM=Wfz2eCggmV3Tuqw7DjKk$g8!lH9#IY^sF4cPH zYPv4L%wq9~!QBf|K0aNcN?_6xPssCM$FpBNM40Q90Q}OH*zIaAobYhP=E6_N0LOXv zW69$!R8G|SM~y5>pwrpzx$^N5c4L0wBbK@KL3jEs@1;E+96UXjL>jwjyPAms;m=)0 zhy>Xl6}c%VT?YP^(YUcih!}KT%QHmD@Hc7?hy~6is%?*81C!5LQDq>>3y$Xp>V(9? z(u*l8KI_xwJ26pM(LZ++M&#lw>Pj9ag~CW7oQHs$5mQoP?t6SBWYq5yv;0!0+ad*n zUPe=68hZ+iG;m(>FA~biC>b9vg?Rp~K4Zy@PNhD& z`;h~!Ec|kf3H{-{M|bB~MMG>bT8zA`lXfo3JvbxHBsz?u1}S!I$mcpg8M=L`zy21c zmj-%>4B|F({90F1;Cp}RBc3cG zwIstjTuY2L=>gB2m9zHm1?)k8uSN)0G-`|*3pQ7hDrurMOQyZ-vOK@sQhrM{(wF*L z2w=wg=1r@~WDilq9z_x*bo0>z0~?#dkmt{BC!vpOM3V+)oj-khzMO6laOn2Av0L8u ze>C*0?W2+Cj>RVfDv!_Kmj*=9@HyT2@{mH@-(z^Cy3ZI=9Ti|eUw9ji&&Zjhh23^U zn4kr#xMYUB0~9{yqsk}*=9vTxyDe;oXJ%#uZYqL%ip>9CNNA5Kl=`o7;#L5z2|f2A}E3?LVxbEO%~(@MX#fo z(MwJV0jr=jBm;L?4$-bI~?ZM1@+`!j>#pdYrhs&rX3lDA~9b9!LHvv~EFUxD3M5Y^(>g%d6#Xi(O>& zow&c5whZjMkVwuY8uqdAbBIN)<49uzW&gWe zq#!U1{EKYw=Z6=j8?xm0lD6YhZ|r5FEDxMWPV<4Hu*sGc-KU7a+EhC9m+pL*A9Z%D z>sD=~RBNGmaqjN36BcM;>k5*ZT*oKkGq9qRq%`p}<$LMN79p$qYPy&hoQ*j%>xWq% zb@8jaiJ{R`_{>_?2z+BX!;&)cpkpmkT2;U4v4itK3_T>;1~8($fnk8t!-)3xLg`}R zg+CCMWu*lBA9R_!dwTtAZU;r#e3L(ip8G}$_mVKpNx>{IHNPK9DzS9?_K~XBjblqv z*tuG~l~WCk2%vN0q<++EacvvY&Z8j}ceEnC=JqX!=*r>0jF42|w!KpyZ~XVqFj&E1C~*cfFQ@5(uy+BX~@7ZPaJ`0Q73OMI1J ze==t%QUXqD82y({Xi4fXQJc_DrjP|KpJy-XI;aI!PgS_{X;hoBI-m%1r1XxHQRLos zrs3PZx_s7Sr3kBXdE*~u{~tZ_1&A&qU*kS|SR;<#Gs z`js#J!J&Cro;CJ%szyiJg~nE?vI4FygD0*h_8XDcL)G=QtG~!$v9Qv=Ie{q%5XtJ8 zwo(gMQ{tB?SO}RT4UI8A?FsCxf??LT5GZMY4(DJHA7D;Y2|BbfCF)y}Lp)S)^$kmz zXMBCNC{pXh6e@&lJC9FxU~?K29#xLkp~Gt|s4mNF*IP<~R&~M!;K`TT{;M{+_qv|R zxt==e!$ZjSJZ9B|NPv>fW6w>`hfelj^!Ns*<~kVK`c^`P6b*@-hXPyHD6x;S4-25V zs98s?9f>jWUVBt~bM?cjJ|kmQ0p2j=lHkXbP3!MhMTe7aCXIM(yCU!XUesj-Y?ib! z9La=6st8Jy31(fh-p+5SZKv`Ncd`<4!${8gW>e)z>v`6WB6f{6(B}asKns?+r!U)y z{_7J;I=iZ2?B1j*uUznxbtQyGk6$y35A5fxd}}JpaoVEBNlXHRB$v}pwWXs(BKRyM zonGOP^Gr5COCS~cOYTgNs(2mXgj6Fk1bJApmfRR zgn99{vjN#|>B+l3AS>d%%@Q%616Ghc3t#bs ze6W56{uA<#UC9=*&*=J>Gz9x!$)N@mh97{zFG<|P?x!W6P9iQR#*MSD1PaL zlNM*S)uxP9g%&qmT7g;ec>7)w+eBNK-dp+aH;Op%QXS?JCa<{!XkLELvvx7wKX0JP z(c{4sGue#IWZOzn(!5_SI2``gduxD$@gCrQ##PLZv0XKa1>)r3;T4&H0AV>56)i38 zT>GQ{zNKXrmv08hspaMA4v_8|n$G4>)z^>B%Om;$0o57zlK|PGK!tLD%i0s#2m{dZ zX~2tz<;_RoVqGDzp#D007`!~lVoqLSXxY92q!!h)8rj&Cz2Z3%6sll@=9ipt>mFzn z^51ZP0`zUCv$PY4U(L_RKlWbplg(#Ztl*)upa}~pRa?FlT!+EYK}DVJK9#K)z>(3i z>G)8Qokw!~=JR&W@(20bo|G$nLUC&#WXE{~vJy0;W@?<5(OpiH&mtVmxu+6#Uj)8; zK|WBvyVwpz-3F?s(d~gyHtRD%zsEJP>3=To`<`Au=7H9a9y0`}53N{UpCq4q%)iy5}%v%6fuat^f83~PfB(MQl|QGFDCkYLrMYJT6XpL)C7Qe4x6wMqs5Xk^#2T# zqu%2rTdX3)6@q~_FPvD8D|1f5H$F8Z29l!h`62=_;V+oDlkrewB41Y~3(U>?9^Tqt z%{&+6)QNBR=08+RCcJhMWu6X`S$}|c3AIn;aCKqJ$oF#wYD6Ccf7yQyMF??e%zf7a z(s5=ZWWAszdFy1Ebbxfy%9Lr_HV-`=al)ly0S50nZm7d#=v|OFhqj zx$w4q`b5ZT@(zWNT_XPq{$W#^n2Y4-2;asA*t!YQy-4Hz&jl%d$p_WOr9#?dIAdIB z%R(5aA-OtMjMf#@WHc1mn=Ks4IeBGP6u>#0vE|OxBzq}Y5daBMiFG@p`;?NjlM-xm ztEJH8|I^x6M@7Ab?TScdCF0zPk@OUlB zQLoHhmm)8iJ+os7ml>PRC)|g@qLWBBhpJT;Jb=^$nMcpFvS?n>ixYqN@Zoekhqb7l zq3I$R42OCw;mysPHiZt*H#97$t~N+rR#R91l1|<&3(onrN--|!{I}CW6JhFl(>aTK zO8x}?-|d)L`Ka631d@XoG9JvKW1?rm0uN`L4USu9o>T=AJG~*6gn%x)$y+bxbNzxc z3tJ6cf-Wg_xxwjm4te-QsoR>@N_TDqB~xHFv=efmuGFZd6}gj-jg?*2z3;i>fa;Wy zFv)R)9{AkTuyM{3(lkxQvb!zlAAJM%W=%nfyZ7;oT2PR5@ae9ycbhr1&3$y2lBj1`o$7u)K@JDu#=HX+lp^+yv^H18Uxj?7Gj z;an3FHx=OG>S*$?ZglF@oFF?cQ}8Hx=cPu`Bke_ME9Qjfrakh2nPtO1VB=|9n~H&D zO67rGVeu(xyh!fDz8LxB(JEmg_RU0240~oGvvAIjs(DnFY${0C^1*!br}z%L`!nIJ zmR^~=^Lv6~6z4ue0P%yd7WEP}9q@9V2ih!a_^XL{dwXYR{{`k7&tpc~FZ#6TNA~o@ z(R#oR*8P@ud-WaQX+t@Zcs0=TyBwNtqA}T$dNyY$(Nzc`jl`wvS`t|Llaqe_J%Ckt zI1LS80C>kyK{M)oKjJX!H=jS}f zVAERRFrIc62-3!Piv^qnH08lAYvB^as%!3ME_YqFVqjVuZOUa zx`e(LM{neS8ERn^d)p8%msrge$yS49ysq@vL#*!J-SI-z6wvb#uY8ld5QD1djgoSy z*1Mwp>jTv{>uq7?A#KevL8o4;tE;7(lEPj;1Oo-1@P7|!x&#kCl6GxFh(+9&oAcZs zJ_fKCvZ{e2NP&$0CqKR$W1A;g6>2)#>uyKJDHW7ka);}Vldws5M}b@e zuL7`MpTB-3oJCk`G+e%$tEi^pz_`QEcx}o+Y}rYR{DA;JS8s7LfdrjcMm;b+%1Ntf zG`%u5wj2e9W@3R1jlm=sFI?Rr#6}Cea44wJU?GmH^Y2C;$y{Zouwp7y7rJED=o9EB zX0?S+TYU!}lRGc*{_DaU%@QBi1# zAL3x$*u*Yx>>U}QNoz*nC>9yjw_n;6qbv*M1BLq#?%KBQ4;}yo7));4y{VG8XNZ$M z@X*+_;IcSNc@SO^M?hjy+U1JLumcCSG>#|fT&MzZuduSRB@1@Dk|Oy$ubg0VXK%AOrkkXG zm^n<&%q$aDTV;VgecDpi@7!X&_*Sl*H|=$AvJ9&NeH`3~BE7INYSK>8-yhOmh_p%M z&Yy=PYAY&9`^hnvl2baH?Rd;jI{(z!rl`ms4^CXq%b=n$zc=9MeCumO*34am1-vr1 z;sC3EygmF_`aZBf@7r4GuJhmh62C=QO0McdTOsIW;3=}>PW4&3H=3(t#^d`{AGT-5 zJM&3}8~xfVy%o6YJJ2JB^CReyzMz7zh~04R3jm-W?7$h(hcoJ;22hIu3OfJ34#3>z z*E}CI*UPMM5x6+|VGRJ@4HlSr5JL0@(=(uMe`su6CJXU7FU;X-JDjP=kbDwP@S4u! znCvv`yQ(oSSAr>F}tZ+sd9&IC>}6GeS&JnRl|i zogH$jndeTQp;RxE`@%)(>+FVgV7j`x`b>ol4U}9n$Pnp60m2zKS^b5LH+7s9$%fZC z9()9RoT-qmsjP!4dK-~a!{W6kJc}qaRFoAhZlQY+gyc&8Q33qAG z{F}AIcH5)ktiINsu@Z;fwtOVesefyMtxdux63-#VIM+2s=K7o1| zGr52`)hm2QxTH@uj#%ss;;0)kHBsmy%whHE3=_D2yqLm7=kvBzm;mwfCArQ6NlG!t z-hq!}1undyH+tDFv1C#wNFUyssx&ST7KtRJ4g<~f34%@!^k-EBR|a^hKLQ1Uwp^l+ zbx-NHSx0_S7U)ID1&T2@_>`;i3~A^+>)L3&_)$(`&27!%Q*@X9y@*@dzxW-1iXci$ zFv;|~d(Nn!RnS2(Mub04o*&Hz{rz+ zfcfzDFqPPmli09~ePevr5-i&rWD%^VYA*u-=VXJHkjl3SCxpsQKP3{Ft!uz{@rz!O zH%d2e(p~ok;0{NDaVp@2RTfG(_W*GQqNbsm;YGJCD40u;KZYmURQ_Vh*itfslQ5P` z9-|VeLb^}+;{8eu)c{X^blI{ogi6NxL- z2oaCo>fs2-n)ej8T(C<7fNFE~Ub*AzG<}z&dD0jKva8AtXT!u!~ zVApGu(R-JtkS~^&DS+89?!wI%1ubUiaHmq5-0ymB#0wfhmI>oY&uD=+VsQ+B^Iuyj z=$3QleOV^MVtYfFuA8~+(DwN(Uy-GC-=L`Fs>L%4Int zTmSn!U|5Gym4V-5AHO;N3=Iw{`Z$T)I2KB>qK-&5r%+0UMU3x7H#~+v_esGj z>&Km#QcTKm=&8jXmT(TaJ!E(2$edptg8_ochm0EANd>oOZhFZxMVm=`O01+~&JswK zMsB#iT&~FLG};To?-10h+kQDv+Med41Q~s<@~Jdyf@A?6CXbtyl+&>V{21myz33vV zG=q|T&)GU+re+>9q9{`}V|ym;{6=#E%W>m!t%+?h84CI9Bae+3*JE1Bj0q72R{oO?>Y%jfOV-HNKZW1Ub<}NF~ z6i_w4uYf3%`TSgTQ@rz=7Yli8{u5WqfPdbC-#DAGBLS-La~?uEz-|3gf(ZYLb!k;f zz3Eel!MA8m`DbF;SYx*mmv1k=4W%TU8H~uCr#fR|al~ZVjcPpH+6LN0gPKF!ZupU( zB?a)roHkJ}Nyl<^AM1oBLkN)V-V#H7!vhhjdo!4l39ugW&ul3M4Havx>V3w72LgG@ zBKf2RH?U8Ya$ehXH|5|eZ-i`0EV3x^uWEV9fkj*v%ELKCbSQgET@V&u0X{{OHg3+fxlACq3ZF?$q_}X z+DC+?*FH@k6~22>SqRa7CVf@rX&4lc@wui%73H9GIX$Lyz}%vh zvs9(fM$o}souqo*@Ey`4dzfoMwdr-n2EK`OL&v28xqx^B>`q|@OR={mX;<5tsgu&J z$N7~C*>C@pQ+UsbF?L#6#ZE1bD{+*4uFez0OnaWb?Su)?V#?IX`dZ`R((1CPSqEiD zPn`;3?O)Fp97q{`17&R^a(QjlE7=39Pbj*JwDnGkdT}j;s7d4cR|lxV*ddk zB}^C67ky&+F|cCCi1Nr z%uCEs!?U{nKVZ@Jz8Gt#HDKn#%dIFckFS(M#<4Or%?!DQS6`6QV|u6fG{VOAeYHZ` znd{ZaCR3k?dRE$$Llh`P_+0Ax#h&_QGwKuk2r+YkLB!s;x<8YQACp8X)&A+I+sRg4HfveOa0lLY6ZW^+xy4xoQ2SD+5~ z`|B$xP^52cY`B9tmP;5CK|AW8x2kagq=l3gd#iO5&C=`pim~qJ&({8GZhmBb|8*0v zrx9b|ez~S&kEu}A11evm@-3?S5)=j#LVddfi#^LYRW*#0y9c;zt&OfzyYD9XQiY6f7 zQ{l;1w-$*0Z1s$JcpMIUX=SyXykMz|;_vV9`YRa0$IZi|{jgSB;5u9-&GcFK4Q}1l zNZM*;CQ_g~3k<_lpoWq#rJ~6S1IwOQB|_dCFE$|Xx1qmk-FCw?AOvS&2wcRX6Y~>P zB4jMy=9x7MnHNd*@I2eS?mnidJGlczG?ai)kAs4zF3{0 z8{}7Xa436ZrlS+4&fj*W2D;0Uc7AZ3QsDeDiSz*}L+~mYuW19Fa-1vyiR>9E7zZ|> zHt3E*_yUkiRvzdHf{)Jwj?uvfTa(w!dCguq)#OBG-hNVUp`5Y-#wR}=uHQHc*+;^F zd!%P0*&jtQ&WWP5yUx8I)us1=LX8-%JGQ1t_zRA~E`dkqjjQ(7ptR<17 zX~atj%A~B)()4ZqNQ0w02cJ9em1%l={ExO@fT~}r={OLCRhmGF84~a?DaA~KZ=TFg zR0SC!E>an1?>%CCe7xZlZ9HxK<4cLakX_xOWWc5gc{e98jeli6Q1YA8T>WNK`WB-M z=u<&1)nKb-HfC{}sx)AK zpT>Ja&R?R7!&gX=Hs|)GSmXF)&0O!2g7E!9uQX>ALL6So^ioPm-9~4x*?Y6raZ(Lj z#Y(fbN9OVrc@o?Yav~Kf5k5TQx`BNo4-{PunjLfbr&&SG07v5=dkD6Ca!>$Tczl`Bjrh?DN1tvvw-rZ-TkH1FFW+NF?s~xC;s*yESQpPR00)o_GF}W{2c>xb&3#B zO8Wi06(&MwctG8y!s?g4?Dzloenc4YPb7r-m39e8-GBcL{QMvNnLWC>`7VapbU0sf z;gilBMbrbPuOs;yZ^kJ6-0fvt8oE95Q4Wvc?e=Y}PwrCg7icijbgXe^27{n<5y5`J zWei#gGfM%A;7fNItzxj z+ZKEPoREm?@qnY$RvdO~zS%o`-nF-UvVsg> z?JsQy4V~Kq-yN$HQVHIJdj^cDP?Ws!_ZQtDH9nh)>bEp0RsUno z>H_6=m>c4aDyL>=ocMg9uv|ok#mBy+g4zo#ywc~r8=@7Ho*!iPGoR=+^x@nzi&jn1 zjF@&d*o?TM`G6xOIQG^#aA^mUY?pMjzx6i9WdlJumKbF!ICQ_)j3E>0J>V3QN26Z7 zA_ND@Ps;4ZnZ2rRZNb~Om&}8Zq7VqgV?uky*N-t@;p07g?Q5V_M6F#Avq2TlJs|6K zblkLToL#J)IpF*Kn$a_c-rk}c8;<(d_rZwuYMP7$25HAAqETO)Zv*D<0;h#R`>ieL z1(xIVjHuH?9mrK_|HF^v`W5cLd<)tyJ|B)7hgF+aG|cMgUO(Eb$u4#s&DeeK@2b%l zbC(>OS;3^V#_gWA>K&jMRFc!Ce!#&Bf{4WQoS5x9>j21CaCA&=7yb7^ri|;2H%UoK znxvL;^K(1CTRMqX`QA$egTD>q0nknN$58A^Pp%~PZ|~ChOu+=VCb|<^vC^#+K!-_? zImKVg^W_(_AAAJSYk}(mn%C9q92TJBzo{N`ml%AQW_O9Ouw|g!tW*k;C;eayN(sXe zz287J;rZyMK`0r^h7?U0Gy2hTc~yljUdi7#ZbDS$_CbQoxq>Kv-o?`8K-BzEhR?h= zw*+5&u)lVMdg z%=se&cJ)7CY5u@&mAm9yQNZdpglz zDF**zOEz{Fa~wtgh&KU%+1SUjx3?#_bbNK=6rjH41C}mM3#}iF&bn`Ah#~G4mXu(g z6(x99f7aCpS(!)M^Cr+q;j3X%M{{*eyOFed-k}xM%``^~C=$^8C@5Cx*)!=0t=LJ( z9sKb^-yNCL`tPcDct1QAM?BJJiM_=D!rebF`1&JT>F)l^8yn5jbDqfX1WMkIte|gU zY%@}7=-_cSuun6Bdl5=L!(;~0%>v2}G?4F7MVWOOZj*iIML$j<(*P$cbj zpCi9hL}?qiI{&^rQ=#$6sO&{0L{b5SDMOi~77MM3U7O zPHh=)tN~e6CMk2QXSKhjdW<# z)oe6!{F%dTK8?AiMVk7lDbQ{Gil1AMVyVGW_(T~mhzE{W6F%-U)J^H61dj# zYJ~5zeOyNRYa198L$oySuCvYgeSv2Wb1=VD9>V_<53+3BBR}|hIG!Aejcc`Yj$S%K zCFSMSq|tl!{grXDRad^Itm}?(dwqR<4`;VQUogk%kst67MnDXu<;?Xku zCO+qPz1Y-OI-KeC!~Z%SK&qz%M2&w}=@%;|OabZly36-pqYNPY|J|Qo4&GCdpi|P< zzhU(*qdj6qosC=$bcQ&^Xzc!3uYb(2lR~`Kbue+Jnwr`K;vdgN$!ql1)ot^?VfG$s z6?CQOvlcam*j$a5Jfs35x)3@UD~VvUclXV|i1uyr)YP>uKua8EL2VD~NuD(I$;ruS z)+gqWwRzw97vaQG_t4pJ|4qKrEYrH%HRkz=Oe=MxBcJdQXr`K^Rs#X(S#oW z)j%Vi`gZOV?2kv*W{DnrmDmMZN!HnoDzVY^+77_MGjKP>Js0pB;SBa_m9Y!yd;;Znt8a2i0G>snJFX*u`87{y(wk z?)Zyfx{hF`u>v)+#7^tecbKprMBR-8Oz$35xwp(4)jP6pY;I0Mrt9pM>J81iQ?#T) z19m>(foMC?f36Fcq^GKJ?$xX-)MbAq==_8QNwtzdQ(`wN3nGe{rzkQ^0SfS+L|mJe z{E?E^Lt8cXT5Gb!G|+s#jIvlbI5-%)wXq|6kQlz(xj$OrB0F|&cOss&X9Q^28f^=E zr&1SZPaT7#_D=#!D=R0?8{!;4n;%Bq)|53xn+(98o<*$u9GP{i__lVApi31JLCiQ! zo_lQxg&4@a{%&@?KmV%_JcSqQ8NEQWefdCn6UbC18+M(CHzqggo0fXAKUbNE2RX1p z;m}E^T~IbEMZa}m%#cBAo*{>BPi%744C`u1$CLrB)k1*pf`_Dm6EtA_)Afk}zpV^e z*I>rMppjfDYCMKoD8apU)V5?3z{LSe5xK*ZkYt|)8Le(zCZLl(zjfoW%PCzFEWft4 zcKT>`1Gry6DF*KM(t|q}fyjV{`HSCIFxq}JHuhEGe~GpOThor2{WhK6Fw+D8qF=+{ z?2eyBWJ6fL59P!HY62eUHc?4as;Q-AST|GC{@u|V%Hh*O-w5}Jq6wsv^dZD>G~Rga z^;6xpBOE!Ig}V>e!>k5gU&Dy0TlexV7Qt*Wpf1g6KiO^e9qqcVB^A$^8%W>=MaOef zBTqMLRubh&#&Wx)=ANy2p_9k~8<;4Ph&B?qY^rDTEi0fX*8@FAQdKwYsRe#m7E3gc4#&57ah(G zrO%Z#U5RDR+_5zZT54aqO>+&bq==79V-*->ClZ{ZZ?APxkTm%^I+? zl`^FF#1U{APEKW_&IDRpnqklMKXx$0(PJYLqiX|L#A(5Lzk4K zN?bz56mKqlGp^eOUbti3%j%HlLVH>QQ|EVULl*l#I1%?-?7-V?I-F@oPtEoXZiYf2 zI?i8fvDDMgucQwaHN^UoGfA#4hEHtPgQ!9eh5iAnVO$7aGkxsQotiDH+zwKE=b=%z zL$nWY?<>dGH9wNbo)@+;XqApO^O^5wj!Jzww)kxo72Yd*t1v0pea+V3xbcY;LoU9| zsM^lvVyeP7n>GY70}1Q7*MZ*|x|nv-=j4PIu+zIN#j=xfajsl`1pvxOgVg@ zXu#EyI+u_E*CxdaVH>HH%XMqgCKemu%k zvsmh3y?YF0&_xxU&Cj-T0D1H*B0#5suSS`qK0%fAqt&}omlbgO6+#;>($do_ju!A3 zhdNRXO^c>n<}$#wWky9lR*I9+!MUMm?sB23scF#B2`oLnwEuyEl2YWOqfG(mB5>Eb zs6k8xW8xU?_^igPO|LlK<_UEi?v01jAs6UfOfFkVbCr@Uj8EOV|EW*Q9F>q&#GyEK zHk!_18_f}NQL0@q+0LF7F#HFtupf0wzZXqNiFcXkczJ(x^4>m%*8WjRM<=;maWH?3 z%4+PE)c;F(R+$XmDai{e$F03~?OFqOTz%2@d`ktE$vPGb%Tn|JDPSE@0(QQ#{*T=W_(hA|r^|-=V`?StRf4`tTLY=k z4JVo)G}6#$?_0XxKLl)Xl1R?W&#JNUh;(crY)0C}=oa;!o?6SU$>(P#AU_%_Q0_wP zE`D8!?+Vzt&_bgYd{7APaLZYk0&ZL5{LyNAjM8Pvwt%Ct!=;dNn9@RQ=;`xEjR+^^ zi|>$xzI(w=t-If8zdG%->H7>7s&a0qH*(57mqnjYwH__BaQk_FB4b5@&Iw^OxCo@f z`coSd@*ght_{$(So2L8u^-%PpH|VJ1+rP*ENxeEa{-NeiK`)KPP?Ua9;CiD6qW+6s zOfG$rTz5F}T~d&Oza+?#Fx7k|wT%CYR#FLhEU{VHe+*AN-fpLq(h=j0UB=5;VjY9@$afiF;~buJ)b63n35YC_#FD=u?{CKzOjKzoqSrMs@;*njN^8n zDJyY7W~q~4M2&y1nSDZ`DQo6@AGYaR;LE-v(2J8ebN^3xp*6& zz??OZFJt6&CkTgzkET~|2f4JZZo2+tMRjL zT|j*k4xFh0j$8yGH|TRgh7p^9#$mj{r|X=6=^^}?GB(j z(j!&q+XQR^#|L@AoSKpdJqikn(r-C(04tGsBg@E{=f!gFxz~RT)NDvmwpF;<nGKk?>#;pkfN{bmjVD3r#~ z+*_2A|IE21G^hqP_=+^{3SAzsZo{E{e5TJP^@s2sdH@hr5BsjhYu@18f-Vm*WB5-}EMFz0zx%+v#hYpMvph++^@Tqj zf4aIk81*$x1`pg9C6@a677<3b1HE70o9&CS6HqZ7e9Qp!M%3|E= zq5~Kf9$hpL11cg62_r;iAfFzCPAry!RA308ns;_+;&(pNW{R~p(#8m7h&g@W&yHh& zu7QD~qyJ)e+L!HN<3?RkByiBJ6PJ)G`mZh;Y)0W*jQAp@n;JGB-!+x0n2KjT5Tqj9 zxQmv_9xe`38@BZ)WR$s#+N!H*=Eq9$m*(M2QccKAx!Ai23~e@MYH8BM{n5cOMK^%_yH|^_0+qcOD9jfPySdxrS>YhNufT700umeyx zTo7p{Ze4&x`paoJi*2eqD6_@>06BJ7QMy@VWu^0fYzO44)>D_iAgJR+oH#Egiq5oMMymv)NS=wYVvYKlG z8DX8B_x0NyHWY8NddDiQ-*?=HO^S;7rk&%Ww!fI05=*aIU;=jx#OVV2l<~+wTRYUy z94)}#wn`4BHBD8rxkPctW6$>tq7d-pcge6qp9nbHTmzO+P!!j#n6a zKYsIEH@S2Xa1kVR8gfw*Oi~};yCSFILKJ*{^2Bc9Pd*APqfN77fw|kw_Chv7hCr%# zsXdaup@H!8~1gU`wPbjo#fiWyG}p8_K8W0SrnIUz9D#tIn)V zU*&u-$9)UaHS_PaTQsi>Vv6%r_Oh!29254S&v6_;wd-im+ zY!liGqVgGUnB@hUc83T1_2yKKAerLgxtn-0Uo9|5%T2#fxeHOq2C+>nxoWa4|evwVZ&#DrUoRi6VOUP3(Fl z-Jo$8MfQ{%XngLz({{872!#5Lc*Jz2rnqIB6ZW79Q{U()%+19GS+4K5^-dXS^6{@I z27;9SLiq1H2Y#vrg7@R%O2i`?bsCSF z#~;YGWOgF}&JWbRjutYc_@zknDYC1JMD`UR=X(dJd%`gd(oox|sOG#Y_p;RPet673 z7dXfV(%)Cj8YU^Q?I^}}!UO}kE$M%@>~4g!eChv7fE0B}tEIWGN=DdsC;g3{b`~mpMbyO(tH_ zwbQ_uZQ{pj%0-w{bsHr%F5$x(@9QVxR6(mre!Fmir5Mh<`;Q)FwF5@e?^U`l_$kY2 zM(+1L0Y4|MzISrq{m%~NAA;iK9~<^RED!zfic4hLoH%E)9Pz>VJp65xm%vh0)KsXx IZxQx?0O5GYB>(^b literal 0 HcmV?d00001 diff --git a/Workbooks/WorkbooksMetadata.json b/Workbooks/WorkbooksMetadata.json index 881b10ceca4..621b0a92ae0 100644 --- a/Workbooks/WorkbooksMetadata.json +++ b/Workbooks/WorkbooksMetadata.json @@ -7622,5 +7622,45 @@ "templateRelativePath": "SyslogConnectorsOverviewWorkbook.json", "subtitle": "", "provider": "-------" + }, + { + "workbookKey": "GSAM365EnrichedEvents", + "logoFileName": "gsa.svg", + "description": "This Workbook gives an overview of ingestion of logs in the CommonSecurityLog table.", + "dataTypesDependencies": [], + "dataConnectorsDependencies": [ + "AzureActiveDirectory" + ], + "previewImagesFileNames": [ + "GSAEnrichedLogsWhite.png", + "GSAEnrichedLogsBlack.png" + ], + "version": "1.0.0", + "title": "Microsoft Global Secure Access Enriched M365 Logs", + "templateRelativePath": "GSAM365EnrichedEvents.json", + "provider": "Microsoft", + "author": { + "name": "Microsoft" + } + }, + { + "workbookKey": "GSANetworkTraffic", + "logoFileName": "gsa.svg", + "description": "Microsoft Global Secure Access Traffic Logs", + "dataConnectorsDependencies": [ + "AzureActiveDirectory" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "GSATrafficLogsWhite.png", + "GSATrafficLogsBlack.png" + ], + "version": "1.0.0", + "title": "Microsoft Global Secure Access Traffic Logs", + "templateRelativePath": "GSANetworkTraffic.json", + "provider": "Microsoft", + "author": { + "name": "Microsoft" + } } ] From 097dbc164f64d8967622f178d6247d6154e7a9c7 Mon Sep 17 00:00:00 2001 From: moti-ba <131643892+moti-ba@users.noreply.github.com> Date: Thu, 8 Aug 2024 14:46:47 +0300 Subject: [PATCH 02/14] repackage --- .../Data/Solution_GlobalSecureAccess.json | 9 +- .../Global Secure Access/Package/3.0.0.zip | Bin 22335 -> 23884 bytes .../Package/createUiDefinition.json | 910 +++++++++--------- .../Package/mainTemplate.json | 157 ++- .../Package/testParameters.json | 4 +- 5 files changed, 628 insertions(+), 452 deletions(-) diff --git a/Solutions/Global Secure Access/Data/Solution_GlobalSecureAccess.json b/Solutions/Global Secure Access/Data/Solution_GlobalSecureAccess.json index d13a3a72a59..e190ec20023 100644 --- a/Solutions/Global Secure Access/Data/Solution_GlobalSecureAccess.json +++ b/Solutions/Global Secure Access/Data/Solution_GlobalSecureAccess.json @@ -56,11 +56,10 @@ "Hunting Queries/sharepoint_downloads.yaml", "Hunting Queries/MultipleUsersEmailForwardedToSameDestination.yaml" ], - "Watchlists": [], - "WatchlistDescription": "", - "BasePath": "C:\\Github\\Azure-Sentinel\\Solutions\\Global Secure Access", - "Version": "3.0.0", + "BasePath": "C:\\git\\Azure-Sentinel\\Azure-Sentinel\\Solutions\\Global Secure Access", + "Version": "1.0.0", "Metadata": "SolutionMetadata.json", "TemplateSpec": true, - "Is1PConnector": true + "StaticDataConnectorIds": [ + "AzureActiveDirectory"] } diff --git a/Solutions/Global Secure Access/Package/3.0.0.zip b/Solutions/Global Secure Access/Package/3.0.0.zip index 73fa61b1d26794535400022ca124344f30a0a452..90c80c2f4c39567a73a752a20c502f1f09bf83ad 100644 GIT binary patch literal 23884 zcmaHRLzHO2vTWNnPusR_+tz8@wr$(CZQHhOcmH$m`+x8ze^P^7xmILG#M)JrwdJLN zK~Mky03ZNlogp+-g>)Vl5di@3bN~R*|3!@)Obnb%RLq4<{+ipEJDJaXzpAS;J;t&(#R*~6$?kvJ9og~y2lk?1j7BY9rru!M7F zmGF+1E$8pu;9ZgT>IHMPU8cY z{0FA-;Wf9Wpwi6oag<$2j*V^DJg-QBP{lhrf*NgIKHLWfZ-io0(+5i4(7Kng{u)dT?7;%z*-N6N9@m?E{uNv(`wo z&eXP@<))huG37LIomeFqpgB>5`?3flU9X+4l}yHRu})we6@tr;qho!v751hv@FJR` z_J@6#c@j_#H|BU<^D1*gE&WQfIVnZZetpG|JKE4ai`3^PH*C&5lUz%u94Fn~XeE?{3!zDIeYfiIE?iF71#@nUljv3R{xFyq) zoQvk-;5FW}ve*sIO*0&4_e>1gvFvT1CGOk9oRassJCe)`*Y{vxpzg1J?e32GY z3+GSIY3qh{Z);;LDYHEE@3r+U-k%$ss}>in?Ch79AJ%O*?0e|p-WfVw;_lmD3y;ko zf2?0S`v=P^J-q8E-R}+DZr+;GjE;9w75P`}V?Il3h&6`&(TOnf89#iwG4J3=BLN-gwIGOER#}-u0NSi* zej(^7#ZSfOR_#JPL@~)BZ&jJSf!XdVD`NmJws^LYFH>nP)$@uOMK*i& zDp)KXUMV4pHR`igCQ<~}pkXxlf$=K+u`$65u%2)%@m*6>Q14N*iMy^j+7Oobn-KKO zsW?OufvlNs9P=P&Or9{gmjmo!DUyBdp>t<=4{NjU?2fgqtAauM5}tdl9Au{p_3{DK-TK5 zmt95Uo+@k__IYjLa0lGaOXVV{TxXLO&V7VZBgLGz&^gk)lU!7*CDi}E~tpeJMH+Ui6@njGN^6}-0lBU_Q9w9RD?$zt6$iftTe`tze^Q!pwB!}Cu!~Ik(UNm7<2Z~m9hd|PK zbUw#+56_eJ^cAwh>^sFQvU7l;rdi;MzX@3MV8BZFQ4O;9VU^Eg_Tssva)smw_{So8 zALJ0hvPtqH_mG$I7X&~&rpM9WrEyM784fG_a5?llwYp$V7;ghPY*&naY%~E?Su?L2 ztp;1R66Ab`zk`O*Uut|o@s!;B+4&OHL0LsRumy%)5g-w~0oS4|T)~Z4@#$<}?5*JG zuBcu%uuvY8TOQs}srFGhOsDSo{KV?W5o{S`U5nwfC8|KmOe?Y=0&jW^eg-I)_?dH~ zW8gI}D*4J=V{F5~o|i|gTB z#f09A!2~irB0k-^sCrF979vt=UC+|$RDzwI|KKu=aEu+Y(mFw~?kr@0>dq*oB6%fe z)m>4#|H>%PwiA%Z@Bap{02hXk6J^WOT5HzGh~}_}vvSMsc=ik)ky(lda2jnMmc0Zy)KZZ*ZL~lTP0a+r8KF6*R4~} zfMJ#A`Krs5y&;Wt(hHyZ@xzb4KwD7{95)Q)KCY({bwQ)aeV8zBY`;*OF`{l$ zP-%e#&%VysJT9*h%{yuBN=Z)<@T;aSRig_G5fT8trL?Ax&A9$~Ee>z|K2H#~@_Y7v z@mIu0ZlaE0*Dn;w0~Ob`y}gD)m~rRzNX1pJOBk-yFoW+w!1o17aNm?a>%ai`T@x2j z5@2&11WT^I8vPiulB%^N8yHwv#|ZHE7~q_uoDM+ebKU<=CCYz%j2(-rVkAc{LY>-xQF3O+Z0VV@5J$}J0o-fvIjKJRSeo= zS;n}GJ6c2`!+g*e7~o_lc&)1Z=7$4&8O8YGFr}Pb!X)mC5w+LjDuCZBFh>!CJvyVu z`htY_x27ayMiCsm26;!9#{I?+BQ*ofk!0|W`yz&87F=NC3^CZxTUd1!62itHl@RKS z^q!Z#YjbIpdsCmBeTG?N@^riDpO$Nb{K?l6e;g}D`I}Spji+;9UD{|$^@Pae@Ga(y zVv|l)_kao*lWKn6iHKAtkY!Y82uT?X%)TqE0`M31L=3$9O_gSLMvmrq$LgC3ZWQ6e zJ>TZNh=4%F4ZqnZ6lW}q)(i%>n4P(Fw_qZ1I1t6pKR|8S?&`rSiLALlgBDyS22rMn z`O<1br3$_CRFQN|*wqo_)SQbzmSP5SG%3Q-&<|VB^ithBdvc4Hw>Q{?i0&f=ZCPYw z%ry1A5vo4Fgd91*%v4C8*1kq)xwIiYS^w$hB>@^iX`iG50bxH1AG5HykUYVmfSU2F zQTReLLgHlVY$a)>JKVIr!FDb5q5h`q0=aahsT4B%0G~J)w4L?mL zHyBWqZ1{1L4JAARh6KFL!ic18tDQ|dN4gK9O+>velu!m?lMT_0U`~xT=aAYjk)|HR z0i%2mln6x)YANWVFHbv+02~@SFD=ZF3V?+qo+R%W=Sv#?4?9+l5aU#wRYR^IYMx{)kb|dG5DwEE z0t5K{UzGWV4?SR4Pk2aI)LWbE53?|U0O62UF}M%7eR?=N(5;u$^V-toHSn~u71UyF zc~h7(?J-II)?a=BQ;EYU|IEExT1*vdebp-@JWzc26o|1!NL*iR27*xJl40jWka^?I z+4CBoT*o^<9)=h17V*-kULj3)V&saq{JCLaWgJ1n*=;49&)kHqLjKczr1^Iumo0R0 zzdXZq3-ovTK(~B_+z5X}#aVE^IErkp%0m&7^R96hi1xfVS;mBezul%nkDs7Kk{RkZ67Jk%S zYCx^b0Q`POzjiGA;h)|rQIYr8ILQt2<6}lmr!XiFp_S69NFFFy^VXCy!W$At{Jr4q zjf5ktg0bvw$513Sq(j^7Oirh5(rjhGY-IX#r^4+Owk^`!6Nr9M4>lrFxN_V< zz;vmUn=sod%2Q+ZGFJ>H>1|CvIE@Dv;OX&{+(@uz)Ldf>$Q7k*rGp6hMs9`&jWfB4 zV`_!q+2D9j>T#M(2N3fnlu=~#Nf&mg@n700)ii>*$4q<*n{Sjx>rg&iE#IXrjG)&>Ih%R2NosM~0Wv4p(Gx^@L57_Z=&&35-CI(v<)iu!#**5UpW*u#h`?i}JbFWI|uJp~fdFw2~AaG+@L+Zc-3S zwJ9a-Oo~;DI{4BdgJTDyZfQ9nmY(+w&+|Y@RPTM&L_9?SC!yh}wZ(<>g6dOsEtGAA zgi*@1V3Te+9LGX^D5S^1f4r=@Im3sFM^MlcsA*F}b5L+M5vCv#4#eq{Fg9Wot-&&v`;@Uo($3{ zCc{w)TXoQ`nfj}gSC3e;d>uLnIURjDq?N$}x|E~pN&bCXa7CutY~>Gd2)&t0mbD6H z{nJD%rkl@lz9Ht~6)0>wUiitpcZa>BK>>fbg>(cHa| z%4VPN7Z8cw`VT#SsrEP3QW765Gr>D)dNJu+)PO!br}9e{I!S}#F-R|q00@(pqX9In zG`+WP2Md%Epg!kwCPazRGO$D>CLd`*^iznVz96T3a7NCg<4r~yDP{5~@cHJWWe>xO zRT**Fs+dV%%n&-EPa4Xp2T|q+T&6vOU|^X;dG~-z58?X1l#C!GCZ!L4FvMWjc+r(g z0$4tNl$AMumd^&hi>>tZeMbQL&4(Z%O}!x(bkKPk%7W}S2c8QWDLXtVfdbvElsg-zjx2(W z9Q^DuqHsVnv%d$lfyThwqM^&Ohyy zc1sR#Cs8faK3cS&Co`HS4@N(f6UWs6%BKV7BVw@{r0>yxzVPJ#*Bqz^IU&wd5&+<6 z5eVSlI0(Snz}!aJ#M;j4-!$ldCP3c5E{CiMH@}`UJ-~u}(&Y9Ii<>6Bu&T(`=N#cQ~JPo}pEKJw~5yuaWy6B}Pgd7R8dk$hV^*wdWaf zEN_8-_TpKe#bTr+^fJ9y@3Z`ClTd9r)7fi&x7po9Q4fUG8H_3d#M)_bEiVe`htW|L z!D1@E%s6j+4MMyI$^BK!Zl~E_pErlsPfb_cUi6t z0HJQ8+o4R@| zWred}d|bRtE-*jx7cxI0tT8(Bsd@^fnP-)lUA14nWAy`1seZpDQ51V{IFzL5h%Dbd z3%?RiF1*3le>w}ud$A(SJ$v%cg;nmwLLPQoV?O6I&Abb7lplMOH{;jwC`wAtLM(Uk z#{4g%G#=DSCDZ)vQ-6Mr^wf{;_<>N->ersv-TwN-A9|BgclU z&B}MMuw2Quec^d3_PCDr=a>;|mM&7e94Omrx-ai)(hxXrrl!Ct(+65&ug0;n0t(G z?miarq#mv*>YtUfm2?)pmE%`g5MaSRI9=q{Z#v+ZUHpFkkYvn>aF@zv^&)wK7(R%3 zs7-er>Y&Wg%HzoX&|Qe%-s)Q>&XPluUS48M(BI|F!SJy}RZ&H00*Zc7^Bp+&U0C*~ z>Q?%fwrcigzhLWlQ`i01&LXo{2A0=BQgOJmoF(-#CxLKX&z$)n+O*jnyTK)7F+Q(1 z9U~2Vt~Udfm2s(R=s7B+WLdo`j8;{q;I#c=y)|Hs-k*IR)d zoQ?w=GbkNq*k}xmAfnjoTl1D`S~S}XO38sG5U#lR!J$*(&{1Ms>r=1#T+W_lSKr?-^UOsP1{S zZCJN^MqFZdw8)k9ktv1$>vEN9Rh9=yTT7v<>BXR|D<0jUox`sy z6N&lTYzralBu|xQ4I2zj;JYa`1S-|o?Q<6p~3Bb#X7wkTWYf$%c8W}d154Qm69#Spm6!grF2Wx z)4EW}cKLF{UKh>Q;x(ld)?K5^?sG)($b>;kYgNmm8Ge!t?Qm^O?K6-OYmw5(x#l8T zw0g(t{9j%aZ7b>5JtxuYN*Dgf)o^k43w++32xm?kd939#uY9Sh#&8X8W4#4`tT_#}%M#}vugY?)W22i=XFIp`*yKU*CPxY( zU8II)Va;k?#F9Usc@y@)n_zXtu|>CvwW~#7%+3_gwzY*=>i;w=^*^<6l`U(HHmxdW zuA#Af&?whh!_*B~En#=3l&Eq&cTw*w)zJQz&Ha{`;;~7?l$MHSaM@#)c3+FbYW8?c07gzU!9>%a3A> zWa(Z%86=K(b{>MTaIOjCR(=pn%!1J3`nc5GUA+!kZT|l4t364B3`;qt#h0i zym(geD2#htneDT&k$c*A;`P)G7z!M!7pCkyqOoqO~Z>?L4HPDbnZT z?BRjO2VHNyE2@HI`|hLcrdX`DJ&nY03}$z+bLR*vT#njRBwaJpW{Wv=wdw|D5x@CC znt#Ns$Igr)1CGGI2rMu?z)>G%)+ZUKJ(-q8J(RhszSshIDC8ir-+zQTDo*4AD-v`6{gl)`}=I!$9g<4iA)3+ytE zlBeRnm#N)f%v5UMeuo>DTUQa|T_{pev3TGtS0z@ZZ#DIP|J4D3;S#GHAQiPjxn_1w zF`zdy`rNQeS#|+7Q|p`u%VRf7^><>ymXSUOPDUP6kyLl4$GaBb#`Be%3uwyAozf;@}ce*zkig&Ou9os@HD1 zS-3L~7R$aDQ@%mn`O??iqx8+`q~Ae9`XjR{lS7+kxJ!RhZzD#x5FTPWyL8zNFMbuB zwaMhO1Xv4xq$bDg4iWI$>81UTE`Jm{B?u0LsCx@%*8jcWW1HSJv~uucM! zltVQSO^_4~Ly>W<;&lo@c^!q`m&NG7jD=~7^{hFPSr%zp zhP&EeA#dr@aMoNAU8QXS`!Y=(0n3tTtgiVimtZ{IkhO`fH0wIDpg%@8CT*j%AU-^n zuy!NBQ(;lNRrRVbUA0_s9229XfNLgExL(=PSAt4>k6S`3ht{GQQWwo|HYG)>*YIbs zYvk;T39F;O6ho2pNGJ zZ7F>?jk`)W{bh8`F5&|Ac(O7Y%S)Qt%c5ITPt6kyjCM+{PT+ap0kHH?pm`&RrFr|D zMFEy_Ev^%bn1GL9o@yEw%cl!+Uy5}2Y8$)0>f|}|rO4`D&0v|r*X!l-^-}Z_1I|5A z6BP|tU)$?tv2t|u`49bOj5^P@STMm(KP6l7j2pIRdew8N`Yz*1p;qkSKjgZY=x6hy z)*%HVpS8HBq@og_-~r#ozkXn`rM!r`HXW|reIIFRx#bi1?!M}o+MqlL41bhb4o2@p?vBPV z*G1Cm@lA6@!zS2?IS8r?xBGyI=KH1}f*%Z+_wHo9oMahvd?gY=Jb5 z=iOh{6&lRPl8Lg~u|vvWmR!oBm%7R$^YITc{livig`3w-BtQ!K0L3+5X6&bHJwk>d zA&bS?Ua12RPSX48X&JnhK@onVP(5zWXWP zP634#*MBYeUZ_j<1-}PV1@+OuDv0tt6g=~Mu25-Wy#_Fq68JZ~fgyGC^pqs_ICOgj zslLi{BnOag$c}_s#mZk)FPhj^WuyJ;SJ*6=4^_T{G(u|^GAGwK*f0a z-6qN!4(tPVKEqvbv@Ov2D$+Lc0VD*!sO(F_ps)r1|STNJ-_b*1Z-P z->Sj@tNipKv`0=S>!22-*VoQ`MxN+r(|Q|?y%YtNhElM0518;X+d)TWbNx0K>%TQ0 zKZ#PfR`}sgAO4mx>u8MhgMVx{po+>it;^c&n^rerLlB0nwa4UE~ ze}-8nco8s3Tmkt+yS4N*mCu9wS_b^bPyxjnLMc@k(h?xCWQs*W|6G5*Vjy`w&Lx|6x{Sa}JNv|}yD;xBeWcH&&4@C`FR z4T+-{I(j9~EY0Perj^#?OdvzL2G}}S`0S16X7Pz<#%3riDpJQgqGq-L|C--mCUMPk z(ddoohS9K?;D-F#eRtv(tN?J&o~7ja89RDIDP?3zuy&dX@G?jTqE&N?)fG5ZaJv-# zy!apPI68&5O?0bi(o)2~{5wqj9}-{s@4|WzH9@@#XlhYM2PCNbHI4596~yS;jdY1Y zg@#NiniSBbKe_@TGb zbrVoB0g-4pYT`bW8!;VJ0or?m^&%CfhFA{`M5RG^w>?3xc|3e25^wOne4p+d_Bm9t zOi71?B;(2_T_OulJSylSQmm0O6AO$33tmG54OyJV#yLTpRi;pPM#`bp+3|Lm8g4Pc z6F~RBgcLuKA|c!wYrq4@MF({Pez3{ImnXLgbs=jDrM=&k+K=xZEW_@m^CSE@HLb$^ zC0N`-2&`+wWcwRtgz@(qBZh4*Fn&WXEFthEbErJ6P{(VOoYAb8&no0{ZIz;w3JLux zW-l0m4`g$(CL_HaOox2K)&aB1?I%EZW3WdpNrK1v!^sY33-(}hoovp5-Pbd-kk0@@ zn=nb}04}fJom^BHrY4`)sRDuHcP1nfSFa4{NgVrftwVn(p4 ztZG@Kkh3LqiEQL>JT|3&ED;9zhni*h-tol-WwT5rK&ECmxe=>u*2+;3y}e(w#l8d{ z(!_EaIojp=gGV(TaAL~m5!;%S>>5kGZ;ro=F<#PUU^LHE>(`_?B#8+f@P>)7>740F zef&;4`G6LDnQmkiXEVKJ$VhOi@?fzD$b{r7-Pi_eQNtI;PuanPkmd}E`18WfiSq!n zE#1hr_$mit*L!~Z5(Q+|-_F~h7b19hO50bUH&TKK^|y0SlHZ zMa&X{1~G^S(!BV}9h+g1>#&njfrvRTnU4dz>#8JEgqGcx`%(>C?`j-fJ;ILpNz>|; zhhU^k_BaIV4K)g%2(#p2v;=lW>Wwl7R4cT97_b*e&$ZE>3ut$ZBxa1Kv%Bh}oYe|H z=9$>^(pkVr=iaMC^PyNipEboq9XuPN*0*RRlL_oqzGx)6OM=@SQHU187-aeR^W3F*- zBH9xStT{u}ah6cs-auQVp_UEi{>v(sS>w~=OvmCSs0nHsa7IRvZh53*h&I+1Z!Q){ zH1=wP(vP?T6NAu8e1w@ zd0|mJ8NXFSqnn zz>|{UByLMJ5C2ub6l261C?ngyMQVhWeCCjE%>8TQlrvVZbNBJBnPuj1_DDyt@%qI5 zYp=w#qd8hG?&3#4#3zHhycX^BNdzJ4dFDLV2s1DleAtK!S6}$+NLnX0n6-b<#tt>- zuL7RizRpgLU@zXX#LqAxMo{-!3i1yV!=xl>?H@$bYFWJOwd_i}LX;6{qVWq( zM*15eHR6aU$%xS<5e_$0M1vXhi34l(GFJp=3p5d2+;vU+aldU!B`-;WR1I4E=3n;< zBOBS|3Sz!Q<=1P+J4-_5YlwA(Z~_{p43PI82l8_1d54gY`DjnD=*yv=biH^=?F_gZ z%y}}&OUHJGGu*(ZpD2u!hQrwNKIT92X&>UnrfbAjOUG9$M@__0_sVG|ZxN@KHF6BJ z@6CL1e?Js9eh=Z>Y}6ifF0IrM!f9URJ4T znRyCgvd^W9msDl-@TL?6?g3$wkp=oOi8Uuc7rLeyzG+Kpv?o`s-MBT8;^q%Pc( zp^5mWCnG_0o4sRJBBCNuEXK{E<5C|B(qk-QI~leuy2v}*?se7DO+RAdGR9t%;aS2> zG@~Uc-nz7BJD(s+Iadl$w$!Q((Yjut2HA`+gx1a}KS@BC*eV3b(+^3%01{)=p)raSLWR4EDqlptW zOitsla{1}3*|=1pGB*I@_GP6OK38nlnh0`cBe9wSyJHvd{S)^mI<(|SH&-| zr=k9L9Z#KBWEcTfCzAcqRseP#3`7b!$qe}#=-M+iDgC+N!;z0V`qXq^mzvS&v$1` zR=Kb9S#_kqn7NUcGyoUL39L?%0_EVzl1tADGxFBtWWR;lxA6s~>eY35 zBXFD@5&nY-db06TbAiS{r)Z7CnOe$c+rzUDH0c;0IrAjm+CUCOHd`GKqb~v^@vr(X z2ZP2?oc`Edh2s}lS|~sJdBEo2o^X0)#b3=|{_w}ZEAfY!4fl|e(rQCS z%5kp6KOVPnjBNk|QdeKE z&z}pQzXh}Kcs-nXt(4RPgtz`r&Mm~Ad)f_@G|Q>uQ;Y`lbbPWh-l*?+Uf}nISNlgG z9!A$n6gGog#7ahYD@~?5g1^p%e=scZqG|sm4-wT>Ncs{QK&cJjjJuv|&?z=(6DN#l zpp>NiDK(87(P30#h7lI!yu*tQOCxq!F9IRVxU_K9nXC)_DI>m@xRGV$`}w(~p?pEaat2XO^cbA3iv40q|og&>3pNpO z`e__SqDP1&AEW z8<(onHJs8Xf@o7wbWHjX($mKnGxHij@z}#LOd9HKYx(-G*|vxaXTz*QNe)2-sZCn| zHbHS2JL62f5NU_OJC+8#nBFOC_Pn{y^#u z!l~iFN`C-yn!OJ$hrk5@B5@6I{0K<~hA}vlgx;w-*@HaP{ms~t>44DG@nj)tly{`C zfNUluoZ--n`qdv@@}r8skYI8|(4*=8`AtD?!so3T{Au|KDqL%m`Y(XiBkzrhNu#tN68MP0^StSLiTJ~7G`9-BT%QW&ee$02;QAgrjW19 zDED|6q~e6Y52;=2F#6^3q_LW?heO!ws=D` zxnNssw`#zigcV+jP$Hrl?!wPc%JJUI zZxJSD=z{=*aFq(Jw+2*f%hpRq`@0Y%^ap<1;D2$z*VhD+Y2WyJ)?rw6ATnqj?}7$| z$HnAQ0JTl`RXfnw0eg{Wh99&a<^-dX2i(;R4C>l4d71d0a8m_u=#`UFBw>`4$(xkJ z812K~vQtY3qx+lOb%0JiRNW462DJGb2pi_YLol_|W-z82X>mm7a`1s+;s^%&?IYQj z*&Lot?fNk|*N)Hdy}u*-&`fHiLfMQ92xXjD0cz$SJo#(hujwLX*N6k7ywNJBJ$N#L zAIUtVB-?DzX>Ri3039Us=JvuxKl_CSX5|+Axp~rzU}j#B9A)iLperJDZ#@Np4fN+K~N3SlfBR-G>6T zI@%P2tOISOv@7^+g0^)>@44tUH?X#KAH;aK_FZ#qZJFD79=q^p+I7|gY}ugfy>$C+ zI*oNe({Z2~wtE^`Y^Ub#IQfID|IsO1bS_On6hBc4X-|A0XPhu3C(S8^b7X75J0Z;v zeNTn%2FeG2dk?v>Iux8OSlpqj>Q2ago|M~)<-)Bz#Gs2(IIcTTwvBnx#qxQuM<5f; zlm-aT+Rm4n{t;P2$KgJeTkP*5r*TB15t$?1aSQoVI9%ZK#Oxq;?HeUOkZwpdkm&p} zOcw-iFpwB%l}7*sZ)CvQ=4k`eBW=#<<+zR?@@Q?5qD)GPJ#0bwpm*Edh$)OwuM)KD zKF*6YH8#6eR%i-Y4;5zfyEDLfAI#L=>EIR$zVL+wjO3B<2ao62V!z8(9v$x0R*ZO?D5%4Dm*Guc;8NXY5{Eg!8CXeZnynlDP-was>YsnVl&BgFo+9E$85k%{Vfr*3 zM@J(9fUqyEH^~#cp(B6x;TXCYerEe0?pV~!1a2urae}c1%Alny(DT=^6tq~_pb*i? z=FbxO*0p;1qKZ<6b7dr(h@@3!3JB&<(hPth!;G?g^$b|O(XKhL*(3XJIBnve@6};qZHJPL?}r> z5ztXbtvZB+t(Fgy-CvZOD2S~s0r?0GToEF9Q$rQ0YJK~}U6_EY`n|;~gROVm#tcNv+s zOWoRgeYk@gdpP$Uif*UqL6HDlO<^^mv2E35v%*B3AX#_73iHva~fV3p8G={IG1<%*GKXL?1=Tyc) z=JPugh~U^$B=}Rst)85UvuzaxQUf+SFXUiBK6_gxrh$VPQo3d`A*i)^`5iTXU^8-; zK=hAZ3}XPdAB=YILDHceL@8GQ1PKHkdYOSqn38adGxZ_pVQiR9COan`k)b&QGGLA?QW7Rtc|chsjXaik%T=PyzZQWSGGj%5nJ~&MchXWA zm~}n8VU^xU0p~94JNe!MtaT1~%qSaSq@?y-&20pc_D+C>#s@ zc%jc6vGZrUEKF3+9Lu|RZT52=)msJFlZMcCp$MA?&?le9Y}) zT&$Y0?Z2#!Lk(TWduG4_n!2!Es0cyAF#G(OO(eVRpf&#hGLEvvG9GKGPGXJC|asKO` zm7$Q^`Kz}3`)yamseF_xQ|A&;LJdcaBU|5f5kz!|<(A$YjP8BxVg^}NHV*1n2sD%W{Ykr8kR#2X@x!K?m#GMN{cE?|Htu+kWgnvg0^RXRq2ABsiwE zFQy&+NA@&hQ$W&n3i|QS0piYH!DIH;9W7vN@v0FY`gakC9qdn7mkjT~KiUVVJ-p^a zj1-B4h13y-H|`f0aAbOC*dIS=se+RS>$RYmld%R=FgSi#E8KPX#yPR_w z3N;s8I{zS6zEe1K=r+8=ee7b(Ty>C-}xZR&LQ}S9KG}7{7 zA2d?%Y8^bPd$kOkhVts^XftrW89UvLpY0{i_mdR{%87#KM#1r7;{JPH;`17b+yae2 zFPlIm7?NV$048KK@G*rY@F*4X(uns7h|umUKF7Y*wp@;Q+`>$42RB_I;gi1?e?RaQ z%qi|7nPQG>2i6=6`HJoicOYGV8Ww+qcwYXP$drnC`MX6e%x?~Wy2vBsJ-S?*r(mQ8 zglO;+*YiEy7D)>SMN7{qy|PcQU+vVcQZ@Z+H-|9*CrfR#XE}$wmChbouAg7ekIk9i zzo)-qh_3;3qvc>U#FzRs0@Y3jnX;ZiJM0kQBq1vkua$AU1x=DcmU81Z2=s}RjRz7F z=haX24qe1r!O%%bD^6dDPCf`96KukFSbMyMRRh2-bWgf;@7<2}m~jFs((Y@wRevJI ztW7;lzwD}GWab4WgZ8=m{fOm@y0EQ7ZEi}QlOEW=EZ%7JJkXfOdMEZGPw+&?sn;0u zlD@3p!l0LBtb8wjzfA%5!QaST6JFegQ{PWofS^@(J#>f?sXnyE^U&Ax#7LA=pH{?l zfFFuA7KutqQBs#DFMl9m>ZBOwKRMg}N6zO@B^UOFEo?-xozRuk5+OH z2&DUZ+@w=?rqp`L*-E-B@6^=+wZ_ICL*QeiO*6KR6?)UtBd%~5*vh6_QkuDZ|DaAC zx+FOA)w|T2+4UdlP1MORGxAiTG)h|XCKx3oTdTvV;G#s;7qJjVe;P54f0vn=O7c^2 zBlnoFBx2f5WQF9CHDe2uuWXUP(r-X$kXi#Me@avHmw2MJZ5%?T64$6WE|g+qX45@z zdd`4b6wWC-V9Ujjo65kN#%HCD&V?79(GBgWGmA!u_y*6DaamHob$7EzV^gD(@qfqo zO>U0RH=%Sg#{<0pD}$VWdsP}4^y3k02H9gpvdVPgD_G-AO1=Y}mg|Om`@hYqI$yDx zwobWXc|h5nu0*ot-#B#=@9lcu*cK_vcjE6jCL{`nQ2^QB>{6RF<;qRlbQC6n&TW&?+SkO}Pj zBZn(F5SJF;K3OgDphhVc{335W%eaU3=!bJb?To@Q$@xHF)$)b!rHhI6Qpzd`>b52H zB}0AoLQw=Kp9aO7ej0}BsXQXgC?1_fQMjv8|KiNRc3jsqvjkmaF&hrHS~oMmW(7au^l```Z&H5kHK-HS@Mh{_Q7gs| zDAL$(eJAXW+bj;|cX9<$M3m6dlA$NR(gdt48BfB~a7CnMaMSe-d$iya2?hYl0f+xn z$5{r&5q)VNcXtgI9D-YLf+kpi1a}QGKya7f4#5Wt1cv}2!{E-~Fu~m!+}(Hb{y)51 zTf5yKx_(vNx2m5$ee3Dd=boPS_if2(B%|A3@G16bJ)n-*?HI+PRX`n6N5qnJ9$#i= z0g-W(@bAm9gZUd41snmhW@Hq>Rmgd1?d>Sm@zCf0)$loTr#{53@d7{&!xiAV@%Ry%i0{WqExRVzsj4ya^M1R@E~tq?2pB z{idndcQOEh1dT_PdFLfjoTYvM-^xl7YvRUzdfbUqCm5e3@t&Gy98I|{*ZcJ;UPqeY zD8}LLb+4c-Fi1p2q>cF!mh{1)%vHWbU=jP1Nowp~>zkG}P;ZUTm6<-D#g=kV z7nM(0>a+|{GB}rextm;BJ(OCRgOB<4El}A;?lxd})T{LEG)fE3?@?SRmBK-natW{9 zA1=YS)w(KQ1hg0Cy8N-Wad|PMxI&_F?(h+5C^cavl4d2wHYBB=mXh?4hV#tzS-4i+ zUpT<~m_&aBsVPfhdESi*2ifX#V%2lS5J%1B={d%Br`i)d$LT+o6}o3(Nt?6Tt46%= zhS5)F`@YY%7k0bmZ9cv_-DVB8m(q0r)*qC|_i(}se#vIqmg|rC!Wd|;wJY(RRzECu zODBamOVP~;pN%rVXezcZ*`?4MW!_lN5Jtm?T;1KpWdxq-yBxb40#i<6@K~&v_@gVm?$Xo8y%|OicEP-I&)!yYL=)q9ejH&wqz-8}nlV zA-4K(l-nCwCk4G}a;8z+W4W_A+m7u1l5T*bV0hN5 z`1QKq)|zir)PnzY|B!JBwl`#Mo`&>MBX6p}mhfx7$6S;Q=mf+tas9_UgKW6?KvFi< zk!6Duv5Udn_tmp9%@n5h*^{vg5vu!#LK2zw!(>|&J1|E=No|i-+ZG>fD@`=9@D%@E zr-~|IE7qaZz3l*qXnhviT);w;7%{vErAsR-ri&M^A^DWv1MQMk@RXRHg%EG4>L^P= zuHNtR{>+xNRaSay0kYcBk#~*UBjr9`nA3rZ?OA^;KF26 z1z&9{hKl#EKT?axH`jbO2XXQ>?vN&N+RmlUCd|V(fQRKiWj{y6ygJIybTo&bMbJIR zw|nl*ZY0j}(L8sS9WlF6=eXU95L&Qn{W!ahm*62#>jzSMO6Xd?Xlz_`x!LFTYjyE* zB3v@&Ts!s)Y0=lglWauXnwk;wh7g>x;`-0>&sh9ki;jj3BCmpu(A!nUh(F%WKiVbq zM*!sP*-|?&e#mBaKlM*tD9usD)5P+MdT?1RvP-h8`Jlv!KMN;4RfiXY#z&+FspCJv?FF;8FnFb0$2%I#f=M9&7r zL)7AG++4n_KRsIP-;LceE0${@v>MgXMp%iJ`HFuH-lR^Jn`8`8*wM4fjZT_(0A{LQ z2>EIj6PWQb6UK3@s&%K)VerYPbsB%wDLF(+p`BbH(2p`8;K%3-juW|JStJl)i|7R4 zxH~l%gzKK+AytD8o%D{nLS`0V!81+%dUSTVO3z)vGp(_HvW*A^@SK&51L7Y5Gc?-} zRE72DSAFynU!%t>9xrNuahr7_IiQ*+)bIdx$(P5)!L>f=tHx7-iupLtcco<;+rX?|w{kH)1l9;&uG?hR14! zdSbb=k3k@V{dH!BtL(s1rEGfhdBMZoiA1L!rn8hy2qYX|q(J5rLxy4CT4`hvLFPwf z8d8%T{539B{ma~SgifJTMfr;l0spYQZpj0y$}jeTWUB>73!sIeaDn(sOZon5BsoV_ zP?p?{+foUFEJVZF-_k!D3c&R>sXrmHk43t-!1sdZQl*lP=>Mj2d7=d(1=!4>rN^L8 z_8V2~W#hl>m?QzLkZgF4oy;T~vC+r|e|`> zev@ST(1Jr!^1L>aeh;hScDt)>2U)+mL$7bxS{}yk4hJc~6wRI3tGErnI1N@CdZ|1F9g7Z#aN&~zegHt)U<|4xFv6=jOB__4h(HwyG432Xb&naHi5pl4>qJ6NDe;_d@C>+-y3(foOpYpgdw2zr>HNa4GZY&~q z3f#6TZ`mx@(9oFPP!t7^7`*%~G2awU83L0Sxnf_|LbO2^g^z)dT$Bx`$C<;my;f?> z6w3Kr6ho(-#x)>SCOA|jAJ4%|abF|AfHLM(YJM0^PsMS5Dg?3rjcRC$nUNs)KknTJ-Xn*iHHty8=6_P11OD5lum1+k(vD$SYiuivj7(5XKXL9>E(N z5`GaZWCinrx%bElfa%{AAr_KT*8N<>7mZDe>Cw}M*WTR3qYCNKHs)E4>@;_7jh2AUm9{7U+t30NGK#HFz)MYXOBbm|x*BeeT0uNaGMZ^6CwT6!+UL}^?b zke`+lUGei(UMNJgq7L=%aAy5BNY_nl1J2$-<7!9B6nOMr^4O~KKM>KdFC0?^l!cZp zJBYls;4|R9XP<$6TIg{QtKmNL95KKZjQXjSee~tk>qtuoe<(+RR{5H!T1GWaTwPNr zvxWZHc1DKxert~UDZPcC=sm`Qx?(4~I%k9-$7ukY*LVM0`eu0%SGnk4XtC3v}9P?Ks{&2%?*BfrQrNDjKHP_)hXJ* zfI)XXyvBh<2ba3;2^|ffHms!>A!N>~z}s_0JC&IGx{C^rLUh#Gf{;8yw!5>S{D@2& zsAQSYXHEnYdwxAZFk`&EAcZ^ND#u98M!b8>Z(a;EbBeQA^Gq*~MYEQO-1M}HhHlj1nRx_quO6W5!?;H%asObhxsE^l?!DC+%nv;C9~-7W$pi} zN9DpJ962WD_dFg&@81Oidv&{B;j>83?!_@C>N-*p{9m})C8}aa8bts+yf_qt z66bmn5U(%vS{8$!{!Jpm0S<&_s~iXqe#nPR8k@h~_zSiHPJa0Xp8Yg`_zWRZBa`HN zk?@&o2R+pWMD*~-;*MUDn4w~MW3Y;kWbcr#6d~_-1YN=UR-1LD+X8&O4Ua!(8UT3>Z}S=x*-nqSi_*-o19seP6sm04<2;L_%V-{g(in z$F8h@pzDw^FJh^&m=sG1rZ`;};m14fN|JUcI40ijQJ_`4TO z1c>F$pQ35oIWF%pVI%Ct2lpGg zX4!*GxMenI-M0YNCuD~Bctl`fbfSMwi2m%K6C&DK4#DU~Rpx>_p=j(RZ%)~be@-aL zyE^wcp{x5MvuUyR^xu=MJw0R8yKM{(mlo%ufgA)(?4G(p7F5$^_|7DJ+;6?Xf6bTI z>b_>lkE<8BdmDvtA*p-2C!HN!tP40@b<1-=IYFG}4@et1d0@Uz?SVq<|+m2&iGA7#lwxEjGe7Jm0o%*cQ;d z&8drYr=5F8Y(aZ}nE^7SudD;x6EaGzoquLJ)_tSHKKfQLOQD|BIADDaZK>&GcL95u zrk0x9zxj@v=KPO<%x^@op2e+Y)mz86yiGH5o`QBSb)s#cW?Ck&LI4Y z@~HnX$n%i@yUQA?YIg|ryWXD7{hL_Gj=cIePNq#lmI(%pbop1gb(Pv@y>%@#YR2qj zqD(S()^XY-Hxakj#~VAODy(J76ty}BJY_yyn9j4dQE_}CREmWuky^`)WtZ&cnTGLN z&%xFL%Y8taNyaVuw?Ne5&Mh-a60%Uh7A^2q?4i+*Z;9<)$1>KguYX33QPlIg)B)8c z$y6ARsYc42QFP-r6leh9O0^Zjcco>;&gh?ulsn`KB@jmq^X4Jg=xtIM zkH;C_e+wY@tIs=FvatOm6Qf^9!PRGlNpdmrJ(5Ix5ue>8snay2a}w7BMG+%<6*Vfk zi`M6FAN2b;e^2Gext}Cf)zB+Z|6`yS2OX0t>3X6@VL5Y|*EXXLzbWUs!?x~Z;DZ4{ z?5D?}T9AGcz&yUlQQvM?Yij~QlMjT&Elk19ya2>o#YHV{Gu-RS-KK#4U4%$ar z0)OUqS@r7*(0(T^VLtwsa*$Ze5{b1Ws}%2|JIL<9+=Tu9b#9a9M&ujOG1ME0H`C;Q z>tekg=TI4}hxRt(ZV8sxE|1;M0z82+{n=Fc^sRigTFEEat*is$ulVSZ?26~A*a^NI z=5;P_+70x-SHQbD)u(L6+h}VP>CRK`*hnh;(hKPXafd4?Gy6Kx(XwaY*$aXlRM4PB zd4=MK?Sif?IWz_oE9I7B{rq}M;F4z9$eobzl-2#t&fijvLfreJP>!rT8j5ZIuSvtB z-j&NC?7cPatxm%B!4vq?g04zhdxtAuUwxXx?!hAe5or4yGlyu1d-Yqv_MWWvbAVl$ zh|{MV8O;-asVdy7F?doz)A<-Tg5F4`4Q{~7z`?#?!u`=2gPBBHmwf8^Wu%auuRf)+ zYeELs-m+#Mgcwz1^rvmXoi%mif~>*VyKLJZ_-UWk8o}AvTWdp2D5c}O5dfgdz<0FB z={OLOE6T#c_k69k`Dx9C{>IVsl7!{%J=;AAM{<~H^3RuNS+i@)HLBY`4HB^&VV!@=PuRn_Gu|&vH6_&;c)>O`W;rMPHHh&e}zny`qb(#jA8n&W+ zc+>wZZ>EiuK(m@E6zt$NG*4@TQXfQ!g`(7WH|egLoYbrp_L{NMc9#$7Fr_I^m}~vT z*nmy(2cFGPC9m^(&wPwdAVccDOo1bceqB;lfhdS_)T(PM%0aEa;ikI|y%YE8d%)Z* zm$GMubJmS@r+Nz4d0%{i_-ft2AJct@ysqT;VjTQDg${Ue8l60C^Ck%2vOb({SVf9O zu|5dK`o3?L*bVMu7za{N>X}CO`M+h3nYv&H|J5%%CUb&dK0zJ3fq(2(_8=b%@-xAXJ$i8$Ds>~gxodohOT&$wY)7duaPrZN#150dGwBaC2&T87GPs0^630Fy3wDtBQn=pW(&}Zj)mMSW8fB$N` zDLvA~5yd@c81AguuXd8$KO1ElaV>vHwYi?G7V1^;9~SF-gK-ltOefSwgsa}|MZIA6 z=ZZ4!npa)gwOxOgZis@4eBW6$i`lIvpHM*vaqxGyiwekFnZ~+!96pV`^ItcT@O7xY*Dh)uqIi=v-bWlR zc@I#8U<_5zBTu0ugVY9e?WZMQ>Wv?yF$=fXAq!R7g)=@1krr0i9@W=A3Gg3 zF!mZyCT+W4UGP2^YW)TJZhtYnN&boS#eWLGOX0hqdHxZ%{N@(csW# zP*n3J-lWCU>A;}W8K*XXHfgI-c=yj@n{11aCUu4IZka(%3Ej zC+TB%sv{eaeznlly=$&XYrQ`C=HhgXw5qT4bLnj5fz#&kYM^A~2%*s9Y-)fHWbdNy9c!HeUa^wUbmQ{QVXF3xMs zh}hA;Dx@i$`qT-MEGQ_Rdw2+x=b5OE5F?90h>SIwmzJ2!))zD03L69A z7V`53mYl-tXRK-{wTh$Im28s=jZO;QBq+QXz%G=%+EEIAvhUoBD0#sHo!O_Vg`~>nXn_0GDZQ#zmu6MSIiZWRl^eJ5iqV` z7{-NGIoc(wc=UiEg>Q^cvCK(mq|^@G=wSDF7LnbLV)PDP!g^nZTw=AYT_3Zj@svX% zPRZyes->Fw!-=A~4#^$JfE7Jum#-#kp5XixUfS9fdraHKX#2Tmj7LJMV*JGGkwAV1 zkGf{73U*CJ3c8wL`Z=R!&5LrLD+k_(TD}VnX1c*7PR+P4TRrof*s77X9!^4W!?Z&i`dHL&$nUfb`|uglHk}cxpEucO8;4Sb0FC$vippo zlL-8-aVy5J9Ne=yesNR^JDjno)o$n7iyB+F83;Ip*}@RLBeQN0R1 zf7hi>l1+UVMG8}6)w8*e{V;5hG{lT;vD(LSC2zsCu7Wlql#LZymmQg40t*~*tNPhZ_@X+Q?&+o5c0toII! z*g3&fO||yR!rLo+7-b?X%bMy(bX=-N4tr?;_)+w&R=fP>#NLp`H-KT=--{ox;zDjK zx+2rU(LMJ`xq8QUK!^F;Ap@sh)&S}O|07@!{V(mWG(VuC{W}E-zK6k&zm5LUe*xG%fl2@X literal 22335 zcma&MV{m6t*F6{;9ox2T+qP{dzu2~Ivt!#G+qTV4^6%$;-l>|Inh*1B-&<>)efB!F z@7=ZPD9V6>p#lK`K>>Mcf@yVJbS-B50s^X20|LVM_twPO%*fSD%}UhF+{)g{)yl!1 z-rB{%{#y6ad2=-ByHD*CL1oL$l`4t2vdhL-o+&Apax5-Yvh@XbLLjU^AP1_=5J<_H zUG0rY{nYEIkn7_o{SL*y1;)3TMvW{-MSB~IcjWahOzS=f-8X1z-0NCl$+8G`1YVrA;MsLh{%$ z1if#bO!p~?b8ct?TzBC_*gqvRJ~|LC)>_>IV!^Whh1K9G^`1HR#Qx}KZeB5C%G*gz ziX!>&Me(%QSP?VTXgG&dv~fRmtxw0Iy}|^|UPv?JXywv0Bcrx3(awdX+dAU+%OetC zdsoik-lgQpF-4>A#}&g4t)~GKUIr`aZt*l**)ai;`E8=YhjgI_SieUpWIndfNcw<-Mq`>p5)6LN&T4f zSN~oC?sabzk32hq;-PE#@URyDUZ(D+Hh~JG`rkxC{WZ-DDt+kKUs0s$#L${-fv|md4^@f4iiKxzGt<+HviBn5r_#I*cJ__r zxtegB_RL5~b$T9!VR0WVJ3v3g2q?E%4!h$GdrS_^@#eu@=UB$7^LEjbn$hV_c~VXX zO-k!qJ{X_Wu(y(zOW!`$_Z{7%zEnP`)UGJr9vMF|R)1{t z*t9OlBPUygimNTGD8aMAzuZT`2E!WG4um*6(BQDNB)9uHlt9lvuWAZzG3BuGFgC~< z$QQQnkdtwki%26DJEjxGHPe{_-i`=6l)6=sXT*~95DQkrR(5Torl)UV7v>7zDiyKJ zr&hac-SlZPN8AtRq!L$$wKlf6NQTJ^R6pSF4UBu!Ct3YJ_N}=X*>G0+xIHYRgtiG* zc**RGf=kAE-K_VA^4=PEgqOblZYo!t$cfRmRwZ5*@4Obk0lRJpH?f7;%26A6wc&cQ z)Ie_$|8zhtmjkjdg4#||V)t8G#^^u^7g#Ug1!VpH>SJKJ%Fv@?tVNN2GI|F`B)$Y1 z6XWjM3xlzo7E2&YTs}92(o5LaL-;19R+62r<0m6lX}}CtOeHhp(Ag38UYVCx!1$dgN8KEZB zU_ggwLxGC#P=U^nP>%sZW~cdOVO03LrLT0vC61l;zIap9y-^ix;{hXQv>>x|L=Ahd zw->F2E*@G>c zzZkxUML|R|o_W1u@mV|&dHUv2k6S|DHU)#-9K#|$2i7Ml+`@}mcI#@U>al0*v2Els zu+i>SIwZ2`Q+ zBC;2gbCjc#`;6~mYyF{2nFJ8acTyU(K8B)FLXKhuERK5)F50~tsi z_#my4b)sO{WKOtz+$RFfRVz$(`WEc6tX&3%A7c`=X+%JpSWgL1tvvd%2OeEIu~)*{ zkLcZbWFMsoiQWB6z%bBh4U|WhBj;$E@Dl-7(I*_ZH6lr^HUgL_A{t*p2wh z+ebBD5B*CEi^SIG7yqpa-A~17cHa7`hrjvEs@xdU*58n9L!Bp3&yY{yR=Gs9-_ed! zyi)p6^uJxEB#u5Z$~H)zP4Q7*HG{k}6EA->2oBRaK*E(#_O_98rHctj@^Hw(K@@TQ z$aP6^zl%yjv_ReF_X#`ne!;veXLGcqgg1J}uF7IVe|0Oi`79(vAj?NQ?UFzqxWHnI zNSrrM&G)yzn7$Lvi&A>(!QbkxB@VWxDZgZH;2lnhDDAFOHfZ`|p)jfWktJXEZ2JZN z0y&To&sng76B?7vk(t|#9o4vRc)r#xO1JCo4mB(8Kj+a_C2*q4U%#KF7IsW&XRP>M zhr-p(xs(J?8PS0jCz#^kKqrKt!2JuyDXRw);V7OUJGUTKL@H*lWjbdODcKn_>4IPe zTLZQo7&b#m;Zwlo^-0=X^Tg=*0|7vWIRmfNw1>XuCVQ7bq(^&%}G&E<}T&vWmJ)V|ZkPDBi??CLpL@bLzD{;yrq zs;o5Gl8@Pn+bh%iPa=#;f-J1VQ8@PH$XeqHy~2lA;B?>+eGkG zSRJJEO9F;l2HOH|3(Ws@qQV~Z@ge1n6v(SVR4`Be?5!&Unk$Eqt}ef4tC zXesR~j1e1Hf;>t|Hr9fJiCd1+%z9~`%92gAZ@>+LC7%!u>NjwaYS`6`&Vu$XF+2+N z+6F2ZbROu`GZ59xkJ>a`)RK6LXZfUzY}Qh!b!Q=msjs6c$eEkpD=BNqrdCl@yWELj zKaF=Y*+h$ICXe^+PNJq%Oy8s7#hgdDt1`H&e1Azg-PP~jV}$o+zbFt!Ry`-6BGO-0 zs={&AVM;>7&pn>B&TOeAxFT_Sg^Zx@ZA7UiDa&JZuru{kxg8aI5`IfUYhK8z3!%Dl z;ZbNRiFhl72n1&fD(zS_edkdl+cq$2{nKF!d0~j>^el+t?DL%7X1PoRSDxW|=2NIj zA)d3=t|gz6ULK4T=~)g1ibZntKpi>m5nt77lT!XQaZ#j0$tp!$lvJcXE>S@fU1)S} zy!XElx^)%JSX?!nxJbs>oJLdB4i-LKrlQaT7SxqPDT;u5%pkeUg`b;UxTAh?hf$F8 zU;gEa^kDDi^6cBL30TZRu72xti)38meARO_+!w|M2yN?s z=;KsDy;3T-VN(h?o+KE^6)}?arR~`q5+Os!VYoCSQ<6G$@Vbr=>Oz^rNja6IQ^Da$ zRI&%x$5=ayn0FhvYoHURqTzsfe@4;f+L%mc@2;(C>yo9%Ih?7j6B!WZDX?Tyu<4$D zpgtL8QvHcUBW}~{X&(b?QrA;ibNrq-k2;$gI%ZVDf_hM98BMb+j_|-`IqVgRbP0Ky z$E)4Jc7qviX11#n`?-<`h>MYSTWo>kK6i6@b>;;5D;9T!EZ>E`c#)=GN@4_BPKh~6 zVxWC=uT{XmIHWlivnLUM`&A#}V4x*Gxyg>`uH(mIYFiKXgqR^RUE(1JMZzSzA_Xi; zU5x|U%-Q_G4P`h_B^CO3CU|Uu3@aB~R6^E?*-tBl`HqtDMJhd)N&F|qLM=^LMbPg6 zCzp&#rq-C-UeikUV4m;=b;?Y|D~_rt^g8Pq3Jcp3!Pgu}zB~dJaCwuDEh4FHj{G`C zYCrJOk->~sGk?l>FnM1uj)6~a_6c*UQAL@n*TOTTSPFzxKu3*72qSFp9ocMzzf0a5 z5rNUOGM!U8x@%2=xg=ao zr}MC=CIKWzcMT;ONyZ^8qN-G&b|3sQ!nkun{7ppp8nBRUiAQQdHIeq2-8NycID^2A z4FCCfX1-_xSjT*MR#I+%;?7phr=kFpZn{}NT}n}n7K`t*e00<#sq%^M_}Kzmy2$c)pV-G6FG+!(-NpP-^@G2CY=# z^<^>!9ho0N2>#&Zx*1Bl|E9F_Ty=tO%=rQVkfJn2bzPr;OAjSWOnQ_io z+gB+D1f<>s0)+I>%&;@EvR5^;bF}?uY5dp5@cjgAiYMLveENPOM4TK&NJ~cT<>swL z(o#jb+sfEX+}~*HBS^AJ#Rvuf3;vNF{mixCig(XDQhf%u3;=@CpNa;P8zl|AxwyHw z*sQ1jI_>+8F2eoG&?Z1^a=n-7%=pk9`FZu0!ABL(CWDj2^t-$9Wo(J)xR>wbcI(hu z>^g<|Sy_y4Wn#FQfN>ihOF?#;mb1=CM>9^lZtv&qlj)vS z@38^G{{YmpM6M_C+Hhf2eD}AW_Z}75NUl72>){tG`fP)63>2MtjG80UYKxsbAEoTQ zXJ|^`HDzChy8=t9%|iGnCB+xN(>CbTSE!n45f`>9#08bwNb@Il5)A%;$gPoZ1MaE| zoDF4FfE`nf#xOR3#IqVA-i>*#tn4-0T;8e|5y9!Ya*?8s^Tkz}lR8?Nf3n&9ZP2R2 zcP!(M8?XB}pVoFDx%jZ z6?q(2s8SGk@Fj9`&?Ncke$$94A#1SE)8Ete$;oe1L{8pHtFhV4`oUW%&sa$8T+-7F zF%?CIg@CvCR@eX;6LCPYE6m7Lb9ng1Es`U*guT>a)598CieWi)Wr_7PEaM4gez=?C6ZTTVAwXJ`Jj@;Y*pcPpj?@=1QAil{>#)@)Nq^8?dmUA zvUb*~%>XSTm1qzw-tIiw$Z^u>N_x_p7P6F#h<1sL%n~w;>C;gen8VQvRNVti)dS_D zL0;p?g>bz8bpGe#Yp6cw6Qun6pmXg0xJ$g4^J_zeEWpKEcP^}wB$ED+jiK?gvS%PHC zQ#-qj-^PLyFXHhyq`wBPry|pj<+U3-rk}U0N!hrax`cayA#rutweUatua`Ni&J5}8 z3>G%XrFp7Zana5ff~e-930{6@#xz^Bj9UD-+btjVYQOpdWtX?M>`2}Hlk9?)hN!0P z+vO}g!^E#!O_$odY1g7!y>wX$s8y%4iUszmR?mL+OI5YD7AYb{*_gED`QW4W4A;sE zh(W{o!!U7GJ7eO&#^Y_Jtag2dSM(yYQLxLf{A^vjRK3Do+PhPotnM&pU-1=lRcjyF zqm`AA*wf;5RcmI!Ah&`0Bvo7vFWn>5r(N}mGo7?@)gqni*P~Vq{{df{rv|XmF?L8J zH#K$e#rM8kUzbUC-@t2Gud^XbU20bDQF2J*ewMCPtzPAZZ&|s0)=B-B!{L8(#Cl!X znf@mSQIC0#N^QDiUv2t@TaWTZWw5nWEo(M>ixSq8_H)dYoo#dv)_-<2{f}Y(ABJT! zq_xPZ3|mWS+6A9lC=-NQZRMA=O0DHG%mj7MG~I6w85HKmHn#Yl+N-Nlslr{J)J|=N zXKL$WRSIrdBU8nJMDX0YB=fF(w;MYZFHR z(LnmNtXynR`((pCUlsDNQg4~7>4ksz>nRflivQrrT^$VSFG{Vecd3>kQ^hOcb;gvt zw5?RRr}ax&#ygoVZRG%`97H7E%adC!VrGHC;BwWgg@5InlorMd)Po47mAi`18(5z{ zpUum~0I~Wj$zo{)$UOmL2M4nlB+}>_ysv8{Os0f5$$* z)YRyyL(xuaH$HjLA;FnNOcT9MB!8{3>DvR|h0UoxSSdl*61hUH_Su6!59r~(+Wkkc zDQ}1SAHvxG5UjL+orrgVoXWK9fEa@Lr8c*!)39OxGslWNmaN@VEOaP3{&#(@|EzDd zq296rxm2m8yuXA{{ae})e=)0JUCHKJNJs5i-5lNFk~O^)UQ3Jjl~Y2+)Qm|^#u|X; zp2)qYfSng+=p$51T`FCxW#v&79Je#xy=8YP`oD0=|H64HR#G?Hi#G2;4@Fx__*9glBwKidNj*bJ%H+s%YMQs z7#YSO9Yd%8GK&9~(Nnw(IUS~s4HRuSv>4`PEBImPriORcP`PAdD3X*ovdO(|W+kFt zJG!;_kD*pCw3yTi(M5Om3TV;?E|md)0tLI!3}q_U;P#!HFy-533fjzwW@#p(i9XG{ zv5cyrEwf^4nO9^}W`H;JfR+(60DUU~#_{Ya;@GU(sRnsU_`g!nM*Hg7s19_6_^q;~ zuiV0Tk86G1$ZBiVRHJla$Bbf6p-|ReJdBsInpPoTLd^PqF`MB4 zkkltwjT2fqRGSQ|6!kXKqaDWqk(BeZ0)=XI#IkTH-a|Ox?j8A>8q`E8Owwpm^R)9) z`yd>K%~u$#Hr;=TmfysY!AF}DD<~?DC>D%LiVVeF*@1x|1W5>kwWqk#wG0?Bv)Tvgb9_YIx*Z{^s&&Z9-)M_$P z`c%<#k>JCb8k`4NV;xnbZ=tGJ+glFS>E(L^88P0pl){&_la{JHI4m&FwVXaG`?~gc zlxDmF(LUy2G9+;*FIo_CrX0VvB*H&y|gBl>T90FNHLvez5ZOR zyj(Z2Vl>4trEX)gDls;dvVAoKs4nYQDqRL1)N9wKaC7GvS_jxJ;q*wOtTl&__6C>! zNe!*dBD6KZbRA_&W$?lec8gu$Dq(dUOvB8PJqw=GrD#q3UV&&$qfp7qTbC;K7SGqIrZ=lDFfOpq@?T_d}0M*$ED6>7DEPF0tZqTU~xUljwfO8hDT48hw6!;#qWzc{r*x1-`(%QMG=6(&egWAcO0>?L}^CxC1)(4kov- zw!-vzZGX6DIx~J(8=9@^7Ou}V#e9gz6`X@YR3-+hobnPYX<5oE4txm5yY@WxyuFm; zU!1WAg#mkqbsBIB`*5IAWp_^CcM7{1mgM+ChBMH}dMvX0FvwB$3!5yI;|&$Vi=>@T z-pEBHrQMBq3_0leu5MJ%(9hu^qS#-^MXqMq;`w>0dtbvpNYbEuW*uiO5SW=3uXZ^a zJ!egp2v<6|i?p?GsY_8F4hEq(_cPEcJ~AI*Jz56*Kqp{Qc<&w+EoUTD%7vR7woxpC z#fDM6Wn>HWwne|gRuSpPW#NK%vHAN> z=iws}wLI(PE+t;ySl$Pt{6BCc9L}^_o3a9~aD2{Z4YvmS&JifIR}O^Jg1CHV-{-J6 z`NnpCryXPSj6m*28b6yLVRT)~fNi06a1O?8+fVxx*ih1St>&R;NeZcgTk*x4a4HA< z<@zJe%IOPYfQ1gJ<=baYN|Z}!a)QO%i~e1L_SYGVxDwaT0~3Irwg2}$+%7agi&4=I zq55$HR9M1b|7Bc6mXRD-*gBvR`9!*&cQEPYw8;+&;zl2Fi@)uO~KQ- zode`SbBvTk{~~^%9rQQVBtn)q>k)f1Qcsri5D%lTholF^wsJ>5T1l3|2Vd70Flbd6 z>r!ovUX_w~5^yq<6CzAf{3(0Rau8-_)-dd^eGJ?uuw$xH>F96_@IG!9wAgDzb~g-5 z=M5rSnGzM$3aBU%A^JPYB>@R1-{Hyj0Og!84Ew{>Evb3*v!>Z<|ZsByM=M#!zygFxy51&F#~t1^8s3({J< z7ha=|M!8Ji1ruvUU~>Bs)^F(gz~__G_nt3c?RktDsvSs4oYqol{2?$}vF6*#3+J(<~xIj%dpt zgxeGS5P5osV!xOp>`e`Dl?tKN2}cM46Tlf>La`Y-*OS790D!TEai20rS%dXFBC_$B zSjvs@T?NS5Mg@TyU8PYL!51u~v{N8wAz&kn?P9^-rwjB$u|fz`87cr@sU1g#h?ra5Bvd;Z1Uo0|Q)a-`ksC7 z@M#=wf<$Ho)F-f;>`K>L-XgDSC+$c|eiMrpPGjYa_834uofPsyKur>Zk^$Bv_pljM zXUy~;c~A02Q}A}Dg)~^5f)k8Eh=@*ECLjI);$qV|;Sdwk{dX5b&N_;UiDZZbwr=4x zWuahoUfvJIcS(vhn<)t!I8K30WX|597(^yO$0X$ zPA;RN-y$lr!-Nm5B*h_ZF9w6&jNUsVQg5?AelO-sPV#8wSd&JHNv70J+rn0W$mP%? zvfL4NGb3%VFJQD zLNrK7u(`s8fc`5z)RjGnkGHnnKWqy58YVFwCwOp2#{dcPHONHo*Ku!n4nGqW8L%i309#RR zHhV(>VX<&sPhfe7&H=j-w^F1Kj!BOpYuk#5$oTAlm3orDgcm1?Bk|--V_COBNdt+c zQ8(63_%=;>TsHS^PlsJa{`t_`lN{Mh_5!@)cTSukm%?#OMi$wPe|hRC3ayrADJPJq zCP1kiXR@YoaJaeh!W>1AX|pI6VLSZquVgb0-^tX3Jgr9O6HJNe;Jj@InEpabNaj!T zTq2R}PTpHsfB8hpR;b!Od7&r!1y0`mdW~!WhK4sFWDc($c!n%*1x?9x*~~#N8C{Pz z6@FYu=p+84gK*3jXY<`{CHMW#^hVSKFOK#6@mD9RB9axlH?C=>pWx8>6T!(z>)uSb zw?mlvbRYC5i(XC&1EGdnETY?ACX*=51C%%787jVdPuAyylFTHu8+OVT8pGCN8%gz^~4TX?tw&s%uB9+0!!11=tS|KA~eXYkOYqaW*MN)v-4+4w|2yP3K+N+FJ=Ndu(D1xL`~Mkkfs($$7;MpWce?2B-}g#KclfAt z?4jjpir=8oyO6xX%=Qd=%+qv#v~&+vUp~Xs*X^P4Cwl~D+6nXw9_ySicw+`>@$piZ zZ}Zik>>Sv1;QbwL9BZ{w&})`A8ITD$PRGYps_5CUnP&8UIlZYDG60eb{ZX~t<)!X> zcrT(1V!Vp#^V)iIYf%vGBgfp)$1k^HN?4Na4))-jkxL)xIA>NuGM+DuIj=Gp((=90 zPusE-Df!mBYNcm>E$+6Vyp0mq30P%Yqr7IF$@Z>@$?P97l34JF|_bDiGF4*6y@h+i^kuUAeF=`-dvrBU~UX}}Q@{IM#3z?-0()(>SsM1)jI~KNF&_?dYq?z%`Or>Pu0En0JWzq*F45B8o#)+uD2QuCapSRsUg}26`A-$7Rf{U zEGkS0UK7Wm_ZU+5^P&)rNA9?nIkrf)Cvosd1!s?iXC@|*=Eb0h7T($DGY}h|eeLcH zt*w&5U1WGL2)l3Abkv3M1HxR9HYkx(vYOc`8FtL&$yf#O`bIMp11EeoX~C*_#6)Z( zs~mn7-53V&`by~v5FBvNd1lvARpeMZye%|UXDC>|X+Rex89WEEddgrUjsTRfiR1;I zrcwfZ-zXPyyZ+M2%N~U#3`99Y6rAGKvnwMb|Lk868qcjrqXP}h)@Xf#e)c%qz6h2DOm!QRAPl|HJZ#5+ z5z@5QiY&5YRIEQtf#ioIb~6qY;qs=w9)2VWc8g%p;$bzvT^9)Ed7M~O_r%qf0UgSf zqv-;liZJC^*(c{=sA+eZ;SnHG{jeB-eMjIWpopnZvCan*f)TaVs_dxfdYpm$rFZUX zIz}TQw>9D6#bwh*M%p539qi8oQx~+XsaW06wCcImdSM+u?Z~Q?B=gi~!J7Lj_TFwU z$1Q5o-!*FiF8?NCKzQ-)K7sC6nJeUA>nylD2@}sWHAfthR$6!sM7Y`+v7{SnJ%o?z zb&@)2*1EG#sM z!q3^%L?ts*x7XA};S(%U@zT5lZQUm-?E>BSU%{P7+QrXRWI~~COp5qdmClF&WZg<7 zn-WV|rgF<>>EKEf%5UwcI==n|elRj^RS5|-VKIG_6rWmx940OPse7t&()VgpQ<9t#k__iFx!np$t@-QM4%E zJv|C8SZFPgHu32Sud*p%oHsO`_DI~tP1?K)6RNXFF==CIaV@~Y7C;V=N_NeF3!|j9 z?d}?mV!q`UcK( zZY>Rk`tfjWANEgy+T2BJ5^TAUFTrX=@hyjjsRJSKQktgvjlrS-zb*Ide_adHHp~M7 zInr=`qBU-W_TD6417Ek8BQ)L;jO)ws#%plEH)^y&G?p_NnI-UrzLg2S#8`04vqP?% z*&h*l|HBcF=ecQXp_>|@aj!A7^Mz)6!?!VP*Ga&(t)BE>x8T|v@NC6-^z;$Erq3kI zkZ`yMvJ|@_+9|0!AL@b6 zFS?kQDJ&!UZaV!M6H!HNlSWlhHN=FVL`jYi(DdTYV8TSNj%KVY50&`)OBr~Ac{T_i zo~51f1GB^mBMP{AYyt>EGSO(?9;pmKrQr{O0aqBT7lv@K+UIDibkcd$O@wl61+ojo z7@M{WdX%O2!#q0#QA%<5`(0W)dl|qAeH#Cimg2ZfpS3H*4|*Q1N>b+ zc(Y}A(ZOzU&)v>u&m9{@9imMo!U1M$#xvz#k2~s|h$Gma?!C|lZEBULrVd<_DO`Pm z+m}1K)DK*jZa!NMTz}v?cI5?c+5orBPjtenJ3}1sZ7YPW@csC#gOiRsQxqUwa;qdm zP54YQdZ^-iiEF{V4?Zp#-F(~(ZBafIe47c^2h4%Kc|~djGZ$*?1kKfBtmse9eEel; zI*c2;z#N60tVl9&s^Jg;)JJ0Y(jE+3CPNDnTOiJrivLXB!b0RVmERlcC!}FVqk~wY z?6iv_&KD^O0I;))Uv5EC9Lv_2+e~wP?{N-98uliH*b9ho5sQu3Gra7Q~42JI(PE%}C7sEhI6ET!gl_{k;(4dr-;e)&5&6 z9M;MY9u)aR%Ew2v&>Q+IhG-%KH_Bx2Y->&NwgisJDB#S+mL~pXaap$MZgKzmI-CG@ zHV=O9c6~lRl%U?Py&VL<-}JPXa%<;ecXubvLLlxtk|~Ja@9#I%_t)>c!lx?|^PZp` zFQHw6FDP%~fknhNNPeYJI9X5cJEb@ZumsyBK`rKO1Z_Q4A8lrR9DDL1kKZXNtUzZl z%Od0Kx=>C`^J+#-LNe~yIK5CnMwsa6qd7)(bm{0ZK!O2ZTsR!mP(Oo%{ET4@-1Cn! z{q8qx5*9)?jN*9U*@1H8RZ4~d{qsQE zhrrxzdBmme#cNe*I)IOs1Y|ji#(*HL*GjX^^ zb4;eXBA6_4)zd~YF!<~u{sOlkAMnRFSv-CH1R7PWp zA4XXwjYlz(%Hyy&+zD79w9;zkeBk>gM8t@el^H zHz%YVsX-`0s$ltDRjNMMK9LTZ$cO5a#Se!=@R$L`3J0rRHe5yX$S8U*HrJ%oAuPMce z{?nA9Q|&A#rY@+;C*pC!CzMC@MG60!(oAW*2D0Hxm_Vhyb@l9U;Tq6u_6_G5_+9KyH{XSH@DXx2JCQ3_B4xCX)44pOA&@JYuIE4`;&SHl zQ!s0OkXhMbb=K6ucE%D5O(T*|HOv9-Yrd7@(#Z8hzI9szg**JG9Y|-~M zD4?R*w)%GZA2Hu7Y!JTJC+}yU_wyN9=8AuHsUJ&0R>V%?%~D3=7|7*u!)$E$qN+l* zK^>1dkb%s>)D#wwZPB>!Xi`?AV46AID)+g=fwR^0Lf@sw1T~`K0*!<}0lz>E@v=i0 z8pHU3Cre`Ng-&fCI$w2I>E%bYK2c5#dyxzKULj2vQe&AKu zVs%yD!gj^*uY42#f8~dMnQcWmH*&pDxR8u}J6}0q{O^biU^cEU>K6o<2!{ zOxxu=alkbflp&7<&}tA+5SR4Y>4Vgvzf$EPmYLBZ&7{iM&qi1Lj~;kBpu6d;1)uOd z>Y9=Qg){dz;Eo2LVBkwtNQg|V_L3JkfHDvM4(o~B4GDbM2EI+{eWcD6DOIrAb-PvF z@$%)7V!Iht4#*h97mBd>$M`dy#ur>aVh}XzskJCV)E0PV%SFQ`dJAJ+%!1JHPLjna zDD$89%OUNlXUo{t&bc|~v`Qk$fU7Ow(KoYQ|B4-MOOdC&kv&SZsWU{hn9;zDkSXk= z!f856$3&5Rn83{8jLSSmTPwBr3?zpQ5|aTemo_F)$N$M$g+!LPTo zv(R-fc_C0i8j_z1@2%wj{&0os_csco!v$4AHdRJAV%4=7mYCVd-2$E%Kq2zhNcshZ z))8PcL~@JkvL4m61)bgjo9{M(kRqVm`%aK=!Q_C%g2wC-;;otASI8kWLz&%+Wkp}q zt8LKHZEoo>I4um70#ku`i*>OX=LgDSeI`vvI)#7G)|VK*cR=VAsKlflUSwG7+M!l4 z{nJp$6oJRfG10$hm}fXTjHL?hk_x^t_kso?(S!{uh0fy?{e)s)tP5#HJs0 zjC!Ahn@!xr`lsVmnpK8&`yK-4%I3@miBq@{9Pvm&(oWF?pq3-a$irY5mT!mB`jygG z=Bt2<;P`P6TX7h!%x20q4Flu+W6NVQoovb3z!qHEdznD=epOA2;Qw(-_czt)=4LR> zJ?tQp33Drkl}44pliV8gWt?6W>H~w@fF&NWa>cNfX_r@_!dU4(hYIc~(7e-@Jng_a z1Og{s*fz+X0=GP4j5utO1okSL0p$SeQH+}ip-}*|qj0b!a)MzTBgJtclS|6f@WG`p zJlP=RLO%ROC+IgaKhY;~%U$T?>^=deF!YFu01*w&5wqXUH0%24R4q%cuI$wTsn$kO z_P~f*+X6g&D+=8gAP#DvAMgo-vWS)P=t%Gsnq(4`+8c`aa$~$%mobW`R3}kT)jl}K z?3&cxJe~=f6xYbH&;U&R_KQWiF_YsKoxOE4#R zhfPbwn7YUso*cO(z!4$QgW3KXiSDObZ4*4yRwzz%Nz|!T~7Y@fho;U}xS=HrDEhl$X zjs|d`<&TSka|AHv>QANCCfBa2*FGn`!kJ7j-(`E7p)DFC;%iL>t>LH57o;h`7%Zv zkjmm=4{~y5rG@Bz#cR<+IVYoHYOhEI1ccxU@SiAy*}z6n;rhG50vrcKPOCITWEu=~ zh0;gWrj3{AYM}628~T0ilxS#-Bxg%hMs@HkXnIUlieD3NL@7w$cpjDdt^bDFa6|$` zl}NuM(ZrvF4&7%OxcZ^XKji&q2C_5Mc zF*XK41iI~Opa$aaw}NA%ezOsj{`iTQ-zicYKY@HC6)AQfN)<5Kp%E*!)CXNcMutkyHnlw#1px->-NYySZnYD4b>m_Vz%v zO3nC`6R0q;X>T!cpK3YHmDF~&Ljag$jsPLUA!1e2gg&T#q`---1_;#_nbd>!XdGf0 z!6pgWMWAVpoxaItKn|GwwD_>&-XF!L7y-+bMq#$-El{L53Ua=pIVrUefnscd8cO}L zL0&koSf%^h@L$8)CJItA)9yZq!I%2cr}@CDk891Xd_8&E3_BI6)?}+U*ZJ=8#Blcw z`P%EvehfEIeMH~}+yv_C_oYd@DM<`0S;Nq$*8G_`9a#(-kJm+644+GlHAN0sOU`|+ zfJ)vio7x>1I`3`(pIe^3!t^u1X8uws-;@>FaaSo?x=6svE-$O$Cut;>fnGsByZok? zJsyU=4b6OwtuG604kk9&A)|a?Nd3tx5S(A*<85?a)5+gl9{M8we7HY0@&Ym8n{H|* zIbXMgS7?&Rcu*(ovm;{Tp`ogrWV-l7cz;dL=(YISYd6%l>52+!26;vc_D*#MeQ1^C za|by`?24KknujF%k_g25{0cF(OA@0YhG-WT?Tz4hsow(FIseEuq+mnF4$8`Vqaix` zc<>sSB8nU38!gZi9}i#qYJv!yx9Jz8MS(4r%CNL2_cv-D97+6H$s z=xFh|$G~_vm~?gu1-?@p2$1A1E5&ec0EdKzo`b@~6@8)j9lwFSu*5y?xj5_2J*? zJ9@a`Z|P0%-?a2^vr>oC+XHd^c7@1O0{bfky1N|GlR@k0Q|R^3@8R|u=#cU#iR#zM zkA28A51)VycRVX%Nm$nKodMW^iW4W<6or$=d(3dJhc-4~CA@j3z~?-@+&!d8#qLM~ zeJl%D`@QC-WqQzNOFGPXSkdj`L{8L9Ok*Jtu){DD8|rvNHh&T$4ar5XiM}n!t7B4> zCACVrc;LBKMw=rqYBe+>C^0ooO2aiLj){(1idvK_=JZ@(n`xkIXCMlqxlfp)|MSc1 z%a_q!*hg-lwBz~leChe>o-0Nf5!kcC*c)zwS@GG=6f{mD2wDyn44r#S^q-(pJKE!> zy7h&SYH+|1Riq(G$6ZouN01?uMNxb7*wiNO2orHm4p3SNSx{JDBS2Ul7xL~z_KHw} z+t_Ctmh3Lo2Yg`K)e~b47o&kI7cT)Ts{Azw&1H$Zm~&ZfF0;_5g4I*8xR%p_E4g6W zEDCggKx(UTiC^LDulq-zRo&-Q|5&xouD$nJ%)@GpjI0+9i4hf2yFm|< zgl1*eVhmGqo6C{FJh?SulnA+c+5A~d6tdtnANq^P*d-|>wJH2R5?#mG?$G}KRrU>L(VJrDQ-flrH8IF&eQE+r2_XJEWY zsuwv8_@yDjJ)Axv^Uh1jAB?=Umy&%Q-svsXPz>9RP4n5S|8{{5{lj&KFSk-KHEI2p zvR4QBOFFyZe1EK3P^7z_axZ_M2q&}GTh(-)T;LOet5m6zplp09jpOxL(t3}p%xyRt4T87s#Rowb1E-V0V8 z2;;{A+|)mG(KM_-$$W3HeMpWQ){Sa=r|N*%`P6&a=#u4#Mhhqn*d_WEL-q@^SAR66 zm#I&WWd@co$CC|eN&%R(Z35WSCb+$q)GociExhxQG__G#`#Q1uZ369*?L)@9A9+96 zH_0#JxH3|DQ&Al*Q(cHvwa@6ERimw~XGkLJ+gST*EvUR~$IfiL(!DW%n`x!RO zaanie83ygv3Hrhl>BSj#Tba=?J2oEo)tU2Zb9)|#5ZAom$;If`@E~;xiS~IZ--DNy zS1?kSUv2K8LVOAyo$R08K^GA7n>%8&(m{W@;Z=yac;GoV6=D$u=1_D)u1kL2uH!KE z2}GE_O?lU?+6e-e@mD~pLM@HX-k?_A2=6gLR3hA!_~#4fxvzp zv>6~Hr6eHi@gvJMDuw>!Fv%99W6fQhBcneqy1%eDZlTTxM8X>jD%&fj7`YykGMM3Z&H>h?*fake8l@(nq4I-wc7zoRnDB02)J3 zBc5ZElol0lnP+?xao0?Y9Sd|#;0m!+`K{x&`rR0KwrQx^L~u+;N#@NYEsj}+Omx%S z+t-<2m^CZ!Wu&AG%O-#5t1+pYdMuK_8Wo)HaZU9(er$+YT+v}3;!o+m?)eJVBsN&T z6`fA-OYWp65O6hKy=EIF3_}M1zSR30EE>~#h!BwKk5#jG;hD>%xRjI1#}jWXK!idM z3CQ(Yv1dcI@EWu2cZ2YFyKlqwL4k%8oE_nOTc1iU>Qw@~{>`xiAtU@0Ckq}6r2ff+qFzOu)^)lqU zn?6D`)4Ablysgo1vMNy6{1e+Jdeh(>DaY02zCA68bCjB`Sp8lyXIXT$(ZGr#Co&m~20XII=+b;$DV>ZBC@1WzfRz(a>4X=3~(G z^KT%Jvk={!D!*c1>ZgQR>`O&|h>S-FQKyZ8L>O*xpndp7)8sZCaWl!s;&sGdVn1Z= zd7h_dzk1$}BiBp`KQ>gfAZ6-J-!t@@EviGh!FD6PW2&u=tvytlc0f@a4D03R;xy5V z*RF>*VSvG&jxI7A$KQvF6exuaX!J)t)}^V2&#|Jf#uHmI0t_9UX<40}30XC^yZw|Dv6-8=^7s8)=3qgF|&0Mn?o_4)_@^;exBt_EZhcn zgX^E&@SxTe_BetDl1rN!^wS8$KtXr;!)vG)++tfhI>$tA!q*t}9Xe=zLcXt(f5o^p z=&D(5V(W3o5lFNfXoOlTCP z@rr%VLtjV(jvAg0X zgk7z7Xn5`N7l58;i&l#7H`Gyz*pDwhug_ET&ObckZZ#P3I*_4&^POOLzMqgn89QRc zV0j}SkpAJi7sG5s1XgsYE9}uIbNgk<^GMWqRaK_9L6l&wp&o0l7^&!uGI95PYqw=e z3K}5jUu0d+HIQKLh}AgP*Wrf7^}&6-JIDOmo_56rFZd=+`aNEUG-0<3g6h#vAfRff z1qukhg4v`?-w88HMP3vN-g(0@-=u-sZ>4;P+uQEaAAn0-TG&{v5LM7xALB-Q%dOwU zb?mQ_Mj;_ub7uO}LY1uv>ShV@oO!)3-%8Ya(TdRpI%3^UH~5lVjw)7oR3sE$!6Dxb zgTqD&R18|$6|7>X?WmGeDZV#jfcJFZ0zNd~@2TrYK2o}Ps-Go>jW39BVDJ#IbyX34 zWI395wYNeDNyzwxuY{;>Dk~Fbn-7PEep>PTGpS5sK4qpF$lYi`#Gl_tO3_tn$RBFr z`l11MMX6=Y`&6r-%`LCGO*&5ysY`&kf5LbXo8SFNT^i>=hVe8Wd2Z|>eMnuJ>|&t+ z@gGo!r}woyL=t^*S=fvql00MV(I8-|z)<))e>LvGVv%XGvK#2)jM3*fp5r+Fs7Mz|Y`k%WYEkH_q~|%&uqBND#8tbmmq7co22<4N z&c=9KF}#|2|K!Zfp7?^#^yc%hDftuZbfs#geWyo(yn`uC6nAo@+%1t88{Z_#m==X= zv!1icNvcc0;LZ!#vqyPmrW2nrm{>Ah>l?K$)#D1c_Ck>k-M0NWNej9(AntyTU9?!^ zj&@egz(Tc&3JCZ~MITeHfw?$+9-~UgD^HAS!wDkq{#?CEUmg1mcCgloIM-01wbyS1 zx|-|le$IYIxV*~AYPesO2lIAyt`9e{8~YGq=^R zf6%iLsJO3MW>7<%+8ST*?t=2(3K)wE4EAnue9k!0$O2eKnGUo$i8??guZr!r;zhns z`47F*HJ>Bo{tCU#z8SK_+83Et6U#nP>U6N40=q0%I4go(klBPtKb-*=oIfK0oonG9 zKlG7x--{ja5uZZaLUG!RC05xPV~Z)HE7zAR8ua(ytP?2F^$;PQ4g_eG80bOx2z5&| zSJYMQAg zORl`mPxwZnbxp2vJ4c8%#Q=bI7SHt0H=O|Ii<}sodCzu8C zHi)FH3!6+v{PMsoBV-~er&Kb3AtpZF_&u$r&JJ+SbEnltSw zg3wwv2xTd9q=B8QwFL~gvhN?(Oq;IqUHyLs2m2f4Jb-Qy(5LpchwGC&mg}p2ICQc$ zA^l>|yOr|%VIrZ*nv7+)`yfO!r5ZrGLT_e;%b@%Sz5yBijgCEo8o|*l8Na27Na6K0 z$1aau!@@zPxsz(u4@1luZzK!NO?%KG4eB@^S6t5f_HiaRFJy@L$7JOXFsug(Wzr=! zp0m zKHQK}ZLolA32cUkS>v-XGF00!LE%z3$=xM1OIL4G-x+PWmjUQNV z&o-mB5ywEIZ-vFn+^`!`2o{6?y3?=HavN*sQpZd+4BM{2S`xldqO{<1++eY>H<$dHpQ#Gy^X}zMKwQe=-yWf`0%(Z?_qrFISqinFm z`JSupU$hRtx#STt3-o#XAQkG5D3_bJ=orVV4Tp|gx^Vv3t^t>VLw0aYXVrY@jLS} zK0ZB;Jz;!O+iwA*ZDYNmM%_a+w2zuUYmT)~D5cT>FLXZgMqkqT6EOAXeT2N1p=ev9 z7bXZYDi@%KQ}*?4HiXYI0Jqcn&600IWwmw-7~)}+-&9w?L?Nc`vPO~z1k+4an_DpA z1J@$~vbyzVNV^>I`4@PQ1vZr`sS`10aAJgOJh>M?*XMTx3AWTmmp?NMxckuiP-g>v zsC{*ukdUXVOQ%310^6sVILYNrOE%zbq6dzgJag8Ru0tsbJlmWW%$<^2oz-YBf5dy* z^JXyE9|I)f&}&B!2jIl3n5xNKsS3!wn4(Ai^PVVINvQsl5m56HM{jQNOm%Z<*8WvQ z@L`>%0F~cjwxm#dxjy_=y@r2b>5SxvYRlr!*}F`=BiLPPeTCPp6$-)^Ke?_nOrzyD zur3P#t8fU5FTE)B`&p^4`}SzYC=ngEwDTzordO=vBE}V`3agkkd=YRmns0))>b&wK zwfAsp>RegWFwou6)`3zmH&=Xdr~d?M3J&zPXq9+q2=2G-cssK9SC;SiY6!TQ@9S0^ zUw3tNeJ2|v*=E;X&$T)`3Nb6!?y^`2uDjrKdfe_vT0dXI4wne3`2ji}t*)699$LqYIUR!E_p9!QZGi$H0Nn-Mz}_Bdal05SXG3}6hSs71-r z`fM;QXqK^|!38AprKOrKOndKWEl7O{6@=TNDAe9n?4#0clGfuNlQuC<34Bm?A1gSi%zZ+RnC z_~TnUgfMW`7cr%sB#Bov`VYtoun9M>eyUkVpnC?J#X@8LoHfAmKw!fh5qD=qKa627M;CewJj`s8T)J>|2(Gws2&=k)k0zi&rA zx;{VJzDL`c<^09cQbSj@wkSM9x_uW)$0;IQO3XE!tzm|{H^R?rU(5MrIQoIiu!<$x zT=B5*1wiaM6Dj#?;npLNhC{rR&S+iqh))U(i``{3UymEI1y?V$c4HvRXD(`_0>5~d zcH~>6v&ta8!oh-yPqy%i=aVbqwRlbRt-gLquvhABF-s{f2D$Pjg=wDCiRUJB;=V%G z&jA6rs#66UWU6I+$Iv3{12?RRVs&ScudXR)e&-hXs=uMB9oNa3wZ5rZI}3Q?;-HoX)6%skt~ zt~PVOEl*ExDV6o(5YqykozI|+WAAT+NpDB?OG}5-NOcn@rPrMOFn{(-D~Hn}B-H;G zB3&)|kkIyDXyb6YgM>c+LR*JZ%r_=Z(0`%br}umvIlxVyyx+JhUa%b8GH>LlFUUkw zZtkGLe?sor-)QG5z`^@*R(EOd_$2QkSy{HcZa}wN8@G*vTc0uO#5FpP=32*isy|jc zxf&Tk8szVq+Zrv+b$Kt-xVj?HvSp0-fGNdJTe4>^Pd=pM$boIBM%+nRaUD=w=Q`U5 z00+G(T04kGy?(qfUF&!v1goK\n\n**Note:** Please refer to the following before installing the solution: \n\n• Review the solution [Release Notes](https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/Global%20Secure%20Access/ReleaseNotes.md)\n\n • There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing.\n\n[Global Secure Access](https://aka.ms/GlobalSecureAccess) is a [domain solution](https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.microsoft.com%2Fazure%2Fsentinel%2Fsentinel-solutions-catalog%23domain-solutions&data=05%7C01%7Ckavishbakshi%40microsoft.com%7Cbe2a496082b24caa4b8c08da9cefacca%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637994850502413731%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=OJegu%2B2EqD7rmYmK9pm9QniD6YWp5ooloZ6tHzcwVi0%3D&reserved=0) and does not include any data connectors. The content in this solution requires one of the product solutions below.\n\n**Prerequisite :-**\n\n Install one or more of the listed solutions to unlock the value provided by this solution.\n 1. Microsoft Entra Id \n\n**Underlying Microsoft Technologies used:** \n\nThis solution takes a dependency on the following technologies, and some of these dependencies either may be in Preview state or might result in additional ingestion or operational costs: \n 1. Product solutions as described above \n\n\n**Workbooks:** 2, **Hunting Queries:** 21\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)", - "subscription": { - "resourceProviders": [ - "Microsoft.OperationsManagement/solutions", - "Microsoft.OperationalInsights/workspaces/providers/alertRules", - "Microsoft.Insights/workbooks", - "Microsoft.Logic/workflows" - ] - }, - "location": { - "metadata": { - "hidden": "Hiding location, we get it from the log analytics workspace" - }, - "visible": false - }, - "resourceGroup": { - "allowExisting": true - } - } - }, - "basics": [ - { - "name": "getLAWorkspace", - "type": "Microsoft.Solutions.ArmApiControl", - "toolTip": "This filters by workspaces that exist in the Resource Group selected", - "condition": "[greater(length(resourceGroup().name),0)]", - "request": { - "method": "GET", - "path": "[concat(subscription().id,'/providers/Microsoft.OperationalInsights/workspaces?api-version=2020-08-01')]" - } - }, - { - "name": "workspace", - "type": "Microsoft.Common.DropDown", - "label": "Workspace", - "placeholder": "Select a workspace", - "toolTip": "This dropdown will list only workspace that exists in the Resource Group selected", - "constraints": { - "allowedValues": "[map(filter(basics('getLAWorkspace').value, (filter) => contains(toLower(filter.id), toLower(resourceGroup().name))), (item) => parse(concat('{\"label\":\"', item.name, '\",\"value\":\"', item.name, '\"}')))]", - "required": true - }, - "visible": true - } - ], - "steps": [ - { - "name": "workbooks", - "label": "Workbooks", - "subLabel": { - "preValidation": "Configure the workbooks", - "postValidation": "Done" - }, - "bladeTitle": "Workbooks", - "elements": [ - { - "name": "workbooks-text", - "type": "Microsoft.Common.TextBlock", - "options": { - "text": "This Microsoft Sentinel Solution installs workbooks. Workbooks provide a flexible canvas for data monitoring, analysis, and the creation of rich visual reports within the Azure portal. They allow you to tap into one or many data sources from Microsoft Sentinel and combine them into unified interactive experiences." - } - }, - { - "name": "workbooks-link", - "type": "Microsoft.Common.TextBlock", - "options": { - "link": { - "label": "Learn more", - "uri": "https://docs.microsoft.com/azure/sentinel/tutorial-monitor-your-data" - } - } - }, - { - "name": "workbook1", - "type": "Microsoft.Common.Section", - "label": "TextBlock", - "elements": [ - { - "name": "workbook1-text", - "type": "Microsoft.Common.TextBlock", - "options": { - "text": "TextBlock" - } - } - ] - }, - { - "name": "workbook2", - "type": "Microsoft.Common.Section", - "label": "TextBlock", - "elements": [ - { - "name": "workbook2-text", - "type": "Microsoft.Common.TextBlock", - "options": { - "text": "TextBlock" - } - } - ] - } - ] - }, - { - "name": "huntingqueries", - "label": "Hunting Queries", - "bladeTitle": "Hunting Queries", - "elements": [ - { - "name": "huntingqueries-text", - "type": "Microsoft.Common.TextBlock", - "options": { - "text": "This solution installs the following hunting queries. After installing the solution, run these hunting queries to hunt for threats in Manage solution view." - } - }, - { - "name": "huntingqueries-link", - "type": "Microsoft.Common.TextBlock", - "options": { - "link": { - "label": "Learn more", - "uri": "https://docs.microsoft.com/azure/sentinel/hunting" - } - } - }, - { - "name": "huntingquery1", - "type": "Microsoft.Common.Section", - "label": "Anomalous access to other users' mailboxes", - "elements": [ - { - "name": "huntingquery1-text", - "type": "Microsoft.Common.TextBlock", - "options": { - "text": "Looks for users accessing multiple other users' mailboxes or accessing multiple folders in another users mailbox. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" - } - } - ] - }, - { - "name": "huntingquery2", - "type": "Microsoft.Common.Section", - "label": "External User Added and Removed in a Short Timeframe", - "elements": [ - { - "name": "huntingquery2-text", - "type": "Microsoft.Common.TextBlock", - "options": { - "text": "This hunting query identifies external user accounts that are added to a Team and then removed within one hour. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" - } - } - ] - }, - { - "name": "huntingquery3", - "type": "Microsoft.Common.Section", - "label": "External user from a new organisation added to Teams", - "elements": [ - { - "name": "huntingquery3-text", - "type": "Microsoft.Common.TextBlock", - "options": { - "text": "This query identifies external users added to Teams where the user's domain is not one previously seen in Teams data. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" - } - } - ] - }, - { - "name": "huntingquery4", - "type": "Microsoft.Common.Section", - "label": "Mail Redirect via ExO Transport Rule", - "elements": [ - { - "name": "huntingquery4-text", - "type": "Microsoft.Common.TextBlock", - "options": { - "text": "Identifies when Exchange Online transport rule is configured to forward emails.\nThis could be an adversary mailbox configured to collect mail from multiple user accounts. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" - } - } - ] - }, - { - "name": "huntingquery5", - "type": "Microsoft.Common.Section", - "label": "Bots added to multiple teams", - "elements": [ - { - "name": "huntingquery5-text", - "type": "Microsoft.Common.TextBlock", - "options": { - "text": "This hunting query helps identify bots added to multiple Teams in a short space of time. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" - } - } - ] - }, - { - "name": "huntingquery6", - "type": "Microsoft.Common.Section", - "label": "User made Owner of multiple teams", - "elements": [ - { - "name": "huntingquery6-text", - "type": "Microsoft.Common.TextBlock", - "options": { - "text": "This hunting query identifies users who have been made Owner of multiple Teams. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" - } - } - ] - }, - { - "name": "huntingquery7", - "type": "Microsoft.Common.Section", - "label": "Multiple Teams deleted by a single user", - "elements": [ - { - "name": "huntingquery7-text", - "type": "Microsoft.Common.TextBlock", - "options": { - "text": "This hunting query identifies where multiple Teams have been deleted by a single user in a short timeframe. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" - } - } - ] - }, - { - "name": "huntingquery8", - "type": "Microsoft.Common.Section", - "label": "Previously Unseen Bot or Application Added to Teams", - "elements": [ - { - "name": "huntingquery8-text", - "type": "Microsoft.Common.TextBlock", - "options": { - "text": "This hunting query helps identify new, and potentially unapproved applications or bots being added to Teams. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" - } - } - ] - }, - { - "name": "huntingquery9", - "type": "Microsoft.Common.Section", - "label": "New Windows Reserved Filenames staged on Office file services", - "elements": [ - { - "name": "huntingquery9-text", - "type": "Microsoft.Common.TextBlock", - "options": { - "text": "This identifies new Windows Reserved Filenames on Office services like SharePoint and OneDrive in the past 7 days. It also detects when a user uploads these files to another user's workspace, which may indicate malicious activity. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" - } - } - ] - }, - { - "name": "huntingquery10", - "type": "Microsoft.Common.Section", - "label": "Office Mail Forwarding - Hunting Version", - "elements": [ - { - "name": "huntingquery10-text", - "type": "Microsoft.Common.TextBlock", - "options": { - "text": "Adversaries often abuse email-forwarding rules to monitor victim activities, steal information, and gain intelligence on the victim or their organization. This query highlights cases where user mail is being forwarded, including to external domains. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" - } - } - ] - }, - { - "name": "huntingquery11", - "type": "Microsoft.Common.Section", - "label": "Files uploaded to teams and access summary", - "elements": [ - { - "name": "huntingquery11-text", - "type": "Microsoft.Common.TextBlock", - "options": { - "text": "This hunting query identifies files uploaded to SharePoint via a Teams chat and\nsummarizes users and IP addresses that have accessed these files. This allows for \nidentification of anomalous file sharing patterns. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" - } - } - ] - }, - { - "name": "huntingquery12", - "type": "Microsoft.Common.Section", - "label": "User added to Teams and immediately uploads file", - "elements": [ - { - "name": "huntingquery12-text", - "type": "Microsoft.Common.TextBlock", - "options": { - "text": "This hunting query identifies users who are added to a Teams Channel or Teams chat\nand within 1 minute of being added upload a file via the chat. This might be\nan indicator of suspicious activity. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" - } - } - ] - }, - { - "name": "huntingquery13", - "type": "Microsoft.Common.Section", - "label": "Windows Reserved Filenames Staged on Office File Services", - "elements": [ - { - "name": "huntingquery13-text", - "type": "Microsoft.Common.TextBlock", - "options": { - "text": "This identifies Windows Reserved Filenames on Office services like SharePoint and OneDrive. It also detects when a user uploads these files to another user's workspace, which may indicate malicious activity. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" - } - } - ] - }, - { - "name": "huntingquery14", - "type": "Microsoft.Common.Section", - "label": "Exes with double file extension and access summary", - "elements": [ - { - "name": "huntingquery14-text", - "type": "Microsoft.Common.TextBlock", - "options": { - "text": "Provides a summary of executable files with double file extensions in SharePoint \n and the users and IP addresses that have accessed them. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" - } - } - ] - }, - { - "name": "huntingquery15", - "type": "Microsoft.Common.Section", - "label": "New Admin Account Activity Seen Which Was Not Seen Historically", - "elements": [ - { - "name": "huntingquery15-text", - "type": "Microsoft.Common.TextBlock", - "options": { - "text": "This will help you discover any new admin account activity which was seen and were not seen historically.\nAny new accounts seen in the results can be validated and investigated for any suspicious activities. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" - } - } - ] - }, - { - "name": "huntingquery16", - "type": "Microsoft.Common.Section", - "label": "SharePointFileOperation via previously unseen IPs", - "elements": [ - { - "name": "huntingquery16-text", - "type": "Microsoft.Common.TextBlock", - "options": { - "text": "Shows SharePoint upload/download volume by IPs with high-risk ASNs. New IPs with volume spikes may be unauthorized and exfiltrating documents. This hunting query depends on AzureActiveDirectory AzureActiveDirectory data connector (SigninLogs EnrichedMicrosoft365AuditLogs Parser or Table)" - } - } - ] - }, - { - "name": "huntingquery17", - "type": "Microsoft.Common.Section", - "label": "SharePointFileOperation via devices with previously unseen user agents", - "elements": [ - { - "name": "huntingquery17-text", - "type": "Microsoft.Common.TextBlock", - "options": { - "text": "Tracking via user agent is one way to differentiate between types of connecting device.\nIn homogeneous enterprise environments the user agent associated with an attacker device may stand out as unusual. This hunting query depends on AzureActiveDirectory AzureActiveDirectory data connector (SigninLogs EnrichedMicrosoft365AuditLogs Parser or Table)" - } - } - ] - }, - { - "name": "huntingquery18", - "type": "Microsoft.Common.Section", - "label": "Non-owner mailbox login activity", - "elements": [ - { - "name": "huntingquery18-text", - "type": "Microsoft.Common.TextBlock", - "options": { - "text": "Finds non-owner mailbox access by admin/delegate permissions. Whitelist valid users and check others for unauthorized access. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" - } - } - ] - }, - { - "name": "huntingquery19", - "type": "Microsoft.Common.Section", - "label": "PowerShell or non-browser mailbox login activity", - "elements": [ - { - "name": "huntingquery19-text", - "type": "Microsoft.Common.TextBlock", - "options": { - "text": "Detects mailbox login from Exchange PowerShell. All accounts can use it by default, but admins can change it. Whitelist benign activities. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" - } - } - ] - }, - { - "name": "huntingquery20", - "type": "Microsoft.Common.Section", - "label": "SharePoint File Operation via Client IP with Previously Unseen User Agents", - "elements": [ - { - "name": "huntingquery20-text", - "type": "Microsoft.Common.TextBlock", - "options": { - "text": "New user agents associated with a client IP for SharePoint file uploads/downloads. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" - } - } - ] - }, - { - "name": "huntingquery21", - "type": "Microsoft.Common.Section", - "label": "Multiple Users Email Forwarded to Same Destination", - "elements": [ - { - "name": "huntingquery21-text", - "type": "Microsoft.Common.TextBlock", - "options": { - "text": "Identifies when multiple (more than one) users' mailboxes are configured to forward to the same destination. \nThis could be an attacker-controlled destination mailbox configured to collect mail from multiple compromised user accounts. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" - } - } - ] - } - ] - } - ], - "outputs": { - "workspace-location": "[first(map(filter(basics('getLAWorkspace').value, (filter) => and(contains(toLower(filter.id), toLower(resourceGroup().name)),equals(filter.name,basics('workspace')))), (item) => item.location))]", - "location": "[location()]", - "workspace": "[basics('workspace')]" - } - } -} \ No newline at end of file + "$schema": "https://schema.management.azure.com/schemas/0.1.2-preview/CreateUIDefinition.MultiVm.json#", + "handler": "Microsoft.Azure.CreateUIDef", + "version": "0.1.2-preview", + "parameters": { + "config": { + "isWizard": false, + "basics": { + "description": "\n\n**Note:** Please refer to the following before installing the solution: \n\n• Review the solution [Release Notes](https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/Global%20Secure%20Access/ReleaseNotes.md)\n\n • There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing.\n\n[Global Secure Access](https://aka.ms/GlobalSecureAccess) is a [domain solution](https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.microsoft.com%2Fazure%2Fsentinel%2Fsentinel-solutions-catalog%23domain-solutions&data=05%7C01%7Ckavishbakshi%40microsoft.com%7Cbe2a496082b24caa4b8c08da9cefacca%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637994850502413731%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=OJegu%2B2EqD7rmYmK9pm9QniD6YWp5ooloZ6tHzcwVi0%3D&reserved=0) and does not include any data connectors. The content in this solution requires one of the product solutions below.\n\n**Prerequisite :-**\n\n Install one or more of the listed solutions to unlock the value provided by this solution.\n 1. Microsoft Entra Id \n\n**Underlying Microsoft Technologies used:** \n\nThis solution takes a dependency on the following technologies, and some of these dependencies either may be in Preview state or might result in additional ingestion or operational costs: \n 1. Product solutions as described above \n\n\n**Workbooks:** 2, **Analytic Rules:** 1, **Hunting Queries:** 21\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)", + "subscription": { + "resourceProviders": [ + "Microsoft.OperationsManagement/solutions", + "Microsoft.OperationalInsights/workspaces/providers/alertRules", + "Microsoft.Insights/workbooks", + "Microsoft.Logic/workflows" + ] + }, + "location": { + "metadata": { + "hidden": "Hiding location, we get it from the log analytics workspace" + }, + "visible": false + }, + "resourceGroup": { + "allowExisting": true + } + } + }, + "basics": [ + { + "name": "getLAWorkspace", + "type": "Microsoft.Solutions.ArmApiControl", + "toolTip": "This filters by workspaces that exist in the Resource Group selected", + "condition": "[greater(length(resourceGroup().name),0)]", + "request": { + "method": "GET", + "path": "[concat(subscription().id,'/providers/Microsoft.OperationalInsights/workspaces?api-version=2020-08-01')]" + } + }, + { + "name": "workspace", + "type": "Microsoft.Common.DropDown", + "label": "Workspace", + "placeholder": "Select a workspace", + "toolTip": "This dropdown will list only workspace that exists in the Resource Group selected", + "constraints": { + "allowedValues": "[map(filter(basics('getLAWorkspace').value, (filter) => contains(toLower(filter.id), toLower(resourceGroup().name))), (item) => parse(concat('{\"label\":\"', item.name, '\",\"value\":\"', item.name, '\"}')))]", + "required": true + }, + "visible": true + } + ], + "steps": [ + { + "name": "workbooks", + "label": "Workbooks", + "subLabel": { + "preValidation": "Configure the workbooks", + "postValidation": "Done" + }, + "bladeTitle": "Workbooks", + "elements": [ + { + "name": "workbooks-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "This Microsoft Sentinel Solution installs workbooks. Workbooks provide a flexible canvas for data monitoring, analysis, and the creation of rich visual reports within the Azure portal. They allow you to tap into one or many data sources from Microsoft Sentinel and combine them into unified interactive experiences." + } + }, + { + "name": "workbooks-link", + "type": "Microsoft.Common.TextBlock", + "options": { + "link": { + "label": "Learn more", + "uri": "https://docs.microsoft.com/azure/sentinel/tutorial-monitor-your-data" + } + } + }, + { + "name": "workbook1", + "type": "Microsoft.Common.Section", + "label": "Microsoft Global Secure Access Enriched M365 Logs", + "elements": [ + { + "name": "workbook1-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "This Workbook gives an overview of ingestion of logs in the CommonSecurityLog table." + } + } + ] + }, + { + "name": "workbook2", + "type": "Microsoft.Common.Section", + "label": "Microsoft Global Secure Access Traffic Logs", + "elements": [ + { + "name": "workbook2-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "Microsoft Global Secure Access Traffic Logs" + } + } + ] + } + ] + }, + { + "name": "analytics", + "label": "Analytics", + "subLabel": { + "preValidation": "Configure the analytics", + "postValidation": "Done" + }, + "bladeTitle": "Analytics", + "elements": [ + { + "name": "analytics-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "This solution installs the following analytic rule templates. After installing the solution, create and enable analytic rules in Manage solution view." + } + }, + { + "name": "analytics-link", + "type": "Microsoft.Common.TextBlock", + "options": { + "link": { + "label": "Learn more", + "uri": "https://docs.microsoft.com/azure/sentinel/tutorial-detect-threats-custom?WT.mc_id=Portal-Microsoft_Azure_CreateUIDef" + } + } + }, + { + "name": "analytic1", + "type": "Microsoft.Common.Section", + "label": "Detect Connections Outside Operational Hours", + "elements": [ + { + "name": "analytic1-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "This query identifies connections that occur outside of the defined operational hours. It helps in monitoring and flagging any unusual activity that may occur during non-business hours, indicating potential security concerns or policy violations." + } + } + ] + } + ] + }, + { + "name": "huntingqueries", + "label": "Hunting Queries", + "bladeTitle": "Hunting Queries", + "elements": [ + { + "name": "huntingqueries-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "This solution installs the following hunting queries. After installing the solution, run these hunting queries to hunt for threats in Manage solution view." + } + }, + { + "name": "huntingqueries-link", + "type": "Microsoft.Common.TextBlock", + "options": { + "link": { + "label": "Learn more", + "uri": "https://docs.microsoft.com/azure/sentinel/hunting" + } + } + }, + { + "name": "huntingquery1", + "type": "Microsoft.Common.Section", + "label": "Anomalous access to other users' mailboxes", + "elements": [ + { + "name": "huntingquery1-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "Looks for users accessing multiple other users' mailboxes or accessing multiple folders in another users mailbox. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" + } + } + ] + }, + { + "name": "huntingquery2", + "type": "Microsoft.Common.Section", + "label": "External User Added and Removed in a Short Timeframe", + "elements": [ + { + "name": "huntingquery2-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "This hunting query identifies external user accounts that are added to a Team and then removed within one hour. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" + } + } + ] + }, + { + "name": "huntingquery3", + "type": "Microsoft.Common.Section", + "label": "External user from a new organisation added to Teams", + "elements": [ + { + "name": "huntingquery3-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "This query identifies external users added to Teams where the user's domain is not one previously seen in Teams data. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" + } + } + ] + }, + { + "name": "huntingquery4", + "type": "Microsoft.Common.Section", + "label": "Mail Redirect via ExO Transport Rule", + "elements": [ + { + "name": "huntingquery4-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "Identifies when Exchange Online transport rule is configured to forward emails.\nThis could be an adversary mailbox configured to collect mail from multiple user accounts. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" + } + } + ] + }, + { + "name": "huntingquery5", + "type": "Microsoft.Common.Section", + "label": "Bots added to multiple teams", + "elements": [ + { + "name": "huntingquery5-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "This hunting query helps identify bots added to multiple Teams in a short space of time. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" + } + } + ] + }, + { + "name": "huntingquery6", + "type": "Microsoft.Common.Section", + "label": "User made Owner of multiple teams", + "elements": [ + { + "name": "huntingquery6-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "This hunting query identifies users who have been made Owner of multiple Teams. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" + } + } + ] + }, + { + "name": "huntingquery7", + "type": "Microsoft.Common.Section", + "label": "Multiple Teams deleted by a single user", + "elements": [ + { + "name": "huntingquery7-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "This hunting query identifies where multiple Teams have been deleted by a single user in a short timeframe. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" + } + } + ] + }, + { + "name": "huntingquery8", + "type": "Microsoft.Common.Section", + "label": "Previously Unseen Bot or Application Added to Teams", + "elements": [ + { + "name": "huntingquery8-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "This hunting query helps identify new, and potentially unapproved applications or bots being added to Teams. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" + } + } + ] + }, + { + "name": "huntingquery9", + "type": "Microsoft.Common.Section", + "label": "New Windows Reserved Filenames staged on Office file services", + "elements": [ + { + "name": "huntingquery9-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "This identifies new Windows Reserved Filenames on Office services like SharePoint and OneDrive in the past 7 days. It also detects when a user uploads these files to another user's workspace, which may indicate malicious activity. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" + } + } + ] + }, + { + "name": "huntingquery10", + "type": "Microsoft.Common.Section", + "label": "Office Mail Forwarding - Hunting Version", + "elements": [ + { + "name": "huntingquery10-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "Adversaries often abuse email-forwarding rules to monitor victim activities, steal information, and gain intelligence on the victim or their organization. This query highlights cases where user mail is being forwarded, including to external domains. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" + } + } + ] + }, + { + "name": "huntingquery11", + "type": "Microsoft.Common.Section", + "label": "Files uploaded to teams and access summary", + "elements": [ + { + "name": "huntingquery11-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "This hunting query identifies files uploaded to SharePoint via a Teams chat and\nsummarizes users and IP addresses that have accessed these files. This allows for \nidentification of anomalous file sharing patterns. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" + } + } + ] + }, + { + "name": "huntingquery12", + "type": "Microsoft.Common.Section", + "label": "User added to Teams and immediately uploads file", + "elements": [ + { + "name": "huntingquery12-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "This hunting query identifies users who are added to a Teams Channel or Teams chat\nand within 1 minute of being added upload a file via the chat. This might be\nan indicator of suspicious activity. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" + } + } + ] + }, + { + "name": "huntingquery13", + "type": "Microsoft.Common.Section", + "label": "Windows Reserved Filenames Staged on Office File Services", + "elements": [ + { + "name": "huntingquery13-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "This identifies Windows Reserved Filenames on Office services like SharePoint and OneDrive. It also detects when a user uploads these files to another user's workspace, which may indicate malicious activity. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" + } + } + ] + }, + { + "name": "huntingquery14", + "type": "Microsoft.Common.Section", + "label": "Exes with double file extension and access summary", + "elements": [ + { + "name": "huntingquery14-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "Provides a summary of executable files with double file extensions in SharePoint \n and the users and IP addresses that have accessed them. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" + } + } + ] + }, + { + "name": "huntingquery15", + "type": "Microsoft.Common.Section", + "label": "New Admin Account Activity Seen Which Was Not Seen Historically", + "elements": [ + { + "name": "huntingquery15-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "This will help you discover any new admin account activity which was seen and were not seen historically.\nAny new accounts seen in the results can be validated and investigated for any suspicious activities. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" + } + } + ] + }, + { + "name": "huntingquery16", + "type": "Microsoft.Common.Section", + "label": "SharePointFileOperation via previously unseen IPs", + "elements": [ + { + "name": "huntingquery16-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "Shows SharePoint upload/download volume by IPs with high-risk ASNs. New IPs with volume spikes may be unauthorized and exfiltrating documents. This hunting query depends on AzureActiveDirectory AzureActiveDirectory data connector (SigninLogs EnrichedMicrosoft365AuditLogs Parser or Table)" + } + } + ] + }, + { + "name": "huntingquery17", + "type": "Microsoft.Common.Section", + "label": "SharePointFileOperation via devices with previously unseen user agents", + "elements": [ + { + "name": "huntingquery17-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "Tracking via user agent is one way to differentiate between types of connecting device.\nIn homogeneous enterprise environments the user agent associated with an attacker device may stand out as unusual. This hunting query depends on AzureActiveDirectory AzureActiveDirectory data connector (SigninLogs EnrichedMicrosoft365AuditLogs Parser or Table)" + } + } + ] + }, + { + "name": "huntingquery18", + "type": "Microsoft.Common.Section", + "label": "Non-owner mailbox login activity", + "elements": [ + { + "name": "huntingquery18-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "Finds non-owner mailbox access by admin/delegate permissions. Whitelist valid users and check others for unauthorized access. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" + } + } + ] + }, + { + "name": "huntingquery19", + "type": "Microsoft.Common.Section", + "label": "PowerShell or non-browser mailbox login activity", + "elements": [ + { + "name": "huntingquery19-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "Detects mailbox login from Exchange PowerShell. All accounts can use it by default, but admins can change it. Whitelist benign activities. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" + } + } + ] + }, + { + "name": "huntingquery20", + "type": "Microsoft.Common.Section", + "label": "SharePoint File Operation via Client IP with Previously Unseen User Agents", + "elements": [ + { + "name": "huntingquery20-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "New user agents associated with a client IP for SharePoint file uploads/downloads. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" + } + } + ] + }, + { + "name": "huntingquery21", + "type": "Microsoft.Common.Section", + "label": "Multiple Users Email Forwarded to Same Destination", + "elements": [ + { + "name": "huntingquery21-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "Identifies when multiple (more than one) users' mailboxes are configured to forward to the same destination. \nThis could be an attacker-controlled destination mailbox configured to collect mail from multiple compromised user accounts. This hunting query depends on AzureActiveDirectory data connector (EnrichedMicrosoft365AuditLogs Parser or Table)" + } + } + ] + } + ] + } + ], + "outputs": { + "workspace-location": "[first(map(filter(basics('getLAWorkspace').value, (filter) => and(contains(toLower(filter.id), toLower(resourceGroup().name)),equals(filter.name,basics('workspace')))), (item) => item.location))]", + "location": "[location()]", + "workspace": "[basics('workspace')]" + } + } +} diff --git a/Solutions/Global Secure Access/Package/mainTemplate.json b/Solutions/Global Secure Access/Package/mainTemplate.json index 344ae182315..99a7379baf0 100644 --- a/Solutions/Global Secure Access/Package/mainTemplate.json +++ b/Solutions/Global Secure Access/Package/mainTemplate.json @@ -30,7 +30,7 @@ }, "workbook1-name": { "type": "string", - "defaultValue": null, + "defaultValue": "Microsoft Global Secure Access Enriched M365 Logs", "minLength": 1, "metadata": { "description": "Name for the workbook" @@ -38,7 +38,7 @@ }, "workbook2-name": { "type": "string", - "defaultValue": null, + "defaultValue": "Microsoft Global Secure Access Traffic Logs", "minLength": 1, "metadata": { "description": "Name for the workbook" @@ -52,19 +52,26 @@ "_solutionVersion": "3.0.0", "solutionId": "azuresentinel.azure-sentinel-solution-globalsecureaccess", "_solutionId": "[variables('solutionId')]", - "workbookVersion1": "", - "workbookContentId1": "", + "workbookVersion1": "1.0.0", + "workbookContentId1": "GSAM365EnrichedEvents", "workbookId1": "[resourceId('Microsoft.Insights/workbooks', variables('workbookContentId1'))]", "workbookTemplateSpecName1": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-wb-',uniquestring(variables('_workbookContentId1'))))]", "_workbookContentId1": "[variables('workbookContentId1')]", "workspaceResourceId": "[resourceId('microsoft.OperationalInsights/Workspaces', parameters('workspace'))]", "_workbookcontentProductId1": "[concat(take(variables('_solutionId'),50),'-','wb','-', uniqueString(concat(variables('_solutionId'),'-','Workbook','-',variables('_workbookContentId1'),'-', variables('workbookVersion1'))))]", - "workbookVersion2": "", - "workbookContentId2": "", + "workbookVersion2": "1.0.0", + "workbookContentId2": "GSANetworkTraffic", "workbookId2": "[resourceId('Microsoft.Insights/workbooks', variables('workbookContentId2'))]", "workbookTemplateSpecName2": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-wb-',uniquestring(variables('_workbookContentId2'))))]", "_workbookContentId2": "[variables('workbookContentId2')]", "_workbookcontentProductId2": "[concat(take(variables('_solutionId'),50),'-','wb','-', uniqueString(concat(variables('_solutionId'),'-','Workbook','-',variables('_workbookContentId2'),'-', variables('workbookVersion2'))))]", + "analyticRuleObject1": { + "analyticRuleVersion1": "1.0.0", + "_analyticRulecontentId1": "4c9f0a9e-44d7-4c9b-b7f0-f6a6e0d8f8fa", + "analyticRuleId1": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', '4c9f0a9e-44d7-4c9b-b7f0-f6a6e0d8f8fa')]", + "analyticRuleTemplateSpecName1": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('4c9f0a9e-44d7-4c9b-b7f0-f6a6e0d8f8fa')))]", + "_analyticRulecontentProductId1": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','4c9f0a9e-44d7-4c9b-b7f0-f6a6e0d8f8fa','-', '1.0.0')))]" + }, "huntingQueryObject1": { "huntingQueryVersion1": "2.0.1", "_huntingQuerycontentId1": "271e8881-3044-4332-a5f4-42264c2e0315", @@ -196,7 +203,7 @@ "kind": "shared", "apiVersion": "2021-08-01", "metadata": { - "description": "" + "description": "This Workbook gives an overview of ingestion of logs in the CommonSecurityLog table." }, "properties": { "displayName": "[parameters('workbook1-name')]", @@ -211,7 +218,7 @@ "apiVersion": "2022-01-01-preview", "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('Workbook-', last(split(variables('workbookId1'),'/'))))]", "properties": { - "description": ".description", + "description": "@{workbookKey=GSAM365EnrichedEvents; logoFileName=gsa.svg; description=This Workbook gives an overview of ingestion of logs in the CommonSecurityLog table.; dataTypesDependencies=System.Object[]; dataConnectorsDependencies=System.Object[]; previewImagesFileNames=System.Object[]; version=1.0.0; title=Microsoft Global Secure Access Enriched M365 Logs; templateRelativePath=GSAM365EnrichedEvents.json; provider=Microsoft; author=}.description", "parentId": "[variables('workbookId1')]", "contentId": "[variables('_workbookContentId1')]", "kind": "Workbook", @@ -230,6 +237,15 @@ "name": "Microsoft Corporation", "email": "support@microsoft.com", "link": "https://support.microsoft.com/" + }, + "dependencies": { + "operator": "AND", + "criteria": [ + { + "contentId": "AzureActiveDirectory", + "kind": "DataConnector" + } + ] } } } @@ -271,7 +287,7 @@ "kind": "shared", "apiVersion": "2021-08-01", "metadata": { - "description": "" + "description": "Microsoft Global Secure Access Traffic Logs" }, "properties": { "displayName": "[parameters('workbook2-name')]", @@ -286,7 +302,7 @@ "apiVersion": "2022-01-01-preview", "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('Workbook-', last(split(variables('workbookId2'),'/'))))]", "properties": { - "description": ".description", + "description": "@{workbookKey=GSANetworkTraffic; logoFileName=gsa.svg; description=Microsoft Global Secure Access Traffic Logs; dataConnectorsDependencies=System.Object[]; previewImagesFileNames=System.Object[]; version=1.0.0; title=Microsoft Global Secure Access Traffic Logs; templateRelativePath=GSANetworkTraffic.json; provider=Microsoft; author=}.description", "parentId": "[variables('workbookId2')]", "contentId": "[variables('_workbookContentId2')]", "kind": "Workbook", @@ -323,6 +339,120 @@ "version": "[variables('workbookVersion2')]" } }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates", + "apiVersion": "2023-04-01-preview", + "name": "[variables('analyticRuleObject1').analyticRuleTemplateSpecName1]", + "location": "[parameters('workspace-location')]", + "dependsOn": [ + "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" + ], + "properties": { + "description": "Identity - AfterHoursActivity_AnalyticalRules Analytics Rule with template version 3.0.0", + "mainTemplate": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "[variables('analyticRuleObject1').analyticRuleVersion1]", + "parameters": {}, + "variables": {}, + "resources": [ + { + "type": "Microsoft.SecurityInsights/AlertRuleTemplates", + "name": "[variables('analyticRuleObject1')._analyticRulecontentId1]", + "apiVersion": "2023-02-01-preview", + "kind": "Scheduled", + "location": "[parameters('workspace-location')]", + "properties": { + "description": "This query identifies connections that occur outside of the defined operational hours. It helps in monitoring and flagging any unusual activity that may occur during non-business hours, indicating potential security concerns or policy violations.", + "displayName": "Detect Connections Outside Operational Hours", + "enabled": false, + "query": "let starttime = todatetime('{{StartTimeISO}}');\nlet endtime = todatetime('{{EndTimeISO}}');\nlet operational_start_hour = 8; // Start of operational hours (8 AM)\nlet operational_end_hour = 18; // End of operational hours (6 PM)\nNetworkAccessTraffic\n| where TimeGenerated between(starttime .. endtime)\n| extend HourOfDay = datetime_part('hour', TimeGenerated)\n| where HourOfDay < operational_start_hour or HourOfDay >= operational_end_hour\n| project TimeGenerated, UserPrincipalName, SourceIp, DestinationIp, DestinationPort, Action, DeviceId, DeviceOperatingSystem, ConnectionId\n| extend IPCustomEntity = SourceIp, AccountCustomEntity = UserPrincipalName\n", + "queryFrequency": "PT1H", + "queryPeriod": "PT24H", + "severity": "High", + "suppressionDuration": "PT1H", + "suppressionEnabled": false, + "triggerOperator": "GreaterThan", + "triggerThreshold": 0, + "status": "Available", + "requiredDataConnectors": [ + { + "connectorId": "AzureActiveDirectory", + "dataTypes": [ + "EnrichedMicrosoft365AuditLogs" + ] + } + ], + "tactics": [ + "InitialAccess" + ], + "techniques": [ + "T1078", + "T1133" + ], + "entityMappings": [ + { + "fieldMappings": [ + { + "identifier": "Name", + "columnName": "AccountCustomEntity" + } + ], + "entityType": "Account" + }, + { + "fieldMappings": [ + { + "identifier": "Address", + "columnName": "IPCustomEntity" + } + ], + "entityType": "IP" + } + ] + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/metadata", + "apiVersion": "2022-01-01-preview", + "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleObject1').analyticRuleId1,'/'))))]", + "properties": { + "description": "Global Secure Access Analytics Rule 1", + "parentId": "[variables('analyticRuleObject1').analyticRuleId1]", + "contentId": "[variables('analyticRuleObject1')._analyticRulecontentId1]", + "kind": "AnalyticsRule", + "version": "[variables('analyticRuleObject1').analyticRuleVersion1]", + "source": { + "kind": "Solution", + "name": "Global Secure Access", + "sourceId": "[variables('_solutionId')]" + }, + "author": { + "name": "Microsoft", + "email": "[variables('_email')]" + }, + "support": { + "tier": "Microsoft", + "name": "Microsoft Corporation", + "email": "support@microsoft.com", + "link": "https://support.microsoft.com/" + } + } + } + ] + }, + "packageKind": "Solution", + "packageVersion": "[variables('_solutionVersion')]", + "packageName": "[variables('_solutionName')]", + "packageId": "[variables('_solutionId')]", + "contentSchemaVersion": "3.0.0", + "contentId": "[variables('analyticRuleObject1')._analyticRulecontentId1]", + "contentKind": "AnalyticsRule", + "displayName": "Detect Connections Outside Operational Hours", + "contentProductId": "[variables('analyticRuleObject1')._analyticRulecontentProductId1]", + "id": "[variables('analyticRuleObject1')._analyticRulecontentProductId1]", + "version": "[variables('analyticRuleObject1').analyticRuleVersion1]" + } + }, { "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates", "apiVersion": "2023-04-01-preview", @@ -2118,7 +2248,7 @@ "contentSchemaVersion": "3.0.0", "displayName": "Global Secure Access", "publisherDisplayName": "Microsoft Sentinel, Microsoft Corporation", - "descriptionHtml": "

    Note: Please refer to the following before installing the solution:

    \n

    • Review the solution Release Notes

    \n

    • There may be known issues pertaining to this Solution, please refer to them before installing.

    \n

    Global Secure Access is a domain solution and does not include any data connectors. The content in this solution requires one of the product solutions below.

    \n

    Prerequisite :-

    \n

    Install one or more of the listed solutions to unlock the value provided by this solution.

    \n
      \n
    1. Microsoft Entra Id
      2. \n
    \n

    Underlying Microsoft Technologies used:

    \n

    This solution takes a dependency on the following technologies, and some of these dependencies either may be in Preview state or might result in additional ingestion or operational costs:

    \n
      \n
    1. Product solutions as described above
      2. \n
    \n

    Workbooks: 2, Hunting Queries: 21

    \n

    Learn more about Microsoft Sentinel | Learn more about Solutions

    \n", + "descriptionHtml": "

    Note: Please refer to the following before installing the solution:

    \n

    • Review the solution Release Notes

    \n

    • There may be known issues pertaining to this Solution, please refer to them before installing.

    \n

    Global Secure Access is a domain solution and does not include any data connectors. The content in this solution requires one of the product solutions below.

    \n

    Prerequisite :-

    \n

    Install one or more of the listed solutions to unlock the value provided by this solution.

    \n
      \n
    1. Microsoft Entra Id
      2. \n
    \n

    Underlying Microsoft Technologies used:

    \n

    This solution takes a dependency on the following technologies, and some of these dependencies either may be in Preview state or might result in additional ingestion or operational costs:

    \n
      \n
    1. Product solutions as described above
      2. \n
    \n

    Workbooks: 2, Analytic Rules: 1, Hunting Queries: 21

    \n

    Learn more about Microsoft Sentinel | Learn more about Solutions

    \n", "contentKind": "Solution", "contentProductId": "[variables('_solutioncontentProductId')]", "id": "[variables('_solutioncontentProductId')]", @@ -2153,6 +2283,11 @@ "contentId": "[variables('_workbookContentId2')]", "version": "[variables('workbookVersion2')]" }, + { + "kind": "AnalyticsRule", + "contentId": "[variables('analyticRuleObject1')._analyticRulecontentId1]", + "version": "[variables('analyticRuleObject1').analyticRuleVersion1]" + }, { "kind": "HuntingQuery", "contentId": "[variables('huntingQueryObject1')._huntingQuerycontentId1]", diff --git a/Solutions/Global Secure Access/Package/testParameters.json b/Solutions/Global Secure Access/Package/testParameters.json index 42428e73d9b..8dd674f5956 100644 --- a/Solutions/Global Secure Access/Package/testParameters.json +++ b/Solutions/Global Secure Access/Package/testParameters.json @@ -23,7 +23,7 @@ }, "workbook1-name": { "type": "string", - "defaultValue": null, + "defaultValue": "Microsoft Global Secure Access Enriched M365 Logs", "minLength": 1, "metadata": { "description": "Name for the workbook" @@ -31,7 +31,7 @@ }, "workbook2-name": { "type": "string", - "defaultValue": null, + "defaultValue": "Microsoft Global Secure Access Traffic Logs", "minLength": 1, "metadata": { "description": "Name for the workbook" From 6f7b11acd5897ccc1978c74a9fe1c44074f61017 Mon Sep 17 00:00:00 2001 From: moti-ba <131643892+moti-ba@users.noreply.github.com> Date: Tue, 13 Aug 2024 14:04:09 +0300 Subject: [PATCH 03/14] Update Solution_GlobalSecureAccess.json to 3.0 --- .../Global Secure Access/Data/Solution_GlobalSecureAccess.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Solutions/Global Secure Access/Data/Solution_GlobalSecureAccess.json b/Solutions/Global Secure Access/Data/Solution_GlobalSecureAccess.json index e190ec20023..b2f6d44914a 100644 --- a/Solutions/Global Secure Access/Data/Solution_GlobalSecureAccess.json +++ b/Solutions/Global Secure Access/Data/Solution_GlobalSecureAccess.json @@ -57,7 +57,7 @@ "Hunting Queries/MultipleUsersEmailForwardedToSameDestination.yaml" ], "BasePath": "C:\\git\\Azure-Sentinel\\Azure-Sentinel\\Solutions\\Global Secure Access", - "Version": "1.0.0", + "Version": "3.0.0", "Metadata": "SolutionMetadata.json", "TemplateSpec": true, "StaticDataConnectorIds": [ From 0c74ac9fbb9e58e092cc37dbb893a2768f9bd00d Mon Sep 17 00:00:00 2001 From: moti-ba <131643892+moti-ba@users.noreply.github.com> Date: Tue, 27 Aug 2024 13:56:47 +0300 Subject: [PATCH 04/14] GSA supported --- Solutions/Global Secure Access/SolutionMetadata.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Solutions/Global Secure Access/SolutionMetadata.json b/Solutions/Global Secure Access/SolutionMetadata.json index 2f6d9a50f6c..0465917cd42 100644 --- a/Solutions/Global Secure Access/SolutionMetadata.json +++ b/Solutions/Global Secure Access/SolutionMetadata.json @@ -7,9 +7,9 @@ "domains": [ "Identity"] }, "support": { - "tier": "Microsoft", + "tier": "Partner", "name": "Microsoft Corporation", - "email": "support@microsoft.com", - "link": "https://support.microsoft.com/" + "email": "GSASentinelSupport@microsoft.com", + "link": "https://learn.microsoft.com/en-us/entra/global-secure-access/overview-what-is-global-secure-access" } } \ No newline at end of file From 18539ba30f82422ec9a3bdd3a48defa8a5fcf150 Mon Sep 17 00:00:00 2001 From: v-shukore Date: Wed, 28 Aug 2024 14:26:11 +0530 Subject: [PATCH 05/14] Update WorkbooksMetadata.json --- Workbooks/WorkbooksMetadata.json | 129 ++++++++++++++++++++++--------- 1 file changed, 93 insertions(+), 36 deletions(-) diff --git a/Workbooks/WorkbooksMetadata.json b/Workbooks/WorkbooksMetadata.json index 621b0a92ae0..b4052076a47 100644 --- a/Workbooks/WorkbooksMetadata.json +++ b/Workbooks/WorkbooksMetadata.json @@ -354,7 +354,8 @@ "CommonSecurityLog" ], "dataConnectorsDependencies": [ - "Fortinet" + "Fortinet", + "CefAma" ], "previewImagesFileNames": [ "FortigateWhite.png", @@ -4730,7 +4731,8 @@ "ZPA_CL" ], "dataConnectorsDependencies": [ - "ZscalerPrivateAccess" + "ZscalerPrivateAccess", + "CustomLogsAma" ], "previewImagesFileNames": [ "ZscalerZPABlack.png", @@ -6282,7 +6284,7 @@ "dataTypesDependencies": [], "dataConnectorsDependencies": [], "previewImagesFileNames": [ "MicrosoftSentinelCostEURWhite.png", "MicrosoftSentinelCostEURBlack.png"], - "version": "1.1.0", + "version": "1.2.0", "title": "Microsoft Sentinel Cost (EUR)", "templateRelativePath": "MicrosoftSentinelCostEUR.json", "subtitle": "", @@ -6806,38 +6808,38 @@ "subtitle": "", "provider": "BitSight" }, - { - "workbookKey": "VectraXDR", - "logoFileName": "AIVectraDetect.svg", - "description": "This workbook provides visualization of Audit, Detections, Entity Scoring, Lockdown and Health data.", - "dataTypesDependencies": [ - "Audits_Data_CL", - "Detections_Data_CL", - "Entity_Scoring_Data_CL", - "Lockdown_Data_CL", - "Health_Data_CL" - ], - "dataConnectorsDependencies": [ - "VectraDataConnector" - ], - "previewImagesFileNames": [ - "VectraXDRWhite1.png", - "VectraXDRWhite2.png", - "VectraXDRWhite3.png", - "VectraXDRWhite4.png", - "VectraXDRWhite5.png", - "VectraXDRBlack1.png", - "VectraXDRBlack2.png", - "VectraXDRBlack3.png", - "VectraXDRBlack4.png", - "VectraXDRBlack5.png" - ], - "version": "1.0.0", - "title": "Vectra XDR", - "templateRelativePath": "VectraXDR.json", - "subtitle": "", - "provider": "Vectra" - }, +{ + "workbookKey": "VectraXDR", + "logoFileName": "", + "description": "This workbook provides visualization of Audit, Detections, Entity Scoring, Lockdown and Health data.", + "dataTypesDependencies": [ + "Audits_Data_CL", + "Detections_Data_CL", + "Entity_Scoring_Data_CL", + "Lockdown_Data_CL", + "Health_Data_CL" + ], + "dataConnectorsDependencies": [ + "VectraDataConnector" + ], + "previewImagesFileNames": [ + "VectraXDRWhite1.png", + "VectraXDRWhite2.png", + "VectraXDRWhite3.png", + "VectraXDRWhite4.png", + "VectraXDRWhite5.png", + "VectraXDRBlack1.png", + "VectraXDRBlack2.png", + "VectraXDRBlack3.png", + "VectraXDRBlack4.png", + "VectraXDRBlack5.png" + ], + "version": "2.0.0", + "title": "Vectra XDR", + "templateRelativePath": "VectraXDR.json", + "subtitle": "", + "provider": "Vectra" +}, { "workbookKey": "CloudflareWorkbook", "logoFileName": "cloudflare.svg", @@ -7624,6 +7626,61 @@ "provider": "-------" }, { + "workbookKey": "PhishingAnalysis", + "logoFileName": "Azure_Sentinel.svg", + "description": "This Workbook fetches data from MDO tables and provides a comphrehensive overview for Phishing Analysis", + "dataTypesDependencies": [ + + ], + "dataConnectorsDependencies": [ + + ], + "previewImagesFileNames": ["PhishingAnalysisWhite.png","PhishingAnalysisBlack.png"], + "version": "1.0.0", + "title": "Phishing Analysis", + "templateRelativePath": "PhishingAnalysis.json", + "subtitle": "", + "provider": "DSR" + }, + { + "workbookKey": "GSAM365EnrichedEvents", + "logoFileName": "gsa.svg", + "description": "This Workbook gives an overview of ingestion of logs in the CommonSecurityLog table.", + "dataTypesDependencies": [], + "dataConnectorsDependencies": [ + "AzureActiveDirectory" + ], + "previewImagesFileNames": [ + "GSAEnrichedLogsWhite.png", + "GSAEnrichedLogsBlack.png" + ], + "version": "1.0.0", + "title": "Microsoft Global Secure Access Enriched M365 Logs", + "templateRelativePath": "GSAM365EnrichedEvents.json", + "provider": "Microsoft", + "author": { + "name": "Microsoft" + } + }, + { + "workbookKey": "GSANetworkTraffic", + "logoFileName": "gsa.svg", + "description": "Microsoft Global Secure Access Traffic Logs", + "dataConnectorsDependencies": [ + "AzureActiveDirectory" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "GSATrafficLogsWhite.png", + "GSATrafficLogsBlack.png" + ], + "version": "1.0.0", + "title": "Microsoft Global Secure Access Traffic Logs", + "templateRelativePath": "GSANetworkTraffic.json", + "provider": "Microsoft", + "author": { + "name": "Microsoft" + }{ "workbookKey": "GSAM365EnrichedEvents", "logoFileName": "gsa.svg", "description": "This Workbook gives an overview of ingestion of logs in the CommonSecurityLog table.", @@ -7663,4 +7720,4 @@ "name": "Microsoft" } } -] +] \ No newline at end of file From f8507633779b3c20c03dd5044a9cc423c1dc8a09 Mon Sep 17 00:00:00 2001 From: v-shukore Date: Wed, 28 Aug 2024 15:43:05 +0530 Subject: [PATCH 06/14] Update WorkbooksMetadata.json --- Workbooks/WorkbooksMetadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Workbooks/WorkbooksMetadata.json b/Workbooks/WorkbooksMetadata.json index b4052076a47..d5f223c05b6 100644 --- a/Workbooks/WorkbooksMetadata.json +++ b/Workbooks/WorkbooksMetadata.json @@ -7680,7 +7680,7 @@ "provider": "Microsoft", "author": { "name": "Microsoft" - }{ + }, "workbookKey": "GSAM365EnrichedEvents", "logoFileName": "gsa.svg", "description": "This Workbook gives an overview of ingestion of logs in the CommonSecurityLog table.", From 1b5163a58d6daef1ee8e19a457daf1b2e1b975d7 Mon Sep 17 00:00:00 2001 From: moti-ba <131643892+moti-ba@users.noreply.github.com> Date: Wed, 28 Aug 2024 14:16:24 +0300 Subject: [PATCH 07/14] Update GSAM365EnrichedEvents.json Fixing GUID in workbook --- .../Global Secure Access/Workbooks/GSAM365EnrichedEvents.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Solutions/Global Secure Access/Workbooks/GSAM365EnrichedEvents.json b/Solutions/Global Secure Access/Workbooks/GSAM365EnrichedEvents.json index e983bfd5a4c..60734718c14 100644 --- a/Solutions/Global Secure Access/Workbooks/GSAM365EnrichedEvents.json +++ b/Solutions/Global Secure Access/Workbooks/GSAM365EnrichedEvents.json @@ -15,7 +15,7 @@ "crossComponentResources": [], "parameters": [ { - "id": "ff8b2a55-1849-4848-acf8-eab5452e9f10", + "id": "9de7d69a-e1b0-44f7-9fdb-afdb095b335c", "version": "KqlParameterItem/1.0", "name": "LogAnalyticWorkspace", "label": "Log Analytic Workspace", From eb2bb19edae264bb6f4d79f46dfa2f53b8994ffa Mon Sep 17 00:00:00 2001 From: moti-ba <131643892+moti-ba@users.noreply.github.com> Date: Wed, 28 Aug 2024 14:33:03 +0300 Subject: [PATCH 08/14] fix workbook metadata --- .../Workbooks/GSAM365EnrichedEvents.json | 2 +- Workbooks/WorkbooksMetadata.json | 42 +------------------ 2 files changed, 2 insertions(+), 42 deletions(-) diff --git a/Solutions/Global Secure Access/Workbooks/GSAM365EnrichedEvents.json b/Solutions/Global Secure Access/Workbooks/GSAM365EnrichedEvents.json index 60734718c14..e983bfd5a4c 100644 --- a/Solutions/Global Secure Access/Workbooks/GSAM365EnrichedEvents.json +++ b/Solutions/Global Secure Access/Workbooks/GSAM365EnrichedEvents.json @@ -15,7 +15,7 @@ "crossComponentResources": [], "parameters": [ { - "id": "9de7d69a-e1b0-44f7-9fdb-afdb095b335c", + "id": "ff8b2a55-1849-4848-acf8-eab5452e9f10", "version": "KqlParameterItem/1.0", "name": "LogAnalyticWorkspace", "label": "Log Analytic Workspace", diff --git a/Workbooks/WorkbooksMetadata.json b/Workbooks/WorkbooksMetadata.json index d5f223c05b6..f8b7f169713 100644 --- a/Workbooks/WorkbooksMetadata.json +++ b/Workbooks/WorkbooksMetadata.json @@ -7642,26 +7642,6 @@ "subtitle": "", "provider": "DSR" }, - { - "workbookKey": "GSAM365EnrichedEvents", - "logoFileName": "gsa.svg", - "description": "This Workbook gives an overview of ingestion of logs in the CommonSecurityLog table.", - "dataTypesDependencies": [], - "dataConnectorsDependencies": [ - "AzureActiveDirectory" - ], - "previewImagesFileNames": [ - "GSAEnrichedLogsWhite.png", - "GSAEnrichedLogsBlack.png" - ], - "version": "1.0.0", - "title": "Microsoft Global Secure Access Enriched M365 Logs", - "templateRelativePath": "GSAM365EnrichedEvents.json", - "provider": "Microsoft", - "author": { - "name": "Microsoft" - } - }, { "workbookKey": "GSANetworkTraffic", "logoFileName": "gsa.svg", @@ -7699,25 +7679,5 @@ "author": { "name": "Microsoft" } - }, - { - "workbookKey": "GSANetworkTraffic", - "logoFileName": "gsa.svg", - "description": "Microsoft Global Secure Access Traffic Logs", - "dataConnectorsDependencies": [ - "AzureActiveDirectory" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "GSATrafficLogsWhite.png", - "GSATrafficLogsBlack.png" - ], - "version": "1.0.0", - "title": "Microsoft Global Secure Access Traffic Logs", - "templateRelativePath": "GSANetworkTraffic.json", - "provider": "Microsoft", - "author": { - "name": "Microsoft" - } - } + } ] \ No newline at end of file From 2cb579ccc5429fb95d3311ae3b853f20b10a3e32 Mon Sep 17 00:00:00 2001 From: moti-ba <131643892+moti-ba@users.noreply.github.com> Date: Wed, 28 Aug 2024 18:41:22 +0300 Subject: [PATCH 09/14] Update WorkbooksMetadata.json fix workbook json --- Workbooks/WorkbooksMetadata.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Workbooks/WorkbooksMetadata.json b/Workbooks/WorkbooksMetadata.json index f8b7f169713..5decdbd5440 100644 --- a/Workbooks/WorkbooksMetadata.json +++ b/Workbooks/WorkbooksMetadata.json @@ -7646,10 +7646,10 @@ "workbookKey": "GSANetworkTraffic", "logoFileName": "gsa.svg", "description": "Microsoft Global Secure Access Traffic Logs", + "dataTypesDependencies": [], "dataConnectorsDependencies": [ "AzureActiveDirectory" ], - "dataConnectorsDependencies": [], "previewImagesFileNames": [ "GSATrafficLogsWhite.png", "GSATrafficLogsBlack.png" @@ -7665,7 +7665,7 @@ "logoFileName": "gsa.svg", "description": "This Workbook gives an overview of ingestion of logs in the CommonSecurityLog table.", "dataTypesDependencies": [], - "dataConnectorsDependencies": [ + "dataConnectorsDependencies": [ "AzureActiveDirectory" ], "previewImagesFileNames": [ From 61bdcff2c81988b65cd6a73763a82ae6a5aa4a38 Mon Sep 17 00:00:00 2001 From: moti-ba <131643892+moti-ba@users.noreply.github.com> Date: Thu, 29 Aug 2024 10:04:07 +0300 Subject: [PATCH 10/14] Package --- .../Global Secure Access/Package/3.0.0.zip | Bin 23884 -> 23960 bytes .../Package/createUiDefinition.json | 4 +- .../Package/mainTemplate.json | 170 +++++++++--------- .../Package/testParameters.json | 2 +- 4 files changed, 88 insertions(+), 88 deletions(-) diff --git a/Solutions/Global Secure Access/Package/3.0.0.zip b/Solutions/Global Secure Access/Package/3.0.0.zip index 90c80c2f4c39567a73a752a20c502f1f09bf83ad..a90911c042fd05b39c9800e71a1f04f431f0aecf 100644 GIT binary patch delta 23300 zcmZ^IV~{Q|)8)+EG4I&6ZQHhO>yGCc+qP}u>0kk_bS|7W#2UT<70fl$^+EF((Z`&|C73*mjmOR|C9XV5S{`f2;t#7_`+v$*^J^~rKgJdSm zmtYAW-Lt8IO4r|oL@}@A(zk-zsMK>3XX2k!c!>U@?M6VQ5?476D+Cwzao1)U3b7dp zVFFz3;P)2CfGBRc0Ze~CNvqya;HnK=lubrvpQ>zBQ!d=x#kZYPWUg>A#6Z>OS83%b z)%xZq-}K_bl&m8bg=Lb2s(vw1q$rz80X~Ev&-|RgqYA%V@@)K=$?sXz4*PwAQdJ(* z#g(70nIAv|zNWV_`_NJB__M5V`pd--(G|#zo@xq}D$UiTt657o+>KsT4b++x_ z;Zn>{mviTm0_$N$dam)46ZBc=+KFbamMa98&_RIgpG_Sb;*DXpwce&+lvH0FBdlUS za(OW(n=97nOX?_B+YCu)L-#5w#~d(6@2UB3F8M(7&&kBA>%?i8&pTrTA?hcvYKM4M zq#ybsr8o1!B!z)Q4Q(Fx`L&jZjLrA)k!thmE%FcXYPRo=6!vvkulse_r^M{#M~4q_ z-X%ahcc@o&pj>U^fn@sv_pKI0H_xMrzGsd|;+Ndd?QY%*|LR4n+j;|FHKi-2=jN^Y z&&JKwWg!&YVn4uZ<0CYb8=|v%OU=BrtE)$reOv5P=&tr55?%6UqbGg41&}wqqnq`K zbFm`MU8v6QCSDuc`Mxyg#y{KamQ4Wo+5-gn0-S5)pXF*cggqDwb^so3E)6eSR=jI` zVxb$=XmHj)-lpzn_T9>XpOPn;(+@rPH>G>}1N``8dwU4+eA^!vq7B$1f}gEjmq!rx zk8;ZF`o+-azJ;IW)o{SvWS<(Ch(nma55d}N9UN)OtbsFs?=20NTO#!aHzHbC_yaVp z^eet|tRJcOCBoZgDxh>;+f$RHVf~;*%^mFQa!MlbnYfhqEsdQMS zFt?-t%LM!SGYr}vQn$J<$dQf;i>WEG)yuB<>+IvQD(?nE7BdHZeW;FXe(TmK5tFHa zBy6EQl{mVNt`OpGOwYT}y__T~lB4TduokYmM;SdcQ`d!Kx{2I(^4C!6h6~`$R4#)1 zH~%5kkWiaPX7n62>B4BY{A0E`DkXY}`!rjg{ z7LVF>mOM{>xYg*Z0)1bCB++01@K<}F3m>PfKgc@ z!?;$Q66GqWBx2)mKv8Qs-7BElr-(7D{khE)Ux2mQYTzXizei0JJUJ0&2n>mM%w}?% zpu5P&FVlTg`U+VnLhjtCXixxnF#WXD(L$9MPe7EWKZ-(>k+t(YDa^Pp?h!=Qp^&>o z@9(Vr0*CzZF~R_HY|c*qv_VK)X0b>>Q42gKu5|| zZH;4(EOAAtzhg~yz^)+Hz-@se%@;c4OJ{+~$|mNWivV6S#U2DNOxa9mE~9ErjX+)v zJRq0=7BU)QfNP2U@^3Tw;>VF6rfmmanMEAjN@-AA_goRG-J&-3O=$2M)nu)e ze65wWYZ?~ny|QclAJt0zC3mvOo9~X0n$ozdI=GgDnT@cDK{B%P^-%FB*RjWHDa?yN zbea^hKsXfy{>zfY&N1SxmAuGTV3;Ug0*S(oVAf@WhE)Q2kIRVoY|)9*zfS8mHSfs} z7%+A!$+m!gLG#YzKOPm8h-GiIwWcMezYVA-&Xy+f_7rA&JEgEE3(Y!zTrKx)039TV z*akkiK6xmkptO-h@T(Sx7QhKB8(y6tLC!g`+olj`RVH^{1*7M1b+`@`a?Y3GUd@n*Erg~Q+DPzRWwq0ia7d3rdS?Eag}?kwlS6{9R8 zTeKQNT!9==qfDXU^5Nj`7F=_&9G*DolTW1daF(-5v0B$>0&OCgvMWSB|C#ER&o@t@ zw+t8!A+ZIGc1|4HTR}gWn*EUcn2}4zU>#5X9`rsdwHh{iqig;B!=!u7Sc{AoG|-6C z?UiUAVqs=VPoozgNi(yN0@JQ0b8Yqogj~oVr|B*EN z3#MF5B$On#gkvnO85(K14+_;>_X@&^p$@=5Y|zPxY){tVu=a-~VtyUb2MArZki&|g zFl4UR*B#P^3Q<1a58aM@G{xZjbcAC?p88fL;w&(M+%XSPpnHxH7ADlsN`Dg$&K4t; z1P++~S(G_{dwq*<&zKfaYo3;~HsFk4=i4uP%f2O)Ax;O(@IZ34e2Qd`l+CN19}7r} zzv!tbbePcbPp*Y@_$wp56CHOAyN|O0-I-l5#cdu+VQ#-{;OjCQX}@%T`MIccJ+<7k zzYCS0i+-LWkAp{ zeZ~>3cMMGggfmLzHULqI5DY-Y;cB3;IS>~Z45#oeT#xFPq125u>jdvx0)dc~Jt*r| zZA($!pVZ}xVzI4Dl+hF37$Hd+oKZd5am`2aa{~f}woS34MFVS1lTL_fCc(xkpAW52 zEDqe>MJg17X%Utd=*}Erq4`Dc-`N!!)EVK{D(Ax@0whR;zd;P)6AEy^2#p1?`&~Cs$gTF{u3Sx5(gm-dUzHT(-WN* zHvqM;-ys=b(Xe&mqTVyZ>E4@z@xiC9q&&PsSk03FwRECzYD7c@Pgs9)O&RkgFL|w) z_uvqI`iaMV4MQTJpbwBq4)J~z_&ZxhHq;AQZVqWdOphGS{?!c*BQ%8%vZ*5APp~cJ z;OXAOQJpq*deD##SsVu;#Z`;iZv{z^JxtMQB+(PT=qS~!UeiDlPw}w{aXQS_860tn z@w+%Hf5TqV+UJ2JjMTtd`8SC>JcIhLqSc?&=0b{PJSAYP;=ceLvB(%6LHp77B#(OW ze8Q_`B-Oz#6L`?Sb=ukqI>IRJjc(VFds0T9)n3Y>H5)~VRC&%IWZ9xk8}A_-hYRnv z(V({ZHojCj7RKOO^0RhLc(6E#KhMTlH6WS4wdfUP^6m1zz9+o;NtO*G0%oOP@dDs%QwUBo zp{K`V7Yrg7Sa})m=0IhuuIt7$s{l9KsG6(@W40CEOaKgxraSX3?_3EIIY( zQi~o`O4S?WD9OS$GW=L>$c@4@UePYpsxUddXTvy|dy4WorbKsq!x8gFZitTH^9R&x zob{Ki@k#)Jug69R;095x7;<6~iLZ1WjY*9lo)h(VqacwP=G^jbBxC-EG**Z4s>|Yb zbzD_dhbSg#ZkB_|sU4={cyR%!x|)?}#YbYg!Yjw*>vck)fG$2=N(`8y5$cbdYLhui z-QV5b{$Q5JFEp>SVzDPS5s~D$EoC8 zJzQTD0cFf1Q*izj#gf@=vZ1KmXp~#zbp%LJfl;7=eGh@)$9mZPG5hmsXyxJj99*^z z)-Bln8%v{y(tvACtRQ|$dP9~5q0@%x93S$el&h@Wz#Dlfbpi8B>VSwT!Km~QhITb{w9sX6hjfhcxxnfci&y5g}nPmTHZtvxY zVbnB=rWsG=JZJ{UJ@VEmON@pU>4M{cl(A7Pczve!8nA&O>AH-4Rg4cRIVQ9FU=zi zEPO}lz1|)Mts8nrYk8fF^d+Y)3(ZchctvFw!m%7V^PB8IRLv1aZGnHn_?G6(=<>DZ`Z-WaOU$_$-DchWGPy(TX1*{1$`@~d;O z?bHMCUh+Jlv{pO`gqluA{^4aTXqNPsyObiMIKu!QVO0`Pn>StwL5w9a-Wmc^6=={E zgfmKB6`{__4G$5>h|aKQt4fpvr^1Q^bNt@|^v7ciisg6H8Q z7Qx*yEQ3h_bsX;tz%NyIdigquK3T^oaer3ZFWa5CQszzD@MmqMd~BKj;lP2w?NPFI z=1V{a7vENxP~{F3uvd-Iokiz!WqU5|^vT+01gESYQ0WWN_($_oBiD-Q%?!U;lR@ha zN+^Z$yFV8I^nYK45dQltbYaDZG9m>8l(p7KfD{G-P_wV#ZLWf-?kw7{V_8}BOd+gf zJ9S(zLd~tz=rrtjAxxg<^J+t2L`Vet6?QIGuDo<5V`ZsTCY}hQ1PV3n>N!G2AP-5F z8#CTF;}qA#Va%9$ePt=ru26gd9!_b{?pw$ zlJp^rVQ^2xp(gctAYOs9mDic$zN?U+y%kUQfouaC@ z`*HYbX`Sh&$O=r&3Jef4`;+pdt_UY*fVkj6NvQ*O$U8?LzQXDelYt9$Ry*|Yf%L9L zmtSj}Kf8hk&0G5vuzV8Nx4t}XU|SDMwpJ8QIY_i4QAK(Lv|!jiVIq7~xGpG+|UYD)c#S;^H3vqt_6#Gll0 zXGXbu@h+UoMr6<0PU+dXMd*AzN={Qc+3I@S2&X2xoGweMo9zzdCB63!oGc~2kg{4c z1dxk$t(yUWoVYPXtnn|Pa+a3EK;K)hw`$t3ZPuw}!#Wb{(xbMX0`6Y2sut@pQ@OBG zE+9c(5BrSr&5Y0GksTe|UMG59zHdw=Rb7hNW?b~u#D4rZ3el@f^=kGk-CXg4J7{CK zU|;f;dtPQ6-2QLG`@e{Xe-XBD?_!OmaN~e3!JZJqWt-$?wVSrhGxnH^C&8X_)_W;? zAK}ZXg`liUTN)#KVty~pdAZKQmUX!5DlFIPO$#=yBe_B?`W5UaIpyjXudf3uxo5Wj z19D9C%=RCUD~v9+LS^fuXkYEp^a8Ex@<1)k>J}~8W=-737;Mh9jZGAQmop0?xtDh2 z>c;qtUP{xN4Z>ncP3pyYy_Vgh3aT-zYIWt8m2|aLb49$mr#7~ceGb{7$;}x`{jS99^;bvvUl+(a$em^XYBSXXNS;d^y%ftEhf$Z5f&VO`zCVFo9?}XrDw8a|N z>D;VrGtj}QN`krpT6WLYOTN17O&NxVCiY(coAlK`(&Yakjn>gxyYlFC)wV;)4!&g8 z9$jqQu3O1gnXOj4j(Mn?=E_Fa6`2|5rmd*kR$E3_UvFUf1U`P#lwmrBu{iNMN7c%m z5mTPOW8cIzB38RL(b-sL7dGUv9+x^4*=jd&3E0wDms?WcwyjoX1MgC6cZ4ObENSIF zYFW3&&i1U-TZwsSa98eZ<*^-|*bm-dPa&d@)Lie_p0D&ttEtBr5$j&ZPnt_p!>n{x zwP&$B9bDYW1tZ)4SoVciJLtTHNIAJTyO}Fyim6QME z34p8G`G;WK*@p8!2ps=K(1LVs)E)X(vc>s@(O28BynKFS*2rg}_7tNv5qocAMV?v; z=b`!6fqF#g(3DZyOQ-V1pR0MC>d#eLwCXQU8EeD(!e!u>@(SOq%%RNnsUu5aJv92w z>3S3o&B=Kz*RBxNBKS|q!Y#n>VRS21TJ?)+t4?KXmq)YfGdpGOj{l*n&GkQY1*^BY zO1etc2V2VK?DIWsjr~Z?3b#+2S(?|&PfYJh{#1rF zXjbh~|MeJ`_)n#+e=1Q$3Ugb}w{-^Ct~9E(T!DA@HPS&dTbix}6%AxK$j0eh3iT*9 zo$%T}RK@OIwC9KuK6Dj^Uu>p1)I7z2b_%fruRZfKlK!-7p@#4rC+Oz14M$sUN=XK< z7*)uRMTJCpVMx$*c-<(Ql0NQ7n+E~Rs|_!89>x z0#JQpP9ccOp7^bV#mJ?9lZbC4C{E0Bm!;W{e6QB55af?L44QcX^MZpIDd_hDDKKczODRV0x+EwWdBNIYWC?zp<)7vZI|n5 z^y-5Th?nLR#yih}prE{2Y)inp;*YUBr2^9ZYf^yw)r&pI6OvUR_Gy5-u+kHF;HR($ zlv%VL2_lOGP|WiL8in2x4faF9AZ&OHeMjiC?pEsq>qYsF_!w)D;L~>Lx3irg6jbCF z0!g;PrU#jAqBp0NHKCz%{9^!3lRI!HvwZaDr)FKc)I0ib;+!BQ8jr%9!gel?RqbPpqXuT|Cn~)ykK~Ikenpz*=;T9TT`JRJu~R?!OL3YVB6D+u`jeh1-!@3>Nl@lq=!(GTpQ51vtDb-q~w-hHCf8kLNTz#6AYD5_~C=xuyb?v z9Y~t8Sd19)fh?d1;z+5XH$`b>suG%=4qMp8w}X7+pduRV$wTG0s4F@@YVsl(s3 zW@wuV^#=jwP1fXTspmcQ>-W{>OO`|u@O8{_q$DFe6I`uayXACQ%q5I+ZOE{da{%U! z8ORF_e@#{23-*nrvn@OV;MFqkP-D3oF%mq=UOW){{DTTJ?!mr;rLhm0%p0so-g`wc_u_&X)qQwAtzx`B~RhiejRpp_s-jvhcNjF zYjqDWU(%a5qWi-jC5{CyS@PNjRJ6!Wo*}CJ`!tJUj&y{QE{@@qs*AU9Dq)HwhjgxZ zClLde@+kP={jTY;s8YIIe$B&}WPUXjqZnp{>BFWr=q2%1oCeNw{P{GE+<|@PjJrtv z>#)%T{#+Ytfyefix)SwfyE}q?KO4LBb@>#4?V|Ph!M&>?aX#K-TwTmODoDk3!kM`b z3yH4sNJ<^=a}+U*r?>49myQBnugqmm82Or?odiXlfR@qJW@9{$+%NUc%R@j!`zfO@ z!B0lacXOzIBJyxVejZMJazq}rIoNWz&GI$N`ZQQF(C#C;KuD=kWglnu+lF`b{Y)Of z#~0XshrYnusw5uf(2b`Bl4*oqwI z;8NOVY)gZ4cInKn5g~wv&09>yhdaU9aFdvvb?9hHyivmOtKmE|YWB;ymGTGYP!RYg zoiVdm^$DoO*%4l5umg&Z`;$cJ8PWo%E#}t%`{D7Ep!(3i8p#=A(J2GGDnU;63%G)+ z&|4ua#P#mjRTOCd>g+7tA_JX%vh@r+!kTLkkjDNAbX_3DK)wtIi6tAX9cfd5+y-#yg)z`4~wkf=ccoYbGaApe$d~ z5`L44=YvN{kU1rUMZ#Z?cA<)k&*xlRjjh`)Bgc@(R8`~AOX@$LRAFi6Z#$=}KdcgV zPZ24lD1!_amZZBSSmuYY^ce(9aD;+5*bboQgR#x3LdDc$rp!$1HL;El(Q{t##7re6 zrfOOoz(s$>sY^VPrQOg4QYnf+QK-!ff=1A0+G~O5qB8oS{)Y9Rc=g6q6U?B*#@?Dq z!#l=&a7&4jm$HahRXWi21~*}D?R|YicJShA(YN*m3_6Wqjqd4e!zKets3$O9og0-; zrp&5?5ej_BG8JeSW7xGa-_xkqP-LisZZJm*i~S8;(_(%D+a|1@bNMKBdK(rPs@p#d zK^-M4fk3_n>5bH)r$~xbFwC7foMH`xC8jD1P**Jphdo&TTJOr0^dlc95_JE7u>fM9 z!xzkrty2&W98>~1Yk&l-#l*mi1mMdI%rjdPpXy5Bfb;%RlhAcY7h(0^4$jQT;cO~B zz;o>trimzkGdxeAFoZLhPiiNFropAzRB26!?b|)Ptr_@o2ir676)^NM&Q>Z z^RH`nCZ!z7u}n2<&5Gda7eU`pp0W{ca7OY>8O;VSD>jL_**5|-pR}9e>P6aGZ+kG1 zF;5U|5ZtZ#*mo{^%R7J6w0t`jP>+>g)Rv@j8Eth&El>^c9j11FWA-6C6}*hLxyI_fU?~I}fFFi;8LL zKFeVOlO#*h_}?1BHBWq5U32MUGNBGqtN0LFb%LRKfNsy09i)L7ynb^)F<6uM_-6*t z9TfCnb)jQ83y*YNNX5`mU=q6nau;!0e;RQyiG}fqK!^d67c>56p1uOIYFGr;@5MaD z{Q-a40Jq)m{*GNR!g_xWlWq^TQg88^PDWUue)ew6`RU20orf$#oOFsv(#Nw}B{I58&kHQZ z%<3gIwZs4#8L=7~DaxTylZgtUPcp#1QRj8d%t&;^Ff;WEngrkaBtwAu(KvD#F9G)e z6&yCmy8H&ejZa;q<=@)xkF9`YYd-zj5{?_1b&S!4rxc1+l|XaIe(=mg5*=(=5+=P3 z4cL_!;JDT9;oClxj)D`ld>n1j(mAuPZs;Q@w$&zBOry4I~X&U`!ri%kD}klq@>rCu1v#gH4X zAx&(X5Ag*&ZY|_@1-xvzI;-EUw4fvM<9&=UH;~GLHx^ZWf(lG;! ztXv?ef1vH2n`XMQa$yJX7SaV_wy4lDDaFG@F0TsRO%96ThX)aEy zYtM>;0#Ta;i4RRqEm3dGUYm&&x!!P2{1gBnTu~^HD2&;lEP2jwH$flfs;`V2FZk|E zWt7`}SO7`WW^7L7 z0Ximy{oQJ>K5XOwwZmy?>_2hBe`aYeNVJv_n@(M}ZMGM0Z_Zc(oGttbXp{t`vwr}{ zYwgF9=yv7MeT-WySo1(RZet==eUzW!J3kDWZqKh7-lB8(&KKy=f?~x=H_N;1b~K8Z zj{f3iws~@^wo)2EuWa4ZCzdQydK`48_l?mo=dpx{o7m2rH(c=|zE037@-*!h#^SW~%lf5V`sDXZ2fpHk&O;z?#T$}4jo39nDWVD(5c zz*}jO{xRbsHn;s(E2lA!M55!k`!mLOXw&9i{ajPkBNOqC&=tW6qOQvrngc-dWwoj@ zGw?4UvoJ%QpQbYvE0VA}fEn>EF=>+Zo{q8DWOJseFdpqtnkPa6##&74xAxDj%CmA< z!|&8waU@g27Da2g7}~IgTLVPI*DDuMksy^phOb51vD#4D%fWg=A7CaTc%S>i9MRbz zA`2lzmVC$z1yEUv0J6HVB1k}n09o1pYeo@7j>v=hf4$v%^Pt@E5I*~yQ5BIR%AiCS zgNUqz5LxrXG89B)DGJC?{%b}+`e(^j7?h(hB1fr5j#z~fy$mAyBZSEP|1$&r>;9Wu z;Ggfrh+Ns0{bi6BM@+7-nq@n2ZZpKcuBMnHj{fn#29P*%7fF1K;57L6xjiOr<@zPe z!#0}unAsy$A+ghAkf#kQ-H!FZ&|&c_FyfQN<5hfrc4gv#_ zpHq3oc#i9~4qFGc6ri~Xq36ERTsnIr?#kg)4+$QR({eQXE+bQ`48u!@kn*>5bzx&W z89$VYYwdG#Pd^iXh$bpoM6gW3@0(L@ioUbVEPl}alP?i23b9be<;`-4Sw}D{?J#1v%7n92B?3f{+X4 zV#-0$hoklWgE$#`AwSQ+LYdUnHam@ZruU5xOf^E|POM2kgCC`YPw5Pk4GPXn^T2MtV z=^>NmS-`VEWkz0UgMLQ`i8^8@7Z*kkYulKKGfI~i`$w{M3@?J(1R*&0n{za~cq_}3 zBK)+Sj`8?2K)?DsLEdfesg(i-S0D#J{DrxBD$H`M=owbv9@})C&autg>O%Q7F%&rGHnlhFup`me?`!fh z+on!Tn~h8~u>@Hhg%dfdu1pPbQ%Grf*tLK?)l^1R{;1<b=ij)N)t!E(D?Br+3 zyiV5QwKE@#>{MFvDl%Z&PYT%8KT$@KX%@OuP+`B6XJfjr_GZ`r}?&PfJ zGWZp!I3|^iRYaFfk7O@#UKCNRBo71pnx_+au}F&XXPkcIU51CdN5Wh^!huf6HpfO~ z7vNAT9{FSA?sZoK#U1hy)TL~^L)KD!uH^1sLq-#xSlgMO@GM>*qX90W?;%V*iniM^ z84aRC-}@wv*5m3*nhd(d?7HZa4+-P=`e_>u(oWZZvQp}Skm138_lcNNrD67+{oJVt zb5shJ^W$;*sl0*7ox=PC*}XeKT=xkF1dvL_H3LM$xy`&Seo>yo1aJ(=2R}^}_CKLV z?zil{TOO<|*uj1wf!jKaO|%*+RG!W0AG9L4yh(LTh?4$}q%)RL--0Bw*Rd2X_*TW! z$vD&{_JFXMeg^3-_D$snqUDeQr#G&z29hYm;_|yM-WkTOcalJ(Ac>>Uz{J2UKMly; z{_2;gah0;oz$_*=n6cMzZ(mBK`R`buNG)aDHWnJJ-!J7yUVoR9nlB(A3HN9 zPPq%FtlDlUZQf*A2^m0rro7zFxBzPIq#nTaR%{-u`o2aUC@P6jEDYXM8KvG$eHf;v z934vchc$#S@K3#dA;3!mg)? zvD8OLD2tf3?QxV2-0okLLv5vjNkd+d0%%E6wVc|o7xw6%0L*EuE7{3{T}+RANu#t+r7$Po|XMoB=>j{`sUIN5YwcU^GZJH zlQhU^U-t)#i|X+R<8HtCQSs#D^4OR8lJ~*;gd4QM?Pa}=X&?33&jJ4R&vU2yijq7a zl@*WVNF@%WlkwiEIZs5S6QV?xS)ztkXO5oWmYbx^q5}dZMU4-0VPTR+sj^Z81?@F| zR+?eGPGhBzau2Uf9*oUGOiD#l`675`5|L?S8tS!pa?>}9`ggFfKtn)4EOHbx#8cYI zCQH4-@*jAQ&GCeou>ea_7C(h+DiqxVqKg>7rTPo|G$IRcw~@ZxnvC z=^aW`;kpRenAHM}wly!^!pf(< zC$o0ZM)ak(xUWqNsqcblqVZkYR}n5BRSWFkdBldTGxyyJ8vp20C5(`sfW0lhZN4%=XsCAvb zFgl^Ckr13sTx^Z*{Ntb!4_2j_t-orcT9#4=dL@~tAHZeqVX~~;nEPiLgIi-cd*HJy zx_wRR@lv_PhHQwD14BcDEiq+k{aKssSNh2-R-z|(0@R%OY@ib-k-!BNgWy(eH1c!Z zgTK>>OtLnHu0;tMa#DdKb#6gD661l|WVziB9;-oN5KI1hMDk^i4skU3cc{#(kV6dj`sNXqoUug}ok_E{cc{@sx zX%v;jm}IO#zDL=vzTWr8lD_-Wp)!}wU%3SGKY;$_J{*+QAYWWg!E+!zk{S}j3DOJ< z6Nn;7{gX7Vdj;sehfzC={;kQQi9%GG&`1$MxlAf}qrvI4A3QyZ!wNGfaCu^wk#zt3 zrXY8bvsO)kw53E{w}`L5@MFnLlcTX24%z4DQ5*Z7rZ)2fdT@E?8px(~0BYk))c z-OTV6w%h3AXfkr&i#$q$yj1=u1x#+5UCz5<(L220Gi)4&z$zo_`Y>%4WN3!1Ck`g8 zAr#qX?1#p@V_Yki+oxe?t4RqjGHv#cJx`fxYdZzF1-j(11WW>OV zS*BxKQ}#>V4KqJt(4uV?mBts^{1}6BPNQfe^0hS5`x4ecA?M&ogTf*1Vnvemq4 z!|Aiewvq?9dE$;&FydwtA7A~}fJrD=gGtPtXmnsoosaUiH8GV6aO+PN)eslUDmB&4 zI=?P1UUpJ)c(HeH*7{nD?diKYdw%<`=BC!vKK1D7tDEt|e@o`a@p->q0DphAJa&Ix z{xU6==FDk)f!HyU1)$tMem&_)Bryjf>D~Cm4UhrvWIIbsES?LK7Lf+_+?hGmrAehH zf}c7VjD&eqLkM}Nd4%m78aLXo&U)kJPhg<21uyS~+HJ350Q)5hXUoE%_9rmbBTN#S zk+P2k#q?vaXuM%Yy#`)h4#8JQm9bIzV~n0rWz7O}wZZ3Z$gLyoMCk z;&gwqFwoW+FXU^$*DhLBYqkBk$+31Lc1B)zx9IJtXYBRFLtX~2I{6Kt=;b=$6N{q- zvQEbaGtdQEj>W5+t}Ijot4iJSxfjn5rf!eVdrj)DUw z*Z&-S#>Iwgk2oySQJzP}Q=v%!@+Nv3wS{wX8?8GdoIwh9Qe=!HsN|ovr9K*3gwN2E z!O868A-3pr-9a(*785{M#(dXRtX8M7U=J?%tkG-t3}CoMqZQ(>vtU+9XR5849KaYl zQJf*;-R4ZUcW)h^`+IbX6UAlSYO!w^<%=??UvcnDFujq~%>AH*Y||C6={^bV_{KdV zf0LxwF}z3A7o%KINq8uO-f(er<{JSAQOdCyaymakE09sKPDwDe708mAzL9b)ESxbF zEtv6;2B>2z;tYKi7R=yO9}chqwjAH2AeaJ~_kN5s)5C41DoS@_Z`D>f#;LhtNoxO3 zRwk`!0hzWyQ#|`MZ{kimO8t8B`S_ry%TTT{%q`D!zsT*a7WbF_rAUxIh1lQQHe0rgtRPXA#E~ z#1jCQvveGHv_QKv4Xlz5a?qg05Dqv3 zcwqR(UdoyOxm8*8*9lKdNay|oQd&=Al{wmcG3UqJ+*d_rqSS~fu*7OFGl79c-_;#L z>78g{_0*=jThN4oL4qUq2LWKj2vA>-4Mwi6zX9<-&QAL_x(4F_t_ncpj8X@ zy|^_Cbog{`ND@5rYxEd=ED4@%j5v;1DC=M0&SCs0acRz!RHJAD1^=##5;T5;;s_+i zON!LFjQYMGP1+9oIN;YTS#3^$e=90$RS$@~1%~5JZ&!q4d@weJ&ysPm@ z!WWl@>DI^jjdB1ETM*@#)+#>Ep|nCv;GZ|4l)v&irPvT9m;R?6~2z+k&GJ( z=JgV<<`+z)?gd#L(EGe=w~hAQqh}ibMMb3vNEp=n?=aI>qlZ>)A804hsbE0P$2nK>GT65So;WzI~A{&peyW<`ZlIdQVIqhpAo`(~hM= zV|Kf>B|l5q+BQZR=Rf9w8UJBkmhLP`Gm4g1@{jor&nb_ai8cC!X1 zv%xvk?N$oGIJjW|K+|%-4%_IxYhS2TBkfPySgX-SmM?*0_64`wtM+xaSJ;ocNVT_5 zk^{Mt=_r_{iYU%A%Ax$+8wdcQTU5eVDS|g>NiJ4o-zYzoTcG)g5kID0>LKJpgHV5k z9jHL(6c8*^s1lWKrI(#iPdUnNWlFV)lOFY3*EqxE?vHXLm%4|qiI0y5N)AF0P zcT^UuOF1&4N&NZN9!$5nDcL?arO+`h9Pp}SJM_rrH+*<3VS&MLQ&?{}&wx(OlR9pi zCLRl6@+Ll<$qamw#(p1ZyQtTbgl!GN7t%f^?S*21hFm<|SUIJWbYqrRzR1JiJgJw4 zfqub5;44N#swWA+e^HFp%JoMM}0rZ5DFR!v=q--lpHjZ!yD(y!PtzktGVz;wICs(U6@a}R*(?t zF(f-|eNf*510g-OQ+kb?Gvx-#7T3a9Xu2*Si&Pq$2guQPuKG`5CRkvKZ#Oa0T(9Rx z1QIhGm3te^u=v?%5HA1<_@Rl za%gKL7&}$)W{igEGQ^zh+^Qrm2Wc5@=F>VzWBHY)_+OdMKo7?Tb|biC8Aa+!oxrD7 zJ9Bv=?_!k11Id9RV{VFpePJrdre;ScEedHk4cgPTtaw@iwkToJW==vuxlke)A))Q6 zMzqr9h?!B{0beHk7+WELYi@IRSw5*G#li2ra!N+t-SQ%EuZ5gZkAftTt3J(^KUu*| z9!ju&5e&cTYnALxNJX7J)_;NLi{r9v1kejn!e5Xrp=ZBgkAZW7uV7Yt_9Ch7cjUSJmnBfJrLGA*+r^!NU&N1I{16S1ireDG5blJ z`4EMa!lOZ^D@G>?K?5-{kT7>fnD%!ZQ!zcHcdmK>KZXFhIfMX;JAQXM^{;>e$nbY3 zu(VHUOHt4MDzf;h6C&9w8F`Lcf6j?CAFqEK<87Upn;Z8>wD1di1*bvH zC?jvGC$lJX8_Cmow3u~~gJ>cBDwv9Xe8@#Fb*oN$|K-w?VF82Dsi?ATv^nV zu4{K`z!!WEjsY5)*1H|@8445wOX0kL$H2|lShqlBCqd(%K3hkFZ06Ddl$r?%2Bnn| z4ZARuns1ib(^!QXoK88kCSfB_(;{jp#Ts@$JQ=E@*x?tF>x05dMjybSM6{IQDV1Tx z=1j%ZVgCZSJtFtB;#0TIWJaop9-wa4szfX4-(p5(3L?aPR<1;_rIFd_=Z|Z4;KN^T zL7yi5Q9v8mv`8S(S%v*~gJT=$H+wy`4S9Q7tWf)3ZCqtkRAIZNTZWWw5R|T=8zcn* zDUt3@X*e`UhlF$sNC^xf9WvAa(k(jT|FCX&URr_kf<^?F5KRXxt)xOL5%awBl@b?&Y|6&#-c#EHOG#n8*wTyk}CA9 za><3#GL*ADQ-px)cmVyP@C-&Ih3eK!xM}JMmex;_ZFZ{kDgUzjAzXStG$h-d8083c zZelF;M7&6xVVKvvM}*c5g|)mon)c4TR?C%ua zDB(0;`qO>iPlJF3HSR{G++8U%FG`9?F&f1<03gdrMqWu_L%-qm-=aYFtcj81KO)!T z_6^43R@^uOLDWQXh*PO; zxsJhJoqi*<++N0p;kk1-NB72c9?t{hLC$YPARiO@d4(U8f#N+#TtqI1k9m>rIh&u; zou+3BydQ?{7$g9-kP~7M^n3`3CXq$@`4EMFp*U|7PaTUS@sUIJx&w@*WZ?#wtVZ8R z=RYx8RZRB_zWD5o&zOf3t{1AdVVx59)){5PdwiU^MQHHVJmD9V^xXlig4>vhkLtLQ z)Q=pAg$%jXz{{Sc68}mAH%3t%T6G)Q&NK4~LVms>)dV%FviPFUTJ;U&N_1(QaMj8` zaQPfA%J9iU7oyrH%J^(@lilFuUhcb})9~Cg)i|yEiGWsfvA7fW@GGyaZZ=bSoHwy( z&vPx3D_BE)Yn{ybU~_viX^go&Tnd?00r|LkLG=A=fPrkxP()TeZh*I%gPbLUy^JL@ z2`b;}bhe|MPYHQW8!uY(f<5Wum{|1UY<;sC1XIz;AzRLA_uMRS+KcuUQ_cy_b&S4_ z0zpWPf+lqPyBp1=Wj}kJX|G(G{RFdSxKHcS{GS6(|Mq#OKteA=?z$!a9_LtGGk31* z1Bwwq!hqoC1$^uK^4}|qRu6Mr;};gVlkAQVNoXLCqT(54-TZ+fNfz1!$??SH=Miv;h^LO99+5uJ(}- z_E1G>8kr_3^BP=f8i^{BLEm?0Z^f))xUijpxb6aTm}@+;kLh*%c1?llis7;h!|$gg z_d9vEERgGi{N#vud${=nF58d%O$;0?zMxl|RGU-bUJeuRtiZ2t4M`@*{9D9qDld>z zF+Y`AKJuRuzXkIf)xEn%K^ZO0s<}NKJx1Su{etIiqXu_2tj)AK`H278`PQ3~AD9dgQ(Eshpk0AUP=kw!j^z~j( zCWJY?LQ<9ub@?$={Z&_RWf>O>(uAR!> zr+og{hr?2%KF(@0GPF2(-qbi+P4BHbw5k@)B!ZP%86fkzyCq9xkPP!B6W(Myo05TM z0)DBxRw&cYgpyI?Om*Ir=RW~i(YQ!sUHy_#S0xz*^Y2MTq6$#+bLyBOQcP@ag+i?k z;+|y7yAn33O%-}rXO31qB^ppA9;VB$lGS*KwEf5m zRgJ63QK%=_B15gmtLYt9@!9LKiku!FC;x#Fs`$%+GW^PShd*V~j2Zzif%>zUfiOcc z%IpTO(e1v!vkAUibfb&O-a;H$WV85Rs3IW6bzb5@4vL7&trB7(fn@_7rG~e(E?Fnc z7+(3ns9_4$3D#yiEoA&rPRm|`fsTumpfQ4eY@f-p1nYqf_2;6z3*x@oiXL}wXr!o` zhhGl)5QL!Re;EEA!3Q{Q&k-WM-`49skrI;xE{K;SY1W#utO7CGFxyzS{ULA4%epVE9)Hn9y=wvbMqiSE^U6Z8JQl6E&W(Xi9g6}+ z^NW=hyUgaMxxYb6-?fw|jiYz71a-M5ZM(`Ft%{~4xnYxvbk2W+G{n{>@JwzZF8Eiu z0=NEC9$QtuDp6DFHx*hSi(VkQL@Vo$9W8D&>I5G(yQ^Nsn(&*9YP`7bt)T`M24mY9 z89oQ?IqIkM=KjKeu~;=$DUl}h@S5L|JiI-AajP%y8SAzYj&_!9q7~=Jq2tiAV+|O0fA|BHwaWdTAV_sy()TVi{w9%kU6zMauHvyo~;y0Sc3M#S!Nu; zNTfT^c3AC}NjPpd;ujX=8?xZ1P0V|b!wMbbCx0|P zFT96*=;F%jCq0*iO@$}J*oi0IkjLLtf9YU8|cKj0PaiJTcy$_&Vuw_rK#yJL z?3mT|@#Gf`-S48zsgeBkQB~>vQjx|t{*nZb;v5F*Of#P$3h5d)34kR9V~ z(fkGHo8$oQyKhZB^b!(3+4ZVByZYz^jo8OIz52#dYNkAjjBbVUmb7O8W)CsIykW3F&KwY1;BDix^tQ z(I;8WT}Y-J`IAO8$*ij;(+a~Cd7P?N2n8e{kP4~Z&Ry>ib*gpJ`ic1;Q;N?EmZ)Tk znl}LOl6}W}`Z2LR^VQ*1&L&!FH)kh&w>-pn33vaE*KMo~l`tH)-(cr;h%i|+d{Z&! z-*^dkAx$u`NZxUa9cPQtZ_P(%=A+P9o}En;i^n5!5Aw|$WjPp>0$0KSI}S(!562%fWb!k@3o!QJ+ihgr#>U12b^G?E z&&{VARu6_d3a6;SV!3JsF&7kX|GE!@JHsj<(-9YF1UM-3NbB=| z`scUWXV!igGEedwrDvF3w+pNH!p#I<>2mfSV18J&zj+*vcvWf;^`gPHspwFadMUX0 zmd1#*C>zxaH(H~4J3=nc3quJ^FBF)4UxOWE181NfA778b7bA+M*y2oRj}$}RaalY3 zXRxCl^-1#;>BHbTlBB(Wizdc&t*vCzO`=kdGJhMa*d|8|G^uQLm5J zYm}ZRv9HaEK)=H(agKh%*pk4O3?t-@7pvRi^!c95HN^V8#4bR*#yAx;i4p8IV6Txb z%zG#9iz@AZ_Y6r&%8lujxd4CfGk8o1@jGT|gUU;?Y4P;%=0kooq%Tw#OqxS-70!gm ze?KGrs*Xg2BlW-+E;;oCJ3<4(T$s6wse2t>OpuHoW8#}cg}$1JWVPR>858xc6j~&X zaR&M$^EwT*xS53B@2#hWP_$l~@!~i4>KW)zMV;!`kkXE{?R{S!TeWYbqlP%T;6ri{ zB-R}HM`FlmTLNh~?z9$y#P6S%Z*MAcB1oKOVaWk}zg^@Ncc(q^qDuULI4H8jBaU7s zF?3pAZlA6GR)z6+ypaP@XELgeyu)SlY~8g~gCg>(LrZKD_-HDWRct9y!#JtiB&B(g)a_7pQ#UqtyEbb_z1ZR`Bb0%vW6Ryg1|`x6!clN#xIqDD~#OS$(p<2ybR z_VrW|O%TxUVisTQXfSc0wKX~Mjsh(&4EZZ@98*_5nRmR;cdRf{q^h_s6$!&|E3RHX zo8{+N)Wnh%Zlxlwx!;NK{8_Xhq}wEa!ExWzct3}rvzKX@f1^TmvcHW|Nep<0t-kXT zjdUs_WGl}sTh4z9InAVAmBFsWXu`fbOm~mUkWdR~U0`Tw(MHoU5#IZhCk9~YSv;vt6yF8Sy4YCk(|Iw z2m?M;au=a8oZN&Egsyy^f>O*g{*XOf+26oL7b5Kg3*yQ7SXq=Zn#}uX-1v&~$cA63 zoH=Tr&dw{uw?Tg;C8ott&uldCdD7ejxVeN&BnLs6(Vu;a4{*j5MK9x|O>SLkn<}wwYOiOn>!c}N-3!#$oTNduhdoLy58wec7 zc;jm3jcn(>{`}8YQ20Ef5MBSCe)u|+t!tocCI`vCfVh}@2>&u{bJd>9G@5;vC`YpR zZr14qg9fFYF8}k;dit18`$J5ygDWOj$a2HNFYU}N_QE}FA7!E-g_OrT#m@_gAr5O( z$J*^?f=K=gRE@KqY)VJpJMF2LcL8a;oD}&#reEGZvpX%|n{2PK{>@9B+Hg3$POxJr zClpe8+v9RZ$?@NQpC`7XM}YQh@bt<{8}CfQ(MJU~0&1>ZjVWZ6&<7Plj!#v2g;1M!7 z(@Jt1nH&Ngoi(FD)c5cQz{mu+Ih{kjzjN9Tyj{Q?_FHdx^tgIlGvuHMBfNO@<7OUS zkio9KW(!t~R_Uq@%B;SW2UGSN_HF_Mg(7zHjfr>eT~fr?vME4kP>(YU$mMWr^-8I) z3k@f@<`$3o%%QQ)M(}ED?tP`Nb=z!<|v%L|-ynTm(B14#1NOefsqz4z6O{olJVL6gJF~dDZdJjmlU`RrB_L z)$t-_#;^&ScnF=& zg#EpeF1kts!&A0zpJ3(&hYbo_7L2q?$gJkb$EWruK3-K(!CZJ2PzL`4jf}%@srUCk|FnQ`fP{tNV(2ImaN5Lr+@baO1`L1c-H`wVd+Fj{s{yUTiN|r>W0XlOA zaJS3~C~b%%3fd4?9X>N!MQVexi{v7Ckn%#YO1(TReNvVlYex6y6b6RM!=4V$i@h81 zKP$Nv8bO0qE}gkQX0b=$Ru2~=i=Z0~@4u#Q!aK=0pf9D^`N+_c+U+ENE4kp16Pgg?H&VxkIyy7{@fOU5p_Mnl zx1i;Hfkl{o!+VGF%T3V^ADad)V4(S%36OaabgxmXH@7sf()HknKesf;P1#)g=;n9# z_h>rca^v@-`gl-X|#%+%m*-3E=9meBA@<7_2>NZX2IC{>TJ>n`H zhYg_m!MMphFdXAFZa&k!IH#YQpiH60B}D~r(|_}u(fH`%>u6-2=73PtmvzY5Sa1rZ zarGnQtxWIL)=8J1295cFXjQ_g*s(gL)>RoJ>exrf=x*|H05-FV_SmIM!YMg-qEA-& z?1`hA{w&S2eYQDL1!-vwJZx3e^Af3SCzwv0N269j2v#xsnv(U;qOZIxhpO*D1{uCv zsW1a17~xK-*0VhgFWMA4o(mEWn~+s>P~ezU7UIKFkYz%am@o)1o3y%=6=lt8`~~MB z5?8HPtvX=7a&SelX;4ixXS&XzVoD9MlsJ^h^_jHP7JC;u_m%BxOz3WS>E*0|7Nwv{ zY8}~d`1H?%l!`KG3bTNAlnYajeOcJo>5oqrQPrsk8uQxf*HSvSg4=tu0YjvuS>F zdo*|Lly1UM_}xBmIG0w>h-@gAxmmc;8u*E`#>;S>ShS}u^zGF$SJ}sy^G%v(64e_k zc(vDSWQBK3ZzY`7CD(Tc>5=gPsqtp-tOowrb)DP#5;;zfj8J|XSpA%r88Yr6$#ybm z<ZmbtBrKC)pLcX9iuLC1$y;Xcr%_L`PZB-~aD+O}!7( zw;c)$H}sLeb|)9R4JE)c9-DGO&hd&N>0^}KER-i}P@G}%zJd>)*h(NXYBOFv=9%%i46?Ya=HlT&wYWU&=;2TeZU!comKP(zHYVCW?Yi0g&T|s02oxpjQaiH~ z*Cw*KG_i9uD3J?U%prVVgLs;511O_>=2Dl1f|cph(ep^=QjQ*^dt?RS^Q}{0CauU-crO)qkM1{nZ8n0w4c_ZS1d5-Wa(={0G|Jo-mmF zSfLmZU~EJGV|+dUxodsxguB>bIk9&439bFsi<|0VBZ$$!QKl{9LcfDfXj;B)JD-k^ z{tU75_lWLoEV9X}Ka`88@V(*oI@>hfBm3On&4T;-LRhp-HD?owGiB=SjH#h2@}2=- zmfq1(S1hzvGpuNH{?PaH$m$p`l}7aIhF)K)Yg5S_HNv>yP|nB0uC=Zw&|6hx6cVKW euf{rc^n(!ozh>+It1wC>G!n#kL=;>jA^jJ8m^ows delta 23223 zcmaHRLy%_Swq@EjD{b4hZKKk*|Fmt}woz%@HY;ss*S)WM@FqPugB?3!?S(iW&PneA zp6Ud~Qj`G&LjwW=f&!9vh0;dseK@*Y`MBnB@$P3S^FwS zn~qL2n2;sb@JTq8g#L-ohH47}7M)*Ly=uBFx=OlSJaJKZ> z{*rS?^!r!^AQwL0jNn!(uH;5;FixU8xL8l>TZS?xf}&SaT2CN)R%Ytsb$XjsE!%ML z#E_~1IJ9G0W0lERo}Q01pInPs@Fk{KJ>$>ajUF^mC4SVa9yCR;-vXp9t5-Ke(leWCj5sjPJ7#l6^AT-#R7W~*n>pr^1>HH8`Mm58Bd#hR)=N}T09%qo zdM=AGGxRy=+sI`um*@r6(;&HhJ3BW3Vr+0XO+gnily%=7!!46Ra(S`G>swY?8|xTX zS}e(_g7+ILhdeQc?$~5LHhJN5?^qOCyA-$?Zb#$zplX&dn+L>JBtQG&rH}Jsl!f6H zjBW4sq|7&GteyVi613&ExaD0Ev~0Zo)!wmSxg57ZX&E^ZfkHzU_f~2Rqz1!=O*vbMs^6wfP-@^W)%nZ(VIba22ipwSnKm ze|@1LA@C`>y5k!7`4oow{;R^W!GY%`EiOn zCQQ3x=v=mzPTdqR);I6oH*m{!o4bwCNTZAWKLO z`Krt94b1jb+n55WQgR15J3p|hea6pcpeW#GWmQX2U<|fqsRjpIuj=I&6#12K{1J!? zTZqSr&M0#@YF5MJ=<&;lP_5CPwXu*R zu?G)hAP$UI8;*?$UqJLm;7IP8n}hp~T1?z_&(VjnC0vJMW=+K-lL=+d^x#kgf}B6`_ceC2emZCw@)I+pU?Isc;U-71}Aa8}*|1iVsdP+<&AZ`wrb zQ)P%h`xf5tR!Md+4m-C-(1{qqvJU|w-t?uTzV5;%)doOpHQWAn7ms_ZacDW_w?`lx z@IEb7h@tbGOO(? ze3JCYx%S&%k;Lo+rdmenK7cAK)Np(AK3{vNnai_vDe2>}q|8j7A@0boK(~fO^sVxc zlwFiDNys2z2xmkEVnnJg?trL`k z9*>_GZV)U(+qBbF_~<__Ka||L^>rvXYB&(~QcaacF?F2)%wy%sril?~j*RY9l$B{a z95+;7u&%6;{znzY%hODCB@^eRRbWTSMjzB$!E9#K$Q9F=RuIodW+YlLBS8yZtd)vh zqthC`f*l6PDT~D?L9rm4c7C#ZX*{91LIH8ez6ZG^@Ep?osJ)cs zf`x%l4;k@{x9QvyQ^vze-#kwJE^Thu6Qo%g?uZTDB zP{zMnpD=u-*S~f?#r4ouF%IlO;a7yngs&lWsEbzcBUk*o8kzel`FbjAmW`}b#}t-_ zH`HqU)DAOfdp|yKI&+0v2iezR1?)*GQL@sDtwu7X>r>;IBN7 zwPpJN^fm%_m8`NYi?<{@HVgCta}Hs<fhCf`t_QbaO{eFpY>Vt z*W__720`=(khF}?{)90X7%Q4V%ZWwfV_Y;;)9TyriCbaEJYOT>p6jZB?2#lXPAI#ytS*8ukv^>iQrQ^0-yD~+V!;VIrBcfyardnCm$-`O7PHCyec zr_SyE@T&}Y#R<11oeS;b^_Vd%BP&-e`-GXd`yvvEy36%j#DWd z9tb>5tPQcuOM|i7&JuWh3zM37kZBt=3mZ2)T{ggG0VVrhH1p?HeqF+NWD*Ck9$y^8 z=wjE%`T2a%jqTNE@v}~)QX}56V2~d0r92Hxw;O?ZU{H!GaN;^Z;rJ&FG|>Kj3dynN zvUXU;A?bMi+KK4pZy$2Gc!p&co_GBju^WgZuw|Zd@E+ST*5CM} zMKlWRdqbfCZcd_?>Z&h61c+zADAp&JIrZ!kHtC;OaYqB5Ld3m7OEd}iqccXFPiVvd zTWVrfG~vN3us2Lu{4XpCatrWWX(r$JPf`R{;RO!vP^10)g;jSE5nL>CDUm->zVouT z?QU%fubPvyPjHJY-X7Qe(+cg--vv674`U^0X1T>*1bPRyWliQZkH{D2#-NK2a;UF~sfIy99hs%4PWQvylOnOMUSY)|k*1t9z zYSoxsr^@7OqVCRMrFfkyQ4{Dv^-(qY1H#N{T2GoeF80&zeLp zv_r+f5*8lR1L;*I=LHIp<3I{Fs{|?gfMQdmk(IJ3@Fi7m*EnqfZ#ZXU)gzI10*oWP zA+jtaz)S}llm}EU-tbz~Iy%L+>(KoPG6#Ff@s-Rl;lp|#wEb5~doJb~0h}I$>2i4? zz~U6c51Sll5s`3YknL6`WbIoW9J;x(f1ujMH0#5N<&ZWxkUfazH0W~=Y5kMv8o->e zD)zuh&@^C{f-n96@^!iDU2AVDDu+;ce^JhL zcZsqBFwN1ElwsI(GF-QPCBJvUQE0oBkXkjdRy3JKn5W`x8uNtF^QGfJoV;a%@mS`N zm>}=W(B>Q84M5$!5ux4DZ|rj3Ey95UMMK*p5Z)2?84(Bo;9JjW=XGVvYmn*XE9fP< ziso=`vHJ`rtCQq;=Vg1KQ)RXkzi*=-fPkG#aKBEi#rl=(Ljw=GOb z|9s;NE6g_lV~|IIQeI>Lvhpm_oVY$Yiaq5+tR%jjkxoP+9N3+D;NsxNu;s9gI6>O9 zC}jw*BB@smlDY`cIjcAkrpUWoajZ(^iBk)8gecKDzaU5JI^B}ys6XW~+_s;L_TMZD zAzEOatU$tkXa5cy!r||}YH_i*mw4$7%Hv~ZZI^HWjF-qt*;EuC47_DqYB}*WnKR*D z$o59!5l-P)PLFdKiU!J|{dN|&%QktADsT=eHK_&c?}w)FM8RSs zU@rdBpbcGq#h_7PckO^=lRphK$-Klr?D@i@2kmix10SrV%jl_J0|;D^+;YL#E`V1n ziZGS{$);g!;e(K!w`g`F6LnpSTGzUU*bYqv&7=Dw8d^gtciZsDI*V-r#U%C<<-!6cPJE~+CRs#hBWF;xNSAnsWC^nOQzo$?akkKO$QeM$czMPUKIEnck+{gG$1<^&Mqq;ZKjbSx1s$ZkIDUC#MB<)?c4GX=i072PlgX>GQE z*VA7{YLWF*wENDLwnQf2C>biiOt_@RsmQkQy*Q|yeZ>VlYjR;P+c4u3l{(2v_gZig zq1UO%WxCYT4!=v(i#r7}phMyYqi^WBpq8HYjnDJJ$<*%v8e-n!z>}~Dw7QZa2Eh$! z`c|s;BBE#&I`GLiT+U-*epIsKkl#K4TVC#np^_0a%tTuHw6I(>{7s}OsKf(F1{JK0 zSY=xX18nu9&?%3$vsy|)YHD_<=jSZ6=DHY4dq0yn-*#zw{Ovida$p0(Tm_aa3O3!- zcdSRF464ZpbmBHWj4PJ@YSq;v_H2MtCo#7(fJ;^tBCuOEx`FK9I|g5Ds@)!-cz{Rj z%UZguQzRddE?zm^a+doAHJ6}7W#9QMNa4FX>>C3P{LL%k2Hm9>W$7vtwj{OohYBY2 zZY&MM(+8z|_K|P_ndG(q(EEpGe^Vnh>E1dEvWu<{o3T{`&JU9W1{BJQ3 zamsQGkhYDs@Al1Lp-Ljm$9yheLYx#M6Gu#H@_`=AFqJg=6MD)IZ{$oi;rB=rwOl?G zp}>5M{9$;BIx{{;H7ohE1yUF6Nn-`=Alm$Z+q73O96W0n{~l=BAwvJBiV2j|r0l^r zmIVA7Kc-4)Alv)5sw(&Q^4Y*wiH(8bk2HEoQc}d@#L3?wGa3&7o~cXZ_H_wzDr0$hm%2QkF!NPn5Fwzkw!%w*q)&z4Sd1>^ zWH?-cD?Rfq`KM!PwgC;@8I0u;c|aQ4fAZ7_<{+K@AmNK}P+D-!k5K}60%ySW+liFe z!3WIBw-*KhtivufJ1IASxU*E#Mez^QPN=!SCT4!s1WO(O;PWR+WGOkIQt|oh z=R+w_%zV_mHzG7fC{Y1mZg+p&BYymm)H2yCFW34Vl9vVAQ4}}idronB@d}3rQxHk< zn&mird+c)l;i$4(dU!L5Zk_(#s{1sV*)n-B`mUNZt^rgr9XKBuhtnu~hxz?U@V_sE zV0uv#LutgB02sYHJTDSZ}=>9VT=x{Nws zh*B2#z1!pNkjP=hah7A0%Px*HmKHvh;>-|>p-{5_KE_U~=EfWH+ouHO9TQr5jzvCd zMrex%Wan-rpT%tD`d1YOT5%3e7kl)Z4>;$PyxrX=n{p%Frg7Ljvq+yHM+{;g>M~q~ zIjM5B@i}we_Y@I!v;oQ`*>dSJDoRa>`n!F(nBJFYDyyk~gJWLQCTXDm0(MGrL;nRx zhn(xnL}zDSsvdfZ4lP~QtPZEwmB@P@jD!t++mIj`f!4Y}$Wk-j{@(w#wa@ca;)G=2 zf&`D5x}^PESBR7Shq&}XS-Bl&%)8J4rOuiwR74IgEDt_!2bwRP8O`d23(cw{RM-|a zOxSi`aj!*x?j0{tYg2o?nl5#UG>a9`aNx<)63x*AFa$0eIdOdREoG*#8;1rT9U`=Q zYYYDaPO@ZY@J^|v6YBABG&F!jdSIuL$_KLBi^A@w>qKi>~G(qT{T~az1+ExOgSFR zPApKgYj#ATfa=uP)*9Z^@_BizQm`@46S~1*9pu-yHD~?gRHuHE{NYt+g!ck*Rk|@d zzOxa!mQ@DLwXS0@wBzOX+*k~#5!$tQZWij`I9p|$%B*Qzxxi23`5JNT;XmVO5!XMj zu@CR@%#2U!i4nWBJu+vI*|2n9Qtv8AQ7fuV!JQVb+Okyrd+b%TV_Es+R|n9Y9^V=H zzaX2sLpx^w0l_a?wQ{kFX`HwJ%c`O}$>*v_Q?;yKRl!~r1lVyTq43ViGPaK;KQgtq zM)uZuTc1p1&$EF|e&rt5IjWm$tVSxtv}M&c5W+AKE$m zy!!()}m#H#jTniK!zZW!L7%pedVXW?cGhaomKRY_2$2JxBm>()9*NG zp}u)6UjvYP7!Vvzp3|6|_N&>b`x~mx5}kc%`~OJih+SU&m$dN9^HZjNE&dD7@kss# zZCis2ZJYJ7Sh<4278>Dn2ax2HSCGJFH40xsab(c^B#HlqhuX0rmvs;tI!VkCc+nj_YzX!+5t zY)jqSwn)W(`R|6KK8C&3OKKUsr&hPa$B6RLZzdU?RUNMu#7Pc}!?iJuk0558MQRh* z+KU+RnjM?-e|;7By1DE}zwZX<@MIFwhJ8@Wo~^I=4HG*fZOPpDtU7EhMghm#eXA_Z z`gH+M-v1D6Fw=_ui-0@&Uj$eqyVj~TgUT2aAd*+Ll@0BlEt?g{>B=1?>o=ubxvQi5 zW+H|tOuJ*v$ZlFQ%Q)*Ne#J6%t>IeyrUom)I7>QOwV` zMw?evv(_-!-sx29Y~kvMY?g3)QcKl&p1NswmTKu0aR2GK-x^yoHffyNTG;{#-xA5^ z+Z8595vtmuvfSd-vto_6>V*$C&|MEk(GH9OIJFef$6(mnXh8GSnp$Az);5{5vN{IV z3zgpSg;Qnu>7VG+Eah*Xc*smQ6wo1lM zRU-mM#ZjD*Z2hZ8qonb!u0t@6f+*+zN_2hwKN7LEtgEsW0T&TfGsNf{fC79LhCuY| zE^1mUU#$FpIW_)Msf*WE^0%Xfxg3tWM*Wr7%0%n-pB9f5F(dMt%glHe6VzJh#6!I^ zx5(%2Q`=luCLg|40xHv9cUH$7T-4r?+UqEGbu>7C9Xoo2_n{96s2|T0OUEI7m;!3xp4mD}_tn}Fu zE`6Q)fm!4)L9mu@3EQzVQ|Q1W$WJ0GY%fUk2f6i0=4o%1WidtQZqsC)MFKJUYmRQ3 zlyrB}A{azjp0i?)0K~l?0t{AfguO4_I%X*}&PC(vH^7L&$d)?l4M163{T9vRUrAkmRnF5gg`FKQpmozBQ!VB&@8{|xBso0Vl1j9{I3DQTR@ z!^kb#v^w4xF%{AK>=@u~B z^5P?5gnK~L9h?qH9pFhdH89XTpM>tgT}0sUa_!^LOCh@9Z;$z^%l!Z$vxLKH#|}^T z4hs_+U$<9WFsb-!OD$;BKgSzlZOn3<2!W zWg7PhZ+dxLXqS1EG7bN&T;uLyrb_qbE5f+KwwjdSLYaz&4d8{hT%A;%vDMu7Wu^xP z$0JcSKrU{BcE#$NYQ$(^^08r)y6gsOq0u!DkFG)TNaIqJC7Fvy zL}|kx#xxfr6{bPA`Fi2jGDIThPD1q>edp6qdyg8B+r_wpf$~dkRW6r4-FTPrq`^*t zVId;ae0J$?52EB{O!g*=-x6>gJWhGyloSh+ z?guJDeOBdH{I1G5{abHmgH?FlsPQ&4^RB!6da^N)!Uwe=(LY^&>_e*vc9q+{8x zo#hp}=@ZPfZXELY^7FzDkj*GsZ7CTJx<|$%Ujf_ zC;;+g@<~4{t%Q}2Nc6Tu_8RiU&pqx#MQP=wq-vF_2iJ>2E)kRuQz9I*+A{;dI_={fy_)HHXLx_~Xf{7#ts2S|6((Z37K&2nhNq zg?gcb3YT8~`bi0MR_nG(L`BH}t*?`S9g7ZbS9SQ`U2_ z&7FqPG8Mq*`R~hL@xNFIo@Sr)eqDUtZC#Xlw&mx6>002a;sA>vN051}h)SN|ZS0ocJI z_^#i>l(-idC7Fju!3j%xx#np%0tHV+Bj~y09Rq^s5` zxG6Fj1e6qXxfleDj>ucdUP{lyYAYz%@n^1RG7+TujeUbygAD)nuP6ZS0e9F_F@5Q| z>nwCOub$6}-tm9P*x+x;yE%gBn$CMZZ7a1{kEN63b>oIqA*^{+#sBK7j?5?A$Mz4~ zq!(>oxsZV<83L8mep+yzuJwu-hlVbePd=! zOR+$4=14g*e{H<|&p*ZUUYNZ{br|W&(o(pS~=>5jEP91GZv%9B+aqTTG z!@7kFIr@Fvu~j1uWCa_%$jKFL)_oS4U#r7`tNjh3bVp7n>tPmT*VoScMjjbw)BBoC zeUyb&hEj2M4_FAZI>1L}^ZYj#8@{w3K1fn|Rs<1F@6F0t0eV^^fAX?&xb4}k>3oo` zSk{BB3f#KqHhiF{@`f6>8%RSmiXLs=vZsjr?VZ5+d*!gqOPG00QaC8G%b zp?Ku>>#3JzRt|}f4-;9%63_0=2GKUE`6ZlffID~nB@4oBAF&O25@t6Aw>B!#7WK7!WFs^K43h?1PC}1>l>d`+KWxqw_Em#FU{0u?`V2 zd+ohha^ju283vDz()ot0og*Z;=0BK4TKiNydTqX8GAtpyp}2O}le7gd1lqf2Exmrm ziP>029hDlQo2~}B4AzNk)6!~l2}u*uAwxJX`HMH6LFsi9(`K5y4B1R@ho%2r>eKK| z)BvhB7|^$Xp%Hy_K!(0w+w>M#Ns6i4#E=wRWXzJPO$A#T<&rK;k?$8k#*tIzbwv;CM__7&V;p)FJg#(zENkCeX_$vNy6nhQ4O*Ya7< zpLAUAYdsAo7ol;i{*RC1llHH?t1&F>dn9BmEr2cnL3Z^4)T(g-NNbVdmjH?hDx z09f!D8feVsHZ{!+=B_q}xiwJ@tI0`lz}E7J4VeJB`yr+Fy#pD}uznMoO{2VL_a5w=rVe?gr;S z^vo8DSUQK!*9LREM$H|={`X0ZQlY&{96+s<*so^sj3sp6V}PWw!~VNI4xnv~dyV3-7#!IhER&;PVb0AvBcaxJeso8>Draz2q%QdcP`?nr!HBc!+&<5=)k7%!RmBG7Lh2clFd_HTA zjXrobL~Cf(L?IW{r+U#u0=P{^*h-wej&U?ICJ0TuS(uED_{yk;QQ4UFh<|<+fvLlo zUcFbK>YFmLAaxUcw|5Tx9Z!B}czZeihG^L_n3QX&b^cqtHw09BhNSZ>v8JPuzF12m z2g37*T_UU2uh*4<%|}=p+&u7%f-1xMNY5B!tUbX}B8X({#SX0>8L$Eui`2(>A_XQM zJ~>MQ9nH8|-U2a-0Vb|_QrQ+3>Hep#mgWGz_#oii+^PbV&qk3V7G4P60nxEIiQtG< zm>7)+IWitfOfs05R2Ug0K#p8Y5{#J<{eM*ppdu85MJfMR^8je5=${7RDanT zC?N_tx=FGOdx#&soQ*vMWLznJ%8N;9_F95n3yWjFy5NQyS@X zO+zx6$(S^-)*yFDbhbbj$-`UUydVG5u2TA(EKJj=0}!V4{C(5r{W?SK9bFL~OTj z=jRH`0T}eYJ zOeqW90mG-D3iV@?YEOVCgom)e(~raX>Xt7E;IRJ=Reg$IVZ2lxN|h$FV3rKIUReUR zhcHLVKqcD~#uS0vbfw1QdBWNbD(|K|<c(*x9@!@nJ}`cX*h0`%5Px-+}P zPGUxpv_YT?n&*}maWkCquHv=;JIID#`c7YK74sOJ8!(QxoUbY%)KNw;uoGN6CnPgF z1OR^ND3Ligp#K%!YmE>V`XL@!{Y=tjKH7t0d7h1=RVz;U`$$u?H&Yw=)j&>)V11{uKJroDxX`Sery8>oV3ZP(vcGE?h0~(wr!9D!2N@{PlG9+qr4ok(*;@!axeKJ? zvJU;Zx<>Mnt+1U}*h{FY{HdzB3*e=u^lPBB!$r$u_v5=7nPY(OZ01G}SI|1FT7Eoh zy@N&W^tszSE<_0zOJgdnvI7(6sBI=v`k_Wlmc6e{=mtGCn{?k*!b@~>^G<3*{F4Rk zgR_d#wmN3wZ`Ed`x*o{X8kPbqBS+P*+ocL)kz90um|T~P^BYv&r}78X8(?hsRnJ$i z6BSN`(}m)Av=xY34+oV>Nj5{d2EO)0OU}5i^C38o^%rfE(Pc!we=V2Ep?4(qWqVLrxuBf+QJGZve?m-*~^ za!~BNsK0bT7b%JCF4963kSWqjPf9b2wv-eWWKr}P9%0)olv9CLIARa7sKa+K~os+ z0Nn1P@r!I7wD0|VP)kT}5J`_CYpfFKh%gVWKdRD={tZMFG$~_1#HW*k>RewSEBD2D zAw5oXsm6B!fh%OnPN1+HUJi++=7SiVxv%aepDmvOh{vES35QvYchJ(Z8bc6X*RrLobKerggr}3btrvq4Xa2Qv*PE;l`z|NFle(5?7ceuEbklZ0EE#*? zc^A=2xM*X^hd9;V$I8EH*g zbg(~AOaZV}Ia4tMRvMaD?Dj1>dNrgqZd%&MeuOJ7Njd2|J~nOATC_Yi#(AxAQucsH z-0y;Q`w4YIpEq3;R_3OrYNtca1U1hw>v{tbOd>U71h}ctxLUo1=mBM391&C70HQ|q zZ17G@5mK>Cm-&Y&gbEYL?-eW_&4`>qr3$+^`7jfwp9U65(#Y7xGcE~e z#%VlOl2@oT^t`!6fD;!n+y!+#&UT#^3VHQIfYYgLiq4vpMJahzLZRbec3}fGe5sx3 zE04O%6@tnKl6Z4*Ol-yw%H#VOE9)9j$=LldTsrzqTgCd1#kQCmcjK&5X)aMDxm|l8 zE`X?{oRfK`L4>^1=nY2;QNrMqJ!jrhZ*txrI4{0{TyknD#^y7TmYcSK=^7dxy~+1C zuIYez#n^{X2)6dv$vLn~SuKgO1!)Fa2U_v(XlluEsW`y`&+ftCJ1)O1Hbd@i92AY{^7(u5JROaPWCB#e~7sV2p}BFx?O*pm5x$kg#<5qh+5 zl&Fw=7BzzL(2VBgFMZ0RN;7B(1rpfNjDUjXU=PvrHZ8&QfccQQ*ETo!2>@yQTPBJ3!|flT15GDhg0J=?;Jd`~3$^yRq*NjlM+3jl2j z_0ocRkB>3Wakp;lNKj;tw9=`kGJ*{i|T_Ivl$mR3^Ri zZSa8TxP(F~u&(*OdM5@aa3AW-@V)N+oN#o?fTxC$QGI(BKa0R4ewy$#BS1AdRT@r3 zm9kkioY^trH7BiXFs8rRQxD|SOWorDZ$MYDk+^X#A{1LUeFkf)i5^dUE|(A#E}m$x z-!Y1FnZxPH+@T+fd+qp)(Dy6q5616WnJ^C1LSi`=cA(n%dvC$ow=0Gy`8Cp@XkUz~ zX)nIakOvAc8R>RAOuFm*cmS}Il)>Cyg!o6l$iS?^LI5vcx(VFOGm5jk0~%~)r2dV! zFlfRuWX?3BO>1?iHF|XEuNaK(V^6A71zPtX?Z&?0buLD^vV}q%TkdgPgFuXlI|&)CyXh{bITB% zIa&!$$P2>W(qMZ)3LszKLa%KOg=Y&FcNnUB67!xW6}IAd@T(577^0Pq>km}zV;}W# z{O%o*D8#d5fg-ZE3ji|H-(qW+c)X_yi~Ze{bj}!bVsqp>9-+UAh70{3S)C-V0MUvA z8OAgNNv_Ys48e#-14%(P`9vUyCPwV--gY3pvXc);ZixTRYW1yw-{G989YTM zj5ab-nZovKK8}e&1_I+;T5nb)dc{Qj_=9KcX8e&8aJXYtI}@~}6wM969wdj6p~NUy z&sNxKWrs$>AYU*`0;q5E0icUhM{sG|bJC9QPbz>ef&h5f@r#abrE69yLqMOdxfD5= zISOLJM$&O{2h;x(rD)H8Q5r~hzBc(6C6j+qGMoY*>5jp2{ud?ck?u=3&o;(muB}Z= zSHgQN8Cnrye24S~}v6@Vcp<~i6T;OHH z-r}Xv)|=*#sG*T&IrDFQy^JuX$l0P?Ilz00GxP4PT?&cHq!A64>x$j{&>+?qC1H>1 zD5Nlfxy;n9r<`2-U;Vl}Lxh8CM+DCusveh^L9sx5ZBY%8u?%|CwyZ@xSlrkRhj#dc z#5f&6BDEHk{P?agVRn`_y6G@+qAXkyqW?&V=JZcWVIt?+=zp90kmL@f{CIExOh*i* z>3_6@$#4g4)j2!FtG!}z!+UiPs2!0qB zZkNT$%|K#o$ppO@Dov`%y!f2fFGOWPOD!Y`E9roOTk?FHwIh#~<5-FII?C*yw8|dJ z8p@SR;mr`s3Za!2Zdyn&|#a$6t-UOhP&z4}lO0sEY z6{ICMR&2(CRc^hLp320k@8t`x@=6Xocj4IO&+m@-Zu9#(LmLs^x0M~jcgAF3W9}61 z01@2xL^m0>5&V(LxyYX%_RJZ#V7A-px7wL=MbEC?ex9>t+v4l##Fba`>**cH=R^A+ zfg8l1U^7DFP6U))eyR@P$v|_(T44r zjO#i&b2qyq3DVvh*8AKp*2Ss?$Nux01*TmbPxu$U`88%N0nP`{4%RbA9JI9wz&Tt1 z?K#bvih2xVEpI9YA;*mj}`EpmdyQ+KRZ(quj^-B&)4g&m`lYdPnOr+MJuh2-eU~hK>+{#1T&$2SzB9SSh7xf_67Q1 zmbmQKUJ&z9VJi%=2AHFD?l@sK=GWRAh%q9q9HAorv7YnjpYk8xF7ItnZ7~4bPv#b`7MW-sgj6`Xd{iUJukw4n|~n7K=l%X89wFMrDSw4YIG$g~m0ZPnl0jfP1`We#`;Y7avI4t=9^|bsBn8=ce zeKy;o6&17uLSN()@f}^R%U3ed06{kTj_>`NZjYizfT3sPmR;FrG^}yyP^+H)ahSsz zK#-?3*|VNQ-OAt$t1v8R5X9v!=-)G3F(%Xkxz=$q84^f)9D(UzfKFY{q#t&Qbdi#m zOVG(Y-hw5|q)5H?7zFu1$sqs(#K!ydlf1zevsW^8QPWE@R$)>OBF2XN7C5Xs-omK` z;uN_fU%K<{z<9_!0T=54IBYeX$gt|tPBSjM>zP>iz{p{I?0!Aq0MHk<^=K{4DRVP| z`j;h}Or8ds^4V`Co)w868MqCaVxKdX4O^KEvQ1U*6z{gFAl?O=cxxj7CGB_({p5v6 zI`vmWhiFlnLu-8Ze|jI8Npc&~i&+i`!*Ir;(8;Mv>+=;A52Vapl;Z;?XFGl=`2DKl z!QHTjk4$k8xs+KVMyq6$Xg3NcgUbzt_FRvjbm_^GSuZ_X$&lxtx;&uO+Sp?XdWf=X z!PT?DY<_&e7Y&D4+0;k|q+2TX59-xpN<*SvzRA2=T>YZmM4$Y$piCo4r>3WDhEqYY zw>g{&DNa&}ayGbtV_ zQ`DxDULcyTQwy9Bblf)-JN~U)H3iBw^!2Kh%LA&O45iYw|88C<30|-EP3=*#0TX89 z*wAQPCV>=YIc0W$bk(X&`wTP|qONVWL>H`ckOG8Pr#kVm6knC$d$*E80j!F0=jK>$SgYD+%E!YI^-I3F!0+?GX;E%ixWpI-W8)308fpz?SN6h`X zux@5ix%7MxsCvc1*V4trdKq=K6m9zw=8~}?XOTFPi(ex^`MRHu>1ryU1Us5fZ&4iK zvMit^E2snCJ>4QvU+M}1sL)p;2<05NBpOZw0flT=3?70+xh66rC2v#Mh-}P`i=)oN z0=PxVpEP3}ddQbtP{Rl-@FrD|XU zT$;+@MMlQLF$)%wv>i2`cVL`P?YnA-f#qKfnw!$w3-%jRxGsEPE@ss`kaad}XrhBo z`J8yUy5;MWcwqk{(;SLs;!PAvii{nGvx;~!7zqwwhAL_5LogW*7}YaNqw{V1`Th#~ z>JSxxDjfRR>(G6Ig{dRCm_#?cXDC5Ghi=LgZOn~gZDHZt?}j*`HF>@YFx@$|KRn_5 zmen*UBoJzz8M=C0nCP%d*sGr-6hMky$bQ6D#AyreV#_kBh4GX(>P z@Sjzx5N&s5HU|Xa1MK+;R@m>R$$k{Yd$%kS33b!oOzqIjdIzT3V$6C!D}Sqr>{6E> z+pRyI+&h%jcv&}J-fcWBiMjE$)c@U%(u>QHB2NSQKW&^Ik`{{RMLx63>D}iZSSUTA=R%#sv5t24ue1c8&qpOzRo%l2`JSnwx_VZL8_3%0RB(?eYHrWl7tqs=T(Wx8BuNbPeAp;W=5H z*BzJKR~<69ZAj3lSkA~QjQoJvf#vD9vxwU(+nA7Un+C&r6{v!SrZCCD(^B(IQ(RH} zbsgil^T_XhmE8HZNG)RDT=U%=CCS!#f|?|0 zI+r_}K$u6ofQOY{Ro^d&d9@UJbks+BV(6Y@J3aU2H&PdPXr8+(Uog8-=XuYk<6E!(6xX!^YiwL{xjEqRZFTW-B3L%%T0ij(YBAKsm2O1bo}QHeLh#Sn zaQx;3XDxrPM@B*ikk{&u(c9mS5`DN`c(jiL^@RZx9N1GjFuu!YbU*b?!&K%eW2vM0 z#XYz!7u!TJ9xM@EKdnY|O60%Lekz;(n@XMHg&UC@WvU;nwwV?iLvDwZ>NPgT93tA! zIZyEYX2{KoBga?ik3`9Yd>mFA9Y)Yx^q{u*}I6(skUWw3$MWDc51V!dHi^?np zXiE9RJB|fIZ2kDbv^$oWYj4It5*&s7E3wEqP%K0}rrOQr^TyMo<-y(PEsJuQCPJ%8 zElrrUM5&MD*T5~RM1?8FAf;Uc>)gnM1;^|RHJFHxRx!RgKMO$&=bCzVDjkM^Vrr-9 zSKXgSNJ%tPi};2SM)-mly@4@eSFB6;ATjo^P5`#MQ-e{c{y8pERsE5Z!Esm6>>@O9 zw#mqVA;-{vtunlXAoo2y6{*P{em9q>O|Wzwqm%1aQv4D? zz&mQMUG{iY=^On(yxoGW4ba8_DZvnbX{+9U4JYHQ1Z67RxGn!gkcVj6_*wa7jRSCe z%<4{w9iox$E%ChIV^^7kWBQ2{ZcnrTB!Amkw6rMnsXmkP{VcqfU9$v$HIgmgiIcf> zBNiIz06ZxqU6fc%`0sNR6=mVEUxDC7FKMrtjFaRGkT=2Zp#_`x=kq#fHtil-$>Vlc z(_U{wdxu`vu)Q*b)g4-|1XZ?h;;7^?{_HeRWu#Z%u#9E<$I3R{TW!UuZs=dZ+onSp z>)sdfw=735D0%(d3*lX`ZVAjgdnxhvdW_jdeJ^OZ{?`w-J;D`xELPnbBITC2lQfzu zPSHQOeeD+R#h^2wvIJ_X|Li`{kaQ?L^xXfgz<4wPUQ&7D8+YZMa&F+ghGu$`6$b5eqLYqi2fORai)r7*_FW z^sSsrNIKuA*MDbe{VN5r#Ek{FnNfeUwE8Oxo}^BLuA(iN$Op8IWY1%I+V)aC7+#&h z5$yl)i5X`GgGdJG=jwGEN_PlZdb_-wt2vsMTwlE7^f}X5{v<7_EpuGMu>X*}I)=*_UNJb-aeWtjFT2G1dm^T`Rl_ z`X6zxIIW0EqEU)!Tp8#zFouU|4p?a!i|uZ~f9tdjT#5-(xi=v{tR}l+7b?9_2x-I} z>)v3``EHVInA!QCzZs9I87@`gGkD2kugrf>NX-FSJfZY24K7`A6nkwcV8nCJF$?{; z*yAWs&2#QKY=k2m@k2Z7_%khYxD`Y&n6p5;Y+YPEy$U;~wkep!(r|PqJso(^nxk<> zZ|N(3kFlts+=;Hi6=uwN=Fjex>~~AwtSIJ+8+1Ez+OO2~tc#Yob+b76f!OtyrJ4At z+XP?^S+M%HVDQZmujqC&Uk-vP>ky|CZs7J(1OLKl9*M9V$02!SD%@py$a5 zdf#4lcF*4Kg@u1i0KA*@?7>bjQ8$o^;9t_sFHw~{Qpx?{CB~@?il6U^L%fC=fLfLU zpZ;}|Kz~O9^EFO{2VdkPCe5v1yne!MfYV>T0p~v~9`qoD>ZH;FFH+v~?e$MJ{$V|W z(KsWQ#OA24fEa9&!&$pzt3}8M9iS^{?^?6IY@5IL-Bh+dvASuMZf{F|!Ci-nm!Ds> zr3N1;Y>3+;I~_VMdVDv31*-vBOT@a@th*mbHVC1C_)evyw%UIQv3u;v`vtfTn(`x- zm`cd7{=}4|>mvAY$5SETnO2#W62>BcPF#gCuN`tJS}|iw1FWLY=LAs5%uzFk?f6POYy$u6|<~fGZBVXua zK}T&nC%o&Lx-$WI` zrGm3!RXqD!rVP>96AX1w-s0jkoy8ig1tBH&3{A)W%gR0z7Q%jPV4tyTrbE3MkK87W z`!>Mll++jxmk=z9PWaCo(VzeGMufX7K^Wbrs@!mI6p57pRf=c>`9kI2Jh<9k|SH>y`b zzx$#$z+@J;$4EULbl7wO-r)H&uTPFYXWV2EHw2E^Vi&+dr1ro6MlS3Qz+X3y`;I`K zM}o;N>!@noK~!)4_G}&8L_>BJHNJ5%Z4t0eGH9kL(&pAy=$!wpZJ|~-dlP_a-Oq`h!GH@R4z;k*Ir>Pz2vaSFpkxJ4zv+k z>CL8|V%(;GosC-Dxou8COd1T>rpcy_J~H|KExx_$M9#*Q`A5Vkc^$t?ZMKFq>08DV z%HdLH6#bY@C2ByZN=>;a?gp6&*JH5P1Ycur+l;-e`1t%P^|&}(Cgj+EGJ(c3ylA*E z$mELPI@xmvLaIUS}GiI2jfekh5-5SH~%&%jm2UQ z9lQpR`PStfE?e4tl#4PfBYT#yKvBksTtkgW?4t3W z=p9cU6YQxNzVMZPRXK=3EADraEx}2b{N@7#C;?y*TlB@yeouRQ5 z;u_~qP0I=@WG9Ea@OSZ2@|cKF4iu89^xCyNi|jYPQ(ZxyeoJD0{$V=q(D_YokII;U z7Sy=F5CYag!CW=X0VlW79Z89gE-g@xO2XyZYW*kIXttLd0|uFRHC(M-9+%aszus`Q zKDw@Yh}OcFsz$eV09)-9;G>Dn_WA>)Ww0KP%bIVOzs?(3DT}cQiUA@CD&Sr@n(cwRkZhyR=?7I zoX6^UMfN?w?m226(HQ6Ix02mGX^o!0eW{q!#~V4VQ$LwXoU2jzU_s0I1SgE%M6L~P zyGp@;N*##c z6^csZ-ITjpVnVZa2s2}a-JSr_QBqT$DEG#TsS&&KcU;@S3V!E}o`opg0EUzUxq>e! zhP4Tq1>*G-Bi3Ep5gGUkNF}yjyW&XP4$6x$-dD-UPw0Sl>>AfhXMzMHPm6 z`;xaL9WM=+M+*p`G2C_@f8TR;;La*+@~ZxM?(lH%sIN08SgF69;n%Ww zU6tmLzeO=FO<7e(Zb~+6V!_JqvLtd43A~<4J$hHL5U3c+OZCP=GStRI*VNp_@eW=fz|9GPNIk z0PCkXKD_c|BE*Y6vioYVCCI~Jdhs&5BlTTUul0wF7qOjl)0m%uGxwL;S&E+J9;TcS z4VV%_GGpKXK(e9ER2OabyG&#Ko0Xh;D_*);u;(z-i}`F^tE8=bV~uD3GJ7RWXuTCz z6;0E}p>oh{+*Lv*O`XH=78GDCqUXH8T1iRf=T~JvZ9uX#ti10G#hEkz)lQuIXR}l@ zrsWTb4)>GwVx1b^!&2SfK%98kr%8=r(aJab5ieMMx#Em_7L}LwZP&@N4H4sF$-8Uj zd-q$0Ex5Xv~Xyg2iy*M>AgxPh7o?4($9-dtvv}-2>w=W1vX-b;&P<0n{ zYu2%9C;S)C%kE3}R??1Mc(+&P z2N*sezU*tzapPVgXm2nGk#7jCXI$1(f2{_^AeI}Bo(&n9diAT4wB4^Q0xv{bf7K^D zz=pQSK9aonO#}GJeHK-mtpgTHA<*W}M7 zY&VMT{aI?0ZxPX=Di_@=HLCtecXL%CozJ$((~Uf9Q%7vXsUavuh#}A$Qwd~I2%8@TKI;Yj z)Hr1lH5Lgn7&C262=PLeE4-Xd4LFL9$acbsZA=)drHfRlRw&3H@be75X#=vZrqC{q z;83wkC^R`O;EhvyF@nNWz1mRUx((p99?bq~EnSp^Q`!rW61qqK*HG~Xe; z3+cC}r|9z0V#^a=n8r)f|1UCZivpkC{RXb<# zp}?TsuZ$Ei$F*W7-C7O#7l;ba}E zJ)dx5+HQmeJ!cT58lqX9&7GdL4?&)xhSzex9QL;(`POLQE~~@^{#A9A&dcKKD?BJg zJT%jW@_S@Vie?T+i9h&J{Izzw;@0H;pyoG#aoYq8^c`AU$YV`c^r>)U-+fAVR3T~ZV;NPzJH{(c3i)h<7%qtOSPCo1N~X2mo21F;?eLO zG~#ewi(B8kTF$&h&XBkg>^Wu_Q`JN{WEAJr>!UVemQZ$B)la_j$J4nt3yvvp9Q+TP z;g|u(;s0T-KZq=dr&@YA?LmLddcQKf>OiG0X6qj&-cdu-iQzv3u`yvY@~8o-i(B zt@tL9H-^lr#24w*O$4Note: Please refer to the following before installing the solution:

    \n

    • Review the solution Release Notes

    \n

    • There may be known issues pertaining to this Solution, please refer to them before installing.

    \n

    Global Secure Access is a domain solution and does not include any data connectors. The content in this solution requires one of the product solutions below.

    \n

    Prerequisite :-

    \n

    Install one or more of the listed solutions to unlock the value provided by this solution.

    \n
      \n
    1. Microsoft Entra Id
      2. \n
    \n

    Underlying Microsoft Technologies used:

    \n

    This solution takes a dependency on the following technologies, and some of these dependencies either may be in Preview state or might result in additional ingestion or operational costs:

    \n
      \n
    1. Product solutions as described above
      2. \n
    \n

    Workbooks: 2, Analytic Rules: 1, Hunting Queries: 21

    \n

    Learn more about Microsoft Sentinel | Learn more about Solutions

    \n", "contentKind": "Solution", "contentProductId": "[variables('_solutioncontentProductId')]", @@ -2266,9 +2266,9 @@ }, "support": { "name": "Microsoft Corporation", - "email": "support@microsoft.com", - "tier": "Microsoft", - "link": "https://support.microsoft.com/" + "email": "GSASentinelSupport@microsoft.com", + "tier": "Partner", + "link": "https://learn.microsoft.com/en-us/entra/global-secure-access/overview-what-is-global-secure-access" }, "dependencies": { "operator": "AND", diff --git a/Solutions/Global Secure Access/Package/testParameters.json b/Solutions/Global Secure Access/Package/testParameters.json index 8dd674f5956..90d1dcc74ce 100644 --- a/Solutions/Global Secure Access/Package/testParameters.json +++ b/Solutions/Global Secure Access/Package/testParameters.json @@ -31,7 +31,7 @@ }, "workbook2-name": { "type": "string", - "defaultValue": "Microsoft Global Secure Access Traffic Logs", + "defaultValue": null, "minLength": 1, "metadata": { "description": "Name for the workbook" From da46593dee19fc77f36307ef5cf9819a8211aa3c Mon Sep 17 00:00:00 2001 From: moti-ba <131643892+moti-ba@users.noreply.github.com> Date: Thu, 29 Aug 2024 12:09:00 +0300 Subject: [PATCH 11/14] Update createUiDefinition.json Fixing null values --- .../Global Secure Access/Package/createUiDefinition.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Solutions/Global Secure Access/Package/createUiDefinition.json b/Solutions/Global Secure Access/Package/createUiDefinition.json index a2509a24085..e5bd702f9cf 100644 --- a/Solutions/Global Secure Access/Package/createUiDefinition.json +++ b/Solutions/Global Secure Access/Package/createUiDefinition.json @@ -86,7 +86,7 @@ "name": "workbook1-text", "type": "Microsoft.Common.TextBlock", "options": { - "text": "This Workbook gives an overview of ingestion of logs in the CommonSecurityLog table." + "text": "This Workbook provides an overview of all traffic logs within your network, offering insights into data transfer, anomalies, and potential threats." } } ] @@ -94,13 +94,13 @@ { "name": "workbook2", "type": "Microsoft.Common.Section", - "label": null, + "label": "Microsoft Global Secure AccessTraffic Logs Workbook ", "elements": [ { "name": "workbook2-text", "type": "Microsoft.Common.TextBlock", "options": { - "text": null + "text": "This Workbook provides an overview of all traffic logs within your network, offering insights into data transfer, anomalies, and potential threats." } } ] From 9e01dba79992c03cae959e9fd7864b5e3fef6e3e Mon Sep 17 00:00:00 2001 From: moti-ba <131643892+moti-ba@users.noreply.github.com> Date: Thu, 29 Aug 2024 13:21:06 +0300 Subject: [PATCH 12/14] fix CreateUi fix CreateUi --- Solutions/Global Secure Access/Package/createUiDefinition.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Solutions/Global Secure Access/Package/createUiDefinition.json b/Solutions/Global Secure Access/Package/createUiDefinition.json index e5bd702f9cf..087432aae8c 100644 --- a/Solutions/Global Secure Access/Package/createUiDefinition.json +++ b/Solutions/Global Secure Access/Package/createUiDefinition.json @@ -94,7 +94,7 @@ { "name": "workbook2", "type": "Microsoft.Common.Section", - "label": "Microsoft Global Secure AccessTraffic Logs Workbook ", + "label": "Microsoft Global Secure Access Traffic Logs", "elements": [ { "name": "workbook2-text", From 32ae56d6ff4c573a680be8f74ce788cb5eb74fbf Mon Sep 17 00:00:00 2001 From: moti-ba <131643892+moti-ba@users.noreply.github.com> Date: Thu, 29 Aug 2024 13:33:29 +0300 Subject: [PATCH 13/14] Update createUiDefinition.json --- Solutions/Global Secure Access/Package/createUiDefinition.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Solutions/Global Secure Access/Package/createUiDefinition.json b/Solutions/Global Secure Access/Package/createUiDefinition.json index 087432aae8c..0641867c695 100644 --- a/Solutions/Global Secure Access/Package/createUiDefinition.json +++ b/Solutions/Global Secure Access/Package/createUiDefinition.json @@ -86,7 +86,7 @@ "name": "workbook1-text", "type": "Microsoft.Common.TextBlock", "options": { - "text": "This Workbook provides an overview of all traffic logs within your network, offering insights into data transfer, anomalies, and potential threats." + "text": "Provides a detailed view of Microsoft 365 log data, enriched with contextual information to enhance visibility into user activities and potential security threats." } } ] From 0c649891a920fb9e082d8f75a9de418000e63c47 Mon Sep 17 00:00:00 2001 From: moti-ba <131643892+moti-ba@users.noreply.github.com> Date: Thu, 29 Aug 2024 14:09:16 +0300 Subject: [PATCH 14/14] Repackage --- .../Data/Solution_GlobalSecureAccess.json | 9 +- .../Global Secure Access/Package/3.0.0.zip | Bin 23960 -> 23538 bytes .../Package/createUiDefinition.json | 10 +- .../Package/mainTemplate.json | 45 +- .../Package/testParameters.json | 2 +- .../Workbooks/GSAM365EnrichedEvents.json | 2 +- .../Workbooks/GSANetworkTraffic.json | 2 +- Workbooks/GSAM365EnrichedEvents.json | 2 +- Workbooks/GSANetworkTraffic.json | 2 +- Workbooks/WorkbooksMetadata.json | 15537 ++++++++-------- 10 files changed, 7925 insertions(+), 7686 deletions(-) diff --git a/Solutions/Global Secure Access/Data/Solution_GlobalSecureAccess.json b/Solutions/Global Secure Access/Data/Solution_GlobalSecureAccess.json index b2f6d44914a..f1d16c79e86 100644 --- a/Solutions/Global Secure Access/Data/Solution_GlobalSecureAccess.json +++ b/Solutions/Global Secure Access/Data/Solution_GlobalSecureAccess.json @@ -2,10 +2,10 @@ "Name": "Global Secure Access", "Author": "Microsoft - support@microsoft.com", "Logo": "", - "Description": "[Global Secure Access](https://aka.ms/GlobalSecureAccess) is a [domain solution](https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.microsoft.com%2Fazure%2Fsentinel%2Fsentinel-solutions-catalog%23domain-solutions&data=05%7C01%7Ckavishbakshi%40microsoft.com%7Cbe2a496082b24caa4b8c08da9cefacca%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637994850502413731%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=OJegu%2B2EqD7rmYmK9pm9QniD6YWp5ooloZ6tHzcwVi0%3D&reserved=0) and does not include any data connectors. The content in this solution requires one of the product solutions below.\n\n**Prerequisite :-**\n\n Install one or more of the listed solutions to unlock the value provided by this solution.\n 1. Microsoft Entra Id \n\n**Underlying Microsoft Technologies used:** \n\nThis solution takes a dependency on the following technologies, and some of these dependencies either may be in Preview state or might result in additional ingestion or operational costs: \n 1. Product solutions as described above \n", + "Description": "[Global Secure Access](https://aka.ms/GlobalSecureAccess) is a [domain solution](https://learn.microsoft.com/en-us/azure/sentinel/sentinel-solutions-catalog#domain-solutions) and does not include any data connectors. The content in this solution requires one of the product solutions below.\n\n**Prerequisite:**\n\nInstall one or more of the listed solutions to unlock the value provided by this solution.\n1. Microsoft Entra ID \n\n**Underlying Microsoft Technologies used:**\n\nThis solution depends on the following technologies, and some of these dependencies may either be in Preview state or might result in additional ingestion or operational costs:\n1. Product solutions as described above\n", "WorkbookBladeDescription": "This Microsoft Sentinel Solution installs workbooks. Workbooks provide a flexible canvas for data monitoring, analysis, and the creation of rich visual reports within the Azure portal. They allow you to tap into one or many data sources from Microsoft Sentinel and combine them into unified interactive experiences.", - "AnalyticalRuleBladeDescription": "This solution installs the following analytic rule templates. After installing the solution, create and enable analytic rules in Manage solution view.", - "HuntingQueryBladeDescription": "This solution installs the following hunting queries. After installing the solution, run these hunting queries to hunt for threats in Manage solution view.", + "AnalyticalRuleBladeDescription": "This solution installs the following analytic rule templates. After installing the solution, create and enable analytic rules in the Manage solution view.", + "HuntingQueryBladeDescription": "This solution installs the following hunting queries. After installing the solution, run these hunting queries to hunt for threats in the Manage solution view.", "Workbooks": [ "Workbooks/GSAM365EnrichedEvents.json", "Workbooks/GSANetworkTraffic.json" @@ -61,5 +61,6 @@ "Metadata": "SolutionMetadata.json", "TemplateSpec": true, "StaticDataConnectorIds": [ - "AzureActiveDirectory"] + "AzureActiveDirectory" + ] } diff --git a/Solutions/Global Secure Access/Package/3.0.0.zip b/Solutions/Global Secure Access/Package/3.0.0.zip index a90911c042fd05b39c9800e71a1f04f431f0aecf..fd9c6c559ea256b5a0edd9fba993ad5093b5212b 100644 GIT binary patch literal 23538 zcmaHSQ;=xEwq)D3ZQHhO+wMMX+qP}nwr#sl+wPuo@0U;j9{u5dZ*;bN~R*|5c5hObuO3RV_tK%`ELKT`cYG=&YRW?XGn$ z?XbsCfAsTj84R?}ff74OVv&m^2Q=hp`q5VskMI)_Y23n&Rl1nBa,u=3{?#V?bd zxXsP%Nlw=3C@T#8`w`vD&zxSk&%B*yGrr&B{16Hs$+6{3kX-O0W=ZChKP~L%bT7yQ z;6|AexNgC3BV}HMlis{s?fd-Z`L9Ycx|N(dUpbNl>GbjOClVH^)Wu%&&>d@iWj_4c z#Qat-9yF2!#2cn9s?VsVqgji(`S*LVdEZ9WnVQbSvD&~M+m;BRkur)9wZ3H192i+V zi$|Y9b(CIWJkd=M>0$%dC++^2V`!kV<(@_*G#i#KZpVG0r$mR$4BFFCU6>3s^Q*lV zW1y*-VK9-t6sC(oxYK@j^f+ZF`xGj^4!B&bO%_Ma8C9Qsm{Yg~2ace`QOs z<{q!y+S5OU?C$s&I=x%Csb>!})hn4ekuWDDORTlWn(W=7L%%?Cf2@3vnRK!&>t*hG6}AZ#{5l)@ zR>myk{J{t=Xm*{88w`3%vIr|Bv5+%Ij;J6XfT=<_OWTxbQCLNr=>SRVFWhPJy>hxq z)$SVQCQ8x71Mq70M2c@L%vM(~j(U(r8(A&W%;{o35!i1L`@-hgZ%yKlRbM_pA3mAfwkf3IfWK3zO zBZ7o(PBcgiw7<+WEo=5kVtFtS87e1)3d8gsCuDj)YC$<2&X{OMMm5-NWkSeE5L?pR z<&`MuJ5Ci!q08f%=;C8SM0oMhYXn*>5>tDJ1cjS*muRmK>No(bR{=2-+Vt|oa4e{= zf+ozf;DHu?L@f4lb7PG=L6f^sRkxKr;ZO)0Tv|^>VRcOIv8v@pqFh0&^^z@j5;N9C zV``n~#Oa^trSLbtll)DJ0;V4nMYtUSt_tfofm<`)Rd^CjECCBdaaavWV8~+e!DN0G zU^Ji)5i4s;y!$CBL>*D%fMx~Z0V?!VYVlA4%U;HnljU?V@qptha%Tt7GwXy3r7lwA z;RLwztC=7>W@Ha4!w_}*%U^XLQ*fn+-$nNrwjmYFK#&+?nAF8>n195GJ|)NfcW8x( z82N_7_|~?GHdOX#n_;Ux0!}6&a~+$r_V%hUSLfc-UZ%z==~IIXxq#Wf3dZ;jvAA_}GojRqB6 z`>ems@E7dEA{9{M#3!#RB4P1WF?Fd@G$}%Ml%g3@*`^uHw*y2|A(E)I>kMUrdDsfZ zXyem3yG)OF0l!J91o|nwuyLt;t)V)D@b*ko;fCUS*>BNR`^!5jOXjS8km7u2!>D-> z`-)O#)1)~idxgF<=;aTAG+2cv3~^RQ`*$+qeMX_G%Q`@eip+EfjV>%+IP-W&F)JrD z?LlJ>3<$KKM*9LnX!8ntbSE>}^5=WHhe|81H190=7A>LO?UQ8)_s(}tTMgZK;t&Ka z@We2J^WU$# zR)zyp`?k;CHjeLp^tW{q$n0rFvqfTtNVQ82|D~eSsfGB_b|yx~Rf!n6_iul&ZH6Zt zD57W##G?$VcG-sn2N6eLBv_I4xZvQBC>5@@DO7PW{=})0uAD~_i8fq#{k#PHOKi-20g}88U|8o!J@Yr}TF(_eXABMLq4vK3tY{Fnfu1d;|~bHr~iq-(Cl% zzH^?=bDKYgRwje;e@0eC%e)p2GHCifr_eg>2)B%}m&vr65oIG*$SO9*fv;^Xc?FCX z^;z+xWj(MZqS^|0=e(m{E(c4&>!b!$ykPyNwQ&whgF~^u#K=KCEco3(v{si3PS1xp z!jCg1H38VC5jcp+JNDJidd31VJUhB)(YH5atlUFa_Yj$N+=uIJH3gb4V@D~TtrBWg zwu_2CXO-{2J_@xQBn1lwiZHCeMZy{8)eW@QsX63gIH?${+;eIlz0^EHC2omH9;Zy~ zNSILNK>Stxr%jnyF_Yb)GS5*n+*AVTz!{ewGYoc6n3eCyNF^AxzZ4%XB3HRn8fU@j zHECqQwxS4q+iT$5lr31545Houp>a9w{~H>t#Y1vqGS=5Frj(bSu-f=+lfZv>WBYxHK7z8)Y4I$jfKw7{0qrB}^i zyGCrUk8H5oZ5DL4rcA&HKUk!`fzpf&TVB5|t#ekgFEPYNDtlL8tw6j8j54b$G)kH4 zh9WW`(RdbEx3HkFicE)?50RtkfwIbyACIK5I7U*T)p7s4VBqfNP0ukMun2~|&;oFE zZv)7p1A^HFNNxo|50P-92N0-wfHaW`PUZYFFDg7-Y4KRXBk2lZ^ch#yGGgn*9S$*~ z8eKTLI7y)L>;7q2-L(l#SH^G3V8r@leqr!S{H@716j#E(GHsXlvkqFj6lz6yW)*fwMD@%9@kVWc-Xh}ncm)IpiPn0S z(vFVC#y+9Hm;Ib{M~>>_Jeb{}Uh_m=n#j+pOi^V{T=J$qAr|YNbJzf_>}>F8nxJj8 zAHxvf4mH)z#ji+vZ1)X9M2BesNMy@-@1zZOsq3Eo@=X>zhcXI1EWSuQSsxIk zCsrO|6wuxi+%}J=XO_PIv#avDL)-8Ns>nqm~n*e~LxpBkbR#s`Uw& zq^j(X*kuba!p31O_DR$Qid=kH(2-iz^juT2ozder+CaJppjWQXXDKNpiZm{_M*z-L zER7{BPgy=2A+qD%=pA1usqj!rHJe!>R|*Xr3xG?=A_aN)9^9}_Ck&V(Q;&*=GR`tz zDx0k^k2Xt*Y(5O)W@lct>77%xUCY-I`iEHlBNL5P;Dg$z?Olp&y+d&vMlo;+(jtvR zIRZ!VWI~IK`f)LqkL{tO`Em4I@nKt*Gp@rZMC_J`ku7ST! z{C*k)2C+l2q(Kj1N}EZfVkTDUU!?%zy(26u(J zxyku(2_g^*bb3m_eSjS>z_A0_!K+`?ZCT*}%BYk_b+VK*gFVri(B^x&%L|@K9AyVo z-Mb}4XR*ESfp>^ znJj0SA%|Q9P;Gz*?97;QC@{cLMaX7<`mE{K+#`yS1z7K70fEc~o}K}qeEC(iq_x^0 zSIHB%q|aL^be5RMZsb$7vms_VHt-9fI@D(Z2kLdx)=t!sPkwL0|L*8*8Gd`cmB9t` zO_HnhpM^|!5tz5V^zu!TzjSLsY7TMY)Dn>-SS(gVUkxElxUOU}za7Kr5?aA@axkvk zq=Bb4asYW?)=fo;MY>Po7XG4i9(hGjA+uH4`}&PN$s0A5fqa1}*#W zsM!jfK%qN7v7{LF!kw^q02at-iGr`$e}p%9lm1sh$)1$D@ZV7sgCxt2gjLHF>6Z8E z&BgajpiP0bXEbMM0JrP`D_no4_289vuoJ~FMRSl`Woyu!f=F3`kP(~2C^fSctZg*- zhR)JmDUa`-nuMCVPEjhu*|LRLn0+c-nGTk;-9d?3c?W+wIB|yI2wn{b1WUxB!6iEc zsp_q-u9&yP{{$P3rW=yRM`c9Uvr=II7E!U-j#r`gXqqt3pp=0$PcJ$d_F^154O>}< z!ocyJ$3@ruN{B&OB9gdA#?XRWss+>AbTJ;A=_shNs}Z20dYxdstIm49S50~MYZCYO zE=5O5e?gsX)H}ePZ^kBJ*`el=?0kqyIkg3qs7)93hIzn7WetTc+t0g^jLX@LQ$__W zu$v{ifq0YRFvrSlTb;sDE}k!Q;ct#&nSczv@{1CToIZeyiArTwFYmm^1wTEo0CB(m z@i?7f+a&{S-Ni63BsPcW00Z9pGEp2n&~pWrbqVIcE8ZTwJ>*`3OLnsU7SX!y`%HR6 z58C{mAsj38ptKN1M1dYTC_+WG9n}1yhp6Zo2B&1m_qoEUG7_|GOkwd#209RfG?Lg4 zhS?qoSdL`lw7Z%aB@5`WxPHa7MXJ__%U69s3t6$?*MSaI)}*rxBCXC^wfOkFfb+Sv zhy<!SpSbu*AP_{2H>ryUvHNTpGywk(gSG^XutyaHG_^XZ$OLTJl)+;)PL(LIBh( zUIHv4cy9eCqH+4@a~K`*zOb&3!QArBEq(oNF$ebU3|x!P-)j%1w{eo>2GS?v6vZUP z*us07HVC-Sw0T$ea5bm1*}3YZbD`3;B~?)$hM+vs5xJ|hIaMe--hmBDptH+J0xgB% zM(a&aWmn`?!HOYVwrDe~N~V^LgA5#E%jDRxdK}egZH~^NA$b(nUK1aev%Bkw`u+@T zOY0bzsJd7uno+x1LcV>P7tV?;OMn7XH#zcASdY_#R)o= zX6YOF?>D-_{|ZL3rn^cIqyPZ2wt)Z;{{To%( zm`X!WR9pOJaf`U>%MNqAbm}U0q-r!PD#kh)v)0{`Zzj`c$uiAVes4Bc_2DL~{R3=0 z++W#;9A&o(otCX)e#m#_Vda-tAvDcfz@)Z;}-fT^{w`CQ- z(Nx0`^+u&CplMFJn@JsEgDCPU5}2E@50}F?*2pJ|82OBo7X}9HH-INUN$Mu0oLE#r zo>HnA>%cJ*A#r!}U0Ikav6q~stPfQJwv07vp{x(1?p2|2e~im#$anXeC$djI&oOFw z-M~icVtMmYVk>-)e8Y zU(GfLDBf4S?@eB><3yt_sk#g?+AAE-HORVYm3EqNfQ*0t@s~x?ra`vU4&-dp3UGA*giOW@4#)sb5#29?OQ4 z8AQvXq!h@WX>9c!L3k-Z;q5%Am0l6xCD<7Un6gOdIK=LS#wGyL5{`VwgdGTuj z!W_Q%4mtbsDRxGsHr{~GUiB*vmEY2IIMPKkLQ5(jJ9j(zE@m4quc|Q6ieZSh*nPr$ z&^f2%{rMr;WE1^Po!#ao@(eK|2=hpX9v93>g||(|ndN2Mn7_kIL#-H#K6P3}xf{W6 zw>KLT_%EueT1sOew9DFo;`<#(HTWg>QWx}JXAQm7E~l+JoYb?__qdJ$aXHCKclw4? zryXRa;ZN!avF7_~wp-v;ItMP4CpTu`M}QCYERYx&7HUV{k^)IqH0na=vDLGn{KG)Q z+?S1T2cgtXrz){(ZW{dE7x)eI5a+u@XN7r*nc2o4y2=4a8e=Yc(txVo?y(Qjm(E;c zj^z;tcWd`2x$}YG0)@W00);tNl)u~@D1W8Hfa;zTSI^?7KW3%Od^$`J+|#|lPIF$OCRNci=vvL?KD^pu_mulv~*FPB383e z&4L}{DQXRSU!!Nw4*sWTRY4nxG-F=v*!(LF^nGF}IQy!G-q@a(-|Jna-1WJ(0FG+Y zfuWq`*|TV|j=eJ_VAmdt{M)ds1kS0kt(WxW)KW<9g)OzAEg`Rm#?p&}LCeQh;{qQ1 z4@{F4 z)kdvLR*P84f{lx|mGL}&_VPcBj{l3%`VS-JKNxH0ZCN{>O-3+WTr(&wQu?^7)K)b+ zb`>?7^?r-f6T7Re>sdvRoEuwuqr0xYFO9`DYUbswEZ zAu*uRRqTqsZ9A0~qxFgdajqpxD=spyL4r*?yo?_;zPmZ1w$e1SOQGE~dcA+NO>ajR zU9CemuPt^W8L!%?XOPz|SbLUgT$X*u&e=9&LR}NnMz%J4PArA>(CBx18&Etnrx)3t zTJ^B|A7Vy0*dAI2>H|lcsWoz{JexG_n>Ri6(Cn?j)5>5yG`n4($CQpu8TW=Of;`Ou z(u)g>v?Fxmv@S3VVZEY_6-(eU3rx&=(m>0-v))ll?(HTMPl}ij^8pf;`v%Z>&7CU14sJ51>ssFOs zSz}E3(3oCQW0_;9Tw^G|cVWB~L8yAM>Qb{<{+dPp?28`6KuBHiXn zBdUki)I3wWiqopCWeS02IIt9ehm8fy!LS;}g_hz8e51js*9=@uIG>}z_O)I#>!|IJE@Gqsgk={5p;o( zx1>eenY$b=j(rEZ6(Zfln5ymuTE66>(B1&Qzxnwi&H(t#J(DDg`!Z4OXTO*}n2y>p zJ<=GOKl;I_l*G0R4K!K}B}c>y-wKmmHvo_j-fXm`pgRqx7@k6bApx~&0E27A9^}a> zB5j8(fIV1Qi9ApxM^u@GLD8H6TWlAIBY09bC&y#F0l-`-N@_5BeOZvqNeT43I5+*J zplv6VZf&nN#n{$p-s|=-zcrQbnGp{IK8Ak01MSm%xnvb?~{m zOAT;A<2Xa;=O6jrJ_bhFUGC3_kdk8esw2jX<#*6?mdg#>e(%!589WYOy}hkeDNsKn zelB1Frwx{j_>Q{HV?Nr>E)PF>>B`Advq>yg?tjkI>fnDw8kX7Ake*YO6jeNNR;#h= zGPaxhevF+Cn6GeZpfWKU6`PlqHA4^TgL)jRR28{p1uS#Sz%5Sdl>wtyty=5#Fe+0Zz z%1pVlf2Kz+;ub$t2p*fQRKrgS|D=VAPl^AH<{xybyE{d92C98H>wrG8B|KPg**U)W zdjG^V#=CTVBEn5`e}N%-hK$&0@bMa*Q`~=!&whyrHJ5`eRqumCSr4 zxi0Po$WKWu+K};BvRPK%4c6@zxGv6B3-YYW606g-Ey#+Z2f3qTW<~} z@$FwenH*G;M{K18%kh{vmR>bZU&F`|787QFLlK?~<_$mR^4r0##;teZ$PxCKFLpJP zv2A;OXsH|6es_s%S>uO2DT#@xd%%f;^iGXU{>c$);al?xSZv06$~d|Utg?c^mYt?N8kn$%kWh+Z6H?Rpl8V9Q%}c|R&0(Y&W)lw0kv=$Y&}&&W<E5u{Y_GAQ8_X50Tt?3HVY7or?yPiytvUK zZIBHVjQ7UlgaOwQgQNg<4)m@vfOCng88l!P5?R*?;TQ<=yKZrd8O20P=1>z!_k%ZT zK0!%uJr-S7THdoW`6D?eM2u)Nd_ygGF@%>9+@>!0wP|0R1lDuX>B59kfOigWy;!~H zt;rqkuQt{aPt7lN4J!U_Uo6{U5OT@eE(V56;`bT1zlp@(@jl|3lE(#KDlVI9#Y$Wbia-H!MS5U>Vf0dv5pw}|{;Na|#?%;t6*<3;2_sSjQbA0pZ>8F>kQ zGGe~lWA!tU#})Ly5!9b6=+WEjt;f48-{XwW>!m}zKC(-Mlp59c@n+}tyz3tq@_c;X z9ryNtZ2e8(n?WFSwUz*82R#?|8M3b{`~ckZ$<(r3io8gQnAO(`nAcv4m}6s;;Gv>T zhOu^Si75~w0R?%T4^@VF#-DHzn3%3{t`EGCiu26oywzy)$aWKJ0OC;NeTN$`uwC+Z zDMz&9Si>v?NQ<#df^+jPEl=Q8`+4FBk|%dtL*q^1q0mq8`cMIy80D??z~P&~N+xv{ z9><8`8Sx;CH<%K4i4NH$Nba#~bqi4Twd9HE;cm&(tzs7!UuohEq@=gltCMG3`s$Hl zxD!5yTAMIKAUdFL9)j$W(hHE#xE$loc(W%I|6ke6c8r zGUtRaNbs96E>!Ue37m`Taryi8`V3ETgaJ9w3?VPTw9czC#x`K4&du7jvrdlCb6TT~p-oOq(KO$Oj{5df zlX#xZxuyB0P=te`R9PDVjik;1cTSs&!We*p0Piz#>4T}pn@ygoy)u_Zd5nIMOOKM1 zvWVJL+|zOaH)d#KAiN#0UB)1Pnn>-KkXqmWa0&;bM3!Onb38?6 zmh-u@%-hRhHxjMi_(5~q4u$LsxW80$knC;nGVX?CuqyE}$YVyL^W;|ai)3tP!tKU8 zu>eYH41$lBn0fT#*Gg<`GA=A)V50cV$%4D~STP|5Y$98iT&AKiKN%*DZ=IJO*i-CX zJ=*`CaRx#ygc;u5!6IF(<_kBMYnXzX4w6R8Q5*lI(v15@9fWf)%s5PCZkpxTR9p^{ zf5Q**R@lo|F7ZzP=jiI%>M)y94m!Drh;%~bZ@1{;6SFG1s5D!Y?c^fW;G*a7U}Gki ziAioSmrXI$ov}*Tbx(o=rlxy9$RyJJFB#p>lxQfA<~s1;zpJ-;L4Vj3P~fxM!}`$m zMe@FHxmu4_Jz0lc%~r;{lo`Y@pTHpcD-HNa;W+JxF|1(*1VQH{dA{+2R^u>J zqlNY*IQh3KY}aGaU{`&fHAEi-{?mlBefb+=*MW=-9CG`=F1>UY;X8+lgUf`N$Ok}$h^2uOZa>jeOPXD$nZ@*^5mp8)%mbkgmdDxYJcp- z_Nb9c&b-{l&%M-WEXgfAxP~kQ3b1dSZ@yGdz=QdH4=3`0X}_9tNG(J9vzJ6}K47FJ z$Vc~`(L~<7LMRWKZhryWC0SdJ`|=rawS^@{}rusfFG~2&q-XwuKY5uwj&3y-?6lb3^JjcwoWDq_+Td zeKDLRzZsFfyqxHo>_j6@$ijsi925twB7$8ohYIg_`$WH7K z+(j)-PW~)^VPOgOzLY@3G8&pkSh#e`710PU|KdrkM~I5qv~akR(g@!g!Oa@cY5v;5 zini@72!64mL)IbCb~{G{om~>ij}8{TIl4UJ^p+M&IWR!iOB3A81zKh_Ac(M=#pAgX z{+0ywE#DE}2gg#nkpf4!=fH&0785$ zDfn-MYiz`qft*(lM15)?k%#;C6*X(kwtw(z{3bJ|8li1xW`a_9 z=Ms*1kFC~D2VEKz#{26kVJqab54N_|1@-N#(ms%|7j6MWB|lRtJckjOqR z;6w1I7% zYXsl#F_P;=r?lXk5F)}5T55V8iK3!{xnxmEb(YJ-M#gNWlew81agA+@ZOP4%ZBc~y z>sU5j!zqgW90b05zgW7NL!l_{M_gg5o$|9SYPlZWKs1?O-NcaNo`YZ=Kgf**R|zj} z?`vA^WW3p|FPv2w@fp9K?Ey9mPjRX_9_d#2z4%qY@SGqqS1++%KD8lwC@G0?R8b#s zKv`SHi5KE?!fq&-c_Dsr7stOpe&l{k=I;A`Gsh1f*W1@h0n9cOF`=*dVPsU1J}s9mYrH$i~Pv8xQ;jh!oKl1t5p?uo$#U{~&7z=qf(N{v=17K#tyyE7lYEMS) z0xMHm4p#C3JITwr;0^ZtH*u90xd4tyI&HB}iw}c$3?~NWEC*%kR^9bE*_m}Uk(01d z2XM`4>?L@74T%~^zMIqXIA{rbCR;%j=>kz+HVnKE(y^}DJ%Dln$a3?HQ#}sN9Ra}k zLJ%r}in&uj%48szATZ(pY=|^RC0`tQn4m=o{4Cul|5vnsu3IE#AYB(TTkch=CdWl- zkW;V1swkn2ruWplXvPd>#&-qpq@zM#BkW-zYcni;ko=>ukSWqwBya@)8^T6OCWc|c zB=&Ib)7d=GS27_oIXuboP)RS(`V1X@qF&kecL$0ms`B#FP(9FrZup(5nrC|w`Rd8y zKF{v2X0P>N>;a#wKm=ICdaH`=gll{iB=sf=+m3?dXOV<>wUL8{moW7>TIfFsh7cNM zg@&72Y5iyhtItCI3lxeE^Svr#JLypjDdF<^XbrPZOy9mvS#AZHZ^?7{N1f2C#(wj^ z?be0fEd$Q{aCv@FcFA6bbGtzF?@kake&7H~hJd)c2SU5-{Vu-IUO)x256cEWP8AP6 zrbHdr9KMV1FRj=^eIq#0b(|h|aEezGgP6tX!7uJpT;if4>Ct#c({npfWp>*a#YDch zc-mPey2Kvf=CiLs_x(+inwzZMw}tc1WcHKV(YkP@@PJjiXoZ)NHC#U#x|)`gk)~Uu zNb|%K#OxWEV1~}FQ(|nfhqATm_yl=%!;(4UwzJS+A-uj1JA2enTF*Tq3IGkM*R3IN zF1U$gt=!G4u0Ld12?;>$oDO@sop7mnka_?nShc#d>iZaapr|B8voLs5Wmb8&_G6fu zY;`I*ozxOS!#(%MhXSq)mCWV)+?YF$X2PWNB9rI@eo&LznxuUx#Z|7&-lMqGZ~2KQt#Go-f9;5YFS@>Q-kmg*875Pa;&EC) zDpO7%je=!Ys|j02X4AuKpFBxxOeOiEzD%}gM2v_-X`xF`)Ua*`4oYU$f({+JobIGN ztUaLfCC6!q%h^+nqEj&HBE~K3ccUCfB?L_i@`@Bvz2{D@)~DTdjl7%yS;{(VAn}{) z{OPpGaQ3;o|HzlY#L53lil(;zVSI7qw{TV_zlXP=jcP`k@G9}qsgcOqOs|=u_IJwN zETjHBP5-R4H`ZIBx5y$m*uV*>r{bjqg%u)o!tSDvwI-x(-mj+~ymZsNC`_F69-_K( zAx|Q`KZQX2OV?>NDwqbnp;!?Ow4!8e0<+i=eGUZ5`P3Xwjtyr;%HX$XLxrOEfypY`U!@4&h_!GL#0T$yxFh)zSS_nK%^RgZRYsRG zW!NqlE@l;VY+qgMahFb7vM5FZrKJ3d3_friBhgblJ;K7Y%YCOyKkG6mZyu#{k+)vE zXnl&)8@!ihro=ZBq49fsAqJ*^4Op^0EI*NU~+OGZ)`>(cF8rwq&FCfVX zhErTgnAt%Isz0oTt(tXgY)i#Hmi7ws)7S8H| zs03=3f)Dm_k#!miZv#r)Xr-pU(MmOXS@O+DrR0JF?h_BQ)!+5mKK4=vvV}QA-{sP6 z8&b~~N^Q2I!*hHX8k#J}DKno}+N|DbXYUwEUf_w~bLMlw4jknCKPOrFH*2GiUhD7i zMtT%&44v~bvSbvZM{0bc#;RDeIrEY3gLZzZ1~r3Q=>u^aYer9C<19?;_Z9QeX7Cx3 zclgfEcOFjYSl{F8;u#;I6q)S@5OyHRgNNgbW3hebqr*$%D4aihZMdD`8l}uHzm4uzWKfJ-B9910uY*4B4MB(KtgsC1TbdkjFf$~pA;d9! z(?LTtc{W;o!WXHz_o4DrOoNS@{%}hc;gG@=HfD1gt`B#hFp+B|=!gLl^%jZ>Ob$*1 za>H&lJ+>Q(Ho4QS-I+`9;l4kDaI-*HD@-FD;|_96^{|fCe|#o|hW|Cuc6bBGY)75{ z3DmeQtOFl?QTP<=61bA~3R_=Oem!~)6T7<97QSjquV*yM6Z|Sb_{{d=5^NQ?GPOeq z_X$|%_Z;S{i`7DJ*h2|hr@!J0%JPcYsoSX)kJ@2RHF%8y>gsd5`avJd?Payw<0LK> zuf0O(^(&0`(SZ^b(|j9td0d7kW_^KZH1{7y7>uo0D2!j6m1vSlBMt(j83_J$#Fyr} zZ)zZB;k^s!9>oOfLJ814k$@2$N`xP&4&0?PYIA{ig_$Csk3Q)*Moh+_4$*EHEcCet z2ANJ}tjCR{875Fed&~lm3L&xpjYmxj_j`D7c@s%TtBbmQnS+YUi60kXuOfoZY0&`4 zxOfsyttiAf3=V_=5CvoY1Q#q+*_&9=2f!p&Fpd+Bd3vS?Do^g9!=+A$h-5ja0Ohcq zx((PnWk03i{zQ%|c~O-S$a=QOTp(E0RvMJ;`uAWH6eeE!BNR-YV>1p9Y05XT_IiSm zns~h(JInb?*hoS3>0=%hD_ln6+y*SX$&~f0*&yJLW%EAmoHXMCR58zs`djNQi_)&d z&Nmw#7NxxnEajZh;HZQL*nODLq_bTK$OaH)T8ARR38>P~dBQ_Cmz8m`_ssRLFX0L1 z_O^Ag_q8jpR&jR+2&Fxm#Cs3HiA!oX_%AP7YNwmARgb#bdSjT)*c<*aeLfr}A&tK?Q26?a_ z4g;7eHPUj9m8_xBv`}=vtFWO3Gv5KhJ%R)k$D8b+6D`vZAXsK5Hc2Ay&)TfAzBVb zX(HsK7$a8H_d0k!4H$cv4XQ$z9wU54vtx6c^@XTl4N#G`U!DQ3`x4%+u11fr&&4k= zU?k5(JbXrOe~=Qg_+y#aVCw^yTAO8VT4AAP;+O1Asz9vg=858`rGw|^F?{K{T-f{9 ztMjqNICTDO{qX)Pda1Rw54W|om65n2KShdS`Mh54!9M;}KDAt*!fF@FG3b|{bMfj3 z?_A$*K8SE9Gljv+AbF>ClKn2sw&36zI%+^#%&!=>q@WQMDKV`4pmV9F8|t%*W0F2&(B&Q=sJ zfmW+-dS0RPXZLsYfS0Y?E*F57Ye)h9Q~{LVg6Eg+pk>tfw)T|42#lS`nk0|N$dJh6 z`rBRe0l;deejNb`40QRO*}P+c0K*LkIvAsY&g5j_frZY$;VHfDc}H zjiAMp&PDz#&=QXe!kHd_mOJCkc6YXY1v4;pwyY_f|D#5VrXG+<8+3)!Z=sB<)6y~+ zvr$qxlVng?8A5s7X`5TV^a&#tS=LVZoa4;?pfDkplPKK~V-1HUYU<5C4KzqiSlhnP z!&S8$UAVYL&R$6Wy0Ju%wG-Ai+?ql782v-BUW-r zm(hyE+m5MuCA}>O8_Z*O#M>SUn+tPY!r&pX0SqIWxuH8R6E~)&@3KO;V=0`p>Fow& zju=(NEsa{AII!$WSTt6`q|9r8%2*F$x#)!ZNnDHc!M2FfRXHxu*iJtVEABsY%f1#k zEj_F_tWl8IN9CBq_)y|A9Tey$&^W56VgW^H9Dj?(6d(VV|8ZPSVN3i3Ej6pRs~cEu z*?P7ZSWY4}_$vumx{IFvPONNV^{*%qLhN6tPS8QcO`%Tau#B`jJ0qKQOG8G;2BuL*p)IEVj(fdxegf}6qn zh0tBXC!mrIAQ%r_ySY;&(F$~hp<@2R+{1IgsD^c*^r{9ZMko4-^G|#E>uJKfOHom& zQD}FP5nei>cRJguDf!I)?qtn=#F_HBu)Q^cQPWbOuvwEbhsh0LynAA&K8J?|!M%yK zfYE)#-}?|QjMbt6#f&X1dac&I6TSeilTKMqrT5)v%Z5781O5WoKBZ+9Gct} zO#m`CXtq1O0}+mCp}2G&OFBjxSArrM8)FgAABKjePlH2I_o_+osGTYxNp%}>&K$$4 zu}i|6b#D;#;1Ez%l$MGp5CIb&Yz-XGq?}+-Z&&!W0MHRT7vyw!p9?Pi)*25_-tj!w z6;&Rofa27tmP{k*yZVej+Srs&(VNbo#`S# zH-MItI~4shLCfFI1!w*_ny!NLknOfFU^eFTwzdC%HRRva1+ssI25{yBnBB8i;B=+^ z+7qxtk?Pu){zV4$n)3{|wHhD@Pj?TcpU3irnI`#<5K+cgo^f<fNwTNW^Yh;!tl^Go^U?OD!nT|-J!L2Qk{mqQDM?}AL!+ik~U;eNCiF(^*@NHk5X znvo|c6N%aBL~Sfn9cfZ5@-(`QVW2OhTzheGgdP=P4`G;&o;r#6M6w}{P*D|c~g$D+fp%uMn7{o`?2EQC%7y4^&Rf#t@ zhLT+Z_tQ9Vb)%W673jI|EdgcCQBVbb3-6o9Z}AxfXxNW4kI7W2sB;;{`S2|fQ>+ar zz9dZRBFCqYFro|VvqZkku5mmVOg%CYfV5;6$?FRNU{1s#l97}Y6bQ){i=a8j=KBxM zwc<&6;(upDU%Y~Zgtierjandrsm2j)Fo+<(%LIk=*p8VrZ%>t4Av^yRBu!Q5W|K*4 z^8h&dE>t}aW`TaE`t}eb9rSztW+E}eQn|OokBVQ62dDG|!>`@^H0oxg=fR#h!E}v* ziq0EK9p;#3bH=+YPVTNNm@&Xml1J9=bf})-Sd!J!0trQIfr;LgbFyV%fliwvK3V$p z2cB7{3*}F0W(ptQxv`s?j6TI8I)xRw1fIft0f>p;i^W$%q4x5}e`wOY`j?w_cl=P8cHX(j>T z^~jVSs#4JYcuBhi2HUF!{J{q#Y2$&B7Z@d!rz_i)0dNcxzrqO@%I{GD4!nkM0ISH> zrpU7+Ddmi;MB(EwN}<}3uc^Hft{e;<{?bknqz$ZQwhA^sBd0#W+eKQMh2f$ZTwh|Q zJ?=ln>F?&8zG`=>mh@z8!1k|&vw@W|F-TTo(%Fze@k3|Bh?ZbcELG!c3K=|(-*vL9 za$EqiDiY99NXq-d;UImlIe)#VrUtgSC|Bw*M$j_y*b=@0Eu_Y1|^GBM9kyu)p zJM~l`?}LmlPZM_8x;A8Oy`dRgdm$1b4woo_(NP-(-LbC*xSuXX8M(Jv((EpSy#`AD z=>58%M9QJbWn#IgDVND4iusbDf2`Z?C%w!cb9+wd+@~9986@zkoNec%aHy1_V4d&y zzL<9uOT!=?a?}p1Uv2I?UvdQ(bJOk0`*%0!XtMsO9;fQENVDO%W?&k?qEAWR_Wz4YvGdCq+K_lArwc2>sXp;ySHh~cCg>tRq+ zI636xR!gjmoOGQq4>1A1Y<^CCMx#DQJz>kYZBNS(?uVy-rR}7A zslcd~Riy!&V(61Os|l(!&q>KV)v|VaL#RKEHCTXJpozpR(VrOtw&VMN%V84+vtF{m zU|yeVfnKPW)tBf0}uk*|m+< zuER2JZ|rWJoyA3T(Uf|Ii<_}ujXo3jxT*0W_ASqB{8Cm+CvnMbA4x8v6V#&LXJEyfNmi}2mO=oFJxp>?2&2# z)b(;zTha$Vg!p=69dC9}A}*Xj6ECWx-wV0$S`+NCb7!A_o`)s(-y8>JIyg|gIK!;K zZ>fF)XRB)3I1q8L0*2ChCVINS$)s>lsiXdp3 zoy!JAZ~!0i-QDk)2ppJup_ckF=8LhECok^hdz$t?=J$I=hpSV4ziW!_V)nc~U z5-y&07&Z5YatWt-$0YCNf+D^?dR}SU8Q;~eMlS}XT`mS)qw7^xJ5rBbIyNAKnjX1B z83Q?Fv4#kgHExbpXRlJ8%NaVil+G&TJFJVELq|1f%yE%{S z(nhPwHS1mqbr*J!xj-!i4q*?BxdKWHAt~^}ajYCxC1cYJFEMze8Wm)*+=w_8fwjv- zgcaTp5$4?|YJ9sq)c1b@Re2HK87OJ0Hhut^bL&+}z`FqzQ!itmjA=V8FN69sLMsUT z<5wJa^T`x|k(0!9_Lx7iAN+_}F-B^Xp=3a-#w+9INv;i_x5mjiVLf1>aH z3&&4pyT%A8QL}Eyil?FJE=ECAhtG_g-@CKB1(#WQIWRen-A_xKNtdMI@Np$Uon7iN zmn3&iPE?X&3fP+BsF-U_)NfYFPOP!&Xx{*?RIGl>gxj^#R_M6-RXEsduyb@+54 z_N%m8+GMJ)_4HvP7Uu#A!7(omr9`b96fz#h@QU62CUaYOAVfH%jr$d;I5F$!22dZN z3K$?kN3uB-JIkS9VW4_znsR*R+}7YcnBcRIjE7GZRU8#9N`ql4w@;G?FS=&h5tbaS zBG;;h4|FcN7S3U--5_ek5BE)B^PI}4TLLz0iIvD(2ohJAj8hgj9QfR z?S!EpZ(@<;5>J!9L6f~H`&JGc_g-czV5t{mOJdj}wtTIdS>%f&&<}aB2}ZKyV`92w zQOvSOqsZy{pe4H?z#vCP(5X!kuIy}Owz_ce<+4+ZmLU0YjO`nZGXAJw)+dWoi{c%k zag=5^zGm~&AsCzHV?kFqW~W1K6vQDI*5P9@J&d4bIoGyIUKL#di7E{X0OdSa3y?2DqZ73^DscT6JRaO*GS)ZF;_EjI$ z+tCzeAiD#`Zzd@SH>rjdLB)|J%c0o!&y}Z_a-H3_i^z86N{oixXWbmxrt1TUuf&WlYYo#e{yedlmS*v%Jv;W2#>AWJ5tS)!gB)&33$yt>VF$=P z$p=K&-Y?`P6?8w&$s*gjt}pw&kOX6vmdp{v)SmKEvRmHsz>+6TU1X+$&oQ3@K5iVU z7g@l;iPJ3SBRk?jtzQUgde2@KU%ol8hK2qEDQ5Ax5VLvTHLyN`>H_erYKif2C-=F3!K3GkOBGjM&v(b&H9 zTZ0J^5VO<0a9PJ1><+O{@w_FOKxJkSKq;4m9nx~AgX&`+DOt6CLrUD>h3@+4yJx01 zKR?4+*nY(#ruK`Hh$@QI@+$b5WdnfhU_qWjl5@O|y8*BBw{WkD;x^d#<_Z2>T@vTH zs<<3*{uvZVn}%>Nanu)+l_m2?&~v<@Mc!)(NaIt?OZ7(GAmpVvt>E<({<%}|TH-qJ z?5M|k?)2u|>wrXM8F@-s=Y04Z(|#V4J%YvgFD#n=l+6BFGcR;fq<+_sCu+0tzZiGZ z1uqhves@>Z9pxMAoj;+cYt~Vc)tc7ZYxYx6i9!+aPC4$9H2bYF1<9i#;W|Y&3RHi* zWKc;$tZ4Rx*h*c==J{R@#C#RQ9dL#1lQqey-0I9+)5^Be+s9|jBq-F*+G)x^AdvDq zai)fTKR$>DP>K%T(X5=ef`bwv8j}f`Wa%pzC58Dc(~d+a#T#H8n0i%sJth-A2vkN%>ZeXtpp z&X$`IyG^4S!P1;FB3xEfn;<4LMm6c@UYn$Uvin?Mt9qgK9c2ParkG{rj;J)r4lAgw zJ%1>XEQ#4f*Ril!qoTo>I<2Ic7IDn7t^CA>dm!e*ZC`Ruyn+)e)Z82{WPSy9?h}SU zgJ~x`-D!dx0)<9bnQ;%`9sQsY&anA`W4nF2$#arxA7pkWIMD7lO2s+gQ-^6R&cd}{ z9m|cv9h=8D=aX1BmBgT`D5^qbCB9@|sw3#(17@6t5HRN?Xwg8r7^&X8K=+}i4_P?& zUYL*V^oYOZ@;D{heIEW?@dPO?{J4S3GPu^%I>XA@uUR^>LH_)mGhimox#{xF1k>od zeR70!t%2{-E-D&y@WK#udfG{dt4M4LhoEP|6b{74u&cZ`tUcmpV<*r9sRZa-GvnG- z=C1kOP$$8uy2j;GzqIt|w=GNBC!O}Y(DJZ{krWVe^|N|hE$Y%2L2wGW7VjV8?I zt4Ebwh!~~XBk%<-!BMA&AcTZPpp;yllPpi7^**}0 z$s$+{{Jwa&p z3tFgfiDcJ6&EYzYW?XmQj{%3u(z%^RONwcKw?_2yLQuv_}^|*K=T`orXGh5UWt2w z+-I7}b5P{iMOLKQc^_(otuka@x>ZNpkG0>mNV3EBK1)plb;bSWcwqCMi0lA*R<&3! zu->D2!(;c6-Mihx#GQ<4iTz^8yBlbJ%kE`oqsS<>as)11a6i$rnML>EQ6hYH%>e~| z&Go#xH*vqa9LB)ESHSo9Nf#fFMSJ-apv7}SInPpUk&$CeIRID^CvEO+AxbHPU`)vDJIP@3R zHmf?OsZn>-QNrS%0o5#(_PQA+>d!$*p6KuTuT5xL?X~xZmfa-xv`*CI$t_75$Q=rZ zkO!1QH0)f_IL?RzQ|?Ik&Wg`b+HkPR-J4O!|H;6V5KIOF2RsEyf*b(kFd2~Cf#>ss z<~#nA0gLwGSdU4`U68?J2=M+!bMD zv5+^x)YntH4uAh`Vg9n#$+A#3 zu8Y-k4jT(}{A_*P6N^xpcr{|h!=6-t6iZw<5xlEQS90ycmS zJMe;j*Da2IVvU{=Ay2DB=Oo{(u~{%F?V(s|IP+@=MxlG z4`JUxPFJn4jUw2d@Uz7WpXS*aX;sKAHPwlO>S&@OkA{Kcf6jp8zgFv)ra!0evIQQh zdwjt6lSzDel1pBSD=^-iC0A_+|3>j%qG*_JV39wG{AEYEN+M}_lKB4AB1IMJ!$m&N z{A#Y*8aHK9{qe{??!LFQU|^Bwi~S`zs5RS*7vO?sLeLza0|Dz}BzPUC%%a}Bya^dlE zZ+x^=Py3Sl=2`pkayxu;qL-xT*!sEc`1sHE;B=?>%fihK?7-EVtqp1gYPL!7PxBZn zmj*R=auQ#M599LV7El16Ca^zx_(}pq;WZwOPiMbYn%7O!EaOwX2BVsO$D0;E8-0FJ zT*dhC_{h+fBHB`!vlq|p@# zNEkU767A^3e2C7@^5#l$VNW#BUaR3dz#VLE-zw;@Y7erhozLiT>qBToJcG()r_w2p z`n9drf6+jnFA#4zdcT%?M4yC{m8D!aB$0kZe;%uY%b~~w^VDWPfZuvTi- zaZToC$k(;BZZIa^=rv&x3?oq+TIOPP5Vr=CQ@h`?H}ki+^^h-}0s zbbwVGhu`*-w#nd@y%OOGS-?j!5JaPxgeC@V6YoZg&**4rl7zlK=e=Tds{ARDhu=d{ zA`8C$d)%eX9fW7HZr&8BUZ-~9&z9C8(-=Kmdq6tC4I)0AHqP5Q<35;wty&Q3ya;tZ zx$o%yqY~p(t}Ybz3s;5k_AuP|ROWl47N&3hXheaVl{U4Cn$BQ^=WvoZsk!B)ldQM`f90fN-79}-^9sR_p474Gl3V_`KuH^gd|N{ zhffgd)4Mo%)m99;c~|E=;jg^>iIj>iDxdcy9j+ID%GFuOqz56#fY(I^FH^~!D_!5Z zlkqm>B`2M;2mFLi6H%O<_v{co=;1jw8{+z6^iE6pOg^(mU(4m5s_QPoh%$i6OUk;6 z&L=nr2bHvzU7%DfQX}IgQ9-<`eJx%i7te!&NJhH9D?Rk&YhS)|`V-=SFzJC~al$W> z^^Rmo3`P8VB!)@WU>7%`5Bc?gj}nl-@)dOSxz-ME&6X=vYCWEAV-iOA>*oK3nXs`m zd+A&n=6zcfnWSVsKS-A@;(fHt;FxXPh2;?p#p4} zaStWT9-BNH%!~N=F&l{U>GhHErrKW3-+#u*az?iZFLOx#p|93vnPw!eSAB_%k0YZB zI(Oc5Ly?13Q$<)q^GyGUZmV3JMaXJOvaGLy0xw|YEQVCR9x5QHwz9fdIv%qtAm~;w zK0YTPC}`!(+d4k}#lo4balA5SdG({6vo*=`scIp=H~Z(S8UfrXPlh0+(BT?!|(eE23h|Dk6{oDgFOFj<>mKvgu%D}ZH2)=7?k>N zYXkJopnCNz*_1qCEzqsnqj%w1f29%O)PP(5^!a`6nqQk1R-J=H0)bop8k?8=dfbX} z#oE=R3QPR`l#Bj(kcdL|B|*}zIQ#}4l%&<-g62Xx(s(lw3Ft$aOT;j7X>9YMMnuq; zspSe|&^v@h$vXU%-$vB~>duQ}w$vu@bq8(ALQ}|o2QU_1FO1!(?$GJ~DhR!M1*j?j z;0fXW_hfBYhSdLa{VzG&|Fe_-nL_n{dmw{_QvH9KRH_O{$p2n}hutBtr?%cd^nU>0 C%x8-L literal 23960 zcmaI5Q*>s*)&-iRV|HxYwr$(CZQHi<#kOtR>ab(mx6e8EKKw8DWse$j)T+7X9JOlg zy-Gp)7bpr45D+8~ZZVGLpM(a6B}5>g866-X^na+alc}MLsj8)jshOpnrHiG#9i5f4 zz1@}0h0~T;+G{h@w6M8M=dHHq4h`DIeXlsewvQ_foQ$cWT*NQC&>>If*mzPdYrrVDWBKl@eD4 z4l4u~_TQfEaui}S62c_7y5a8~jv-Op3ImwIL6SDTk>GV3xEPzP>;YBTnC5)Ag^O=H zr|5j)5{RMd&#$toQ>xAFPrljZr5RaAEDFmM303_PqG(Yzl_GoyL7v40fkzd7xzzc@ z36tORsGar)1ZAo`sLN|VUvocE_?kY->?6nVlh3lknJ*V3L{}g;da7wusx(*Au4b*h za0hv?c`jP!lfurQfD6yb3|e+*ghkjdxU8fC&Rhi4QoKnNfCmbct&Co7bT>HK zOq!!Hx-a=#bo>Z5j( z{^n4WbUz#;tdan7c`+uNE7sUc>KIqsEJEx^HL;)oheTGSANpdYH*-LW!cek?Hjl^RM(ab?_WR^mjd{%u`GFa_;J*!-qKUN+Nf-cTKQdUDKgt#}fCg7DO-4ql&&)o=EbS+|TV^!5aViMVtF( zqyKtZPh8*4TaDY+&DA9U3T}DO-+SvLJe(V%t7b>dysW3EPnLaG>{IBj?jago@@A_q zbGOyMVDyh}&L_^rnm9K=o!?!&F23u1Wx<_)zQsM4!2fGM#LwTkR{mM8c1zfkvFMM# zr@Kqz3zrq|2A^2?Rt*}Q^^cFK$C-Vva`30*N%rhRAO20*zWxwDKH2_0LL%Sp$AxGk z_L$&jThHY&g#DwOGP`~W^tm74)4T=_n49cV0~2us^Y;;0N1cNsO}RC2_V4|b(F#kX z{?H~w3yVNaEB(svJnKj51BuA?xk@OV*N*hmSl9q)QF8}7yS&mUd?qgC150D)WY)7` zqjk6Bs04?rP8b%K<+?}k*AvCx-fKP|V&I(do&aB#i`X*r2u0B@N-1O7JaJ8`k;pkQ zQ|AZUqbe4Ra?@En>(0rj;ZfKZ1ar#rxLV4MAbd4#2`jIEWC^VwI*+imkH=ROZ@d)1`}un` zn^=R!Wr++E+HgvhtD#bejU)Yw+bZZ@YkZ3tb2^^eP4NX-Tdam&lJWc0M8Q*&VMf4^ zh$n2OcL{oneFL&R#-*>2g`(unjf#f_fQK_r%N#9KdGQ29X$E5`L>XDT&Ql_c2NE7Z zR2=}^rFz}-_DdY{fBzy3A;;(a8Jsl;YtJt6YylkPU*n68AwR1M0i=fZXf4%PtM61_ zigcu0)iyZx$&%NU20J%ohwO^t4cwPFGW?*!zI2wTtZd@mxd`AT)9gX;B9zU97P6`r z)ClC&z=J{wU?F26hPYPPFS}dFmp_gJFl{^W$}JM$*2+TKdl!mP?UuE%Z^}9e4&k|* zAxVZZIBc%APEMA_L6K*}c!)+Jcvh<>BLkcD^{Xs~%Bbeom=@s12J&6Ca@7E?^A;^@ z4Ev(?ZQl)T9Ph*E9w_02IkS#f`2`YAd!h9S#aDENv-c^YkFbCyEeF~R_U*JkVW5ocZSuLC0y0RwI0rGMN|%xkyUJt17G)IklsP6BX z)C6x-Z2FT5PhTkox{iX9g#&-UCNSb)@&eo`nwxE!nQy@V7h64j4zD_`v}LZXBP$XG};fvtLwyLjTGiZ zFgi^dSumUm0{>-ca@Pd$&RRkAD=eduOBdhHW5tQ6Cz*yOm{EjTcpri z9SH2uFT{nWL8ZqxUPc+T%tj`Yy|o@JjoN@50fYaMGXD#v zLQEu_B)^nnBB2EuX>|Y!)m--q!ik}tf7GCh6WN}u(_zDnC2DaK(H96^7QkUe00>*? z_w#_Xp+b}|3_!OdA5SwlKON&(lc&B_i8>2TB6lo66zE-GgoOzYu+ra#gR{j*CxHW| ze->pf+}+&a+c&25uQSic+Zb|2u=5*~y=C7K$`YpoW_TdET0KRwN6O{ZE{xAeyy&Y0 zI85mTrq)3^bjwKpiA}hMJ;2$5?#eBi;WiJaFt=Yd@N=1uwqLow{9IPLo>}cX*n=v} zM?X)K$3jx#1xMO<9}kQ<4H}(SjKXqmq^ac56EZ*ObN9I&+FR#Ax7` zikc;p9Pw&cqcshpwPzQn$ZhR8NGVEkkg4Dx2XDVKW%F8D>lmKVyLzLg!S-BeYc8j| z=jQ90##fEFq8|zQeb0p*5`l`-83Zc}8BI_Spt)Z)fwqYUF6EknE9?gv zu=%2aW8|XD+5d@nP!S6gdebp(K+?J1#-@`eGXUKtqFEP~B#pSrhV1@*N{v3}h}J)W zCIZ44qjDRBC`AZH#o=n8usxIz915rKF5G|`kfqd%H17oOR|^Gq?+#32DKWe?dW0vEyjJ?5%rxOeGrwwOeF7NCJd3=+Rk7TwiQP!VuKbL8oMp zMdQwii+bN2r$>Jt#s{CalJe*u!Wy0=sFf3iQzIfOc*2I0Ys$DUdC6E%p&5LTZ54q)f?X*GFONQsnv9v# z!^TX=k^~4Tt~%5~D@cOeQHm}jiN45XN2wO|+D4K@ijQrG(^0mr(5O?4-z7PPTlSLH zz7Hf3qz2Z?zezmc8PtCjum7aC04P@Rlz_2Hx^={&<9Gz^$KO*t8^j9>UppWfyiuMPYK*M)H=@Ag8b98>{Jj5il!-iWdRrnnG}z2|Ydjb-^HVft8o> zS$%Uxdb4^gc-RZZgHf^;!y)XHF}(y0Q^Kt!O3I&VY!NL71c}Tr7gqP884Ew8u{w>{U6yxi5~`~^MKMY9a~w=g z?JylDONv0%)vQD-Kaw*QUOA>;uaklWbn)rZ;=mM*P=DN2o6S+`yZ8DBLs=fb(7ew| z#GcqhL=rn!1m5zP!+k{32UC1_=GI05&cZrYGLD232Tq=+k_!!R12F`YagR))g;x|S zX1A$^qITmk?$Os#AjL&S!3Oqy1cD!%5%+)DpVz~yjusc-a&@q7!4BS7nmm<;Tx;V6 z@zXLJb2JE@woDiJkf)_wW$lLE$jhjUm|xO|L`(_BrAIKdi(-j(6^CO!z)5Eb7sZXW zdRWgvmun{pTtWZp8=D869GLsw}&+oq+GmM!<(KO?!S_I7kxkuhP zWr@?UB3*JEk}@`m2XE*ypv#_Ql0l@kS*sQwpBHdGb>?>9y8b=g#~PNauDJFO&i%63|xR5(^71_4<%F|JrJfoiliN9WL+GKy!fiHm!-t^c0->Ktl2^8mb`x=1Lkl}G}irqfw? zbQuqtBmLzerN}7GFoZ`~odVSEgI7urXGx5=fxuJ^8gd2Uj8afdsB?0|Lj*D=UcmMj z;a#!R{H_7$#ne!^=z+Y*I!Y7*4Cm0+AidtZq=YH+ikxhqlpeW36IhmH*+;fx!JyvTg25KnEA!R+v!b4%C0Y2BSBJ z&iBgpT-xcAwcQ9#SwE=C52DFU^HU?=is{V^zeSTl>kdjNjq-ai-ycZf|MY<_toTsI zq=0~OHb8*>wS$0c4K3|dOl=)({&j=?*8%eVaXVy7y8iK=?frGw(UHcSMsuECBDWp6 zbWO5*Cg;6*ZQ{Pwqa{^LBBxv|q~yk(dD$`Ngnz|1@dXVenLtD;<)ob?D_=^QC;&`> z0^P43I*9-CP9N3y(%1bxj$!RRm(r7XBj0T775|5LX)X(-^yUPizOF^~g%H*j1+2QaILp>1DU^K1_67QhHwLS+h zjG&_`fyY&ST5$5tDAC38VF7ZUKf+F~6tDR`Mai$6x*IrhH6%42r@7>%!G&P{=*5~Rd8(PH*N zZ0_#0mJ`W+_H*+wJ;!`6T+Dutvc>2ur0xaCu*@m5xa&NB#Tx{lQ2%^Mp(yp@a4JjF z6I;J|13r`gp8G;2m-UA~ciUUb9V(7B9UJEJXrKzS>3;pdtVccdFe2 zW`?l10P?(!3fb?c-HqhX{OTJwPZh7DP`;B z6xdL8IfYJE)~mVp&%BQ%fp@=So26lim)K~|_2zENk~?J2IA_IMWQx@<2Ftgb?<%^R zbtSMsFI{_9ile-v!?kA7x}!~5f~AY!G1-Yi&ZGET*+8jYL$y8gD8PQ&ANJxkrBv4lI6!u4$L_v zH1n8NZ*(gaLB8K-x z9BR{_hY}Sy+jyNh?t1_P9c}*Q60CW&nU*;wgaa-Y#b3cgUx0GF z>KmCKy6U;_{i5yTEj`a42dnHpSvWodDW#FF3fAuSo0Q7>_)e+rNn~1 zObmsaQ~eoeY)mSd11~Y*B`X>&2kwY>fj)AL)iW*&7wW8TIpt23(Dv(Su32H|Dj9JOm3bR)J4J44%@z0!c@A6$Fm5s>0 zwVl$lbF0w#W{jMsbgI?$q!CVSYz1A8R4>~d$V+Db9XMH9B7m|+Gt569>smJpa_Ytu zu{N-X%2`?t1ATw9!K!)7wne9o4eMB}M~~Wi2Do>{sz$8OOy$B#xrhXLGvYJGFFP@x zM|ON-ca!LO^}Z>cRCOh8mvPxo6Z`SwI83i9-MhuBYm03SZ7Fh2&h?(iqtj z^LuM9%5?!+H{oikv0Q7mE!eb<2X zFU}jZ>>gE6jbT-5s=lnGYphx-6V<)6v5oBW$c{{I?uef8PR!}0qx^1Eu&n^wRh2VN zL-U1$ur!Vgjq_)f3sx@==evipXS+E6ap{@px%I#A0~e<)*0f3IZe^Q=4o+1X(yL|n zY`x;A%if%2cw}Pl{r^h7`X`zEKa$Zp+v?UHovzydP_l!sn03UK71MdHk@ZApC%9`X>bBRF(={|0SU!PI-ZW>K&R{H0y)IC-ac9L<6#lVq<{A^L+nDNV zDz}Rm@!U*EABk?Wo4VZ5*pypQ;I^$%W&`h0>u`i6t}1QgK5pH##?JMs(p!srX!KC- zYU8mTpE?NLVoxKYkJjAm++D2l&8Tg_7!&K=#7|ksP{XWpR<&obdNPxqn>vua+PiNi zq>o0o+t-Ndrum!A(V}nt0-U_8YD3*{p*UqL%uToU-ji4O3%wgJUcb9xcWwI@uq82(cd zu=9Hq-Aa{K{i4RIOBvhc(d_!nPMN#&e`2+{{wG$jW|yn9r*w0;wS2+8(9701fYc1I zd)mU%vRQFrdROY^`d>F;+FWTw_0XD{Rcm-H%2hAVws>v07>g%!D{E6PTJ#RvS1$~H z{|zPO7=WwikjK7n^w?jGD;b|MN^4zMzzSAVrbg%|qVd?AH~s}cKp5T>7%Nh$8_K65 zk7jS_npz6$R*Mbo;!Y!~(+w_R-NaJUK7A3ZQVd-vf&K^xm~oLJi~jo1~l9J{oJeEhQPcW>hIZ5fc{UjUhqT>3ySYO8WTk z{0%X$F}&Et=01S*{@#5JK~roY#;;N8+#2?wo4K0{LiLL~g&-<_;?oZTl>NE$8=VZ?Uu&W9MF$J#U!>}ZJ^O>2t6cTSx}hlItPM+@?o(p1?x%t zi{&L1lo?o?20W-<;z^#AsseF91Kfj^nZyG>gFU3oqU}f!T`YiNULepU^pkOfwBEJ+&vI{ml%xn|8J*%t<4V@Pl*F60P z?klFr_$K~>mvOZAB~N#00V;SLXF&JF>*m&LZdl>*_M8_f31h!1YE0<*4rb2Mpnlu` zE!yeWDmZY%T<@$9{rRaymoEK|{+l>2gYC0<>~lT9Ag9(7kO%1C@?6*ci*ek@jQvEV zx8s?5(ZjDu(-NC{B&4<+6GLj1J@sUVJZ|`n2PeiUo7?Zg-Nfb7Bch`4W4SXZ7k-lq>1>GSjQ)1vs)N(b;=+j%x2I zfaf$a%svjT^qmh1YN@RIc1@%t7M1NwQR=PW*P($3zrm#{OWu)L_2U+8O;1p@USWqlD@9jGz@js$7hyP-7~Hy#1J#0o?lX^=L3mRG|JiG^-ICHlsF;4Hx`;bT-dA)bNVWHz^jXy55@jb`S_ z$7rf(+3Z2jz>P-{Ln|8L1*WjuW_9?xwk&N^p}~+vlMQ)V>P0X8h6A<5(iM>;d>wNf zDak0WBv&ifUO8PBa|xq-8!~L=Jb!b?EaaueZd29wq61^;Tno=2c(v?1)OfBYjO6eY z>ZNZCY&pfALLbi-#o+kJQ2845iwmo{{{GN6D7JDw9lAXio^rM9`qEbJ9^|w3TkZrMwi{Z>nmp)>62T&e_v>i`nX&;cB@~&tTr_8#Xhdig~=-o z$D=0YB`vEID7@Nl!p`sA`PlLhrXFLh?=P127mVrtFi44GflHRYwgVL}vy*3uYX3gX zp;#atqohkAA?z@M8Dsje zsS9~Yz7?l|^O}4<%^-JR|8vG&tp0V>WCDM#jkUyMdrMt~db8Ub#eR^BUG}XZ=zAPBil?{hnUIMB-k{87P8j`Kn41Dc zorIRv+-_sMh&(9u&dWnUMEfbDFTqbn%y)C7ej@U4Onx3oeR515vpw8;w9E1}&-yf6 zI@IASx71Fxx^GY&&L81b20Ng{1h*7Qudvp-5`GP^AD#dS zst^6EvAhu$opS$ICCKSP0as8JdMkwG_@1KUM0pNlDI|$5dx8O&M{6o5p0Nvci%|X* zWl4<#TvF#tL$}VoV?iUyiI1?Bdy$h1sfF@i9r8Td*#_+ioy9XxsfX5RQb(|8AGVRg z3RYA#l*9+&gi!E{4h;e)^}9$&gDo%<-WmZG2}5- z)p+z$2G6HeSX%ho&*>VDs)aq$M9L`2AtQw)>23*D`5`QQho?BgK^$y{&f+Qj*g(Ee_#gzY^3X9?3Fp=z^&fMW86u=7vF|XtV9L!1GZV z15kg%22Q>DV5$jbQDS57%w^#H#e8s2i;hduxGE}#J7=b!YRRV#04bdB`Lr;?wt7KR>b2!BsibzgZ7ND+P5srAU z{EgzJM>7A78H^9z3iBa@GjB5f=w95`-@^w8(5te5xyf1J3(P zO+wcpQ-n2eH#9pdkF&Y#5YM$=m?o+S&hR{m!Vu12F{OhHng*9=AnUr!Y&obStEhma=Py~HTdB#S#(HY4rZ9Eseyu>8# z=D?`sq{9?fFWT06*OP&ad5U0*;BLd$zH8Y>-ua`xP)LZKU#N;15)#|NBYC(b?{WQ0 z#=H7eLIN9_yVpIbi_oGU-A9%Z8}~%$S;cgrF#)E@svt{%J*Z|iE%wWxguxw(1Zx8D zb4Lp8{}EKPal|qRJMK-U!5@iFlYa^`kb0}Wc@UMT(_Kuo?aHRFka`qk{cM`#pkgzs zL~Xi{a-7+9B&AziLR0@)0TY}eS(?HB))=XI;>YTmPal^Jb(mhwhtQ@I3e^X6d$#Hz z4b0&En*)l$n#4CSJBaSEs1K_L9m838tmi^1j*bG8*uy`68K>>12^W)C7>@{qIQn8P z@XX6kKvoTl!1}#}r(`h5t=<2&_dSquU3zlN3N|O-Q?8yUrFT4Ax@p)7_2@PiN=>s+ z(qSR!5PCvhbW71)Gy%qkqgCQbMn+iA?I`8;a3}p1ulZz*1?p%2#+;v?eAaoyGR#S* zm?U#Dr%fWOx9q&gV#2IJQd3JzBP(7*BTYFxW;$6R{7DAbFXp_yg&B#C7-p_PL6hKH zpJc?pVLX8x##_K6NCk%tvc9k}VCz#CY4x}E`(vAbsx_Z}T`9*6%_he9(o-76x=OG) z3SVsT5N?^bDS` z#5d@B!}P1VyV+-1yXUJe~U9MRmua{E0`nH`n&O$r`i|oLA zkp5c1m3|n<<**y?5lw8H5Ah{DZY|_@1-x9jdaK`Uw4h`1lLL$}H;~GLHx|_clYgTg zIQBPC-0s0g3dgRNjp2+iBHCNe$nlTb*CHQiBInmN!^wkI;J8zX4yxz!E+Y6P@E*pU z*~nig+ix|b4GsLg`JM<%D1s5fS>Ekuf3Z#X9b3LsoDD3BO47#3;kGja?6mr8otdP*% zjC3siDYIs5P8C5qCV;_SwO3y@a(}g>S!ryy1Yx&%nhO%GRmA2~mtC9P<=dMxmLO+~ zKmr;i0qNWys~1yxcTBhXjOZ0E&VngCoL=P@0HS*<;jHK zkRtRIUEd!x#SR&k8A~!YFB?|&=u_V>9r#L?x{iQ+jB_&AmkW=&9+`}dPi0oCD6hdOTx%hc|EUH!L()KQa;j5xOEcLDY4b zKy%Q1S+B0j4(|5P24t!8({!a{MHAKpF(bYur%bcn(=nEqY|k|V648#Nd7>m>ti`l` zYya%2JS#^u{!Y&qM=~{RRkVhSqm5|1H9$msy>by12~inl_*$l&s0*jP9Bv@=1!f|G z_q_+?iOz=*SqLGr6hdYxfXY$?k=0KWLuLt(mH%H9MG!fv0P6ov_UJEw^1ws*9B@We zM2;$l5?u}zX+VxzhZ4OEA#xK!sZnSH5F^8RE?mm+z-$*+HD&0`YICDdvcy|M%a+KY8pfn)ok*({T55M_k6* z^-F}OZ7lI$X3unmrZ2S?Lm{bwLa)p3zPPrNSu5z=)VUJI~WVjgM#>E;Xl&~;Q&vy+p z3OW27^_+?uLR3){fP_&eBZIB5dNE}1WQ3TqDCbLRqMtRW33%6oX+_#w0R>M?JMff65Jh~&~BvqAy3={ReR>_EKSifrT=ut8H!u^IZQMADC*C#+_KReilDUDWB3ACL0vCD`%G~ z2Q8E_52_hv@4;Kvg)*#!A1!=wreDhQ&+D&Qm|FQ-#glaV?@#BSy$kDXrv4Q+);DSG zd|4V-rS#NgQa&R44{J2`OgzQ0S(j2JE9$a31ha~Q*MP9e$bvmsB--O3iQz$C@N|hV zJUo>%e7I~T;Yu$FYYaC^Bk2+(7R+KHbK~;>_F(3S=}07p!sx=_87kB`U#pmFK^47} zhisZ>0k0yJIeDcm`ae2I)KP!(abfhZc8!@hV|013eDPQG$-D1AwNb#}3gqEOzA(4UL|9G~KSQkbm+hDzcsrJSr{q2kI>?4s z^hQ@{5%U(B8!(BoQmn`;T%SdjBA2VjH(zIR?DDp`P<~B~1TVPH?9V&=kr){CGkKYB zS0|>;MJAeBfh>u^i5^#1rUtnIP+A`KEMdNuMF(4c5cnsBn?V9I{*oZRn^ zKM!IgY$(nrSY1b+$IP2jDo!dLW{OI4RS4vhMfjPOJkK(Y2>e7x1bIeceIa)7vt(bV zYVq2c4@Y+?t$6X;Yx>N*X=Te$G(R=+MoDfgqMPOk2O#d>6$PKsih`Mpl^b_)HgFmI z3Rawu%Ec-QQ31S z6OaC}@$kN@h2jqT2nOxUZnDi{(5T^kyqVFk8J&v~5IUNh4 zL*M@-j@IYuN}39~!|b~3TL=l``1)xZ3DQ9~c(PXJiIC;Ve)ox(R;^+7o%`IS2yDKz$(_dh1lhYcMO^<02PBn_Yvvyd=RWtg{6%>V6T~qhANn){7<@vHK4{&4 zw>(^1vV;9X0=IRTm})ars5)EFKWsyAd6Vj#5+(f|O=m2lz5_{SuVX1(^sS1glXav^ z>s~kowuh7?xGp1 z_8Ur@H(6Ff22kG_Z}&4UH4jox;07x;PgZ?DBTp2Sr*KPQ&S$(+k9btx zVBTPcbai3XR#CG(Cif`{1vtF4AEzjjFhUa4yv{V5y`5sAJ39ZAx{}eUw^;h4Ba}s4 z`|ddr&K5+f$Zqh4Hh41SDTDQG99fmKUEXVWFnsaVE!6FCVx3_M6)7IADX=o-1juMu zPPGb=byN;Lg7)zvjK);5AKLR|i$>H41hiJV#6%72cF>??Rvz5Yfycq0)cdu22)+~q z4e>bp$x(6&MqR}Cg}rW+BWj{`sUJ&5VNFJi%Pzk(=^CvU-yU0 z%j$^;lkUIyQSs#D3fNcqQV+lfgd4TN?Pb0H(mv|5p9eNPFPt7IO7ehIRX&mPEMe)ofBh$z5kQ;SsYDg2i-3(; zGgUiq6Mx*}OFcn0j@&Gbd<^+yO{bEoLgN3Exjm~x-Y7CrY1luvTNZfQg z2;C1}%|`X_>Z!i3#@avmHnS__jWz&%_G$4OsT??hCPcLJ{t)t$_w^F3o8voWD4-3P zjK=bpPSmRpb^#6SR0fdxXfNo-ASi`1fB_hdtY6#=L`PSgR5n19>fG;k)8!*SgWC6U zM@o~1+s0_AEgsXw{}KDUu)<|BjoF7*4~d1Tsj1rOkRwsmbKJUKUl^TG)kp}=CLz97 zckyvpi3h97%r;Q9Ni9dI6TON|G{9xyVYxL!i@%OsY19u0<&s za!QdSb$(F;6$HKfP)aTb>KyNdCczpxpSw`~<0KNdTp zV*E_cilupkQDk=QLD+;P@Y&;t+S zb{2y>)5lW)RGRQ;5ka|ZDtM#e*^D1NJ&L1BGbnI*Vwkbaz{2Jb50SGrO@WM+WL0ht zjJ83DnpZJHHU_!}|5TPq!E*wx6y`G6Y?5@Mzr)l?QxpQj>CKQ5ni-r1RfgVfc0_1F#ci0E0Y(aI-+vD9xa5VGQ$*woyp6AA`k$6#~x8b%$4=tailt?;wqnGbwP>o$E< z*X7EHuTG9(JHr>}_Kv0XugNQ~=5=3RU^jjG`Va51Yk!B_ySdRTZ1?fU@l@o27kQLM zd8xv23Yh#1yS#V9;&*t#XV?S`fptdK%~9GM$nY#%FC0u*LnyM(_z#Um$Anni!m}WR zBi31l^-#!5CUGMQtTZ1AGt5Ufw62mae`F25Kr@;-()fa54a)5(RJ5yTd;){knBGGr z6GHHYMWsmK6ll?TXhLc_#J-1nmsgPtwmRv(=Q(KkoP>;MJ2eqBE^EeLOiO3so~2Pk zkmM*PKom?FoE(ryW$$9O->~Bt!B|~5R>gJxhyo?ku4fvNGAhN9ajMQa~<^8zM9Lgvf@IkZ*#WneJX;s7vvPd#W&6@uf)KBCrTHR9u^=^gv8!o>Uc z(S&$AO2JlvNmDx%3D3Y3ey?Jlx;QOtN`1$VK5dCN9J^~4rCz5l zJX)n)jerz(=;BYk1Sc-(-OwLA80noJ#+K_TdHc?QR2zGc2d%YSEir;jc}!;cNx(Qo zbYX@^9+%nfy5Dq82wtlR-6M1ep2Ru!G1YG`w1pQx#`{#Beto|KyuWAt_z*FM8&u(_ zWnRwfuZy?I@xcxpnA zn;&CP&RG;~M84K0dOyN?DC9gGX;3)CJ*;T5LELa;4GXEIeb#Ak#_b^GreY?>4GJ~o z#2>Gl+?m_ah#I2FdFkgw12Ml*Fj~BGnNcxC?CEF{M5lGvdI|xXFff z-UqL63ImNTbag-6Zg(96I3QU#R~80!Fp04NVVcm4y!8(z$92u$bDlK(&;#Rf)^(Fa zS@2(=+Qe2>f5i%c4pH8D`k}n1UepZ*(lTIP!vJ+Sy`L-$wDrbIg&Od6%T_g7?QS=D z*6zg4$eSJ({hbYr{a$#;tKiiqzx^rtxlZ`R5@>;}GqJ%8bb(gm@#<%*0BT^>={w#x zXac<9-rR5sb=$S#FbeGGK+7{A1-c`Ak5$DeQ@gXv~a>Jgz{U9bZ5! zCYty0Fu-6x-?>f4*1usnK*I-OHBngXt=>^^z~ly>W6!wQknIsiMLH`A$apF>2|(UN zPh)m)PHtm$=Y+FJ!A^>eaRikDGj`O+!;A45`m#8gojk>sovu46M&9Cr=*pSzdP>yl zHJ0qb1)nwg?VcH~(P)ME>n)g7GMVaXr-v{`P88?Jcy~E7?LFEi7rKv6abmcv+bj+Y zWBgEt^(zm531&8tnt2?Sl5M;CZ+lEbJHBy`$={^tb&l>64a6xIRS_P^pf_F|pZP_> zL6mW9hn+5t(F$Z$Zc-A=>;$u9XKtna6&B8#i51Lx$f##4<_v!o7R=&Q9}Thrww&Ci zAeaGJ^m$A$)5C3{D$aCgZ_`%zi&J~WlG5>?bWGXM0y1rdrg-oxlyP%jQU+&EMj~gL z3?eH{D1$d^ZN;B9VayuE+9{KBlHD5+Cd|4YsU2jb>E1|1#nqvS4yg{4QxJBvu9~F_ z7vI471KPi4Dmi#@fBqS#wjVx9??|lAB91ADCjc&I={V_V6S{;e7=jd%9xdL$q(@Z* z%$;@@bSEwXDklP&u;0==595$PibRuX`7sqxnL>}|Ls$%^!3ou@6%J@+dXcFKA63-G9#TAE zG_=KWg})0QRCK1B1ls@+Pwi0LD+h~vKXqL0=CV@7ajl3wvJ0$m)@WNYIR8(bF*v^i zVR&i>Qoccu2{kkLpz^DmNrpeqPT~HyE7=*dd0Zu)JU$3l1logd!wm64&!PFc0&3b`30b8 z2LQ)2UuWhNNj<Y2aAEHv0G#FfL@>Cb6mkhh2}nc4e9K2z?&;P*)S+`){PuQ?PhtK4OB*8PkMvueClHl3JNZ^Qvvi=q6 z9Kny0kl{>8HI61w^zWBYf+k>C9D(HTiXwGBqrTrqv$n$l4)`@oPWyj0Q_i{`5P2&M z$DQ7u2*>1bd>Wr610$s?5rD?VNX+xxz{vY!U^x0zE!CZ^OC2n!mZR2*Yd|f2O?bQE z4U!Hr8k&mQN*Em~VEh%np5u{>8w%$260i0bOtkI=Sv}DEqHC{>_T8gb2LDB6l?g}$ z)cfxU(^sR1Hf>*UJ8=XOvbH;PgW1a&n$891P`6tHfN^lc0L{t)JM5zOZ+xLrjdeWjVy(v- zS-u2M*caXIuG`n!USU7(A=TYJNe<;pW};x4Dxx^gDTniOZz1>#-J%k{N)fz4OLDOy z`^5yP+yX65jRi3EQ;#4648j8y{y+sgr-5LZLY1oYD#Zoc5bDbnX}dn_cfVzl6-T#S z9zO2$Esf3H=q-#zv)8HKX(H#l-fjHOm%ZCS${#yuqUGa$d^zvggCN1G97lN^kz!u~BW5!6u|(_*ED`orOYjSd((Nri z#=6(GSdDnvL5ZaT9p75?9u-pIQR;unk2j^Xf%bzlxeHjYC-gP2E6$Q+_hMM$365*& zdpb`P9>!GVLb}2^n0KC5+_b-=vRGZpkr7SfFShkzx-ZPg4!|jePjKOYSEt&cN4LD; z!(#~x3`d&6`oMVwb#b25bJH~QSO}9h^WjWq;gd8C`byiyyq+ZOY7oAV4lrpim1xK% z(oIxQI!QO>co&L13@?&;YZ&MkJp{jEB&Bv^CpgXb;cQH6Yqo>;Fg@G%Qcv;B=uj-kS%>g660z_&;nV{Jh3BVk(? zIWmI@EAp^0N9@Dw632th)H53nKudNJyF69+<=HSuGJ=AJ0xiXJ79$7E}oFjQ6or5XcyrdsTCrG`WKQNwjpF-iGh$F+bOfw-I;O=Wru5NB0N(!hg2Gy2guQH zp~el64Hlf{*Gr7F(C_sTg~SX;<Ij8`8}>c#sEt>7FE0BiF%AmNj+U9bf(h0OSxlHWP+UABAK98-l|2bo| zPkIbnyG);QhE{W1y=wnee(NWdDwyd!tCo82-RPZUYsgO5M+iT39?Uw>ll;b5XE6}b z*^Iq^H)R#toGa(g*_N7jA0e~*a3Vx6Epr& zR4P601*lfK@V9h2Jy$?mBf;3Ig12Ba&XyzQ<>ptXcsoeTa5JCQLmJDkH7EYcb_RO* zYhX8qOO{ovuG9s5YV~KKK;&JFl6WXJSY*OoF?b+C1=-Z>_@q@K1E*1Y)|M4dOTZQ- zLfXtpC?p?B1S2fGL)C~@x&kpfrZ?!zgdbxk?3&vgUY1WPMRE9hzk-sHcdz3AspG4I z;)uR3aSwwAcTI2x26qS=2G`*38r(g&B*9$*1Pd@oa0xy@7~B%v2{34|oqYSN-L0?o z>;9wbRK0p#_1>x5eeQktlwkzI3P$`(KFXi;8MgT3MK}9v;f2NXqJFE_ah+sdL^5fQjj3~kS@YfSP>p|5)A)vp8HLYfk@$HEk zShzl1WIQW45D^Z~T0K^1Ls`{CegYWYJ;<<^Zu(j`Z1vd5>xhGu68*-?jUS2%uq!b> z^E`RIVT;>yz!5)mOtV$C(&t>Lepz3b>Z4HlNVP!SsAri|1ntQ!%Uvf5@ER!>oE2t- zWuHX9<{A6pZJN2(V7z&A9KZ`B=kqMe3) z$nem;)6%P*?-*f%LGc&EKB?r&+(Vmu(&!~+{`}Xn=4=z!V{^&q3k-6!*sR|5n1@)T zWIT2+7%i_DUsD6@wW|_mc=mJyC$X*fccjc*EOcz6oFqKhkIZ7*+@7Wy(&+40KbDl7 z!JI7$7Ak^q7ef=VI-1|ZVhV#v1X+0^c(oYkaspIx96?^M`M1cTsYNM`lV7K?vix#Eo74{&l)cWR_)X2-!0-HR2pcY z-}ZLjCFbsGwpwpMmwtMUpI~xlLp>L3!G38=kf=H#G0M?`xs!~EL5%C|6Z*Q??vcYj zcv+y*mUGwIgE(V6L+C~IiW{YM1XpL42m$x$5c*~DIh05W)uWYg%iJ3zZICM4>Qe1j znZ5TeO8OuoJlB&Lp@oXL#uI@2Whm=z6=!S{nDyVGSRdg9d2cRS|0DPCXg4k9#9ek&6kIMLdrJ znJ+o{QLSkr8KX`EUE-Q0To%iJcpe0R30P1QZ&fNim9h$ArHB;cP)vhD$@0>W*V5V1 zZ}|eZDUiME;^lzH42;*B2m05Td?$uMTP;_5;mpgszrc8!o4zx zbOkKx49v>rD)SN$s;IEH)am~aNmJ9_B6kjOm9NO&d5GA2NP|R}`>Tv|i);|%6DF&} zu-HwSI6ZHf2aX^#vr2JUz#=%v3R=P>u)0PJDZx+^C`^Szk#_f1y{FLqRC(d*m{}sy zUb2%3N1uK9is+5Q?3`ofFcl}~pbUFncMX!Bk|__7414}U#u4t}dE=|>sc;mL(1#I! zR|&{#&u&WD2CKz8aqd%)Pj|pLEsu|>aa8^S&hdk3gV)O-d4TI%5y<=GK|bL}<v1$%(Yy{30Md=QH693n7mB`3rn==~TTM#<1rThQgP8Pi8=vE;ytJA zO&17D$;u9 z&wE2!MR)Pj@6~Z*sGm4fiW%~2U-hk&1y&n+FpBEZs@utSpIc570{KT(lhvpyl1e^m zH8zne(S72At5%=D<@2~Hqh^lWi0YpylXA(;_QF>CdG3GA!t>8n6SWGbgW4^{690Hc zUHfeJvYX4}yiGuRnQxU=#TMaT?_$XhUD%iT#F*d5t&mj{REVn|LO=N1P&R%vI;Rmg z$XCrt&YHnd#+sP~m4AIU*ICZ5j6AP{53O~{k@RU&EN*$evDE^Csp#UAE9bIzVG%s* zLwkoQ=K|+GMc+VyAQVMW3%cX|t>(&VfTQlLPd?2-vPCQ0uYG0l*!YvFOEdG$!TU1-HC?BV3cuw#a4P%mN zvcNVmyXs5i49pJ|)=$7QVhs?`q(SEa1!bZ~t%JFpfw(6gtbA~yhpqaErFdmHRkk=q_*@XH&BpnA6J z#pw?EM!z=`BHz45Qjt6C_IZJ`Es|ha@ zeJl2(xGDTPdcU284g}7G+$1Gl<#W1QcKctnp1Ejgo~WhwRUKVdi((SN%BT*KdDGjLBQipU`HBf| zrjuRCP%|07+*2!p=|^(eglU#KU;4`*vZ9GGrg{ct6Yfef3YOneOGFihEib6!M@ccU zc@&DZx`_MItnbU%rM74>&p{zB{%79nT==7j$F#AvpqzJSZ(lgu^p$~!m3W!1zDU;M zAd@^bF5okP* zABr>oO*gTe<}1XBMK+J0O%)9(ZSWBfaZ*Htv}%Zz1eV?K1U0;^ zeZ@9;&iL97N)1)8O}4ezZ6gE5x~%#L20JfP0wxItvHfN$l5K}J)nAJ8Es6VUD|+3( zrIDg)9eXwEM-Yxy_-^c5G{5uC0wI#oj(+bSDKW{=OXAfSn%^xsHo+Jjm>uq){i%rU z(PCvH|95TO6sHbcxp=peEA_kzI3aH-$ayHQonmdF-m?OHr7ugyd2OXwnSfT>;K4wr zjzs~b`N>9$U14|II@qLT;9gGjiL-yJ40W~d(@u>qS`AHGTGJNkLf|H8xV>HQx!iPO z*w0D@9)srs_L@RfqLx?7r*a`bDjH4$F>ijo5xZR~pJQEaSKTrBvO##Aw*x$~*e*mzedgwhe^xjidxiXrpcmfR zR0kVL6mBo#SPJqjS=jRy=7ZN!l`isgAR509-eckL^4gnceYd48g=gc0>1Vz0r(aZm z>F%U`-)~49z7O~nYn2EEqsRd^y8_JIBFsggWJbEU;BUX$Sr3mXl}ixi8oVf0}lBFBXXMQGh%DXVQ4FfMrOXkAmXhsr9-e=e?)= zUK0zzgI4*5-5`Kn$Urkv(;lcSVr-pApK7ykDVcs8NE+QDv!R+sD-2iUb*Wh+6p(;G zs-*h6_k6?EsWwO(rx(A&6kistP|1|EZh}@EyNu{3#r7@N$JV)8XsJD1UGO~$5L-*Q z_it-GCOc3Gqi_ceci)5ylf}We6!ZRVE#V%d1u7Q9H)XZ!YBlk-_4wR!VmN_!cMHYp z>6qM$eCt+O4mwPMD`AN8V-UVwyt}m)lk+}un9P<)LM(iS!XLd6%X#zX##H@OsATBl z>HAEX!px{5jD7e{2N{p4sp(L|fn)hgOIXwT;aFEOj2a}CuT~U)NulxAa}3lSSp^}t zuHz5$cTf|Ry^&|JOl_)^ro0e0ZY`BR@XWBo4hD|jP$2a22weVIf;LXyU34B()dVxo z-%jEB6Dh?Fjw+e1xIi-}WdUhp;g7(=cE_yxccYf60Tc8L^BWG4jXtyEciW6`h64P#lG>|08XWT{ueO7Cb)NK0~2eQ@Kztvk_j1wI%`AbO$T+=n{scsn=) z_0-fxJiZuF9K|+Qa%YSf@~+$Oqkp+{)Z+nZ{t^QyJWrCe-%S%^w%%Sc^)^MRPZ^ki zw-Y5M5KA#DC-jsn37XpJWo0J9mX;W(gdoqmhdp@jQtFxE; zGB*%gBZ)oY-;A)38H_NWAxH3MVZM8De^lwf`xi)3Vm{f*!o8TR8%V_rn;TUR_tDp0 z{SAHj`RCG<2e+?O8B-<~*C2kIizfKcIufaT!lDO$^Vji#azTN<=kWM4VjX5_!|E%t zS@F+Ntw%sKq-?57Ce2Z~Dp$hOzaNo)*2aj3_BLj7%c&HZLoMCRJsa@iLuB+B zQ{JX14Af1hsr@p~oNjcd&?0e8G&C4r)NP{0%_8(QvYiz|(RyRShu_+-Z>UQZduC8a zN;}@M|7~@0-LaXD8shAR56MIDS9AOye<2ec$)r)ZvswuL8ojLC*;3>}@b{CIHRrdx zWj=9F+CM&2Den-gM3!>Q+0P_~PV3L(w>{XdFqMQiekkfnM%7htv}&2F_dCO|guLd+ z8k+<@kul6BwvqxiP3<*H?}d?uM>%7C_=Vn?Zo%e{unQcX<{#+TzPPu-`8`f69CVud z0gHf1jdUXgTvEkS>AS+QZIvY+OYHiO<>rkK- zL?VA7PGssSB=b%3`-T-sid2)>qatA(Wy9UiZ@2mqi<(%n%A;JwJ^vdKULcDWgmj1G zFDUV=8sEoobdCzJ<=6jeCXZD~3DUt<-+hHf3d;=NF0jaz3xpwmGHX<2a40jGcI=JR z+ov)n)M{U1Xlv6((_1&0Zp-MRI~EtVUtOZM7taJ7MGnD7q{!{_e7zX3$cnxpQoRD) z(p$p-%Ds8*uMtB>$8o-R@&&`=YZz&W5MPR(<}`;+?^$aUHgbc)_~lKTU%zB6FrCeF z2u)oL2&MtX*umzlhO`FNMPHN*BC3zmc*&9Ps(DIK8UEac6GW_igbhNGny^>fp7iAd1a%nRnDEY&*m2uk~)Terlx#~r=Htv;`gSx4f1e{ zl1K{~W=4PUAt~I+IQ}VB<#Jh4REwKt*4}j?9j{1HLcw=2`u%2rln6EO!FD(=#ipUn z?d|(WOEe?{mXzi2aGPLv7n50!B3*t7k*D#yZTd{qOFgmI+6LAKzt^1I(aPzn9X6B8 zW|n@OixV}G#aMFpGfh2^G7z;;3fU%1UUHe&{+({~Sgt+|ci*}TGN2MFP<<+P-&&=@ zlWFTsLSz=&Ji@7@0#=243XG)W`-4y8eQ`Al#&`1HeEgSLQ202f5Z7o#KXwzr-ZNA& zmxmNsL|n==jqlqXqwKkvfI0H$=%1HO!Cq>uk_Fv%iuQo0H z)Xv)GDBjohQzi;gNPoIl{J4}7?(`dWs@-WJh!nU))jaRbu5|pZ+mU*8Pud|bUH-&8 zTjPbpSrPwCXPxaYKI)97qp=NwU1K?+@bbGpw{uF)|H}1wV>^2VY0rnvuD!DJ%_5w5 zQeY>b=H3ItkX0fcRR}ph)D#pCV>K8*1uQp2J^MNolPh>)`q=;{1)4N0ZTv-5aN89VyN&`J;IAL{nc+}@k%?);f*V_x1^nQ027!Uxv>f}?} zp;Bh5A1^7le$%Jmy2@iUR_r&ZFL8Js z@9ARJho!J-k;bQvk8V=IQm$HX@I8<1@+3ZUc8~k`nCoU2aFi6yH7{zlnCwTNIi24V z2h$pKSaQh>Y)KgF6`jQt%CF1?=Km8Q6&e2ohh~j9ajYN73obIE<9^&{diko^$;N1hZ~=6xeEo4~e(9UG7L1WMBn0 z0gIf4EEvw@kl)c;>ePfJ{CZl=)Ayrv#vc!IN8xS_AKo8tzzf6o#P4^N9<;bQQF$rz z;24XFA57MejCuAx&xcE(Qb`s`g9up1OW2$j*o2Y!GxiohanC)^@X(DLpy zYx@qtNf)oJgkvPhz$DlExlAYiHR<|z!A0Y74MO>~`PYO#B%HbmE)hO{bgy(;4*bJh zG|=wL&kA)=qA6KYl!oXm89==9OYYe!ws=R37(rd0F>w#ZT7qtH2>6HE!Mc-{-N%;Wm$#T396)wC zb|La`S^Z9Gpbg#|sAr7X{NZ=G`P%)t=lP+G`i=YAe4Sh~+Mdel+r3gB)V@CsbX{q8 zHl>t27q<#il@3YjUzh8y9Fw{$1OrY&Ahk~U-F!#{MGT`JF4GRJfssB=MIarQX-$af zTdC6{UER6BBrE3Pi0a$WuOX`k0?SaxCL^cHt1ZzkKf5OGq1LZvp;?z958!(Jg_WVT zp2qVGBKlus?t5C*bpUito!F15|sSA2Z4J zY8QO2#{W`a&41N>{rP#==+C#^o;x8c;m5}7;FBFUyW!JYsiDv#wW0i;m0iOlsgQgD z8uRt%rHjzNU7`00%4G(6&fR!q9n~4HnZuhv)PZVPSS&CadXeo`+|DGC-E@zLF+6T0 zFQgq`>GIC=ZzzhI1nL_9GqZ1wCwSJwYY;7OWB#DFLAvrhVhW5?C4?nRHYl~P%a~9nJV7S*(oTc0 znN_qWuiTQ)$azxyaw_NlII9`V)4VufUm#VGmImWttD;_%N#(jgbrZdswTi;AN;!Tj z+5RZ`!pCx?ssk|0^xw{a8X`dncgwY2?1O!1(;av(NxbaB*U*2t6`>sMJ)eZ%z|1VMF(>u}qH3D>DLU z2W?#Nu|UQ>BH2j;teu=A?EvR+#{lSJn)a?E%z9Zu`R3UNJltGPGOsfqwssuo@iX&I zeZSpFqye1XJMPjtk4SQwd}wWsNTac6nD#umCE6Kj7}o|o%dXMAFzop#G0$T|yZneH zI>CZ&^nZF|8vU5Q?owcQppXA`_;b0}R2KSz*RE2KYpQBg`V=KU2j$rokZ7ECpx}om zwie8c+KShRc`m(~p1wUIH`~*q{^)cxE0xtOp40rOVUHF0Caq@wg2&fC`t7T zht!MjE>~}+Fgr7G=+kH@%s+s>z~17TG`(=Cvq1$qLE1lCh%Lr|7Jw`7%)UaeE

    e z#n7Y)kkGuN7gHBB$;I9a*aU?_mRHr>yu7HESI3;aoN7U>Gb^jhF(5lLZNE;vT%hZM z#5w}S%DUCh?Iw1JEU!%O9*;=mLzeRhjp`6D(`y1`R?c1Nu~4uveK>yE95`v|44pHW z_jKl%w{pCWP&08;7-Ihd3FMf!cDyb@K;8d98^`N@1hn}Nv~|4RM8Nm|fp(79C~r;N zqW=T!@BT2DeP5#(7hvo_KQX-+g50;ialu{gvY!5Z{{gM@&WDHUax;X{&{?J<^U|P; zPH0xXW2cagpZ*-tr}u>JYbvtEW-ywMFnhk`@j2fz-6#7v*vo?Z=2BR+Lp5(}7zbwV z>xu~$F=D`%rFVAL6N{+Vj4at&Jo5iIzCOuE1&({u)bCGqV=kGeMwl2D!S!_1^SkF6 zprMM4LW1-^`=2AMul}Fwe{e(p@00v@^Q`|n0~XQ$$4W~>6&>T>5ER56g?K(8yw{PC F{ujR_enkKP diff --git a/Solutions/Global Secure Access/Package/createUiDefinition.json b/Solutions/Global Secure Access/Package/createUiDefinition.json index 0641867c695..28b6dd234c4 100644 --- a/Solutions/Global Secure Access/Package/createUiDefinition.json +++ b/Solutions/Global Secure Access/Package/createUiDefinition.json @@ -6,7 +6,7 @@ "config": { "isWizard": false, "basics": { - "description": "\n\n**Note:** Please refer to the following before installing the solution: \n\n• Review the solution [Release Notes](https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/Global%20Secure%20Access/ReleaseNotes.md)\n\n • There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing.\n\n[Global Secure Access](https://aka.ms/GlobalSecureAccess) is a [domain solution](https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.microsoft.com%2Fazure%2Fsentinel%2Fsentinel-solutions-catalog%23domain-solutions&data=05%7C01%7Ckavishbakshi%40microsoft.com%7Cbe2a496082b24caa4b8c08da9cefacca%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637994850502413731%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=OJegu%2B2EqD7rmYmK9pm9QniD6YWp5ooloZ6tHzcwVi0%3D&reserved=0) and does not include any data connectors. The content in this solution requires one of the product solutions below.\n\n**Prerequisite :-**\n\n Install one or more of the listed solutions to unlock the value provided by this solution.\n 1. Microsoft Entra Id \n\n**Underlying Microsoft Technologies used:** \n\nThis solution takes a dependency on the following technologies, and some of these dependencies either may be in Preview state or might result in additional ingestion or operational costs: \n 1. Product solutions as described above \n\n\n**Workbooks:** 2, **Analytic Rules:** 1, **Hunting Queries:** 21\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)", + "description": "\n\n**Note:** Please refer to the following before installing the solution: \n\n• Review the solution [Release Notes](https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/Global%20Secure%20Access/ReleaseNotes.md)\n\n • There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing.\n\n[Global Secure Access](https://aka.ms/GlobalSecureAccess) is a [domain solution](https://learn.microsoft.com/en-us/azure/sentinel/sentinel-solutions-catalog#domain-solutions) and does not include any data connectors. The content in this solution requires one of the product solutions below.\n\n**Prerequisite:**\n\nInstall one or more of the listed solutions to unlock the value provided by this solution.\n1. Microsoft Entra ID \n\n**Underlying Microsoft Technologies used:**\n\nThis solution depends on the following technologies, and some of these dependencies may either be in Preview state or might result in additional ingestion or operational costs:\n1. Product solutions as described above\n\n\n**Workbooks:** 2, **Analytic Rules:** 1, **Hunting Queries:** 21\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)", "subscription": { "resourceProviders": [ "Microsoft.OperationsManagement/solutions", @@ -86,7 +86,7 @@ "name": "workbook1-text", "type": "Microsoft.Common.TextBlock", "options": { - "text": "Provides a detailed view of Microsoft 365 log data, enriched with contextual information to enhance visibility into user activities and potential security threats." + "text": "This Workbook provides a detailed view of Microsoft 365 log data, enriched with contextual information to enhance visibility into user activities and potential security threats." } } ] @@ -100,7 +100,7 @@ "name": "workbook2-text", "type": "Microsoft.Common.TextBlock", "options": { - "text": "This Workbook provides an overview of all traffic logs within your network, offering insights into data transfer, anomalies, and potential threats." + "text": "This workbook provides an overview of all traffic logs within your network, offering insights into data transfer, anomalies, and potential threats." } } ] @@ -120,7 +120,7 @@ "name": "analytics-text", "type": "Microsoft.Common.TextBlock", "options": { - "text": "This solution installs the following analytic rule templates. After installing the solution, create and enable analytic rules in Manage solution view." + "text": "This solution installs the following analytic rule templates. After installing the solution, create and enable analytic rules in the Manage solution view." } }, { @@ -158,7 +158,7 @@ "name": "huntingqueries-text", "type": "Microsoft.Common.TextBlock", "options": { - "text": "This solution installs the following hunting queries. After installing the solution, run these hunting queries to hunt for threats in Manage solution view." + "text": "This solution installs the following hunting queries. After installing the solution, run these hunting queries to hunt for threats in the Manage solution view." } }, { diff --git a/Solutions/Global Secure Access/Package/mainTemplate.json b/Solutions/Global Secure Access/Package/mainTemplate.json index f2a59203c47..44c3bb6829c 100644 --- a/Solutions/Global Secure Access/Package/mainTemplate.json +++ b/Solutions/Global Secure Access/Package/mainTemplate.json @@ -38,7 +38,7 @@ }, "workbook2-name": { "type": "string", - "defaultValue": null, + "defaultValue": "Microsoft Global Secure Access Traffic Logs", "minLength": 1, "metadata": { "description": "Name for the workbook" @@ -59,8 +59,8 @@ "_workbookContentId1": "[variables('workbookContentId1')]", "workspaceResourceId": "[resourceId('microsoft.OperationalInsights/Workspaces', parameters('workspace'))]", "_workbookcontentProductId1": "[concat(take(variables('_solutionId'),50),'-','wb','-', uniqueString(concat(variables('_solutionId'),'-','Workbook','-',variables('_workbookContentId1'),'-', variables('workbookVersion1'))))]", - "workbookVersion2": "", - "workbookContentId2": "", + "workbookVersion2": "1.0.0", + "workbookContentId2": "GSANetworkTraffic", "workbookId2": "[resourceId('Microsoft.Insights/workbooks', variables('workbookContentId2'))]", "workbookTemplateSpecName2": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-wb-',uniquestring(variables('_workbookContentId2'))))]", "_workbookContentId2": "[variables('workbookContentId2')]", @@ -203,11 +203,11 @@ "kind": "shared", "apiVersion": "2021-08-01", "metadata": { - "description": "This Workbook gives an overview of ingestion of logs in the CommonSecurityLog table." + "description": "This Workbook provides a detailed view of Microsoft 365 log data, enriched with contextual information to enhance visibility into user activities and potential security threats." }, "properties": { "displayName": "[parameters('workbook1-name')]", - "serializedData": "{\"version\":\"Notebook/1.0\",\"items\":[{\"type\":1,\"content\":{\"json\":\"## Traffic Logs workbook\\n---\\n\\nLog information in the dashboard is limited to 30 days.\"},\"name\":\"text - 2\"},{\"type\":9,\"content\":{\"version\":\"KqlParameterItem/1.0\",\"parameters\":[{\"id\":\"ff8b2a55-1849-4848-acf8-eab5452e9f10\",\"version\":\"KqlParameterItem/1.0\",\"name\":\"LogAnalyticWorkspace\",\"label\":\"Log Analytic Workspace\",\"type\":5,\"description\":\"The log analytic workspace in which to execute the queries\",\"isRequired\":true,\"query\":\"resources\\r\\n| where type == \\\"microsoft.operationalinsights/workspaces\\\"\\r\\n| project id\",\"typeSettings\":{\"resourceTypeFilter\":{\"microsoft.operationalinsights/workspaces\":true},\"additionalResourceOptions\":[\"value::1\"],\"showDefault\":false},\"timeContext\":{\"durationMs\":86400000},\"defaultValue\":\"value::1\",\"queryType\":1,\"resourceType\":\"microsoft.resourcegraph/resources\"},{\"id\":\"f15f34d8-8e2d-4c39-8dee-be2f979c86a8\",\"version\":\"KqlParameterItem/1.0\",\"name\":\"TimeRange\",\"label\":\"Time Range\",\"type\":4,\"isRequired\":true,\"typeSettings\":{\"selectableValues\":[{\"durationMs\":300000},{\"durationMs\":900000},{\"durationMs\":1800000},{\"durationMs\":3600000},{\"durationMs\":14400000},{\"durationMs\":43200000},{\"durationMs\":86400000},{\"durationMs\":172800000},{\"durationMs\":259200000},{\"durationMs\":604800000},{\"durationMs\":1209600000},{\"durationMs\":2419200000},{\"durationMs\":2592000000}],\"allowCustom\":true},\"timeContext\":{\"durationMs\":86400000},\"value\":{\"durationMs\":2592000000}},{\"id\":\"8bab511b-53b3-4220-9d1c-372345b06728\",\"version\":\"KqlParameterItem/1.0\",\"name\":\"Users\",\"type\":2,\"isRequired\":true,\"multiSelect\":true,\"quote\":\"'\",\"delimiter\":\",\",\"query\":\"EnrichedMicrosoft365AuditLogsDemos_CL\\r\\n| summarize Count = count() by UserId_s\\r\\n| order by Count desc, UserId_s asc\\r\\n| project Value = UserId_s, Label = strcat(UserId_s, ' - ', Count, ' Logs'), Selected = false\",\"typeSettings\":{\"limitSelectTo\":20,\"additionalResourceOptions\":[\"value::all\"],\"selectAllValue\":\"*\",\"showDefault\":false},\"timeContext\":{\"durationMs\":0},\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"value\":[\"value::all\"]}],\"style\":\"pills\",\"queryType\":1,\"resourceType\":\"microsoft.operationalinsights/workspaces\"},\"name\":\"parameters - 15\"},{\"type\":11,\"content\":{\"version\":\"LinkItem/1.0\",\"style\":\"tabs\",\"links\":[{\"id\":\"2b2cd1be-9d25-412c-8444-f005c4789b55\",\"cellValue\":\"tabSel\",\"linkTarget\":\"parameter\",\"linkLabel\":\"Overview\",\"subTarget\":\"Overview\",\"style\":\"link\"},{\"id\":\"cc3e67f2-f20f-4430-8dee-d0773b90d9ce\",\"cellValue\":\"tabSel\",\"linkTarget\":\"parameter\",\"linkLabel\":\"All Traffic\",\"subTarget\":\"AllTraffic\",\"style\":\"link\"}]},\"name\":\"links - 7\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| project \\r\\n Timestamp = createdDateTime_t,\\r\\n User = userPrincipalName_s,\\r\\n SourceIP = SourceIP,\\r\\n DestinationIP = destinationIp_s,\\r\\n DestinationPort = destinationPort_d,\\r\\n Action = action_s,\\r\\n PolicyName = policyName_s,\\r\\n TransportProtocol = transportProtocol_s,\\r\\n TrafficType = trafficType_s,\\r\\n DestinationURL = destinationUrl_s,\\r\\n ReceivedBytes = receivedBytes_d,\\r\\n SentBytes = sentBytes_d,\\r\\n DeviceOS = deviceOperatingSystem_s,\\r\\n PolicyRuleID = policyRuleId_s\\r\\n| order by Timestamp desc\",\"size\":3,\"showAnalytics\":true,\"title\":\"Log\",\"timeContextFromParameter\":\"TimeRange\",\"showExportToExcel\":true,\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"gridSettings\":{\"rowLimit\":1000,\"filter\":true}},\"conditionalVisibility\":{\"parameterName\":\"tabSel\",\"comparison\":\"isEqualTo\",\"value\":\"AllTraffic\"},\"name\":\"query - 6\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"// Unique Users\\nNetworkAccessDemo_CL\\n| extend GeoInfo = geo_info_from_ip_address(SourceIP) // Extend each row with geolocation info\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\n| project SourceIP, Country = tostring(GeoInfo.country), State = tostring(GeoInfo.state), City = tostring(GeoInfo.city), Latitude = tostring(GeoInfo.latitude), Longitude = tostring(GeoInfo.longitude)\\n| summarize UniqueUsers=dcount(Country)\\n| extend snapshot = \\\"Total Locations\\\"\\n| project col1 = UniqueUsers, snapshot\\n\\n// Union with Unique Devices\\n| union (\\n NetworkAccessDemo_CL\\n | where userPrincipalName_s in ({Users}) or '*' in ({Users})\\n | extend BytesInGB = todouble(sentBytes_d + receivedBytes_d) / (1024 * 1024 * 1024) // Convert bytes to gigabytes\\n | summarize TotalBytesGB = sum(BytesInGB)\\n | extend snapshot = \\\"Total Bytes (GB)\\\"\\n | project col1 = tolong(TotalBytesGB), snapshot\\n)\\n\\n// Union with Total Internet Access\\n| union (\\n NetworkAccessDemo_CL\\n | where userPrincipalName_s in ({Users}) or '*' in ({Users})\\n | summarize TotalTransactions = count()\\n | extend snapshot = \\\"Total Transactions\\\"\\n | project col1 = TotalTransactions, snapshot\\n)\\n\\n// Union with Total Private Access\\n// Order by Snapshot for consistent tile ordering on dashboard\\n| order by snapshot\",\"size\":4,\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"tiles\",\"tileSettings\":{\"titleContent\":{\"columnMatch\":\"snapshot\",\"formatter\":1},\"leftContent\":{\"columnMatch\":\"col1\",\"formatter\":12,\"formatOptions\":{\"palette\":\"auto\"}},\"showBorder\":true,\"size\":\"auto\"},\"mapSettings\":{\"locInfo\":\"LatLong\",\"sizeSettings\":\"ExistingClients\",\"sizeAggregation\":\"Sum\",\"legendMetric\":\"ExistingClients\",\"legendAggregation\":\"Sum\",\"itemColorSettings\":{\"type\":\"heatmap\",\"colorAggregation\":\"Sum\",\"nodeColorField\":\"ExistingClients\",\"heatmapPalette\":\"greenRed\"}},\"textSettings\":{\"style\":\"bignumber\"}},\"conditionalVisibility\":{\"parameterName\":\"tabSel\",\"comparison\":\"isEqualTo\",\"value\":\"Overview\"},\"name\":\"query - 2\"},{\"type\":12,\"content\":{\"version\":\"NotebookGroup/1.0\",\"groupType\":\"editable\",\"items\":[{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\r\\n| extend BytesInGB = todouble(sentBytes_d + receivedBytes_d) / (1024 * 1024 * 1024) // Convert bytes to gigabytes\\r\\n| summarize TotalBytesGB = sum(BytesInGB) by bin(createdDateTime_t, 1h), trafficType_s\\r\\n| order by bin(createdDateTime_t, 1h) asc, trafficType_s asc\\r\\n| project createdDateTime_t, trafficType_s, TotalBytesGB\\r\\n\",\"size\":2,\"title\":\"Usage over Time (GB)\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"barchart\"},\"conditionalVisibility\":{\"parameterName\":\"tabSel\",\"comparison\":\"isEqualTo\",\"value\":\"Overview\"},\"name\":\"query - 0\"}]},\"name\":\"group - 5\"},{\"type\":12,\"content\":{\"version\":\"NotebookGroup/1.0\",\"groupType\":\"editable\",\"items\":[{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\r\\n| extend GeoInfo = geo_info_from_ip_address(SourceIP) // Extend each row with geolocation info\\r\\n| project createdDateTime_t, SourceIP, Country = tostring(GeoInfo.country), State = tostring(GeoInfo.state), City = tostring(GeoInfo.city), Latitude = tostring(GeoInfo.latitude), Longitude = tostring(GeoInfo.longitude)\\r\\n| where Country != \\\"\\\"\\r\\n| summarize Count = count() by City, State, Country\\r\\n\",\"size\":0,\"title\":\"Locations\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"map\",\"mapSettings\":{\"locInfo\":\"CountryRegion\",\"locInfoColumn\":\"Country\",\"latitude\":\"Latitude\",\"longitude\":\"Longitude\",\"sizeSettings\":\"Count\",\"sizeAggregation\":\"Sum\",\"labelSettings\":\"Country\",\"legendMetric\":\"Country\",\"legendAggregation\":\"Count\",\"itemColorSettings\":{\"nodeColorField\":\"Count\",\"colorAggregation\":\"Sum\",\"type\":\"heatmap\",\"heatmapPalette\":\"turquoise\"}}},\"customWidth\":\"50\",\"name\":\"query - 0\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\r\\n| where tolower(action_s) == \\\"allow\\\" and destinationWebCategory_displayName_s != '' // Filter for allowed traffic\\r\\n| extend firstCategory = tostring(split(destinationWebCategory_displayName_s, ',')[0]) // Split and get the first category\\r\\n| summarize Count = count() by firstCategory\\r\\n| top 10 by Count\\r\\n\",\"size\":2,\"title\":\"Top Allowed Web Categories\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\"},\"customWidth\":\"50\",\"name\":\"query - 7\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\r\\n| where tolower(action_s) == \\\"block\\\" and destinationFQDN_s != '' // Filter for allowed traffic\\r\\n| summarize Count = count() by destinationFQDN_s\\r\\n| top 100 by Count\",\"size\":0,\"title\":\"Top Blocked Destinations\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\"},\"customWidth\":\"50\",\"name\":\"query - 5\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\r\\n| where tolower(action_s) == \\\"block\\\" and destinationWebCategory_displayName_s != '' // Filter for blocked traffic\\r\\n| extend firstCategory = tostring(split(destinationWebCategory_displayName_s, ',')[0]) // Split and get the first category\\r\\n| summarize Count = count() by firstCategory\\r\\n| top 10 by Count\\r\\n\",\"size\":3,\"title\":\"Top Blocked Web Categories\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\"},\"customWidth\":\"50\",\"name\":\"query - 6\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\r\\n| where sentBytes_d > 0\\r\\n| where tolower(action_s) != \\\"block\\\" \\r\\n| summarize Count = count() , Sent = sum(sentBytes_d), Recived = sum(receivedBytes_d), Total = sum(receivedBytes_d+ sentBytes_d) by destinationFQDN_s\\r\\n| order by Count desc\\r\\n\",\"size\":0,\"title\":\"Top Allowed Destinations\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"gridSettings\":{\"formatters\":[{\"columnMatch\":\"Count\",\"formatter\":4,\"formatOptions\":{\"palette\":\"magenta\"}},{\"columnMatch\":\"Recived\",\"formatter\":4,\"formatOptions\":{\"palette\":\"turquoise\"}},{\"columnMatch\":\"Total\",\"formatter\":4,\"formatOptions\":{\"palette\":\"pink\"}},{\"columnMatch\":\"Sent\",\"formatter\":4,\"formatOptions\":{\"palette\":\"blue\"}}]}},\"customWidth\":\"50\",\"name\":\"query - 1\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\r\\n| where transportProtocol_s != ''\\r\\n| summarize Count = count() by toupper(transportProtocol_s)\\r\\n| top 10 by Count\\r\\n\",\"size\":2,\"title\":\"Protocol Distburion\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\"},\"customWidth\":\"50\",\"name\":\"query - 3\"}]},\"conditionalVisibility\":{\"parameterName\":\"tabSel\",\"comparison\":\"isEqualTo\",\"value\":\"Overview\"},\"name\":\"group - 4\"}],\"$schema\":\"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"}\r\n", + "serializedData": "{\"version\":\"Notebook/1.0\",\"items\":[{\"type\":1,\"content\":{\"json\":\"## Traffic Logs workbook\\n---\\n\\nLog information in the dashboard is limited to 30 days.\"},\"name\":\"text - 1\"},{\"type\":9,\"content\":{\"version\":\"KqlParameterItem/1.0\",\"parameters\":[{\"id\":\"ff8b2a55-1849-4848-acf8-eab5452e9f10\",\"version\":\"KqlParameterItem/1.0\",\"name\":\"LogAnalyticWorkspace\",\"label\":\"Log Analytic Workspace\",\"type\":5,\"description\":\"The log analytic workspace in which to execute the queries\",\"isRequired\":true,\"query\":\"resources\\r\\n| where type == \\\"microsoft.operationalinsights/workspaces\\\"\\r\\n| project id\",\"typeSettings\":{\"resourceTypeFilter\":{\"microsoft.operationalinsights/workspaces\":true},\"additionalResourceOptions\":[\"value::1\"],\"showDefault\":false},\"timeContext\":{\"durationMs\":86400000},\"defaultValue\":\"value::1\",\"queryType\":1,\"resourceType\":\"microsoft.resourcegraph/resources\"},{\"id\":\"f15f34d8-8e2d-4c39-8dee-be2f979c86a8\",\"version\":\"KqlParameterItem/1.0\",\"name\":\"TimeRange\",\"label\":\"Time Range\",\"type\":4,\"isRequired\":true,\"typeSettings\":{\"selectableValues\":[{\"durationMs\":300000},{\"durationMs\":900000},{\"durationMs\":1800000},{\"durationMs\":3600000},{\"durationMs\":14400000},{\"durationMs\":43200000},{\"durationMs\":86400000},{\"durationMs\":172800000},{\"durationMs\":259200000},{\"durationMs\":604800000},{\"durationMs\":1209600000},{\"durationMs\":2419200000},{\"durationMs\":2592000000}],\"allowCustom\":true},\"timeContext\":{\"durationMs\":86400000},\"value\":{\"durationMs\":2592000000}},{\"id\":\"8bab511b-53b3-4220-9d1c-372345b06728\",\"version\":\"KqlParameterItem/1.0\",\"name\":\"Users\",\"type\":2,\"isRequired\":true,\"multiSelect\":true,\"quote\":\"'\",\"delimiter\":\",\",\"query\":\"EnrichedMicrosoft365AuditLogsDemos_CL\\r\\n| summarize Count = count() by UserId_s\\r\\n| order by Count desc, UserId_s asc\\r\\n| project Value = UserId_s, Label = strcat(UserId_s, ' - ', Count, ' Logs'), Selected = false\",\"typeSettings\":{\"limitSelectTo\":20,\"additionalResourceOptions\":[\"value::all\"],\"selectAllValue\":\"*\",\"showDefault\":false},\"timeContext\":{\"durationMs\":0},\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"value\":[\"value::all\"]}],\"style\":\"pills\",\"queryType\":1,\"resourceType\":\"microsoft.operationalinsights/workspaces\"},\"name\":\"parameters - 15\"},{\"type\":11,\"content\":{\"version\":\"LinkItem/1.0\",\"style\":\"tabs\",\"links\":[{\"id\":\"2b2cd1be-9d25-412c-8444-f005c4789b55\",\"cellValue\":\"tabSel\",\"linkTarget\":\"parameter\",\"linkLabel\":\"Overview\",\"subTarget\":\"Overview\",\"style\":\"link\"},{\"id\":\"cc3e67f2-f20f-4430-8dee-d0773b90d9ce\",\"cellValue\":\"tabSel\",\"linkTarget\":\"parameter\",\"linkLabel\":\"All Traffic\",\"subTarget\":\"AllTraffic\",\"style\":\"link\"}]},\"name\":\"links - 7\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| project \\r\\n Timestamp = createdDateTime_t,\\r\\n User = userPrincipalName_s,\\r\\n SourceIP = SourceIP,\\r\\n DestinationIP = destinationIp_s,\\r\\n DestinationPort = destinationPort_d,\\r\\n Action = action_s,\\r\\n PolicyName = policyName_s,\\r\\n TransportProtocol = transportProtocol_s,\\r\\n TrafficType = trafficType_s,\\r\\n DestinationURL = destinationUrl_s,\\r\\n ReceivedBytes = receivedBytes_d,\\r\\n SentBytes = sentBytes_d,\\r\\n DeviceOS = deviceOperatingSystem_s,\\r\\n PolicyRuleID = policyRuleId_s\\r\\n| order by Timestamp desc\",\"size\":3,\"showAnalytics\":true,\"title\":\"Log\",\"timeContextFromParameter\":\"TimeRange\",\"showExportToExcel\":true,\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"gridSettings\":{\"rowLimit\":1000,\"filter\":true}},\"conditionalVisibility\":{\"parameterName\":\"tabSel\",\"comparison\":\"isEqualTo\",\"value\":\"AllTraffic\"},\"name\":\"query - 6\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"// Unique Users\\nNetworkAccessDemo_CL\\n| extend GeoInfo = geo_info_from_ip_address(SourceIP) // Extend each row with geolocation info\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\n| project SourceIP, Country = tostring(GeoInfo.country), State = tostring(GeoInfo.state), City = tostring(GeoInfo.city), Latitude = tostring(GeoInfo.latitude), Longitude = tostring(GeoInfo.longitude)\\n| summarize UniqueUsers=dcount(Country)\\n| extend snapshot = \\\"Total Locations\\\"\\n| project col1 = UniqueUsers, snapshot\\n\\n// Union with Unique Devices\\n| union (\\n NetworkAccessDemo_CL\\n | where userPrincipalName_s in ({Users}) or '*' in ({Users})\\n | extend BytesInGB = todouble(sentBytes_d + receivedBytes_d) / (1024 * 1024 * 1024) // Convert bytes to gigabytes\\n | summarize TotalBytesGB = sum(BytesInGB)\\n | extend snapshot = \\\"Total Bytes (GB)\\\"\\n | project col1 = tolong(TotalBytesGB), snapshot\\n)\\n\\n// Union with Total Internet Access\\n| union (\\n NetworkAccessDemo_CL\\n | where userPrincipalName_s in ({Users}) or '*' in ({Users})\\n | summarize TotalTransactions = count()\\n | extend snapshot = \\\"Total Transactions\\\"\\n | project col1 = TotalTransactions, snapshot\\n)\\n\\n// Union with Total Private Access\\n// Order by Snapshot for consistent tile ordering on dashboard\\n| order by snapshot\",\"size\":4,\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"tiles\",\"tileSettings\":{\"titleContent\":{\"columnMatch\":\"snapshot\",\"formatter\":1},\"leftContent\":{\"columnMatch\":\"col1\",\"formatter\":12,\"formatOptions\":{\"palette\":\"auto\"}},\"showBorder\":true,\"size\":\"auto\"},\"mapSettings\":{\"locInfo\":\"LatLong\",\"sizeSettings\":\"ExistingClients\",\"sizeAggregation\":\"Sum\",\"legendMetric\":\"ExistingClients\",\"legendAggregation\":\"Sum\",\"itemColorSettings\":{\"type\":\"heatmap\",\"colorAggregation\":\"Sum\",\"nodeColorField\":\"ExistingClients\",\"heatmapPalette\":\"greenRed\"}},\"textSettings\":{\"style\":\"bignumber\"}},\"conditionalVisibility\":{\"parameterName\":\"tabSel\",\"comparison\":\"isEqualTo\",\"value\":\"Overview\"},\"name\":\"query - 2\"},{\"type\":12,\"content\":{\"version\":\"NotebookGroup/1.0\",\"groupType\":\"editable\",\"items\":[{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\r\\n| extend BytesInGB = todouble(sentBytes_d + receivedBytes_d) / (1024 * 1024 * 1024) // Convert bytes to gigabytes\\r\\n| summarize TotalBytesGB = sum(BytesInGB) by bin(createdDateTime_t, 1h), trafficType_s\\r\\n| order by bin(createdDateTime_t, 1h) asc, trafficType_s asc\\r\\n| project createdDateTime_t, trafficType_s, TotalBytesGB\\r\\n\",\"size\":2,\"title\":\"Usage over Time (GB)\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"barchart\"},\"conditionalVisibility\":{\"parameterName\":\"tabSel\",\"comparison\":\"isEqualTo\",\"value\":\"Overview\"},\"name\":\"query - 0\"}]},\"name\":\"group - 5\"},{\"type\":12,\"content\":{\"version\":\"NotebookGroup/1.0\",\"groupType\":\"editable\",\"items\":[{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\r\\n| extend GeoInfo = geo_info_from_ip_address(SourceIP) // Extend each row with geolocation info\\r\\n| project createdDateTime_t, SourceIP, Country = tostring(GeoInfo.country), State = tostring(GeoInfo.state), City = tostring(GeoInfo.city), Latitude = tostring(GeoInfo.latitude), Longitude = tostring(GeoInfo.longitude)\\r\\n| where Country != \\\"\\\"\\r\\n| summarize Count = count() by City, State, Country\\r\\n\",\"size\":0,\"title\":\"Locations\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"map\",\"mapSettings\":{\"locInfo\":\"CountryRegion\",\"locInfoColumn\":\"Country\",\"latitude\":\"Latitude\",\"longitude\":\"Longitude\",\"sizeSettings\":\"Count\",\"sizeAggregation\":\"Sum\",\"labelSettings\":\"Country\",\"legendMetric\":\"Country\",\"legendAggregation\":\"Count\",\"itemColorSettings\":{\"nodeColorField\":\"Count\",\"colorAggregation\":\"Sum\",\"type\":\"heatmap\",\"heatmapPalette\":\"turquoise\"}}},\"customWidth\":\"50\",\"name\":\"query - 0\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\r\\n| where tolower(action_s) == \\\"allow\\\" and destinationWebCategory_displayName_s != '' // Filter for allowed traffic\\r\\n| extend firstCategory = tostring(split(destinationWebCategory_displayName_s, ',')[0]) // Split and get the first category\\r\\n| summarize Count = count() by firstCategory\\r\\n| top 10 by Count\\r\\n\",\"size\":2,\"title\":\"Top Allowed Web Categories\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\"},\"customWidth\":\"50\",\"name\":\"query - 7\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\r\\n| where tolower(action_s) == \\\"block\\\" and destinationFQDN_s != '' // Filter for allowed traffic\\r\\n| summarize Count = count() by destinationFQDN_s\\r\\n| top 100 by Count\",\"size\":0,\"title\":\"Top Blocked Destinations\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\"},\"customWidth\":\"50\",\"name\":\"query - 5\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\r\\n| where tolower(action_s) == \\\"block\\\" and destinationWebCategory_displayName_s != '' // Filter for blocked traffic\\r\\n| extend firstCategory = tostring(split(destinationWebCategory_displayName_s, ',')[0]) // Split and get the first category\\r\\n| summarize Count = count() by firstCategory\\r\\n| top 10 by Count\\r\\n\",\"size\":3,\"title\":\"Top Blocked Web Categories\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\"},\"customWidth\":\"50\",\"name\":\"query - 6\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\r\\n| where sentBytes_d > 0\\r\\n| where tolower(action_s) != \\\"block\\\" \\r\\n| summarize Count = count() , Sent = sum(sentBytes_d), Recived = sum(receivedBytes_d), Total = sum(receivedBytes_d+ sentBytes_d) by destinationFQDN_s\\r\\n| order by Count desc\\r\\n\",\"size\":0,\"title\":\"Top Allowed Destinations\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"gridSettings\":{\"formatters\":[{\"columnMatch\":\"Count\",\"formatter\":4,\"formatOptions\":{\"palette\":\"magenta\"}},{\"columnMatch\":\"Recived\",\"formatter\":4,\"formatOptions\":{\"palette\":\"turquoise\"}},{\"columnMatch\":\"Total\",\"formatter\":4,\"formatOptions\":{\"palette\":\"pink\"}},{\"columnMatch\":\"Sent\",\"formatter\":4,\"formatOptions\":{\"palette\":\"blue\"}}]}},\"customWidth\":\"50\",\"name\":\"query - 1\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\r\\n| where transportProtocol_s != ''\\r\\n| summarize Count = count() by toupper(transportProtocol_s)\\r\\n| top 10 by Count\\r\\n\",\"size\":2,\"title\":\"Protocol Distburion\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\"},\"customWidth\":\"50\",\"name\":\"query - 3\"}]},\"conditionalVisibility\":{\"parameterName\":\"tabSel\",\"comparison\":\"isEqualTo\",\"value\":\"Overview\"},\"name\":\"group - 4\"}],\"$schema\":\"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"}\r\n", "version": "1.0", "sourceId": "[variables('workspaceResourceId')]", "category": "sentinel" @@ -218,7 +218,7 @@ "apiVersion": "2022-01-01-preview", "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('Workbook-', last(split(variables('workbookId1'),'/'))))]", "properties": { - "description": "@{workbookKey=GSAM365EnrichedEvents; logoFileName=gsa.svg; description=This Workbook gives an overview of ingestion of logs in the CommonSecurityLog table.; dataTypesDependencies=System.Object[]; dataConnectorsDependencies=System.Object[]; previewImagesFileNames=System.Object[]; version=1.0.0; title=Microsoft Global Secure Access Enriched M365 Logs; templateRelativePath=GSAM365EnrichedEvents.json; provider=Microsoft; author=}.description", + "description": "@{workbookKey=GSAM365EnrichedEvents; logoFileName=gsa.svg; description=This Workbook provides a detailed view of Microsoft 365 log data, enriched with contextual information to enhance visibility into user activities and potential security threats.; dataTypesDependencies=System.Object[]; dataConnectorsDependencies=System.Object[]; previewImagesFileNames=System.Object[]; version=1.0.0; title=Microsoft Global Secure Access Enriched M365 Logs; templateRelativePath=GSAM365EnrichedEvents.json; provider=Microsoft}.description", "parentId": "[variables('workbookId1')]", "contentId": "[variables('_workbookContentId1')]", "kind": "Workbook", @@ -287,11 +287,11 @@ "kind": "shared", "apiVersion": "2021-08-01", "metadata": { - "description": "" + "description": "This workbook provides an overview of all traffic logs within your network, offering insights into data transfer, anomalies, and potential threats." }, "properties": { "displayName": "[parameters('workbook2-name')]", - "serializedData": "{\"version\":\"Notebook/1.0\",\"items\":[{\"type\":1,\"content\":{\"json\":\"## Traffic Logs workbook\\n---\\n\\nLog information in the dashboard is limited to 30 days.\"},\"name\":\"text - 2\"},{\"type\":9,\"content\":{\"version\":\"KqlParameterItem/1.0\",\"crossComponentResources\":[\"\"],\"parameters\":[{\"id\":\"ff8b2a55-1849-4848-acf8-eab5452e9f10\",\"version\":\"KqlParameterItem/1.0\",\"name\":\"LogAnalyticWorkspace\",\"label\":\"Log Analytic Workspace\",\"type\":5,\"description\":\"The log analytic workspace in which to execute the queries\",\"isRequired\":true,\"query\":\"resources\\r\\n| where type == \\\"microsoft.operationalinsights/workspaces\\\"\\r\\n| project id\",\"typeSettings\":{\"resourceTypeFilter\":{\"microsoft.operationalinsights/workspaces\":true},\"additionalResourceOptions\":[\"value::1\"],\"showDefault\":false},\"timeContext\":{\"durationMs\":86400000},\"defaultValue\":\"value::1\",\"queryType\":1,\"resourceType\":\"microsoft.resourcegraph/resources\"},{\"id\":\"f15f34d8-8e2d-4c39-8dee-be2f979c86a8\",\"version\":\"KqlParameterItem/1.0\",\"name\":\"TimeRange\",\"label\":\"Time Range\",\"type\":4,\"isRequired\":true,\"typeSettings\":{\"selectableValues\":[{\"durationMs\":300000},{\"durationMs\":900000},{\"durationMs\":1800000},{\"durationMs\":3600000},{\"durationMs\":14400000},{\"durationMs\":43200000},{\"durationMs\":86400000},{\"durationMs\":172800000},{\"durationMs\":259200000},{\"durationMs\":604800000},{\"durationMs\":1209600000},{\"durationMs\":2419200000},{\"durationMs\":2592000000}],\"allowCustom\":true},\"timeContext\":{\"durationMs\":86400000},\"value\":{\"durationMs\":2592000000}},{\"id\":\"8bab511b-53b3-4220-9d1c-372345b06728\",\"version\":\"KqlParameterItem/1.0\",\"name\":\"Users\",\"type\":2,\"isRequired\":true,\"multiSelect\":true,\"quote\":\"'\",\"delimiter\":\",\",\"query\":\"EnrichedMicrosoft365AuditLogsDemos_CL\\r\\n| summarize Count = count() by UserId_s\\r\\n| order by Count desc, UserId_s asc\\r\\n| project Value = UserId_s, Label = strcat(UserId_s, ' - ', Count, ' Logs'), Selected = false\",\"typeSettings\":{\"limitSelectTo\":20,\"additionalResourceOptions\":[\"value::all\"],\"selectAllValue\":\"*\",\"showDefault\":false},\"timeContext\":{\"durationMs\":0},\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"value\":[\"value::all\"]}],\"style\":\"pills\",\"queryType\":1,\"resourceType\":\"microsoft.operationalinsights/workspaces\"},\"name\":\"parameters - 15\"},{\"type\":11,\"content\":{\"version\":\"LinkItem/1.0\",\"style\":\"tabs\",\"links\":[{\"id\":\"2b2cd1be-9d25-412c-8444-f005c4789b55\",\"cellValue\":\"tabSel\",\"linkTarget\":\"parameter\",\"linkLabel\":\"Overview\",\"subTarget\":\"Overview\",\"style\":\"link\"},{\"id\":\"cc3e67f2-f20f-4430-8dee-d0773b90d9ce\",\"cellValue\":\"tabSel\",\"linkTarget\":\"parameter\",\"linkLabel\":\"All Traffic\",\"subTarget\":\"AllTraffic\",\"style\":\"link\"}]},\"name\":\"links - 7\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| project \\r\\n Timestamp = createdDateTime_t,\\r\\n User = userPrincipalName_s,\\r\\n SourceIP = SourceIP,\\r\\n DestinationIP = destinationIp_s,\\r\\n DestinationPort = destinationPort_d,\\r\\n Action = action_s,\\r\\n PolicyName = policyName_s,\\r\\n TransportProtocol = transportProtocol_s,\\r\\n TrafficType = trafficType_s,\\r\\n DestinationURL = destinationUrl_s,\\r\\n ReceivedBytes = receivedBytes_d,\\r\\n SentBytes = sentBytes_d,\\r\\n DeviceOS = deviceOperatingSystem_s,\\r\\n PolicyRuleID = policyRuleId_s\\r\\n| order by Timestamp desc\",\"size\":3,\"showAnalytics\":true,\"title\":\"Log\",\"timeContextFromParameter\":\"TimeRange\",\"showExportToExcel\":true,\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"gridSettings\":{\"rowLimit\":1000,\"filter\":true}},\"conditionalVisibility\":{\"parameterName\":\"tabSel\",\"comparison\":\"isEqualTo\",\"value\":\"AllTraffic\"},\"name\":\"query - 6\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"// Unique Users\\nNetworkAccessDemo_CL\\n| extend GeoInfo = geo_info_from_ip_address(SourceIP) // Extend each row with geolocation info\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\n| project SourceIP, Country = tostring(GeoInfo.country), State = tostring(GeoInfo.state), City = tostring(GeoInfo.city), Latitude = tostring(GeoInfo.latitude), Longitude = tostring(GeoInfo.longitude)\\n| summarize UniqueUsers=dcount(Country)\\n| extend snapshot = \\\"Total Locations\\\"\\n| project col1 = UniqueUsers, snapshot\\n\\n// Union with Unique Devices\\n| union (\\n NetworkAccessDemo_CL\\n | where userPrincipalName_s in ({Users}) or '*' in ({Users})\\n | extend BytesInGB = todouble(sentBytes_d + receivedBytes_d) / (1024 * 1024 * 1024) // Convert bytes to gigabytes\\n | summarize TotalBytesGB = sum(BytesInGB)\\n | extend snapshot = \\\"Total Bytes (GB)\\\"\\n | project col1 = tolong(TotalBytesGB), snapshot\\n)\\n\\n// Union with Total Internet Access\\n| union (\\n NetworkAccessDemo_CL\\n | where userPrincipalName_s in ({Users}) or '*' in ({Users})\\n | summarize TotalTransactions = count()\\n | extend snapshot = \\\"Total Trasnacations\\\"\\n | project col1 = TotalTransactions, snapshot\\n)\\n\\n// Union with Total Private Access\\n// Order by Snapshot for consistent tile ordering on dashboard\\n| order by snapshot\",\"size\":4,\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"tiles\",\"tileSettings\":{\"titleContent\":{\"columnMatch\":\"snapshot\",\"formatter\":1},\"leftContent\":{\"columnMatch\":\"col1\",\"formatter\":12,\"formatOptions\":{\"palette\":\"auto\"}},\"showBorder\":true,\"size\":\"auto\"},\"mapSettings\":{\"locInfo\":\"LatLong\",\"sizeSettings\":\"ExistingClients\",\"sizeAggregation\":\"Sum\",\"legendMetric\":\"ExistingClients\",\"legendAggregation\":\"Sum\",\"itemColorSettings\":{\"type\":\"heatmap\",\"colorAggregation\":\"Sum\",\"nodeColorField\":\"ExistingClients\",\"heatmapPalette\":\"greenRed\"}},\"textSettings\":{\"style\":\"bignumber\"}},\"conditionalVisibility\":{\"parameterName\":\"tabSel\",\"comparison\":\"isEqualTo\",\"value\":\"Overview\"},\"name\":\"query - 2\"},{\"type\":12,\"content\":{\"version\":\"NotebookGroup/1.0\",\"groupType\":\"editable\",\"items\":[{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\r\\n| extend BytesInGB = todouble(sentBytes_d + receivedBytes_d) / (1024 * 1024 * 1024) // Convert bytes to gigabytes\\r\\n| summarize TotalBytesGB = sum(BytesInGB) by bin(createdDateTime_t, 1h), trafficType_s\\r\\n| order by bin(createdDateTime_t, 1h) asc, trafficType_s asc\\r\\n| project createdDateTime_t, trafficType_s, TotalBytesGB\\r\\n\",\"size\":2,\"title\":\"Usage over Time (GB)\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"barchart\"},\"conditionalVisibility\":{\"parameterName\":\"tabSel\",\"comparison\":\"isEqualTo\",\"value\":\"Overview\"},\"name\":\"query - 0\"}]},\"name\":\"group - 5\"},{\"type\":12,\"content\":{\"version\":\"NotebookGroup/1.0\",\"groupType\":\"editable\",\"items\":[{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\r\\n| extend GeoInfo = geo_info_from_ip_address(SourceIP) // Extend each row with geolocation info\\r\\n| project createdDateTime_t, SourceIP, Country = tostring(GeoInfo.country), State = tostring(GeoInfo.state), City = tostring(GeoInfo.city), Latitude = tostring(GeoInfo.latitude), Longitude = tostring(GeoInfo.longitude)\\r\\n| where Country != \\\"\\\"\\r\\n| summarize Count = count() by City, State, Country\\r\\n\\r\\n\",\"size\":0,\"title\":\"Locations\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"map\",\"mapSettings\":{\"locInfo\":\"CountryRegion\",\"locInfoColumn\":\"Country\",\"latitude\":\"Latitude\",\"longitude\":\"Longitude\",\"sizeSettings\":\"Count\",\"sizeAggregation\":\"Sum\",\"labelSettings\":\"Country\",\"legendMetric\":\"Country\",\"legendAggregation\":\"Count\",\"itemColorSettings\":{\"nodeColorField\":\"Count\",\"colorAggregation\":\"Sum\",\"type\":\"heatmap\",\"heatmapPalette\":\"turquoise\"}}},\"customWidth\":\"50\",\"name\":\"query - 0\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\r\\n| where tolower(action_s) == \\\"allow\\\" and destinationWebCategory_displayName_s != '' // Filter for allowed traffic\\r\\n| extend firstCategory = tostring(split(destinationWebCategory_displayName_s, ',')[0]) // Split and get the first category\\r\\n| summarize Count = count() by firstCategory\\r\\n| top 10 by Count\\r\\n\",\"size\":2,\"title\":\"Top Allowed Web Categories\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\"},\"customWidth\":\"50\",\"name\":\"query - 7\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\r\\n| where tolower(action_s) == \\\"block\\\" and destinationFQDN_s != '' // Filter for allowed traffic\\r\\n| summarize Count = count() by destinationFQDN_s\\r\\n| top 100 by Count\",\"size\":0,\"title\":\"Top Blocked Destinations\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\"},\"customWidth\":\"50\",\"name\":\"query - 5\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\r\\n| where tolower(action_s) == \\\"block\\\" and destinationWebCategory_displayName_s != '' // Filter for blocked traffic\\r\\n| extend firstCategory = tostring(split(destinationWebCategory_displayName_s, ',')[0]) // Split and get the first category\\r\\n| summarize Count = count() by firstCategory\\r\\n| top 10 by Count\\r\\n\",\"size\":3,\"title\":\"Top Blocked Web Categories\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\"},\"customWidth\":\"50\",\"name\":\"query - 6\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\r\\n| where sentBytes_d > 0\\r\\n| where tolower(action_s) != \\\"block\\\" \\r\\n| summarize Count = count() , Sent = sum(sentBytes_d), Recived = sum(receivedBytes_d), Total = sum(receivedBytes_d+ sentBytes_d) by destinationFQDN_s\\r\\n| order by Count desc\\r\\n\",\"size\":0,\"title\":\"Top Allowed Destinations\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"gridSettings\":{\"formatters\":[{\"columnMatch\":\"Count\",\"formatter\":4,\"formatOptions\":{\"palette\":\"magenta\"}},{\"columnMatch\":\"Recived\",\"formatter\":4,\"formatOptions\":{\"palette\":\"turquoise\"}},{\"columnMatch\":\"Total\",\"formatter\":4,\"formatOptions\":{\"palette\":\"pink\"}},{\"columnMatch\":\"Sent\",\"formatter\":4,\"formatOptions\":{\"palette\":\"blue\"}}]}},\"customWidth\":\"50\",\"name\":\"query - 1\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\r\\n| where transportProtocol_s != ''\\r\\n| summarize Count = count() by toupper(transportProtocol_s)\\r\\n| top 10 by Count\\r\\n\",\"size\":2,\"title\":\"Protocol Distburion\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\"},\"customWidth\":\"50\",\"name\":\"query - 3\"}]},\"conditionalVisibility\":{\"parameterName\":\"tabSel\",\"comparison\":\"isEqualTo\",\"value\":\"Overview\"},\"name\":\"group - 4\"}],\"$schema\":\"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"}\r\n", + "serializedData": "{\"version\":\"Notebook/1.0\",\"items\":[{\"type\":1,\"content\":{\"json\":\"## Traffic Logs workbook\\n---\\n\\nLog information in the dashboard is limited to 30 days.\"},\"name\":\"text - 0\"},{\"type\":9,\"content\":{\"version\":\"KqlParameterItem/1.0\",\"crossComponentResources\":[\"\"],\"parameters\":[{\"id\":\"ff8b2a55-1849-4848-acf8-eab5452e9f10\",\"version\":\"KqlParameterItem/1.0\",\"name\":\"LogAnalyticWorkspace\",\"label\":\"Log Analytic Workspace\",\"type\":5,\"description\":\"The log analytic workspace in which to execute the queries\",\"isRequired\":true,\"query\":\"resources\\r\\n| where type == \\\"microsoft.operationalinsights/workspaces\\\"\\r\\n| project id\",\"typeSettings\":{\"resourceTypeFilter\":{\"microsoft.operationalinsights/workspaces\":true},\"additionalResourceOptions\":[\"value::1\"],\"showDefault\":false},\"timeContext\":{\"durationMs\":86400000},\"defaultValue\":\"value::1\",\"queryType\":1,\"resourceType\":\"microsoft.resourcegraph/resources\"},{\"id\":\"f15f34d8-8e2d-4c39-8dee-be2f979c86a8\",\"version\":\"KqlParameterItem/1.0\",\"name\":\"TimeRange\",\"label\":\"Time Range\",\"type\":4,\"isRequired\":true,\"typeSettings\":{\"selectableValues\":[{\"durationMs\":300000},{\"durationMs\":900000},{\"durationMs\":1800000},{\"durationMs\":3600000},{\"durationMs\":14400000},{\"durationMs\":43200000},{\"durationMs\":86400000},{\"durationMs\":172800000},{\"durationMs\":259200000},{\"durationMs\":604800000},{\"durationMs\":1209600000},{\"durationMs\":2419200000},{\"durationMs\":2592000000}],\"allowCustom\":true},\"timeContext\":{\"durationMs\":86400000},\"value\":{\"durationMs\":2592000000}},{\"id\":\"8bab511b-53b3-4220-9d1c-372345b06728\",\"version\":\"KqlParameterItem/1.0\",\"name\":\"Users\",\"type\":2,\"isRequired\":true,\"multiSelect\":true,\"quote\":\"'\",\"delimiter\":\",\",\"query\":\"EnrichedMicrosoft365AuditLogsDemos_CL\\r\\n| summarize Count = count() by UserId_s\\r\\n| order by Count desc, UserId_s asc\\r\\n| project Value = UserId_s, Label = strcat(UserId_s, ' - ', Count, ' Logs'), Selected = false\",\"typeSettings\":{\"limitSelectTo\":20,\"additionalResourceOptions\":[\"value::all\"],\"selectAllValue\":\"*\",\"showDefault\":false},\"timeContext\":{\"durationMs\":0},\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"value\":[\"value::all\"]}],\"style\":\"pills\",\"queryType\":1,\"resourceType\":\"microsoft.operationalinsights/workspaces\"},\"name\":\"parameters - 15\"},{\"type\":11,\"content\":{\"version\":\"LinkItem/1.0\",\"style\":\"tabs\",\"links\":[{\"id\":\"2b2cd1be-9d25-412c-8444-f005c4789b55\",\"cellValue\":\"tabSel\",\"linkTarget\":\"parameter\",\"linkLabel\":\"Overview\",\"subTarget\":\"Overview\",\"style\":\"link\"},{\"id\":\"cc3e67f2-f20f-4430-8dee-d0773b90d9ce\",\"cellValue\":\"tabSel\",\"linkTarget\":\"parameter\",\"linkLabel\":\"All Traffic\",\"subTarget\":\"AllTraffic\",\"style\":\"link\"}]},\"name\":\"links - 7\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| project \\r\\n Timestamp = createdDateTime_t,\\r\\n User = userPrincipalName_s,\\r\\n SourceIP = SourceIP,\\r\\n DestinationIP = destinationIp_s,\\r\\n DestinationPort = destinationPort_d,\\r\\n Action = action_s,\\r\\n PolicyName = policyName_s,\\r\\n TransportProtocol = transportProtocol_s,\\r\\n TrafficType = trafficType_s,\\r\\n DestinationURL = destinationUrl_s,\\r\\n ReceivedBytes = receivedBytes_d,\\r\\n SentBytes = sentBytes_d,\\r\\n DeviceOS = deviceOperatingSystem_s,\\r\\n PolicyRuleID = policyRuleId_s\\r\\n| order by Timestamp desc\",\"size\":3,\"showAnalytics\":true,\"title\":\"Log\",\"timeContextFromParameter\":\"TimeRange\",\"showExportToExcel\":true,\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"gridSettings\":{\"rowLimit\":1000,\"filter\":true}},\"conditionalVisibility\":{\"parameterName\":\"tabSel\",\"comparison\":\"isEqualTo\",\"value\":\"AllTraffic\"},\"name\":\"query - 6\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"// Unique Users\\nNetworkAccessDemo_CL\\n| extend GeoInfo = geo_info_from_ip_address(SourceIP) // Extend each row with geolocation info\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\n| project SourceIP, Country = tostring(GeoInfo.country), State = tostring(GeoInfo.state), City = tostring(GeoInfo.city), Latitude = tostring(GeoInfo.latitude), Longitude = tostring(GeoInfo.longitude)\\n| summarize UniqueUsers=dcount(Country)\\n| extend snapshot = \\\"Total Locations\\\"\\n| project col1 = UniqueUsers, snapshot\\n\\n// Union with Unique Devices\\n| union (\\n NetworkAccessDemo_CL\\n | where userPrincipalName_s in ({Users}) or '*' in ({Users})\\n | extend BytesInGB = todouble(sentBytes_d + receivedBytes_d) / (1024 * 1024 * 1024) // Convert bytes to gigabytes\\n | summarize TotalBytesGB = sum(BytesInGB)\\n | extend snapshot = \\\"Total Bytes (GB)\\\"\\n | project col1 = tolong(TotalBytesGB), snapshot\\n)\\n\\n// Union with Total Internet Access\\n| union (\\n NetworkAccessDemo_CL\\n | where userPrincipalName_s in ({Users}) or '*' in ({Users})\\n | summarize TotalTransactions = count()\\n | extend snapshot = \\\"Total Trasnacations\\\"\\n | project col1 = TotalTransactions, snapshot\\n)\\n\\n// Union with Total Private Access\\n// Order by Snapshot for consistent tile ordering on dashboard\\n| order by snapshot\",\"size\":4,\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"tiles\",\"tileSettings\":{\"titleContent\":{\"columnMatch\":\"snapshot\",\"formatter\":1},\"leftContent\":{\"columnMatch\":\"col1\",\"formatter\":12,\"formatOptions\":{\"palette\":\"auto\"}},\"showBorder\":true,\"size\":\"auto\"},\"mapSettings\":{\"locInfo\":\"LatLong\",\"sizeSettings\":\"ExistingClients\",\"sizeAggregation\":\"Sum\",\"legendMetric\":\"ExistingClients\",\"legendAggregation\":\"Sum\",\"itemColorSettings\":{\"type\":\"heatmap\",\"colorAggregation\":\"Sum\",\"nodeColorField\":\"ExistingClients\",\"heatmapPalette\":\"greenRed\"}},\"textSettings\":{\"style\":\"bignumber\"}},\"conditionalVisibility\":{\"parameterName\":\"tabSel\",\"comparison\":\"isEqualTo\",\"value\":\"Overview\"},\"name\":\"query - 2\"},{\"type\":12,\"content\":{\"version\":\"NotebookGroup/1.0\",\"groupType\":\"editable\",\"items\":[{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\r\\n| extend BytesInGB = todouble(sentBytes_d + receivedBytes_d) / (1024 * 1024 * 1024) // Convert bytes to gigabytes\\r\\n| summarize TotalBytesGB = sum(BytesInGB) by bin(createdDateTime_t, 1h), trafficType_s\\r\\n| order by bin(createdDateTime_t, 1h) asc, trafficType_s asc\\r\\n| project createdDateTime_t, trafficType_s, TotalBytesGB\\r\\n\",\"size\":2,\"title\":\"Usage over Time (GB)\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"barchart\"},\"conditionalVisibility\":{\"parameterName\":\"tabSel\",\"comparison\":\"isEqualTo\",\"value\":\"Overview\"},\"name\":\"query - 0\"}]},\"name\":\"group - 5\"},{\"type\":12,\"content\":{\"version\":\"NotebookGroup/1.0\",\"groupType\":\"editable\",\"items\":[{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\r\\n| extend GeoInfo = geo_info_from_ip_address(SourceIP) // Extend each row with geolocation info\\r\\n| project createdDateTime_t, SourceIP, Country = tostring(GeoInfo.country), State = tostring(GeoInfo.state), City = tostring(GeoInfo.city), Latitude = tostring(GeoInfo.latitude), Longitude = tostring(GeoInfo.longitude)\\r\\n| where Country != \\\"\\\"\\r\\n| summarize Count = count() by City, State, Country\\r\\n\\r\\n\",\"size\":0,\"title\":\"Locations\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"map\",\"mapSettings\":{\"locInfo\":\"CountryRegion\",\"locInfoColumn\":\"Country\",\"latitude\":\"Latitude\",\"longitude\":\"Longitude\",\"sizeSettings\":\"Count\",\"sizeAggregation\":\"Sum\",\"labelSettings\":\"Country\",\"legendMetric\":\"Country\",\"legendAggregation\":\"Count\",\"itemColorSettings\":{\"nodeColorField\":\"Count\",\"colorAggregation\":\"Sum\",\"type\":\"heatmap\",\"heatmapPalette\":\"turquoise\"}}},\"customWidth\":\"50\",\"name\":\"query - 0\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\r\\n| where tolower(action_s) == \\\"allow\\\" and destinationWebCategory_displayName_s != '' // Filter for allowed traffic\\r\\n| extend firstCategory = tostring(split(destinationWebCategory_displayName_s, ',')[0]) // Split and get the first category\\r\\n| summarize Count = count() by firstCategory\\r\\n| top 10 by Count\\r\\n\",\"size\":2,\"title\":\"Top Allowed Web Categories\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\"},\"customWidth\":\"50\",\"name\":\"query - 7\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\r\\n| where tolower(action_s) == \\\"block\\\" and destinationFQDN_s != '' // Filter for allowed traffic\\r\\n| summarize Count = count() by destinationFQDN_s\\r\\n| top 100 by Count\",\"size\":0,\"title\":\"Top Blocked Destinations\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\"},\"customWidth\":\"50\",\"name\":\"query - 5\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\r\\n| where tolower(action_s) == \\\"block\\\" and destinationWebCategory_displayName_s != '' // Filter for blocked traffic\\r\\n| extend firstCategory = tostring(split(destinationWebCategory_displayName_s, ',')[0]) // Split and get the first category\\r\\n| summarize Count = count() by firstCategory\\r\\n| top 10 by Count\\r\\n\",\"size\":3,\"title\":\"Top Blocked Web Categories\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\"},\"customWidth\":\"50\",\"name\":\"query - 6\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\r\\n| where sentBytes_d > 0\\r\\n| where tolower(action_s) != \\\"block\\\" \\r\\n| summarize Count = count() , Sent = sum(sentBytes_d), Recived = sum(receivedBytes_d), Total = sum(receivedBytes_d+ sentBytes_d) by destinationFQDN_s\\r\\n| order by Count desc\\r\\n\",\"size\":0,\"title\":\"Top Allowed Destinations\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"gridSettings\":{\"formatters\":[{\"columnMatch\":\"Count\",\"formatter\":4,\"formatOptions\":{\"palette\":\"magenta\"}},{\"columnMatch\":\"Recived\",\"formatter\":4,\"formatOptions\":{\"palette\":\"turquoise\"}},{\"columnMatch\":\"Total\",\"formatter\":4,\"formatOptions\":{\"palette\":\"pink\"}},{\"columnMatch\":\"Sent\",\"formatter\":4,\"formatOptions\":{\"palette\":\"blue\"}}]}},\"customWidth\":\"50\",\"name\":\"query - 1\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"NetworkAccessDemo_CL\\r\\n| where userPrincipalName_s in ({Users}) or '*' in ({Users})\\r\\n| where transportProtocol_s != ''\\r\\n| summarize Count = count() by toupper(transportProtocol_s)\\r\\n| top 10 by Count\\r\\n\",\"size\":2,\"title\":\"Protocol Distburion\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\"},\"customWidth\":\"50\",\"name\":\"query - 3\"}]},\"conditionalVisibility\":{\"parameterName\":\"tabSel\",\"comparison\":\"isEqualTo\",\"value\":\"Overview\"},\"name\":\"group - 4\"}],\"$schema\":\"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"}\r\n", "version": "1.0", "sourceId": "[variables('workspaceResourceId')]", "category": "sentinel" @@ -302,7 +302,7 @@ "apiVersion": "2022-01-01-preview", "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('Workbook-', last(split(variables('workbookId2'),'/'))))]", "properties": { - "description": ".description", + "description": "@{workbookKey=GSANetworkTraffic; logoFileName=gsa.svg; description=This workbook provides an overview of all traffic logs within your network, offering insights into data transfer, anomalies, and potential threats.; dataTypesDependencies=System.Object[]; dataConnectorsDependencies=System.Object[]; previewImagesFileNames=System.Object[]; version=1.0.0; title=Microsoft Global Secure Access Traffic Logs; templateRelativePath=GSANetworkTraffic.json; subtitle=; provider=Microsoft}.description", "parentId": "[variables('workbookId2')]", "contentId": "[variables('_workbookContentId2')]", "kind": "Workbook", @@ -321,6 +321,15 @@ "name": "Microsoft Corporation", "email": "GSASentinelSupport@microsoft.com", "link": "https://learn.microsoft.com/en-us/entra/global-secure-access/overview-what-is-global-secure-access" + }, + "dependencies": { + "operator": "AND", + "criteria": [ + { + "contentId": "AzureActiveDirectory", + "kind": "DataConnector" + } + ] } } } @@ -391,22 +400,22 @@ ], "entityMappings": [ { + "entityType": "Account", "fieldMappings": [ { - "columnName": "AccountCustomEntity", - "identifier": "Name" + "identifier": "Name", + "columnName": "AccountCustomEntity" } - ], - "entityType": "Account" + ] }, { + "entityType": "IP", "fieldMappings": [ { - "columnName": "IPCustomEntity", - "identifier": "Address" + "identifier": "Address", + "columnName": "IPCustomEntity" } - ], - "entityType": "IP" + ] } ] } @@ -2248,7 +2257,7 @@ "contentSchemaVersion": "3.0.0", "displayName": "Global Secure Access", "publisherDisplayName": "Microsoft Corporation", - "descriptionHtml": "

    Note: Please refer to the following before installing the solution:

    \n    \n

    • There may be known issues pertaining to this Solution, please refer to them before installing.

    \n

    Global Secure Access is a domain solution and does not include any data connectors. The content in this solution requires one of the product solutions below.

    \n

    Prerequisite :-

    \n

    Install one or more of the listed solutions to unlock the value provided by this solution.

    \n
      \n
    1. Microsoft Entra Id
      2. \n
    \n

    Underlying Microsoft Technologies used:

    \n

    This solution takes a dependency on the following technologies, and some of these dependencies either may be in Preview state or might result in additional ingestion or operational costs:

    \n
      \n
    1. Product solutions as described above
      2. \n
    \n

    Workbooks: 2, Analytic Rules: 1, Hunting Queries: 21

    \n

    Learn more about Microsoft Sentinel | Learn more about Solutions

    \n", + "descriptionHtml": "

    Note: Please refer to the following before installing the solution:

    \n

    • Review the solution Release Notes

    \n

    • There may be known issues pertaining to this Solution, please refer to them before installing.

    \n

    Global Secure Access is a domain solution and does not include any data connectors. The content in this solution requires one of the product solutions below.

    \n

    Prerequisite:

    \n

    Install one or more of the listed solutions to unlock the value provided by this solution.

    \n
      \n
    1. Microsoft Entra ID
      2. \n
    \n

    Underlying Microsoft Technologies used:

    \n

    This solution depends on the following technologies, and some of these dependencies may either be in Preview state or might result in additional ingestion or operational costs:

    \n
      \n
    1. Product solutions as described above
      2. \n
    \n

    Workbooks: 2, Analytic Rules: 1, Hunting Queries: 21

    \n

    Learn more about Microsoft Sentinel | Learn more about Solutions

    \n", "contentKind": "Solution", "contentProductId": "[variables('_solutioncontentProductId')]", "id": "[variables('_solutioncontentProductId')]", diff --git a/Solutions/Global Secure Access/Package/testParameters.json b/Solutions/Global Secure Access/Package/testParameters.json index 90d1dcc74ce..8dd674f5956 100644 --- a/Solutions/Global Secure Access/Package/testParameters.json +++ b/Solutions/Global Secure Access/Package/testParameters.json @@ -31,7 +31,7 @@ }, "workbook2-name": { "type": "string", - "defaultValue": null, + "defaultValue": "Microsoft Global Secure Access Traffic Logs", "minLength": 1, "metadata": { "description": "Name for the workbook" diff --git a/Solutions/Global Secure Access/Workbooks/GSAM365EnrichedEvents.json b/Solutions/Global Secure Access/Workbooks/GSAM365EnrichedEvents.json index e983bfd5a4c..461ba0feb57 100644 --- a/Solutions/Global Secure Access/Workbooks/GSAM365EnrichedEvents.json +++ b/Solutions/Global Secure Access/Workbooks/GSAM365EnrichedEvents.json @@ -6,7 +6,7 @@ "content": { "json": "## Traffic Logs workbook\n---\n\nLog information in the dashboard is limited to 30 days." }, - "name": "text - 2" + "name": "text - 1" }, { "type": 9, diff --git a/Solutions/Global Secure Access/Workbooks/GSANetworkTraffic.json b/Solutions/Global Secure Access/Workbooks/GSANetworkTraffic.json index 75f2f99880b..46e0e43e6ff 100644 --- a/Solutions/Global Secure Access/Workbooks/GSANetworkTraffic.json +++ b/Solutions/Global Secure Access/Workbooks/GSANetworkTraffic.json @@ -6,7 +6,7 @@ "content": { "json": "## Traffic Logs workbook\n---\n\nLog information in the dashboard is limited to 30 days." }, - "name": "text - 2" + "name": "text - 0" }, { "type": 9, diff --git a/Workbooks/GSAM365EnrichedEvents.json b/Workbooks/GSAM365EnrichedEvents.json index e983bfd5a4c..461ba0feb57 100644 --- a/Workbooks/GSAM365EnrichedEvents.json +++ b/Workbooks/GSAM365EnrichedEvents.json @@ -6,7 +6,7 @@ "content": { "json": "## Traffic Logs workbook\n---\n\nLog information in the dashboard is limited to 30 days." }, - "name": "text - 2" + "name": "text - 1" }, { "type": 9, diff --git a/Workbooks/GSANetworkTraffic.json b/Workbooks/GSANetworkTraffic.json index 75f2f99880b..46e0e43e6ff 100644 --- a/Workbooks/GSANetworkTraffic.json +++ b/Workbooks/GSANetworkTraffic.json @@ -6,7 +6,7 @@ "content": { "json": "## Traffic Logs workbook\n---\n\nLog information in the dashboard is limited to 30 days." }, - "name": "text - 2" + "name": "text - 0" }, { "type": 9, diff --git a/Workbooks/WorkbooksMetadata.json b/Workbooks/WorkbooksMetadata.json index 5decdbd5440..20e84866322 100644 --- a/Workbooks/WorkbooksMetadata.json +++ b/Workbooks/WorkbooksMetadata.json @@ -1,7683 +1,7912 @@ [ - { - "workbookKey": "1PasswordWorkbook", - "logoFileName": "1password.svg", - "description": "Gain insights and comprehensive monitoring into 1Password events data by analyzing traffic and user activities.\nThis workbook provides insights into various 1Password events types.\nYou can use this workbook to get visibility in to your 1Password Security Events and quickly identify threats, anamolies, traffic patterns, application usage, blocked IP addresses and more.", - "dataTypesDependencies": [ - "OnePasswordEventLogs_CL" - ], - "dataConnectorsDependencies": [ - "1Password" - ], - "previewImagesFileNames": [ - "1PasswordLogsBlack1.png", - "1PasswordLogsBlack2.png", - "1PasswordLogsBlack3.png", - "1PasswordLogsBlack4.png", - "1PasswordLogsWhite1.png", - "1PasswordLogsWhite2.png", - "1PasswordLogsWhite3.png", - "1PasswordLogsWhite4.png" - ], - "version": "1.0.0", - "title": "1Password Events Workbook", - "templateRelativePath": "1Password.json", - "subtitle": "", - "provider": "1Password" - }, - { - "workbookKey": "42CrunchAPIProtectionWorkbook", - "logoFileName": "42CrunchLogo.svg", - "description": "Monitor and protect APIs using the 42Crunch API microfirewall", - "dataTypesDependencies": [ - "apifirewall_log_1_CL" - ], - "dataConnectorsDependencies": [ - "42CrunchAPIProtection" - ], - "previewImagesFileNames": [ - "42CrunchInstancesBlack.png", - "42CrunchInstancesWhite.png", - "42CrunchRequestsBlack.png", - "42CrunchRequestsWhite.png", - "42CrunchStatusBlack.png", - "42CrunchStatusWhite.png" - ], - "version": "1.0.0", - "title": "42Crunch API Protection Workbook", - "templateRelativePath": "42CrunchAPIProtectionWorkbook.json", - "subtitle": "", - "provider": "42Crunch" - }, - { - "workbookKey": "AttackSurfaceReduction", - "logoFileName": "M365securityposturelogo.svg", - "description": "This workbook helps you implement the ASR rules of Windows/Defender, and to monitor them over time. The workbook can filter on ASR rules in Audit mode and Block mode.", - "dataTypesDependencies": [ - "DeviceEvents" - ], - "dataConnectorsDependencies": [ - "MicrosoftThreatProtection" - ], - "previewImagesFileNames": [ - "AttackSurfaceReductionWhite.png", - "AttackSurfaceReductionBlack.png" - ], - "version": "1.0.0", - "title": "Attack Surface Reduction Dashboard", - "templateRelativePath": "AttackSurfaceReduction.json", - "subtitle": "", - "provider": "Microsoft Sentinel community" - }, - { - "workbookKey": "ForcepointNGFWAdvanced", - "logoFileName": "FPAdvLogo.svg", - "description": "Gain threat intelligence correlated security and application insights on Forcepoint NGFW (Next Generation Firewall). Monitor Forcepoint logging servers health.", - "dataTypesDependencies": [ - "CommonSecurityLog", - "ThreatIntelligenceIndicator" - ], - "dataConnectorsDependencies": [ - "ForcepointNgfw", - "ThreatIntelligence", - "ForcepointNgfwAma", - "CefAma" - ], - "previewImagesFileNames": [ - "ForcepointNGFWAdvancedWhite.png", - "ForcepointNGFWAdvancedBlack.png" - ], - "version": "1.0.0", - "title": "Forcepoint Next Generation Firewall (NGFW) Advanced Workbook", - "templateRelativePath": "ForcepointNGFWAdvanced.json", - "subtitle": "", - "provider": "Forcepoint" - }, - { - "workbookKey": "AzureActivityWorkbook", - "logoFileName": "azureactivity_logo.svg", - "description": "Gain extensive insight into your organization's Azure Activity by analyzing, and correlating all user operations and events.\nYou can learn about all user operations, trends, and anomalous changes over time.\nThis workbook gives you the ability to drill down into caller activities and summarize detected failure and warning events.", - "dataTypesDependencies": [ - "AzureActivity" - ], - "dataConnectorsDependencies": [ - "AzureActivity" - ], - "previewImagesFileNames": [ - "AzureActivityWhite1.png", - "AzureActivityBlack1.png" - ], - "version": "2.0.0", - "title": "Azure Activity", - "templateRelativePath": "AzureActivity.json", - "subtitle": "", - "provider": "Microsoft" - }, - { - "workbookKey": "IdentityAndAccessWorkbook", - "logoFileName": "Microsoft_logo.svg", - "description": "Gain insights into Identity and access operations by collecting and analyzing security logs, using the audit and sign-in logs to gather insights into use of Microsoft products.\nYou can view anomalies and trends across login events from all users and machines. This workbook also identifies suspicious entities from login and access events.", - "dataTypesDependencies": [ - "SecurityEvent" - ], - "dataConnectorsDependencies": [ - "SecurityEvents", - "WindowsSecurityEvents" - ], - "previewImagesFileNames": [ - "IdentityAndAccessWhite.png", - "IdentityAndAccessBlack.png" - ], - "version": "1.1.0", - "title": "Identity & Access", - "templateRelativePath": "IdentityAndAccess.json", - "subtitle": "", - "provider": "Microsoft" - }, - { - "workbookKey": "ConditionalAccessTrendsandChangesWorkbook", - "logoFileName": "Microsoft_logo.svg", - "description": "Gain insights into Conditional Access Trends and Changes.", - "dataTypesDependencies": [ "SigninLogs" ], - "dataConnectorsDependencies": [ "AzureActiveDirectory" ], - "previewImagesFileNames": [ "catrendsWhite.png", "catrendsBlack.png" ], - "version": "1.0.0", - "title": "Conditional Access Trends and Changes", - "templateRelativePath": "ConditionalAccessTrendsandChanges.json", - "subtitle": "", - "provider": "Microsoft", - "support": { - "tier": "Community" - }, - "author": { - "name": "Microsoft Sentinel Community" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ "Identity" ] - } - }, - { - "workbookKey": "CheckPointWorkbook", - "logoFileName": "checkpoint_logo.svg", - "description": "Gain insights into Check Point network activities, including number of gateways and servers, security incidents, and identify infected hosts.", - "dataTypesDependencies": [ - "CommonSecurityLog" - ], - "dataConnectorsDependencies": [ - "CheckPoint" - ], - "previewImagesFileNames": [ - "CheckPointWhite.png", - "CheckPointBlack.png" - ], - "version": "1.0.0", - "title": "Check Point Software Technologies", - "templateRelativePath": "CheckPoint.json", - "subtitle": "", - "provider": "Check Point" - }, - { - "workbookKey": "CiscoWorkbook", - "logoFileName": "cisco_logo.svg", - "description": "Gain insights into your Cisco ASA firewalls by analyzing traffic, events, and firewall operations.\nThis workbook analyzes Cisco ASA threat events and identifies suspicious ports, users, protocols and IP addresses.\nYou can learn about trends across user and data traffic directions, and drill down into the Cisco filter results.\nEasily detect attacks on your organization by monitoring management operations, such as configuration and logins.", - "dataTypesDependencies": [ - "CommonSecurityLog" - ], - "dataConnectorsDependencies": [ - "CiscoASA" - ], - "previewImagesFileNames": [ - "CiscoWhite.png", - "CiscoBlack.png" - ], - "version": "1.1.0", - "title": "Cisco - ASA", - "templateRelativePath": "Cisco.json", - "subtitle": "", - "provider": "Microsoft" - }, - - { - "workbookKey": "ExchangeOnlineWorkbook", - "logoFileName": "office365_logo.svg", - "description": "Gain insights into Microsoft Exchange online by tracing and analyzing all Exchange operations and user activities.\nThis workbook let you monitor user activities, including logins, account operations, permission changes, and mailbox creations to discover suspicious trends among them.", - "dataTypesDependencies": [ - "OfficeActivity" - ], - "dataConnectorsDependencies": [ - "Office365" - ], - "previewImagesFileNames": [ - "ExchangeOnlineWhite.png", - "ExchangeOnlineBlack.png" - ], - "version": "2.0.0", - "title": "Exchange Online", - "templateRelativePath": "ExchangeOnline.json", - "subtitle": "", - "provider": "Microsoft" - }, - { - "workbookKey": "CloudNGFW-OverviewWorkbook", - "logoFileName": "paloalto_logo.svg", - "description": "Gain insights and comprehensive monitoring into Azure CloudNGFW by Palo Alto Networks by analyzing traffic and activities.\nThis workbook correlates all Palo Alto data with threat events to identify suspicious entities and relationships.\nYou can learn about trends across user and data traffic, and drill down into Palo Alto Wildfire and filter results.", - "dataTypesDependencies": [ - "fluentbit_CL" - ], - "dataConnectorsDependencies": [ - "CloudNgfwByPAN" - ], - "previewImagesFileNames": [ - "PaloAltoOverviewWhite1.png", - "PaloAltoOverviewBlack1.png", - "PaloAltoOverviewWhite2.png", - "PaloAltoOverviewBlack2.png", - "PaloAltoOverviewWhite3.png", - "PaloAltoOverviewBlack3.png" - ], - "version": "1.2.0", - "title": "Azure CloudNGFW By Palo Alto Networks - Overview", - "templateRelativePath": "CloudNGFW-Overview.json", - "subtitle": "", - "provider": "Palo Alto Networks" - }, - { - "workbookKey": "CloudNGFW-NetworkThreatWorkbook", - "logoFileName": "paloalto_logo.svg", - "description": "Gain insights into Azure CloudNGFW activities by analyzing threat events.\nYou can extract meaningful security information by correlating data between threats, applications, and time.\nThis workbook makes it easy to track malware, vulnerability, and virus log events.", - "dataTypesDependencies": [ - "fluentbit_CL" - ], - "dataConnectorsDependencies": [ - "CloudNgfwByPAN" - ], - "previewImagesFileNames": [ - "PaloAltoNetworkThreatWhite1.png", - "PaloAltoNetworkThreatBlack1.png", - "PaloAltoNetworkThreatWhite2.png", - "PaloAltoNetworkThreatBlack2.png" - ], - "version": "1.2.0", - "title": "Azure CloudNGFW By Palo Alto Networks - Network Threats", - "templateRelativePath": "CloudNGFW-NetworkThreat.json", - "subtitle": "", - "provider": "Palo Alto Networks" - }, - { - "workbookKey": "PaloAltoOverviewWorkbook", - "logoFileName": "paloalto_logo.svg", - "description": "Gain insights and comprehensive monitoring into Palo Alto firewalls by analyzing traffic and activities.\nThis workbook correlates all Palo Alto data with threat events to identify suspicious entities and relationships.\nYou can learn about trends across user and data traffic, and drill down into Palo Alto Wildfire and filter results.", - "dataTypesDependencies": [ - "CommonSecurityLog" - ], - "dataConnectorsDependencies": [ - "PaloAltoNetworks", - "CefAma" - ], - "previewImagesFileNames": [ - "PaloAltoOverviewWhite1.png", - "PaloAltoOverviewBlack1.png", - "PaloAltoOverviewWhite2.png", - "PaloAltoOverviewBlack2.png", - "PaloAltoOverviewWhite3.png", - "PaloAltoOverviewBlack3.png" - ], - "version": "1.2.0", - "title": "Palo Alto overview", - "templateRelativePath": "PaloAltoOverview.json", - "subtitle": "", - "provider": "Microsoft" - }, - { - "workbookKey": "PaloAltoNetworkThreatWorkbook", - "logoFileName": "paloalto_logo.svg", - "description": "Gain insights into Palo Alto network activities by analyzing threat events.\nYou can extract meaningful security information by correlating data between threats, applications, and time.\nThis workbook makes it easy to track malware, vulnerability, and virus log events.", - "dataTypesDependencies": [ - "CommonSecurityLog" - ], - "dataConnectorsDependencies": [ - "PaloAltoNetworks", - "CefAma" - ], - "previewImagesFileNames": [ - "PaloAltoNetworkThreatWhite1.png", - "PaloAltoNetworkThreatBlack1.png", - "PaloAltoNetworkThreatWhite2.png", - "PaloAltoNetworkThreatBlack2.png" - ], - "version": "1.1.0", - "title": "Palo Alto Network Threat", - "templateRelativePath": "PaloAltoNetworkThreat.json", - "subtitle": "", - "provider": "Palo Alto Networks" - }, - { - "workbookKey": "EsetSMCWorkbook", - "logoFileName": "eset-logo.svg", - "description": "Visualize events and threats from Eset Security Management Center.", - "dataTypesDependencies": [ - "eset_CL" - ], - "dataConnectorsDependencies": [ - "EsetSMC" - ], - "previewImagesFileNames": [ - "esetSMCWorkbook-black.png", - "esetSMCWorkbook-white.png" - ], - "version": "1.0.0", - "title": "Eset Security Management Center Overview", - "templateRelativePath": "esetSMCWorkbook.json", - "subtitle": "", - "provider": "Community", - "support": { - "tier": "Community" - }, - "author": { - "name": "Tomáš Kubica" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ "Security - Others" ] - } - }, - { - "workbookKey": "FortigateWorkbook", - "logoFileName": "fortinet_logo.svg", - "description": "Gain insights into Fortigate firewalls by analyzing traffic and activities.\nThis workbook finds correlations in Fortigate threat events and identifies suspicious ports, users, protocols and IP addresses.\nYou can learn about trends across user and data traffic, and drill down into the Fortigate filter results.\nEasily detect attacks on your organization by monitoring management operations such as configuration and logins.", - "dataTypesDependencies": [ - "CommonSecurityLog" - ], - "dataConnectorsDependencies": [ - "Fortinet", - "CefAma" - ], - "previewImagesFileNames": [ - "FortigateWhite.png", - "FortigateBlack.png" - ], - "version": "1.1.0", - "title": "FortiGate", - "templateRelativePath": "Fortigate.json", - "subtitle": "", - "provider": "Microsoft" - }, - { - "workbookKey": "DnsWorkbook", - "logoFileName": "dns_logo.svg", - "description": "Gain extensive insight into your organization's DNS by analyzing, collecting and correlating all DNS events.\nThis workbook exposes a variety of information about suspicious queries, malicious IP addresses and domain operations.", - "dataTypesDependencies": [ - "DnsInventory", - "DnsEvents" - ], - "dataConnectorsDependencies": [ - "DNS" - ], - "previewImagesFileNames": [ - "DnsWhite.png", - "DnsBlack.png" - ], - "version": "1.3.0", - "title": "DNS", - "templateRelativePath": "Dns.json", - "subtitle": "", - "provider": "Microsoft" - }, - { - "workbookKey": "Office365Workbook", - "logoFileName": "office365_logo.svg", - "description": "Gain insights into Office 365 by tracing and analyzing all operations and activities. You can drill down into your SharePoint, OneDrive, and Exchange.\nThis workbook lets you find usage trends across users, files, folders, and mailboxes, making it easier to identify anomalies in your network.", - "dataTypesDependencies": [ - "OfficeActivity" - ], - "dataConnectorsDependencies": [ - "Office365" - ], - "previewImagesFileNames": [ - "Office365White1.png", - "Office365Black1.png", - "Office365White2.png", - "Office365Black2.png", - "Office365White3.png", - "Office365Black3.png" - ], - "version": "2.0.1", - "title": "Office 365", - "templateRelativePath": "Office365.json", - "subtitle": "", - "provider": "Microsoft" - }, - { - "workbookKey": "SharePointAndOneDriveWorkbook", - "logoFileName": "office365_logo.svg", - "description": "Gain insights into SharePoint and OneDrive by tracing and analyzing all operations and activities.\nYou can view trends across user operation, find correlations between users and files, and identify interesting information such as user IP addresses.", - "dataTypesDependencies": [ - "OfficeActivity" - ], - "dataConnectorsDependencies": [ - "Office365" - ], - "previewImagesFileNames": [ - "SharePointAndOneDriveBlack1.png", - "SharePointAndOneDriveBlack2.png", - "SharePointAndOneDriveWhite1.png", - "SharePointAndOneDriveWhite2.png" - ], - "version": "2.0.0", - "title": "SharePoint & OneDrive", - "templateRelativePath": "SharePointAndOneDrive.json", - "subtitle": "", - "provider": "Microsoft" - }, - { - "workbookKey": "AzureActiveDirectorySigninLogsWorkbook", - "logoFileName": "azureactivedirectory_logo.svg", - "description": "Gain insights into Microsoft Entra ID by connecting Microsoft Sentinel and using the sign-in logs to gather insights around Microsoft Entra ID scenarios. \nYou can learn about sign-in operations, such as user sign-ins and locations, email addresses, and IP addresses of your users, as well as failed activities and the errors that triggered the failures.", - "dataTypesDependencies": [ - "SigninLogs" - ], - "dataConnectorsDependencies": [ - "AzureActiveDirectory" - ], - "previewImagesFileNames": [ - "AADsigninBlack1.png", - "AADsigninBlack2.png", - "AADsigninWhite1.png", - "AADsigninWhite2.png" - ], - "version": "2.4.0", - "title": "Microsoft Entra ID Sign-in logs", - "templateRelativePath": "AzureActiveDirectorySignins.json", - "subtitle": "", - "provider": "Microsoft" - }, - { - "workbookKey": "VirtualMachinesInsightsWorkbook", - "logoFileName": "azurevirtualmachine_logo.svg", - "description": "Gain rich insight into your organization's virtual machines from Azure Monitor, which analyzes and correlates data in your VM network. \nYou will get visibility on your VM parameters and behavior, and will be able to trace sent and received data. \nIdentify malicious attackers and their targets, and drill down into the protocols, source and destination IP addresses, countries, and ports the attacks occur across.", - "dataTypesDependencies": [ - "VMConnection", - "ServiceMapComputer_CL", - "ServiceMapProcess_CL" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "VMInsightBlack1.png", - "VMInsightWhite1.png" - ], - "version": "1.3.0", - "title": "VM insights", - "templateRelativePath": "VirtualMachinesInsights.json", - "subtitle": "", - "provider": "Microsoft", - "support": { - "tier": "Microsoft" - }, - "author": { - "name": "Microsoft Corporation" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ - "IT Operations", - "Platform" - ] - } - }, - { - "workbookKey": "AzureActiveDirectoryAuditLogsWorkbook", - "logoFileName": "azureactivedirectory_logo.svg", - "description": "Gain insights into Microsoft Entra ID by connecting Microsoft Sentinel and using the audit logs to gather insights around Microsoft Entra ID scenarios. \nYou can learn about user operations, including password and group management, device activities, and top active users and apps.", - "dataTypesDependencies": [ - "AuditLogs" - ], - "dataConnectorsDependencies": [ - "AzureActiveDirectory" - ], - "previewImagesFileNames": [ - "AzureADAuditLogsBlack1.png", - "AzureADAuditLogsWhite1.png" - ], - "version": "1.2.0", - "title": "Microsoft Entra ID Audit logs", - "templateRelativePath": "AzureActiveDirectoryAuditLogs.json", - "subtitle": "", - "provider": "Microsoft" - }, - { - "workbookKey": "ThreatIntelligenceWorkbook", - "logoFileName": "Azure_Sentinel.svg", - "description": "Gain insights into threat indicators ingestion and search for indicators at scale across Microsoft 1st Party, 3rd Party, On-Premises, Hybrid, and Multi-Cloud Workloads. Indicators Search facilitates a simple interface for finding IP, File, Hash, Sender and more across your data. Seamless pivots to correlate indicators with Microsoft Sentinel: Incidents to make your threat intelligence actionable.", - "dataTypesDependencies": [ - "ThreatIntelligenceIndicator", - "SecurityIncident" - ], - "dataConnectorsDependencies": [ - "ThreatIntelligence", - "ThreatIntelligenceTaxii", - "MicrosoftDefenderThreatIntelligence", - "ThreatIntelligenceUploadIndicatorsAPI" - ], - "previewImagesFileNames": [ - "ThreatIntelligenceWhite.png", - "ThreatIntelligenceBlack.png" - ], - "version": "5.0.0", - "title": "Threat Intelligence", - "templateRelativePath": "ThreatIntelligence.json", - "subtitle": "", - "provider": "Microsoft" - }, - { - "workbookKey": "WebApplicationFirewallOverviewWorkbook", - "logoFileName": "waf_logo.svg", - "description": "Gain insights into your organization's Azure web application firewall (WAF). You will get a general overview of your application gateway firewall and application gateway access events.", - "dataTypesDependencies": [ - "AzureDiagnostics" - ], - "dataConnectorsDependencies": [ - "WAF" - ], - "previewImagesFileNames": [ - "WAFOverviewBlack.png", - "WAFOverviewWhite.png" - ], - "version": "1.1.0", - "title": "Microsoft Web Application Firewall (WAF) - overview", - "templateRelativePath": "WebApplicationFirewallOverview.json", - "subtitle": "", - "provider": "Microsoft" - }, - { - "workbookKey": "WebApplicationFirewallFirewallEventsWorkbook", - "logoFileName": "waf_logo.svg", - "description": "Gain insights into your organization's Azure web application firewall (WAF). You will get visibility in to your application gateway firewall. You can view anomalies and trends across all firewall event triggers, attack events, blocked URL addresses and more.", - "dataTypesDependencies": [ - "AzureDiagnostics" - ], - "dataConnectorsDependencies": [ - "WAF" - ], - "previewImagesFileNames": [ - "WAFFirewallEventsBlack1.png", - "WAFFirewallEventsBlack2.png", - "WAFFirewallEventsWhite1.png", - "WAFFirewallEventsWhite2.png" - ], - "version": "1.1.0", - "title": "Microsoft Web Application Firewall (WAF) - firewall events", - "templateRelativePath": "WebApplicationFirewallFirewallEvents.json", - "subtitle": "", - "provider": "Microsoft" - }, - { - "workbookKey": "WebApplicationFirewallGatewayAccessEventsWorkbook", - "logoFileName": "waf_logo.svg", - "description": "Gain insights into your organization's Azure web application firewall (WAF). You will get visibility in to your application gateway access events. You can view anomalies and trends across received and sent data, client IP addresses, URL addresses and more, and drill down into details.", - "dataTypesDependencies": [ - "AzureDiagnostics" - ], - "dataConnectorsDependencies": [ - "WAF" - ], - "previewImagesFileNames": [ - "WAFGatewayAccessEventsBlack1.png", - "WAFGatewayAccessEventsBlack2.png", - "WAFGatewayAccessEventsWhite1.png", - "WAFGatewayAccessEventsWhite2.png" - ], - "version": "1.2.0", - "title": "Microsoft Web Application Firewall (WAF) - gateway access events", - "templateRelativePath": "WebApplicationFirewallGatewayAccessEvents.json", - "subtitle": "", - "provider": "Microsoft" - }, - { - "workbookKey": "LinuxMachinesWorkbook", - "logoFileName": "azurevirtualmachine_logo.svg", - "description": "Gain insights into your workspaces' Linux machines by connecting Microsoft Sentinel and using the logs to gather insights around Linux events and errors.", - "dataTypesDependencies": [ - "Syslog" - ], - "dataConnectorsDependencies": [ - "Syslog" - ], - "previewImagesFileNames": [ - "LinuxMachinesWhite.png", - "LinuxMachinesBlack.png" - ], - "version": "1.1.0", - "title": "Linux machines", - "templateRelativePath": "LinuxMachines.json", - "subtitle": "", - "provider": "Microsoft" - }, - { - "workbookKey": "AzureFirewallWorkbook", - "logoFileName": "AzFirewalls.svg", - "description": "Gain insights into Azure Firewall events. You can learn about your application and network rules, see metrics for firewall activities across URLs, ports, and addresses across multiple workspaces.", - "dataTypesDependencies": [ - "AzureDiagnostics" - ], - "dataConnectorsDependencies": [ - "AzureFirewall" - ], - "previewImagesFileNames": [ - "AzureFirewallWorkbookWhite1.PNG", - "AzureFirewallWorkbookBlack1.PNG", - "AzureFirewallWorkbookWhite2.PNG", - "AzureFirewallWorkbookBlack2.PNG", - "AzureFirewallWorkbookWhite3.PNG", - "AzureFirewallWorkbookBlack3.PNG", - "AzureFirewallWorkbookWhite4.PNG", - "AzureFirewallWorkbookBlack4.PNG", - "AzureFirewallWorkbookWhite5.PNG", - "AzureFirewallWorkbookBlack5.PNG" - ], - "version": "1.3.0", - "title": "Azure Firewall", - "templateRelativePath": "AzureFirewallWorkbook.json", - "subtitle": "", - "provider": "Microsoft" - }, - { - "workbookKey": "AzureFirewallWorkbook-StructuredLogs", - "logoFileName": "AzFirewalls.svg", - "description": "Gain insights into Azure Firewall events using the new Structured Logs for Azure Firewall. You can learn about your application and network rules, see metrics for firewall activities across URLs, ports, and addresses across multiple workspaces.", - "dataTypesDependencies": [ - "AZFWNetworkRule", - "AZFWApplicationRule", - "AZFWDnsQuery", - "AZFWThreatIntel" - ], - "dataConnectorsDependencies": [ - "AzureFirewall" - ], - "previewImagesFileNames": [ - "AzureFirewallWorkbookWhite1.PNG", - "AzureFirewallWorkbookBlack1.PNG", - "AzureFirewallWorkbookWhite2.PNG", - "AzureFirewallWorkbookBlack2.PNG", - "AzureFirewallWorkbookWhite3.PNG", - "AzureFirewallWorkbookBlack3.PNG", - "AzureFirewallWorkbookWhite4.PNG", - "AzureFirewallWorkbookBlack4.PNG", - "AzureFirewallWorkbookWhite5.PNG", - "AzureFirewallWorkbookBlack5.PNG" - ], - "version": "1.0.0", - "title": "Azure Firewall Structured Logs", - "templateRelativePath": "AzureFirewallWorkbook-StructuredLogs.json", - "subtitle": "", - "provider": "Microsoft" - }, - { - "workbookKey": "AzureDDoSStandardProtection", - "logoFileName": "AzDDoS.svg", - "description": "This workbook visualizes security-relevant Azure DDoS events across several filterable panels. Offering a summary tab, metrics and a investigate tabs across multiple workspaces.", - "dataTypesDependencies": [ - "AzureDiagnostics" - ], - "dataConnectorsDependencies": [ - "DDOS" - ], - "previewImagesFileNames": [ - "AzureDDoSWhite1.PNG", - "AzureDDoSBlack1.PNG", - "AzureDDoSWhite2.PNG", - "AzureDDoSBlack2.PNG", - "AzureDDoSWhite2.PNG", - "AzureDDoSBlack2.PNG" - ], - "version": "1.0.2", - "title": "Azure DDoS Protection Workbook", - "templateRelativePath": "AzDDoSStandardWorkbook.json", - "subtitle": "", - "provider": "Microsoft" - }, - { - "workbookKey": "MicrosoftCloudAppSecurityWorkbook", - "logoFileName": "Microsoft_logo.svg", - "description": "Using this workbook, you can identify which cloud apps are being used in your organization, gain insights from usage trends and drill down to a specific user and application.", - "dataTypesDependencies": [ - "McasShadowItReporting" - ], - "dataConnectorsDependencies": [ - "MicrosoftCloudAppSecurity" - ], - "previewImagesFileNames": [ - "McasDiscoveryBlack.png", - "McasDiscoveryWhite.png" - ], - "version": "1.2.0", - "title": "Microsoft Cloud App Security - discovery logs", - "templateRelativePath": "MicrosoftCloudAppSecurity.json", - "subtitle": "", - "provider": "Microsoft" - }, - { - "workbookKey": "F5BIGIPSytemMetricsWorkbook", - "logoFileName": "f5_logo.svg", - "description": "Gain insight into F5 BIG-IP health and performance. This workbook provides visibility of various metrics including CPU, memory, connectivity, throughput and disk utilization.", - "dataTypesDependencies": [ - "F5Telemetry_system_CL", - "F5Telemetry_AVR_CL" - ], - "dataConnectorsDependencies": [ - "F5BigIp" - ], - "previewImagesFileNames": [ - "F5SMBlack.png", - "F5SMWhite.png" - ], - "version": "1.1.0", - "title": "F5 BIG-IP System Metrics", - "templateRelativePath": "F5BIGIPSystemMetrics.json", - "subtitle": "", - "provider": "F5 Networks" - }, - { - "workbookKey": "F5NetworksWorkbook", - "logoFileName": "f5_logo.svg", - "description": "Gain insights into F5 BIG-IP Application Security Manager (ASM), by analyzing traffic and activities.\nThis workbook provides insight into F5's web application firewall events and identifies attack traffic patterns across multiple ASM instances as well as overall BIG-IP health.", - "dataTypesDependencies": [ - "F5Telemetry_LTM_CL", - "F5Telemetry_system_CL", - "F5Telemetry_ASM_CL" - ], - "dataConnectorsDependencies": [ - "F5BigIp" - ], - "previewImagesFileNames": [ - "F5White.png", - "F5Black.png" - ], - "version": "1.1.0", - "title": "F5 BIG-IP ASM", - "templateRelativePath": "F5Networks.json", - "subtitle": "", - "provider": "F5 Networks" - }, - { - "workbookKey": "AzureNetworkWatcherWorkbook", - "logoFileName": "networkwatcher_logo.svg", - "description": "Gain deeper understanding of your organization's Azure network traffic by analyzing, and correlating Network Security Group flow logs. \nYou can trace malicious traffic flows, and drill down into their protocols, source and destination IP addresses, machines, countries, and subnets. \nThis workbook also helps you protect your network by identifying weak NSG rules.", - "dataTypesDependencies": [ - "AzureNetworkAnalytics_CL" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "AzureNetworkWatcherWhite.png", - "AzureNetworkWatcherBlack.png" - ], - "version": "1.1.0", - "title": "Azure Network Watcher", - "templateRelativePath": "AzureNetworkWatcher.json", - "subtitle": "", - "provider": "Microsoft", - "support": { - "tier": "Microsoft" - }, - "author": { - "name": "Microsoft Corporation" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ - "Security - Network" - ] - } - }, - { - "workbookKey": "ZscalerFirewallWorkbook", - "logoFileName": "zscaler_logo.svg", - "description": "Gain insights into your ZIA cloud firewall logs by connecting to Microsoft Sentinel.\nThe Zscaler firewall overview workbook provides an overview and ability to drill down into all cloud firewall activity in your Zscaler instance including non-web related networking events, security events, firewall rules, and bandwidth consumption", - "dataTypesDependencies": [ - "CommonSecurityLog" - ], - "dataConnectorsDependencies": [ - "Zscaler", - "CefAma" - ], - "previewImagesFileNames": [ - "ZscalerFirewallWhite1.png", - "ZscalerFirewallBlack1.png", - "ZscalerFirewallWhite2.png", - "ZscalerFirewallBlack2.png" - ], - "version": "1.1.0", - "title": "Zscaler Firewall", - "templateRelativePath": "ZscalerFirewall.json", - "subtitle": "", - "provider": "Zscaler" - }, - { - "workbookKey": "ZscalerWebOverviewWorkbook", - "logoFileName": "zscaler_logo.svg", - "description": "Gain insights into your ZIA web logs by connecting to Microsoft Sentinel.\nThe Zscaler web overview workbook provides a bird's eye view and ability to drill down into all the security and networking events related to web transactions, types of devices, and bandwidth consumption.", - "dataTypesDependencies": [ - "CommonSecurityLog" - ], - "dataConnectorsDependencies": [ - "Zscaler", - "CefAma" - ], - "previewImagesFileNames": [ - "ZscalerWebOverviewWhite.png", - "ZscalerWebOverviewBlack.png" - ], - "version": "1.1.0", - "title": "Zscaler Web Overview", - "templateRelativePath": "ZscalerWebOverview.json", - "subtitle": "", - "provider": "Zscaler" - }, - { - "workbookKey": "ZscalerThreatsOverviewWorkbook", - "logoFileName": "zscaler_logo.svg", - "description": "Gain insights into threats blocked by Zscaler Internet access on your network.\nThe Zscaler threat overview workbook shows your entire threat landscape including blocked malware, IPS/AV rules, and blocked cloud apps. Threats are displayed by threat categories, filetypes, inbound vs outbound threats, usernames, user location, and more.", - "dataTypesDependencies": [ - "CommonSecurityLog" - ], - "dataConnectorsDependencies": [ - "Zscaler", - "CefAma" - ], - "previewImagesFileNames": [ - "ZscalerThreatsWhite.png", - "ZscalerThreatsBlack.png" - ], - "version": "1.2.0", - "title": "Zscaler Threats", - "templateRelativePath": "ZscalerThreats.json", - "subtitle": "", - "provider": "Zscaler" - }, - { - "workbookKey": "ZscalerOffice365AppsWorkbook", - "logoFileName": "zscaler_logo.svg", - "description": "Gain insights into Office 365 use on your network.\nThe Zscaler Office 365 overview workbook shows you the Microsoft apps running on your network and their individual bandwidth consumption. It also helps identify phishing attempts in which attackers disguised themselves as Microsoft services.", - "dataTypesDependencies": [ - "CommonSecurityLog" - ], - "dataConnectorsDependencies": [ - "Zscaler", - "CefAma" - ], - "previewImagesFileNames": [ - "ZscalerOffice365White.png", - "ZscalerOffice365Black.png" - ], - "version": "1.1.0", - "title": "Zscaler Office365 Apps", - "templateRelativePath": "ZscalerOffice365Apps.json", - "subtitle": "", - "provider": "Zscaler" - }, - { - "workbookKey": "InsecureProtocolsWorkbook", - "logoFileName": "Microsoft_logo.svg", - "description": "Gain insights into insecure protocol traffic by collecting and analyzing security events from Microsoft products.\nYou can view analytics and quickly identify use of weak authentication as well as sources of legacy protocol traffic, like NTLM and SMBv1.\nYou will also have the ability to monitor use of weak ciphers, allowing you to find weak spots in your organization's security.", - "dataTypesDependencies": [ - "SecurityEvent", - "Event", - "SigninLogs" - ], - "dataConnectorsDependencies": [ - "SecurityEvents", - "AzureActiveDirectory", - "WindowsSecurityEvents" - ], - "previewImagesFileNames": [ - "InsecureProtocolsWhite1.png", - "InsecureProtocolsBlack1.png", - "InsecureProtocolsWhite2.png", - "InsecureProtocolsBlack2.png" - ], - "version": "2.1.0", - "title": "Insecure Protocols", - "templateRelativePath": "InsecureProtocols.json", - "subtitle": "", - "provider": "Microsoft", - "support": { - "tier": "Microsoft" - }, - "author": { - "name": "Microsoft Corporation" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ - "Security - Others" - ] - } -}, -{ - "workbookKey": "usecasemapper", - "logoFileName": "ucasemapper.svg", - "description": "A simple tool to map Use Cases to Content Hub relevant Microsoft Sentinel solutions", - "previewImagesFileNames": [ "useCaseMapperWhite1.png", "useCaseMapperWhite2.png", "useCaseMapperWhite3.png", "useCaseMapperBlack1.png", "useCaseMapperBlack2.png", "useCaseMapperBlack3.png"], - "version": "1.0.0", - "title": "Use Case Mapper", - "templateRelativePath": "usecasemapper.json", - "dataTypesDependencies": [], - "dataConnectorsDependencies": [], - "subtitle": "", - "provider": "Microsoft Sentinel community", - "support": { - "tier": "Community" - }, - "author": { - "name": "Microsoft Sentinel Community" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ - "Security - Cloud Security" - ] - } - }, - { - "workbookKey": "AzureInformationProtectionWorkbook", - "logoFileName": "informationProtection.svg", - "description": "The Azure Information Protection Usage report workbook provides information on the volume of labeled and protected documents and emails over time, label distribution of files by label type, along with where the label was applied.", - "dataTypesDependencies": [ - "SecurityEvent", - "Event", - "SigninLogs" - ], - "dataConnectorsDependencies": [ - "SecurityEvents", - "AzureActiveDirectory", - "WindowsSecurityEvents" - ], - "previewImagesFileNames": [ - "InsecureProtocolsWhite1.png", - "InsecureProtocolsBlack1.png", - "InsecureProtocolsWhite2.png", - "InsecureProtocolsBlack2.png" - ], - "version": "2.1.0", - "title": "Insecure Protocols", - "templateRelativePath": "InsecureProtocols.json", - "subtitle": "", - "provider": "Microsoft", - "support": { - "tier": "Microsoft" - }, - "author": { - "name": "Amit Bergman" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ "Security - Others" ] - } -}, - { - "workbookKey": "AmazonWebServicesNetworkActivitiesWorkbook", - "logoFileName": "amazon_web_services_Logo.svg", - "description": "Gain insights into AWS network related resource activities, including the creation, update, and deletions of security groups, network ACLs and routes, gateways, elastic load balancers, VPCs, subnets, and network interfaces.", - "dataTypesDependencies": [ - "AWSCloudTrail" - ], - "dataConnectorsDependencies": [ - "AWS" - ], - "previewImagesFileNames": [ - "AwsNetworkActivitiesWhite.png", - "AwsNetworkActivitiesBlack.png" - ], - "version": "1.0.0", - "title": "AWS Network Activities", - "templateRelativePath": "AmazonWebServicesNetworkActivities.json", - "subtitle": "", - "provider": "Microsoft" - }, - { - "workbookKey": "AmazonWebServicesUserActivitiesWorkbook", - "logoFileName": "amazon_web_services_Logo.svg", - "description": "Gain insights into AWS user activities, including failed sign-in attempts, IP addresses, regions, user agents, and identity types, as well as potential malicious user activities with assumed roles.", - "dataTypesDependencies": [ - "AWSCloudTrail" - ], - "dataConnectorsDependencies": [ - "AWS" - ], - "previewImagesFileNames": [ - "AwsUserActivitiesWhite.png", - "AwsUserActivitiesBlack.png" - ], - "version": "1.0.0", - "title": "AWS User Activities", - "templateRelativePath": "AmazonWebServicesUserActivities.json", - "subtitle": "", - "provider": "Microsoft" - }, - { - "workbookKey": "TrendMicroDeepSecurityAttackActivityWorkbook", - "logoFileName": "trendmicro_logo.svg", - "description": "Visualize and gain insights into the MITRE ATT&CK related activity detected by Trend Micro Deep Security.", - "dataTypesDependencies": [ - "CommonSecurityLog" - ], - "dataConnectorsDependencies": [ - "TrendMicro", - "CefAma" - ], - "previewImagesFileNames": [ - "TrendMicroDeepSecurityAttackActivityWhite.png", - "TrendMicroDeepSecurityAttackActivityBlack.png" - ], - "version": "1.0.0", - "title": "Trend Micro Deep Security ATT&CK Related Activity", - "templateRelativePath": "TrendMicroDeepSecurityAttackActivity.json", - "subtitle": "", - "provider": "Trend Micro" - }, - { - "workbookKey": "TrendMicroDeepSecurityOverviewWorkbook", - "logoFileName": "trendmicro_logo.svg", - "description": "Gain insights into your Trend Micro Deep Security security event data by visualizing your Deep Security Anti-Malware, Firewall, Integrity Monitoring, Intrusion Prevention, Log Inspection, and Web Reputation event data.", - "dataTypesDependencies": [ - "CommonSecurityLog" - ], - "dataConnectorsDependencies": [ - "TrendMicro", - "CefAma" - ], - "previewImagesFileNames": [ - "TrendMicroDeepSecurityOverviewWhite1.png", - "TrendMicroDeepSecurityOverviewBlack1.png", - "TrendMicroDeepSecurityOverviewWhite2.png", - "TrendMicroDeepSecurityOverviewBlack2.png" - ], - "version": "1.0.0", - "title": "Trend Micro Deep Security Events", - "templateRelativePath": "TrendMicroDeepSecurityOverview.json", - "subtitle": "", - "provider": "Trend Micro" - }, - { - "workbookKey": "ExtraHopDetectionSummaryWorkbook", - "logoFileName": "extrahop_logo.svg", - "description": "Gain insights into ExtraHop Reveal(x) detections by analyzing traffic and activities.\nThis workbook provides an overview of security detections in your organization's network, including high-risk detections and top participants.", - "dataTypesDependencies": [ - "CommonSecurityLog" - ], - "dataConnectorsDependencies": [ - "ExtraHopNetworks", - "ExtraHopNetworksAma", - "CefAma" - ], - "previewImagesFileNames": [ - "ExtrahopWhite.png", - "ExtrahopBlack.png" - ], - "version": "1.0.0", - "title": "ExtraHop", - "templateRelativePath": "ExtraHopDetectionSummary.json", - "subtitle": "", - "provider": "ExtraHop Networks" - }, - { - "workbookKey": "BarracudaCloudFirewallWorkbook", - "logoFileName": "barracuda_logo.svg", - "description": "Gain insights into your Barracuda CloudGen Firewall by analyzing firewall operations and events.\nThis workbook provides insights into rule enforcement, network activities, including number of connections, top users, and helps you identify applications that are popular on your network.", - "dataTypesDependencies": [ - "CommonSecurityLog", - "Syslog" - ], - "dataConnectorsDependencies": [ - "BarracudaCloudFirewall", - "SyslogAma" - ], - "previewImagesFileNames": [ - "BarracudaWhite1.png", - "BarracudaBlack1.png", - "BarracudaWhite2.png", - "BarracudaBlack2.png" - ], - "version": "1.0.0", - "title": "Barracuda CloudGen FW", - "templateRelativePath": "Barracuda.json", - "subtitle": "", - "provider": "Barracuda" - }, - { - "workbookKey": "CitrixWorkbook", - "logoFileName": "citrix_logo.svg", - "description": "Citrix Analytics for Security aggregates and correlates information across network traffic, users, files and endpoints in Citrix environments. This generates actionable insights that enable Citrix administrators and security teams to remediate user security threats through automation while optimizing IT operations. Machine learning and artificial intelligence empowers Citrix Analytics for Security to identify and take automated action to prevent data exfiltration. While delivered as a cloud service, Citrix Analytics for Security can generate insights from resources located on-premises, in the cloud, or in hybrid architectures. The Citrix Analytics Workbook further enhances the value of both your Citrix Analytics for Security and Microsoft Sentinel. The Workbook enables you to integrate data sources together, helping you gain even richer insights. It also gives Security Operations (SOC) teams the ability to correlate data from disparate logs, helping you identify and proactively remediate security risk quickly. Additionally, valuable dashboards that were unique to the Citrix Analytics for Security can now be implemented in Sentinel. You can also create new custom Workbooks that were not previously available, helping extend the value of both investments.", - "dataTypesDependencies": [ - "CitrixAnalytics_userProfile_CL", - "CitrixAnalytics_riskScoreChange_CL", - "CitrixAnalytics_indicatorSummary_CL", - "CitrixAnalytics_indicatorEventDetails_CL" - ], - "dataConnectorsDependencies": [ - "Citrix" - ], - "previewImagesFileNames": [ - "CitrixWhite.png", - "CitrixBlack.png" - ], - "version": "2.1.0", - "title": "Citrix Analytics", - "templateRelativePath": "Citrix.json", - "subtitle": "", - "provider": "Citrix Systems Inc." - }, - { - "workbookKey": "OneIdentityWorkbook", - "logoFileName": "oneIdentity_logo.svg", - "description": "This simple workbook gives an overview of sessions going through your SafeGuard for Privileged Sessions device.", - "dataTypesDependencies": [ - "CommonSecurityLog" - ], - "dataConnectorsDependencies": [ - "OneIdentity" - ], - "previewImagesFileNames": [ - "OneIdentityWhite.png", - "OneIdentityBlack.png" - ], - "version": "1.0.0", - "title": "One Identity", - "templateRelativePath": "OneIdentity.json", - "subtitle": "", - "provider": "One Identity LLC.", - "support": { - "tier": "Community" - }, - "author": { - "name": "Amit Bergman" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ "Identity" ] - } - }, - { - "workbookKey": "SecurityStatusWorkbook", - "logoFileName": "Azure_Sentinel.svg", - "description": "This workbook gives an overview of Security Settings for VMs and Azure Arc.", - "dataTypesDependencies": [ - "CommonSecurityLog", - "SecurityEvent", - "Syslog" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "AzureSentinelSecurityStatusBlack.png", - "AzureSentinelSecurityStatusWhite.png" - ], - "version": "1.3.0", - "title": "Security Status", - "templateRelativePath": "SecurityStatus.json", - "subtitle": "", - "provider": "Microsoft", - "author": { - "name": "Microsoft" - }, - "support": { - "tier": "Microsoft" - }, - "categories": { - "verticals": [], - "domains": [ - "IT Operations", - "Security - Others", - "Compliance" - ] - } - }, - { - "workbookKey": "AzureSentinelSecurityAlertsWorkbook", - "logoFileName": "Azure_Sentinel.svg", - "description": "Security Alerts dashboard for alerts in your Microsoft Sentinel environment.", - "dataTypesDependencies": [ - "SecurityAlert" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "AzureSentinelSecurityAlertsWhite.png", - "AzureSentinelSecurityAlertsBlack.png" - ], - "version": "1.1.0", - "title": "Security Alerts", - "templateRelativePath": "AzureSentinelSecurityAlerts.json", - "subtitle": "", - "provider": "Microsoft" - }, - { - "workbookKey": "SquadraTechnologiesSecRMMWorkbook", - "logoFileName": "SquadraTechnologiesLogo.svg", - "description": "This workbook gives an overview of security data for removable storage activity such as USB thumb drives and USB connected mobile devices.", - "dataTypesDependencies": [ - "secRMM_CL" - ], - "dataConnectorsDependencies": [ - "SquadraTechnologiesSecRmm" - ], - "previewImagesFileNames": [ - "SquadraTechnologiesSecRMMWhite.PNG", - "SquadraTechnologiesSecRMMBlack.PNG" - ], - "version": "1.0.0", - "title": "Squadra Technologies SecRMM - USB removable storage security", - "templateRelativePath": "SquadraTechnologiesSecRMM.json", - "subtitle": "", - "provider": "Squadra Technologies" - }, - { - "workbookKey": "IoT-Alerts", - "logoFileName": "IoTIcon.svg", - "description": "Gain insights into your IoT data workloads from Azure IoT Hub managed deployments, monitor alerts across all your IoT Hub deployments, detect devices at risk and act upon potential threats.", - "dataTypesDependencies": [ - "SecurityAlert" - ], - "dataConnectorsDependencies": [ - "IoT" - ], - "previewImagesFileNames": [ - "IOTBlack1.png", - "IOTWhite1.png" - ], - "version": "1.2.0", - "title": "Azure Defender for IoT Alerts", - "templateRelativePath": "IOT_Alerts.json", - "subtitle": "", - "provider": "Microsoft", - "support": { - "tier": "Community" - }, - "author": { - "name": "morshabi" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ - "Internet of Things (IoT)" - ] - } - }, - { - "workbookKey": "IoTAssetDiscovery", - "logoFileName": "IoTIcon.svg", - "description": "IoT Devices asset discovery from Firewall logs By Azure Defender for IoT", - "dataTypesDependencies": [ - "CommonSecurityLog" - ], - "dataConnectorsDependencies": [ - "Fortinet" - ], - "previewImagesFileNames": [ - "workbook-iotassetdiscovery-screenshot-Black.PNG", - "workbook-iotassetdiscovery-screenshot-White.PNG" - ], - "version": "1.0.0", - "title": "IoT Asset Discovery", - "templateRelativePath": "IoTAssetDiscovery.json", - "subtitle": "", - "provider": "Microsoft", - "support": { - "tier": "Community" - }, - "author": { - "name": "jomeczyk" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ - "Internet of Things (IoT)" - ] - } - }, - { - "workbookKey": "ForcepointCASBWorkbook", - "logoFileName": "FP_Green_Emblem_RGB-01.svg", - "description": "Get insights on user risk with the Forcepoint CASB (Cloud Access Security Broker) workbook.", - "dataTypesDependencies": [ - "CommonSecurityLog" - ], - "dataConnectorsDependencies": [ - "ForcepointCasb", - "ForcepointCasbAma", - "CefAma" - ], - "previewImagesFileNames": [ - "ForcepointCASBWhite.png", - "ForcepointCASBBlack.png" - ], - "version": "1.0.0", - "title": "Forcepoint Cloud Access Security Broker (CASB)", - "templateRelativePath": "ForcepointCASB.json", - "subtitle": "", - "provider": "Forcepoint" - }, - { - "workbookKey": "ForcepointNGFWWorkbook", - "logoFileName": "FP_Green_Emblem_RGB-01.svg", - "description": "Get insights on firewall activities with the Forcepoint NGFW (Next Generation Firewall) workbook.", - "dataTypesDependencies": [ - "CommonSecurityLog" - ], - "dataConnectorsDependencies": [ - "ForcepointNgfw", - "ForcepointNgfwAma", - "CefAma" - ], - "previewImagesFileNames": [ - "ForcepointNGFWWhite.png", - "ForcepointNGFWBlack.png" - ], - "version": "1.0.0", - "title": "Forcepoint Next Generation Firewall (NGFW)", - "templateRelativePath": "ForcepointNGFW.json", - "subtitle": "", - "provider": "Forcepoint" - }, - { - "workbookKey": "ForcepointDLPWorkbook", - "logoFileName": "FP_Green_Emblem_RGB-01.svg", - "description": "Get insights on DLP incidents with the Forcepoint DLP (Data Loss Prevention) workbook.", - "dataTypesDependencies": [ - "ForcepointDLPEvents_CL" - ], - "dataConnectorsDependencies": [ - "ForcepointDlp" - ], - "previewImagesFileNames": [ - "ForcepointDLPWhite.png", - "ForcepointDLPBlack.png" - ], - "version": "1.0.0", - "title": "Forcepoint Data Loss Prevention (DLP)", - "templateRelativePath": "ForcepointDLP.json", - "subtitle": "", - "provider": "Forcepoint" - }, - { - "workbookKey": "ZimperiumMTDWorkbook", - "logoFileName": "ZIMPERIUM-logo_square2.svg", - "description": "This workbook provides insights on Zimperium Mobile Threat Defense (MTD) threats and mitigations.", - "dataTypesDependencies": [ - "ZimperiumThreatLog_CL", - "ZimperiumMitigationLog_CL" - ], - "dataConnectorsDependencies": [ - "ZimperiumMtdAlerts" - ], - "previewImagesFileNames": [ - "ZimperiumWhite.png", - "ZimperiumBlack.png" - ], - "version": "1.0.0", - "title": "Zimperium Mobile Threat Defense (MTD)", - "templateRelativePath": "ZimperiumWorkbooks.json", - "subtitle": "", - "provider": "Zimperium" - }, - { - "workbookKey": "AzureAuditActivityAndSigninWorkbook", - "logoFileName": "azureactivedirectory_logo.svg", - "description": "Gain insights into Microsoft Entra ID Audit, Activity and Signins with one workbook. This workbook can be used by Security and Azure administrators.", - "dataTypesDependencies": [ - "AzureActivity", - "AuditLogs", - "SigninLogs" - ], - "dataConnectorsDependencies": [ - "AzureActiveDirectory" - ], - "previewImagesFileNames": [ - "AzureAuditActivityAndSigninWhite1.png", - "AzureAuditActivityAndSigninWhite2.png", - "AzureAuditActivityAndSigninBlack1.png", - "AzureAuditActivityAndSigninBlack2.png" - ], - "version": "1.3.0", - "title": "Azure AD Audit, Activity and Sign-in logs", - "templateRelativePath": "AzureAuditActivityAndSignin.json", - "subtitle": "", - "provider": "Microsoft Sentinel community", - "support": { - "tier": "Community" - }, - "author": { - "name": "Sem Tijsseling" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ - "Identity" - ] - } - }, - { - "workbookKey": "WindowsFirewall", - "logoFileName": "Microsoft_logo.svg", - "description": "Gain insights into Windows Firewall logs in combination with security and Azure signin logs", - "dataTypesDependencies": [ - "WindowsFirewall", - "SecurityEvent", - "SigninLogs" - ], - "dataConnectorsDependencies": [ - "SecurityEvents", - "WindowsFirewall", - "WindowsSecurityEvents" - ], - "previewImagesFileNames": [ - "WindowsFirewallWhite1.png", - "WindowsFirewallWhite2.png", - "WindowsFirewallBlack1.png", - "WindowsFirewallBlack2.png" - ], - "version": "1.0.0", - "title": "Windows Firewall", - "templateRelativePath": "WindowsFirewall.json", - "subtitle": "", - "provider": "Microsoft Sentinel community" - }, - { - "workbookKey": "EventAnalyzerwWorkbook", - "logoFileName": "Azure_Sentinel.svg", - "description": "The Event Analyzer workbook allows to explore, audit and speed up analysis of Windows Event Logs, including all event details and attributes, such as security, application, system, setup, directory service, DNS and others.", - "dataTypesDependencies": [ - "SecurityEvent" - ], - "dataConnectorsDependencies": [ - "SecurityEvents", - "WindowsSecurityEvents" - ], - "previewImagesFileNames": [ - "EventAnalyzer-Workbook-White.png", - "EventAnalyzer-Workbook-Black.png" - ], - "version": "1.0.0", - "title": "Event Analyzer", - "templateRelativePath": "EventAnalyzer.json", - "subtitle": "", - "provider": "Microsoft Sentinel community" - }, - { - "workbookKey": "ASC-ComplianceandProtection", - "logoFileName": "Azure_Sentinel.svg", - "description": "Gain insight into regulatory compliance, alert trends, security posture, and more with this workbook based on Azure Security Center data.", - "dataTypesDependencies": [ - "SecurityAlert", - "ProtectionStatus", - "SecurityRecommendation", - "SecurityBaseline", - "SecurityBaselineSummary", - "Update", - "ConfigurationChange" - ], - "dataConnectorsDependencies": [ - "AzureSecurityCenter" - ], - "previewImagesFileNames": [ - "ASCCaPBlack.png", - "ASCCaPWhite.png" - ], - "version": "1.2.0", - "title": "ASC Compliance and Protection", - "templateRelativePath": "ASC-ComplianceandProtection.json", - "subtitle": "", - "provider": "Microsoft Sentinel community", - "support": { - "tier": "Community" - }, - "author": { - "name": "Matt Lowe" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ - "Security - Cloud Security" - ] - } - }, - { - "workbookKey": "AIVectraDetectWorkbook", - "logoFileName": "AIVectraDetect.svg", - "description": "Start investigating network attacks surfaced by Vectra Detect directly from Sentinel. View critical hosts, accounts, campaigns and detections. Also monitor Vectra system health and audit logs.", - "dataTypesDependencies": [ - "CommonSecurityLog" - ], - "dataConnectorsDependencies": [ - "AIVectraDetect", - "CefAma" - ], - "previewImagesFileNames": [ - "AIVectraDetectWhite1.png", - "AIVectraDetectBlack1.png" - ], - "version": "1.1.1", - "title": "Vectra AI Detect", - "templateRelativePath": "AIVectraDetectWorkbook.json", - "subtitle": "", - "provider": "Vectra AI" - }, - { - "workbookKey": "Perimeter81OverviewWorkbook", - "logoFileName": "Perimeter81_Logo.svg", - "description": "Gain insights and comprehensive monitoring into your Perimeter 81 account by analyzing activities.", - "dataTypesDependencies": [ - "Perimeter81_CL" - ], - "dataConnectorsDependencies": [ - "Perimeter81ActivityLogs" - ], - "previewImagesFileNames": [ - "Perimeter81OverviewWhite1.png", - "Perimeter81OverviewBlack1.png", - "Perimeter81OverviewWhite2.png", - "Perimeter81OverviewBlack2.png" - ], - "version": "1.0.0", - "title": "Perimeter 81 Overview", - "templateRelativePath": "Perimeter81OverviewWorkbook.json", - "subtitle": "", - "provider": "Perimeter 81" - }, - { - "workbookKey": "SymantecProxySGWorkbook", - "logoFileName": "symantec_logo.svg", - "description": "Gain insight into Symantec ProxySG by analyzing, collecting and correlating proxy data.\nThis workbook provides visibility into ProxySG Access logs", - "dataTypesDependencies": [ - "Syslog" - ], - "dataConnectorsDependencies": [ - "SymantecProxySG", - "SyslogAma" - ], - "previewImagesFileNames": [ - "SymantecProxySGWhite.png", - "SymantecProxySGBlack.png" - ], - "version": "1.0.0", - "title": "Symantec ProxySG", - "templateRelativePath": "SymantecProxySG.json", - "subtitle": "", - "provider": "Symantec" - }, - { - "workbookKey": "IllusiveASMWorkbook", - "logoFileName": "illusive_logo_workbook.svg", - "description": "Gain insights into your organization's Cyber Hygiene and Attack Surface risk.\nIllusive ASM automates discovery and clean-up of credential violations, allows drill-down inspection of pathways to critical assets, and provides risk insights that inform intelligent decision-making to reduce attacker mobility.", - "dataTypesDependencies": [ - "CommonSecurityLog" - ], - "dataConnectorsDependencies": [ - "illusiveAttackManagementSystem", - "illusiveAttackManagementSystemAma", - "CefAma" - ], - "previewImagesFileNames": [ - "IllusiveASMWhite.png", - "IllusiveASMBlack.png" - ], - "version": "1.0.0", - "title": "Illusive ASM Dashboard", - "templateRelativePath": "IllusiveASM.json", - "subtitle": "", - "provider": "Illusive" - }, - { - "workbookKey": "IllusiveADSWorkbook", - "logoFileName": "illusive_logo_workbook.svg", - "description": "Gain insights into unauthorized lateral movement in your organization's network.\nIllusive ADS is designed to paralyzes attackers and eradicates in-network threats by creating a hostile environment for the attackers across all the layers of the attack surface.", - "dataTypesDependencies": [ - "CommonSecurityLog" - ], - "dataConnectorsDependencies": [ - "illusiveAttackManagementSystem", - "illusiveAttackManagementSystemAma", - "CefAma" - ], - "previewImagesFileNames": [ - "IllusiveADSWhite.png", - "IllusiveADSBlack.png" - ], - "version": "1.0.0", - "title": "Illusive ADS Dashboard", - "templateRelativePath": "IllusiveADS.json", - "subtitle": "", - "provider": "Illusive" - }, - { - "workbookKey": "PulseConnectSecureWorkbook", - "logoFileName": "Azure_Sentinel.svg", - "description": "Gain insight into Pulse Secure VPN by analyzing, collecting and correlating vulnerability data.\nThis workbook provides visibility into user VPN activities", - "dataTypesDependencies": [ - "Syslog" - ], - "dataConnectorsDependencies": [ - "PulseConnectSecure", - "SyslogAma" - ], - "previewImagesFileNames": [ - "PulseConnectSecureWhite.png", - "PulseConnectSecureBlack.png" - ], - "version": "1.0.0", - "title": "Pulse Connect Secure", - "templateRelativePath": "PulseConnectSecure.json", - "subtitle": "", - "provider": "Pulse Secure" - }, - { - "workbookKey": "InfobloxNIOSWorkbook", - "logoFileName": "infoblox_logo.svg", - "description": "Gain insight into Infoblox NIOS by analyzing, collecting and correlating DHCP and DNS data.\nThis workbook provides visibility into DHCP and DNS traffic", - "dataTypesDependencies": [ - "Syslog" - ], - "dataConnectorsDependencies": [ - "InfobloxNIOS", - "SyslogAma" - ], - "previewImagesFileNames": [ - "InfobloxNIOSWhite.png", - "InfobloxNIOSBlack.png" - ], - "version": "1.1.0", - "title": "Infoblox NIOS", - "templateRelativePath": "Infoblox-Workbook-V2.json", - "subtitle": "", - "provider": "Infoblox" - }, - { - "workbookKey": "SymantecVIPWorkbook", - "logoFileName": "symantec_logo.svg", - "description": "Gain insight into Symantec VIP by analyzing, collecting and correlating strong authentication data.\nThis workbook provides visibility into user authentications", - "dataTypesDependencies": [ - "Syslog" - ], - "dataConnectorsDependencies": [ - "SymantecVIP", - "SyslogAma" - ], - "previewImagesFileNames": [ - "SymantecVIPWhite.png", - "SymantecVIPBlack.png" - ], - "version": "1.0.0", - "title": "Symantec VIP", - "templateRelativePath": "SymantecVIP.json", - "subtitle": "", - "provider": "Symantec" - }, - { - "workbookKey": "ProofPointTAPWorkbook", - "logoFileName": "proofpointlogo.svg", - "description": "Gain extensive insight into Proofpoint Targeted Attack Protection (TAP) by analyzing, collecting and correlating TAP log events.\nThis workbook provides visibility into message and click events that were permitted, delivered, or blocked", - "dataTypesDependencies": [ - "ProofPointTAPMessagesBlocked_CL", - "ProofPointTAPMessagesDelivered_CL", - "ProofPointTAPClicksPermitted_CL", - "ProofPointTAPClicksBlocked_CL" - ], - "dataConnectorsDependencies": [ - "ProofpointTAP" - ], - "previewImagesFileNames": [ - "ProofpointTAPWhite.png", - "ProofpointTAPBlack.png" - ], - "version": "1.0.0", - "title": "Proofpoint TAP", - "templateRelativePath": "ProofpointTAP.json", - "subtitle": "", - "provider": "Proofpoint" - }, - { - "workbookKey": "QualysVMWorkbook", - "logoFileName": "qualys_logo.svg", - "description": "Gain insight into Qualys Vulnerability Management by analyzing, collecting and correlating vulnerability data.\nThis workbook provides visibility into vulnerabilities detected from vulnerability scans", - "dataTypesDependencies": [ - "QualysHostDetection_CL" - ], - "dataConnectorsDependencies": [ - "QualysVulnerabilityManagement" - ], - "previewImagesFileNames": [ - "QualysVMWhite.png", - "QualysVMBlack.png" - ], - "version": "1.0.0", - "title": "Qualys Vulnerability Management", - "templateRelativePath": "QualysVM.json", - "subtitle": "", - "provider": "Qualys" - }, - { - "workbookKey": "QualysVMV2Workbook", - "logoFileName": "qualys_logo.svg", - "description": "Gain insight into Qualys Vulnerability Management by analyzing, collecting and correlating vulnerability data.\nThis workbook provides visibility into vulnerabilities detected from vulnerability scans", - "dataTypesDependencies": [ - "QualysHostDetectionV2_CL" - ], - "dataConnectorsDependencies": [ - "QualysVulnerabilityManagement" - ], - "previewImagesFileNames": [ - "QualysVMWhite.png", - "QualysVMBlack.png" - ], - "version": "1.0.0", - "title": "Qualys Vulnerability Management", - "templateRelativePath": "QualysVMv2.json", - "subtitle": "", - "provider": "Qualys" - }, - { - "workbookKey": "GitHubSecurity", - "logoFileName": "GitHub.svg", - "description": "Gain insights to GitHub activities that may be interesting for security.", - "dataTypesDependencies": [ - "Github_CL", - "GitHubRepoLogs_CL" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "GitHubSecurityWhite.png", - "GitHubSecurityBlack.png" - ], - "version": "1.0.0", - "title": "GitHub Security", - "templateRelativePath": "GitHubSecurityWorkbook.json", - "subtitle": "", - "provider": "Microsoft Sentinel community" - }, - { - "workbookKey": "VisualizationDemo", - "logoFileName": "Azure_Sentinel.svg", - "description": "Learn and explore the many ways of displaying information within Microsoft Sentinel workbooks", - "dataTypesDependencies": [ - "SecurityAlert" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "VisualizationDemoBlack.png", - "VisualizationDemoWhite.png" - ], - "version": "1.0.0", - "title": "Visualizations Demo", - "templateRelativePath": "VisualizationDemo.json", - "subtitle": "", - "provider": "Microsoft Sentinel Community", - "support": { - "tier": "Community" - }, - "author": { - "name": "Matt Lowe" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ - "Platform" - ] - } - }, - { - "workbookKey": "SophosXGFirewallWorkbook", - "logoFileName": "sophos_logo.svg", - "description": "Gain insight into Sophos XG Firewall by analyzing, collecting and correlating firewall data.\nThis workbook provides visibility into network traffic", - "dataTypesDependencies": [ - "Syslog" - ], - "dataConnectorsDependencies": [ - "SophosXGFirewall", - "SyslogAma" - ], - "previewImagesFileNames": [ - "SophosXGFirewallWhite.png", - "SophosXGFirewallBlack.png" - ], - "version": "1.0.0", - "title": "Sophos XG Firewall", - "templateRelativePath": "SophosXGFirewall.json", - "subtitle": "", - "provider": "Sophos" - }, - { - "workbookKey": "SysmonThreatHuntingWorkbook", - "logoFileName": "sysmonthreathunting_logo.svg", - "description": "Simplify your threat hunts using Sysmon data mapped to MITRE ATT&CK data. This workbook gives you the ability to drilldown into system activity based on known ATT&CK techniques as well as other threat hunting entry points such as user activity, network connections or virtual machine Sysmon events.\nPlease note that for this workbook to work you must have deployed Sysmon on your virtual machines in line with the instructions at https://github.com/BlueTeamLabs/sentinel-attack/wiki/Onboarding-sysmon-data-to-Azure-Sentinel", - "dataTypesDependencies": [ - "Event" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "SysmonThreatHuntingWhite1.png", - "SysmonThreatHuntingBlack1.png" - ], - "version": "1.4.0", - "title": "Sysmon Threat Hunting", - "templateRelativePath": "SysmonThreatHunting.json", - "subtitle": "", - "provider": "Microsoft Sentinel community", - "support": { - "tier": "Community" - }, - "author": { - "name": "Edoardo Gerosa" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ - "Security - Threat Protection", - "Application" - ] - } - }, - { - "workbookKey": "WebApplicationFirewallWAFTypeEventsWorkbook", - "logoFileName": "webapplicationfirewall(WAF)_logo.svg", - "description": "Gain insights into your organization's Azure web application firewall (WAF) across various services such as Azure Front Door Service and Application Gateway. You can view event triggers, full messages, attacks over time, among other data. Several aspects of the workbook are interactable to allow users to further understand their data", - "dataTypesDependencies": [ - "AzureDiagnostics" - ], - "dataConnectorsDependencies": [ - "WAF" - ], - "previewImagesFileNames": [ - "WAFFirewallWAFTypeEventsBlack1.PNG", - "WAFFirewallWAFTypeEventsBlack2.PNG", - "WAFFirewallWAFTypeEventsBlack3.PNG", - "WAFFirewallWAFTypeEventsBlack4.PNG", - "WAFFirewallWAFTypeEventsWhite1.png", - "WAFFirewallWAFTypeEventsWhite2.PNG", - "WAFFirewallWAFTypeEventsWhite3.PNG", - "WAFFirewallWAFTypeEventsWhite4.PNG" - ], - "version": "1.1.0", - "title": "Microsoft Web Application Firewall (WAF) - Azure WAF", - "templateRelativePath": "WebApplicationFirewallWAFTypeEvents.json", - "subtitle": "", - "provider": "Microsoft" - }, - { - "workbookKey": "OrcaAlertsOverviewWorkbook", - "logoFileName": "Orca_logo.svg", - "description": "A visualized overview of Orca security alerts.\nExplore, analize and learn about your security posture using Orca alerts Overview", - "dataTypesDependencies": [ - "OrcaAlerts_CL" - ], - "dataConnectorsDependencies": [ - "OrcaSecurityAlerts" - ], - "previewImagesFileNames": [ - "OrcaAlertsWhite.png", - "OrcaAlertsBlack.png" - ], - "version": "1.1.0", - "title": "Orca alerts overview", - "templateRelativePath": "OrcaAlerts.json", - "subtitle": "", - "provider": "Orca Security" - }, - { - "workbookKey": "CyberArkWorkbook", - "logoFileName": "CyberArk_Logo.svg", - "description": "The CyberArk Syslog connector allows you to easily connect all your CyberArk security solution logs with your Microsoft Sentinel, to view dashboards, create custom alerts, and improve investigation. Integration between CyberArk and Microsoft Sentinel makes use of the CEF Data Connector to properly parse and display CyberArk Syslog messages.", - "dataTypesDependencies": [ - "CommonSecurityLog" - ], - "dataConnectorsDependencies": [ - "CyberArk", - "CyberArkAma", - "CefAma" - ], - "previewImagesFileNames": [ - "CyberArkActivitiesWhite.PNG", - "CyberArkActivitiesBlack.PNG" - ], - "version": "1.1.0", - "title": "CyberArk EPV Events", - "templateRelativePath": "CyberArkEPV.json", - "subtitle": "", - "provider": "CyberArk" - }, - { - "workbookKey": "UserEntityBehaviorAnalyticsWorkbook", - "logoFileName": "Azure_Sentinel.svg", - "description": "Identify compromised users and insider threats using User and Entity Behavior Analytics. Gain insights into anomalous user behavior from baselines learned from behavior patterns", - "dataTypesDependencies": [ - "Anomalies" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "UserEntityBehaviorAnalyticsBlack2.png", - "UserEntityBehaviorAnalyticsWhite2.png" - ], - "version": "2.0", - "title": "User And Entity Behavior Analytics", - "templateRelativePath": "UserEntityBehaviorAnalytics.json", - "subtitle": "", - "provider": "Microsoft", - "support": { - "tier": "Microsoft" - }, - "author": { - "name": "Microsoft Corporation" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ - "User Behavior (UEBA)" - ] - } - }, - { - "workbookKey": "CitrixWAF", - "logoFileName": "citrix_logo.svg", - "description": "Gain insight into the Citrix WAF logs", - "dataTypesDependencies": [ - "CommonSecurityLog" - ], - "dataConnectorsDependencies": [ - "CitrixWAF", - "CitrixWAFAma", - "CefAma" - ], - "previewImagesFileNames": [ - "CitrixWAFBlack.png", - "CitrixWAFWhite.png" - ], - "version": "1.0.0", - "title": "Citrix WAF (Web App Firewall)", - "templateRelativePath": "CitrixWAF.json", - "subtitle": "", - "provider": "Citrix Systems Inc." - }, - { - "workbookKey": "UnifiSGWorkbook", - "logoFileName": "Azure_Sentinel.svg", - "description": "Gain insights into Unifi Security Gateways analyzing traffic and activities.", - "dataTypesDependencies": [ - "CommonSecurityLog" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "UnifiSGBlack.png", - "UnifiSGWhite.png" - ], - "version": "1.0.0", - "title": "Unifi Security Gateway", - "templateRelativePath": "UnifiSG.json", - "subtitle": "", - "provider": "Microsoft Sentinel community", - "support": { - "tier": "Community" - }, - "author": { - "name": "SecurityJedi" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ - "Security - Network" - ] - } - }, - { - "workbookKey": "UnifiSGNetflowWorkbook", - "logoFileName": "Azure_Sentinel.svg", - "description": "Gain insights into Unifi Security Gateways analyzing traffic and activities using Netflow.", - "dataTypesDependencies": [ - "netflow_CL" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "UnifiSGNetflowBlack.png", - "UnifiSGNetflowWhite.png" - ], - "version": "1.0.0", - "title": "Unifi Security Gateway - NetFlow", - "templateRelativePath": "UnifiSGNetflow.json", - "subtitle": "", - "provider": "Microsoft Sentinel community", - "support": { - "tier": "Community" - }, - "author": { - "name": "SecurityJedi" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ - "Security - Network" - ] - } - }, - { - "workbookKey": "NormalizedNetworkEventsWorkbook", - "logoFileName": "Azure_Sentinel.svg", - "description": "See insights on multiple networking appliances and other network sessions, that have been parsed or mapped to the normalized networking sessions table. Note this requires enabling parsers for the different products - to learn more, visit https://aka.ms/sentinelnormalizationdocs", - "dataTypesDependencies": [], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "NormalizedNetworkEventsWhite.png", - "NormalizedNetworkEventsBlack.png" - ], - "version": "1.0.0", - "title": "Normalized network events", - "templateRelativePath": "NormalizedNetworkEvents.json", - "subtitle": "", - "provider": "Microsoft", - "support": { - "tier": "Community" - }, - "author": { - "name": "yoav fransis" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ - "Networking" - ] - } - }, - { - "workbookKey": "WorkspaceAuditingWorkbook", - "logoFileName": "Azure_Sentinel.svg", - "description": "Workspace auditing report\r\nUse this report to understand query runs across your workspace.", - "dataTypesDependencies": [ - "LAQueryLogs" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "WorkspaceAuditingWhite.png", - "WorkspaceAuditingBlack.png" - ], - "version": "1.0.0", - "title": "Workspace audit", - "templateRelativePath": "WorkspaceAuditing.json", - "subtitle": "", - "provider": "Microsoft Sentinel community", - "support": { - "tier": "Community" - }, - "author": { - "name": "Sarah Young" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ - "IT Operations" - ] - } - }, - { - "workbookKey": "MITREATTACKWorkbook", - "logoFileName": "Azure_Sentinel.svg", - "description": "Workbook to showcase MITRE ATT&CK Coverage for Microsoft Sentinel", - "dataTypesDependencies": [ - "SecurityAlert" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "MITREATTACKWhite1.PNG", - "MITREATTACKWhite2.PNG", - "MITREATTACKBlack1.PNG", - "MITREATTACKBlack2.PNG" - ], - "version": "1.0.1", - "title": "MITRE ATT&CK Workbook", - "templateRelativePath": "MITREAttack.json", - "subtitle": "", - "provider": "Microsoft Sentinel community" - }, - { - "workbookKey": "BETTERMTDWorkbook", - "logoFileName": "BETTER_MTD_logo.svg", - "description": "Workbook using the BETTER Mobile Threat Defense (MTD) connector, to give insights into your mobile devices, installed application and overall device security posture.", - "dataTypesDependencies": [ - "BetterMTDDeviceLog_CL", - "BetterMTDAppLog_CL", - "BetterMTDIncidentLog_CL", - "BetterMTDNetflowLog_CL" - ], - "dataConnectorsDependencies": [ - "BetterMTD" - ], - "previewImagesFileNames": [ - "BetterMTDWorkbookPreviewWhite1.png", - "BetterMTDWorkbookPreviewWhite2.png", - "BetterMTDWorkbookPreviewWhite3.png", - "BetterMTDWorkbookPreviewBlack1.png", - "BetterMTDWorkbookPreviewBlack2.png", - "BetterMTDWorkbookPreviewBlack3.png" - ], - "version": "1.1.0", - "title": "BETTER Mobile Threat Defense (MTD)", - "templateRelativePath": "BETTER_MTD_Workbook.json", - "subtitle": "", - "provider": "BETTER Mobile" - }, - { - "workbookKey": "AlsidIoEWorkbook", - "logoFileName": "Alsid.svg", - "description": "Workbook showcasing the state and evolution of your Alsid for AD Indicators of Exposures alerts.", - "dataTypesDependencies": [ - "AlsidForADLog_CL" - ], - "dataConnectorsDependencies": [ - "AlsidForAD" - ], - "previewImagesFileNames": [ - "AlsidIoEBlack1.png", - "AlsidIoEBlack2.png", - "AlsidIoEBlack3.png", - "AlsidIoEWhite1.png", - "AlsidIoEWhite2.png", - "AlsidIoEWhite3.png" - ], - "version": "1.0.0", - "title": "Alsid for AD | Indicators of Exposure", - "templateRelativePath": "AlsidIoE.json", - "subtitle": "", - "provider": "Alsid" - }, - { - "workbookKey": "AlsidIoAWorkbook", - "logoFileName": "Alsid.svg", - "description": "Workbook showcasing the state and evolution of your Alsid for AD Indicators of Attack alerts.", - "dataTypesDependencies": [ - "AlsidForADLog_CL" - ], - "dataConnectorsDependencies": [ - "AlsidForAD" - ], - "previewImagesFileNames": [ - "AlsidIoABlack1.png", - "AlsidIoABlack2.png", - "AlsidIoABlack3.png", - "AlsidIoAWhite1.png", - "AlsidIoAWhite2.png", - "AlsidIoAWhite3.png" - ], - "version": "1.0.0", - "title": "Alsid for AD | Indicators of Attack", - "templateRelativePath": "AlsidIoA.json", - "subtitle": "", - "provider": "Alsid" - }, - { - "workbookKey": "InvestigationInsightsWorkbook", - "logoFileName": "Microsoft_logo.svg", - "description": "Help analysts gain insight into incident, bookmark and entity data through the Investigation Insights Workbook. This workbook provides common queries and detailed visualizations to help an analyst investigate suspicious activities quickly with an easy to use interface. Analysts can start their investigation from a Microsoft Sentinel incident, bookmark, or by simply entering the entity data into the workbook manually.", - "dataTypesDependencies": [ - "AuditLogs", - "AzureActivity", - "CommonSecurityLog", - "OfficeActivity", - "SecurityEvent", - "SigninLogs", - "ThreatIntelligenceIndicator" - ], - "dataConnectorsDependencies": [ - "AzureActivity", - "SecurityEvents", - "Office365", - "AzureActiveDirectory", - "ThreatIntelligence", - "ThreatIntelligenceTaxii", - "WindowsSecurityEvents" - ], - "previewImagesFileNames": [ - "InvestigationInsightsWhite1.png", - "InvestigationInsightsBlack1.png", - "InvestigationInsightsWhite2.png", - "InvestigationInsightsBlack2.png" - ], - "version": "1.4.1", - "title": "Investigation Insights", - "templateRelativePath": "InvestigationInsights.json", - "subtitle": "", - "provider": "Microsoft Sentinel community" - }, - { - "workbookKey": "AksSecurityWorkbook", - "logoFileName": "Kubernetes_services.svg", - "description": "See insights about the security of your AKS clusters. The workbook helps to identify sensitive operations in the clusters and get insights based on Azure Defender alerts.", - "dataTypesDependencies": [ - "SecurityAlert", - "AzureDiagnostics" - ], - "dataConnectorsDependencies": [ - "AzureSecurityCenter", - "AzureKubernetes" - ], - "previewImagesFileNames": [ - "AksSecurityWhite.png", - "AksSecurityBlack.png" - ], - "version": "1.5.0", - "title": "Azure Kubernetes Service (AKS) Security", - "templateRelativePath": "AksSecurity.json", - "subtitle": "", - "provider": "Microsoft" - }, - { - "workbookKey": "AzureKeyVaultWorkbook", - "logoFileName": "KeyVault.svg", - "description": "See insights about the security of your Azure key vaults. The workbook helps to identify sensitive operations in the key vaults and get insights based on Azure Defender alerts.", - "dataTypesDependencies": [ - "SecurityAlert", - "AzureDiagnostics" - ], - "dataConnectorsDependencies": [ - "AzureSecurityCenter", - "AzureKeyVault" - ], - "previewImagesFileNames": [ - "AkvSecurityWhite.png", - "AkvSecurityBlack.png" - ], - "version": "1.1.0", - "title": "Azure Key Vault Security", - "templateRelativePath": "AzureKeyVaultWorkbook.json", - "subtitle": "", - "provider": "Microsoft" - }, - { - "workbookKey": "IncidentOverview", - "logoFileName": "Azure_Sentinel.svg", - "description": "The Incident Overview workbook is designed to assist in triaging and investigation by providing in-depth information about the incident, including:\r\n* General information\r\n* Entity data\r\n* Triage time (time between incident creation and first response)\r\n* Mitigation time (time between incident creation and closing)\r\n* Comments\r\n\r\nCustomize this workbook by saving and editing it. \r\nYou can reach this workbook template from the incidents panel as well. Once you have customized it, the link from the incident panel will open the customized workbook instead of the template.\r\n", - "dataTypesDependencies": [ - "SecurityAlert", - "SecurityIncident" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "IncidentOverviewBlack1.png", - "IncidentOverviewWhite1.png", - "IncidentOverviewBlack2.png", - "IncidentOverviewWhite2.png" - ], - "version": "2.1.0", - "title": "Incident overview", - "templateRelativePath": "IncidentOverview.json", - "subtitle": "", - "provider": "Microsoft" - }, - { - "workbookKey": "SecurityOperationsEfficiency", - "logoFileName": "Azure_Sentinel.svg", - "description": "Security operations center managers can view overall efficiency metrics and measures regarding the performance of their team. They can find operations by multiple indicators over time including severity, MITRE tactics, mean time to triage, mean time to resolve and more. The SOC manager can develop a picture of the performance in both general and specific areas over time and use it to improve efficiency.", - "dataTypesDependencies": [ - "SecurityAlert", - "SecurityIncident" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "SecurityEfficiencyWhite1.png", - "SecurityEfficiencyWhite2.png", - "SecurityEfficiencyBlack1.png", - "SecurityEfficiencyBlack2.png" - ], - "version": "1.5.1", - "title": "Security Operations Efficiency", - "templateRelativePath": "SecurityOperationsEfficiency.json", - "subtitle": "", - "provider": "Microsoft" - }, - { - "workbookKey": "DataCollectionHealthMonitoring", - "logoFileName": "Azure_Sentinel.svg", - "description": "Gain insights into your workspace's data ingestion status. In this workbook, you can view additional monitors and detect anomalies that will help you determine your workspace's data collection health.", - "dataTypesDependencies": [], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "HealthMonitoringWhite1.png", - "HealthMonitoringWhite2.png", - "HealthMonitoringWhite3.png", - "HealthMonitoringBlack1.png", - "HealthMonitoringBlack2.png", - "HealthMonitoringBlack3.png" - ], - "version": "1.0.0", - "title": "Data collection health monitoring", - "templateRelativePath": "DataCollectionHealthMonitoring.json", - "subtitle": "", - "provider": "Microsoft", - "support": { "tier": "Community" }, - "author": { "name": "morshabi" }, - "source": { "kind": "Community" }, - "categories": { "domains": [ "IT Operations", "Platform" ] } - }, - { - "workbookKey": "OnapsisAlarmsWorkbook", - "logoFileName": "onapsis_logo.svg", - "description": "Gain insights into what is going on in your SAP Systems with this overview of the alarms triggered in the Onapsis Platform. Incidents are enriched with context and next steps to help your Security team respond effectively.", - "dataTypesDependencies": [ - "CommonSecurityLog" - ], - "dataConnectorsDependencies": [ - "OnapsisPlatform", - "CefAma" - ], - "previewImagesFileNames": [ - "OnapsisWhite1.PNG", - "OnapsisBlack1.PNG", - "OnapsisWhite2.PNG", - "OnapsisBlack2.PNG" - ], - "version": "1.0.0", - "title": "Onapsis Alarms Overview", - "templateRelativePath": "OnapsisAlarmsOverview.json", - "subtitle": "", - "provider": "Onapsis" - }, - { - "workbookKey": "DelineaWorkbook", - "logoFileName": "DelineaLogo.svg", - "description": "The Delinea Secret Server Syslog connector", - "dataTypesDependencies": [ - "CommonSecurityLog" - ], - "dataConnectorsDependencies": [ - "DelineaSecretServer_CEF", - "DelineaSecretServerAma", - "CefAma" - ], - "previewImagesFileNames": [ - "DelineaWorkbookWhite.PNG", - "DelineaWorkbookBlack.PNG" - ], - "version": "1.0.0", - "title": "Delinea Secret Server Workbook", - "templateRelativePath": "DelineaWorkbook.json", - "subtitle": "", - "provider": "Delinea" - }, - { - "workbookKey": "ForcepointCloudSecurityGatewayWorkbook", - "logoFileName": "Forcepoint_new_logo.svg", - "description": "Use this report to understand query runs across your workspace.", - "dataTypesDependencies": [ - "CommonSecurityLog" - ], - "dataConnectorsDependencies": [ - "ForcepointCSG", - "ForcepointCSGAma", - "CefAma" - ], - "previewImagesFileNames": [ - "ForcepointCloudSecurityGatewayWhite.png", - "ForcepointCloudSecurityGatewayBlack.png" - ], - "version": "1.0.0", - "title": "Forcepoint Cloud Security Gateway Workbook", - "templateRelativePath": "ForcepointCloudSecuirtyGateway.json", - "subtitle": "", - "provider": "Forcepoint" - }, - { - "workbookKey": "IntsightsIOCWorkbook", - "logoFileName": "IntSights_logo.svg", - "description": "This Microsoft Sentinel workbook provides an overview of Indicators of Compromise (IOCs) and their correlations allowing users to analyze and visualize indicators based on severity, type, and other parameters.", - "dataTypesDependencies": [ - "ThreatIntelligenceIndicator", - "SecurityAlert" - ], - "dataConnectorsDependencies": [ - "ThreatIntelligenceTaxii" - ], - "previewImagesFileNames": [ - "IntsightsIOCWhite.png", - "IntsightsMatchedWhite.png", - "IntsightsMatchedBlack.png", - "IntsightsIOCBlack.png" - ], - "version": "2.0.0", - "title": "IntSights IOC Workbook", - "templateRelativePath": "IntsightsIOCWorkbook.json", - "subtitle": "", - "provider": "IntSights Cyber Intelligence" - }, - { - "workbookKey": "DarktraceSummaryWorkbook", - "logoFileName": "Darktrace.svg", - "description": "A workbook containing relevant KQL queries to help you visualise the data in model breaches from the Darktrace Connector", - "dataTypesDependencies": [ - "CommonSecurityLog" - ], - "dataConnectorsDependencies": [ - "Darktrace", - "DarktraceAma", - "CefAma" - ], - "previewImagesFileNames": [ - "AIA-DarktraceSummaryWhite.png", - "AIA-DarktraceSummaryBlack.png" - ], - "version": "1.1.0", - "title": "AI Analyst Darktrace Model Breach Summary", - "templateRelativePath": "AIA-Darktrace.json", - "subtitle": "", - "provider": "Darktrace" - }, - { - "workbookKey": "TrendMicroXDR", - "logoFileName": "trendmicro_logo.svg", - "description": "Gain insights from Trend Vision One with this overview of the Alerts triggered.", - "dataTypesDependencies": [ - "TrendMicro_XDR_WORKBENCH_CL" - ], - "dataConnectorsDependencies": [ - "TrendMicroXDR" - ], - "previewImagesFileNames": [ - "TrendMicroXDROverviewWhite.png", - "TrendMicroXDROverviewBlack.png" - ], - "version": "1.3.0", - "title": "Trend Vision One Alert Overview", - "templateRelativePath": "TrendMicroXDROverview.json", - "subtitle": "", - "provider": "Trend Micro" - }, - { - "workbookKey": "CyberpionOverviewWorkbook", - "logoFileName": "cyberpion_logo.svg", - "description": "Use Cyberpion's Security Logs and this workbook, to get an overview of your online assets, gain insights into their current state, and find ways to better secure your ecosystem.", - "dataTypesDependencies": [ - "CyberpionActionItems_CL" - ], - "dataConnectorsDependencies": [ - "CyberpionSecurityLogs" - ], - "previewImagesFileNames": [ - "CyberpionActionItemsBlack.png", - "CyberpionActionItemsWhite.png" - ], - "version": "1.0.0", - "title": "Cyberpion Overview", - "templateRelativePath": "CyberpionOverviewWorkbook.json", - "subtitle": "", - "provider": "Cyberpion" - }, - { - "workbookKey": "SolarWindsPostCompromiseHuntingWorkbook", - "logoFileName": "MSTIC-Logo.svg", - "description": "This hunting workbook is intended to help identify activity related to the Solorigate compromise and subsequent attacks discovered in December 2020", - "dataTypesDependencies": [ - "CommonSecurityLog", - "SigninLogs", - "AuditLogs", - "AADServicePrincipalSignInLogs", - "OfficeActivity", - "BehaviorAnalytics", - "SecurityEvent", - "DeviceProcessEvents", - "SecurityAlert", - "DnsEvents" - ], - "dataConnectorsDependencies": [ - "AzureActiveDirectory", - "SecurityEvents", - "Office365", - "MicrosoftThreatProtection", - "DNS", - "WindowsSecurityEvents" - ], - "previewImagesFileNames": [ - "SolarWindsPostCompromiseHuntingWhite.png", - "SolarWindsPostCompromiseHuntingBlack.png" - ], - "version": "1.5.1", - "title": "SolarWinds Post Compromise Hunting", - "templateRelativePath": "SolarWindsPostCompromiseHunting.json", - "subtitle": "", - "provider": "Microsoft", - "support": { - "tier": "Microsoft" - }, - "author": { - "name": "Shain" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ "Security - Others" ] - } - }, - { - "workbookKey": "ProofpointPODWorkbook", - "logoFileName": "proofpointlogo.svg", - "description": "Gain insights into your Proofpoint on Demand Email Security activities, including maillog and messages data. The Workbook provides users with an executive dashboard showing the reporting capabilities, message traceability and monitoring.", - "dataTypesDependencies": [ - "ProofpointPOD_maillog_CL", - "ProofpointPOD_message_CL" - ], - "dataConnectorsDependencies": [ - "ProofpointPOD" - ], - "previewImagesFileNames": [ - "ProofpointPODMainBlack1.png", - "ProofpointPODMainBlack2.png", - "ProofpointPODMainWhite1.png", - "ProofpointPODMainWhite2.png", - "ProofpointPODMessageSummaryBlack.png", - "ProofpointPODMessageSummaryWhite.png", - "ProofpointPODTLSBlack.png", - "ProofpointPODTLSWhite.png" - ], - "version": "1.0.0", - "title": "Proofpoint On-Demand Email Security", - "templateRelativePath": "ProofpointPOD.json", - "subtitle": "", - "provider": "Proofpoint" - }, - { - "workbookKey": "CiscoUmbrellaWorkbook", - "logoFileName": "cisco_logo.svg", - "description": "Gain insights into Cisco Umbrella activities, including the DNS, Proxy and Cloud Firewall data. Workbook shows general information along with threat landscape including categories, blocked destinations and URLs.", - "dataTypesDependencies": [ - "Cisco_Umbrella_dns_CL", - "Cisco_Umbrella_proxy_CL", - "Cisco_Umbrella_ip_CL", - "Cisco_Umbrella_cloudfirewall_CL" - ], - "dataConnectorsDependencies": [ - "CiscoUmbrellaDataConnector" - ], - "previewImagesFileNames": [ - "CiscoUmbrellaDNSBlack1.png", - "CiscoUmbrellaDNSBlack2.png", - "CiscoUmbrellaDNSWhite1.png", - "CiscoUmbrellaDNSWhite2.png", - "CiscoUmbrellaFirewallBlack.png", - "CiscoUmbrellaFirewallWhite.png", - "CiscoUmbrellaMainBlack1.png", - "CiscoUmbrellaMainBlack2.png", - "CiscoUmbrellaMainWhite1.png", - "CiscoUmbrellaMainWhite2.png", - "CiscoUmbrellaProxyBlack1.png", - "CiscoUmbrellaProxyBlack2.png", - "CiscoUmbrellaProxyWhite1.png", - "CiscoUmbrellaProxyWhite2.png" - ], - "version": "1.0.0", - "title": "Cisco Umbrella", - "templateRelativePath": "CiscoUmbrella.json", - "subtitle": "", - "provider": "Cisco" - }, - { - "workbookKey": "AnalyticsEfficiencyWorkbook", - "logoFileName": "Azure_Sentinel.svg", - "description": "Gain insights into the efficacy of your analytics rules. In this workbook you can analyze and monitor the analytics rules found in your workspace to achieve better performance by your SOC.", - "dataTypesDependencies": [ - "SecurityAlert", - "SecurityIncident" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "AnalyticsEfficiencyBlack.png", - "AnalyticsEfficiencyWhite.png" - ], - "version": "1.2.0", - "title": "Analytics Efficiency", - "templateRelativePath": "AnalyticsEfficiency.json", - "subtitle": "", - "provider": "Microsoft" - }, - { - "workbookKey": "WorkspaceUsage", - "logoFileName": "Azure_Sentinel.svg", - "description": "Gain insights into your workspace's usage. In this workbook, you can view your workspace's data consumption, latency, recommended tasks and Cost and Usage statistics.", - "dataTypesDependencies": [], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "WorkspaceUsageBlack.png", - "WorkspaceUsageWhite.png" - ], - "version": "1.6.0", - "title": "Workspace Usage Report", - "templateRelativePath": "WorkspaceUsage.json", - "subtitle": "", - "provider": "Microsoft Sentinel community", - "support": { - "tier": "Community" - }, - "author": { - "name": "Clive Watson" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ - "IT Operations" - ] - } - }, - { - "workbookKey": "SentinelCentral", - "logoFileName": "Azure_Sentinel.svg", - "description": "Use this report to view Incident (and Alert data) across many workspaces, this works with Azure Lighthouse and across any subscription you have access to.", - "dataTypesDependencies": [ - "SecurityIncident" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "SentinelCentralBlack.png", - "SentinelCentralWhite.png" - ], - "version": "2.1.1", - "title": "Microsoft Sentinel Central", - "templateRelativePath": "SentinelCentral.json", - "subtitle": "", - "provider": "Microsoft Sentinel community" - }, - { - "workbookKey": "CognniIncidentsWorkbook", - "logoFileName": "cognni-logo.svg", - "description": "Gain intelligent insights into the risks to your important financial, legal, HR, and governance information. This workbook lets you monitor your at-risk information to determine when and why incidents occurred, as well as who was involved. These incidents are broken into high, medium, and low risk incidents for each information category.", - "dataTypesDependencies": [ - "CognniIncidents_CL" - ], - "dataConnectorsDependencies": [ - "CognniSentinelDataConnector" - ], - "previewImagesFileNames": [ - "CognniBlack.PNG", - "CognniWhite.PNG" - ], - "version": "1.0.0", - "title": "Cognni Important Information Incidents", - "templateRelativePath": "CognniIncidentsWorkbook.json", - "subtitle": "", - "provider": "Cognni" - }, - { - "workbookKey": "pfsense", - "logoFileName": "pfsense_logo.svg", - "description": "Gain insights into pfsense logs from both filterlog and nginx.", - "dataTypesDependencies": [ - "CommonSecurityLog" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "pfsenseBlack.png", - "pfsenseWhite.png" - ], - "version": "1.0.0", - "title": "pfsense", - "templateRelativePath": "pfsense.json", - "subtitle": "", - "provider": "Microsoft Sentinel community", - "support": { - "tier": "Community" - }, - "author": { - "name": "dicolanl" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ - "Security - Network" - ] - } - }, - { - "workbookKey": "ExchangeCompromiseHunting", - "logoFileName": "MSTIC-Logo.svg", - "description": "This workbook is intended to help defenders in responding to the Exchange Server vulnerabilities disclosed in March 2021, as well as hunting for potential compromise activity. More details on these vulnearbilities can be found at: https://aka.ms/exchangevulns", - "dataTypesDependencies": [ - "SecurityEvent", - "W3CIISLog" - ], - "dataConnectorsDependencies": [ - "SecurityEvents", - "AzureMonitor(IIS)", - "WindowsSecurityEvents" - ], - "previewImagesFileNames": [ - "ExchangeBlack.png", - "ExchangeWhite.png" - ], - "version": "1.0.0", - "title": "Exchange Compromise Hunting", - "templateRelativePath": "ExchangeCompromiseHunting.json", - "subtitle": "", - "provider": "Microsoft", - "support": { - "tier": "Community" - }, - "author": { - "name": "Pete Bryan" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ - "Security - Threat Protection" - ] - } - }, - { - "workbookKey": "SOCProcessFramework", - "logoFileName": "Azure_Sentinel.svg", - "description": "Built by Microsoft's Sentinel GBB's - This workbook contains years of SOC Best Practices and is intended to help SOCs mature and leverage industry standards in Operationalizing their SOC in using Microsoft Sentinel. It contains Processes and Procedures every SOC should consider and builds a high level of operational excellence.", - "dataTypesDependencies": [], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "SOCProcessFrameworkCoverImage1White.png", - "SOCProcessFrameworkCoverImage1Black.png", - "SOCProcessFrameworkCoverImage2White.png", - "SOCProcessFrameworkCoverImage2Black.png" - ], - "version": "1.1.0", - "title": "SOC Process Framework", - "templateRelativePath": "SOCProcessFramework.json", - "subtitle": "", - "provider": "Microsoft Sentinel Community" - }, - { - "workbookKey": "Building_a_SOCLargeStaffWorkbook", - "logoFileName": "Azure_Sentinel.svg", - "description": "Built by Microsoft's Sentinel GBB's - This workbook contains years of SOC Best Practices and is intended to help SOCs mature and leverage industry standards in Operationalizing their SOC in using Microsoft Sentinel. It contains Processes and Procedures every SOC should consider and builds a high level of operational excellence.", - "dataTypesDependencies": [], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "SOCProcessFrameworkCoverImage1White.png", - "SOCProcessFrameworkCoverImage1Black.png", - "SOCProcessFrameworkCoverImage2White.png", - "SOCProcessFrameworkCoverImage2Black.png" - ], - "version": "1.1.0", - "title": "SOC Large Staff", - "templateRelativePath": "Building_a_SOCLargeStaff.json", - "subtitle": "", - "provider": "Microsoft Sentinel Community" -}, -{ - "workbookKey": "Building_a_SOCMediumStaffWorkbook", - "logoFileName": "Azure_Sentinel.svg", - "description": "Built by Microsoft's Sentinel GBB's - This workbook contains years of SOC Best Practices and is intended to help SOCs mature and leverage industry standards in Operationalizing their SOC in using Microsoft Sentinel. It contains Processes and Procedures every SOC should consider and builds a high level of operational excellence.", - "dataTypesDependencies": [], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "SOCProcessFrameworkCoverImage1White.png", - "SOCProcessFrameworkCoverImage1Black.png", - "SOCProcessFrameworkCoverImage2White.png", - "SOCProcessFrameworkCoverImage2Black.png" - ], - "version": "1.1.0", - "title": "SOC Medium Staff", - "templateRelativePath": "Building_a_SOCMediumStaff.json", - "subtitle": "", - "provider": "Microsoft Sentinel Community" -}, -{ - "workbookKey": "Building_a_SOCPartTimeStaffWorkbook", - "logoFileName": "Azure_Sentinel.svg", - "description": "Built by Microsoft's Sentinel GBB's - This workbook contains years of SOC Best Practices and is intended to help SOCs mature and leverage industry standards in Operationalizing their SOC in using Microsoft Sentinel. It contains Processes and Procedures every SOC should consider and builds a high level of operational excellence.", - "dataTypesDependencies": [], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "SOCProcessFrameworkCoverImage1White.png", - "SOCProcessFrameworkCoverImage1Black.png", - "SOCProcessFrameworkCoverImage2White.png", - "SOCProcessFrameworkCoverImage2Black.png" - ], - "version": "1.1.0", - "title": "SOC Part Time Staff", - "templateRelativePath": "Building_a_SOCPartTimeStaff.json", - "subtitle": "", - "provider": "Microsoft Sentinel Community" -}, -{ - "workbookKey": "Building_a_SOCSmallStaffWorkbook", - "logoFileName": "Azure_Sentinel.svg", - "description": "Built by Microsoft's Sentinel GBB's - This workbook contains years of SOC Best Practices and is intended to help SOCs mature and leverage industry standards in Operationalizing their SOC in using Microsoft Sentinel. It contains Processes and Procedures every SOC should consider and builds a high level of operational excellence.", - "dataTypesDependencies": [], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "SOCProcessFrameworkCoverImage1White.png", - "SOCProcessFrameworkCoverImage1Black.png", - "SOCProcessFrameworkCoverImage2White.png", - "SOCProcessFrameworkCoverImage2Black.png" - ], - "version": "1.1.0", - "title": "SOC Small Staff", - "templateRelativePath": "Building_a_SOCSmallStaff.json", - "subtitle": "", - "provider": "Microsoft Sentinel Community" -}, -{ - "workbookKey": "SOCIRPlanningWorkbook", - "logoFileName": "Azure_Sentinel.svg", - "description": "Built by Microsoft's Sentinel GBB's - This workbook contains years of SOC Best Practices and is intended to help SOCs mature and leverage industry standards in Operationalizing their SOC in using Microsoft Sentinel. It contains Processes and Procedures every SOC should consider and builds a high level of operational excellence.", - "dataTypesDependencies": [], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "SOCProcessFrameworkCoverImage1White.png", - "SOCProcessFrameworkCoverImage1Black.png", - "SOCProcessFrameworkCoverImage2White.png", - "SOCProcessFrameworkCoverImage2Black.png" - ], - "version": "1.1.0", - "title": "SOC IR Planning", - "templateRelativePath": "SOCIRPlanning.json", - "subtitle": "", - "provider": "Microsoft Sentinel Community" -}, -{ - "workbookKey": "UpdateSOCMaturityScoreWorkbook", - "logoFileName": "Azure_Sentinel.svg", - "description": "Built by Microsoft's Sentinel GBB's - This workbook contains years of SOC Best Practices and is intended to help SOCs mature and leverage industry standards in Operationalizing their SOC in using Microsoft Sentinel. It contains Processes and Procedures every SOC should consider and builds a high level of operational excellence.", - "dataTypesDependencies": [], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "SOCProcessFrameworkCoverImage1White.png", - "SOCProcessFrameworkCoverImage1Black.png", - "SOCProcessFrameworkCoverImage2White.png", - "SOCProcessFrameworkCoverImage2Black.png" - ], - "version": "1.1.0", - "title": "Update SOC Maturity Score", - "templateRelativePath": "UpdateSOCMaturityScore.json", - "subtitle": "", - "provider": "Microsoft Sentinel Community" -}, - { - "workbookKey": "Microsoft365SecurityPosture", - "logoFileName": "M365securityposturelogo.svg", - "description": "This workbook presents security posture data collected from Azure Security Center, M365 Defender, Defender for Endpoint, and Microsoft Cloud App Security. This workbook relies on the M365 Security Posture Playbook in order to bring the data in.", - "dataTypesDependencies": [ - "M365SecureScore_CL", - "MDfESecureScore_CL", - "MDfEExposureScore_CL", - "MDfERecommendations_CL", - "MDfEVulnerabilitiesList_CL", - "McasShadowItReporting" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "M365securitypostureblack.png", - "M365securityposturewhite.png" - ], - "version": "1.0.0", - "title": "Microsoft 365 Security Posture", - "templateRelativePath": "M365SecurityPosture.json", - "subtitle": "", - "provider": "Microsoft Sentinel Community", - "support": { - "tier": "Community" - }, - "author": { - "name": "Matt Lowe" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ - "Security - Others" - ] - } - }, - { - "workbookKey": "AzureSentinelCost", - "logoFileName": "Azure_Sentinel.svg", - "description": "This workbook provides an estimated cost across the main billed items in Microsoft Sentinel: ingestion, retention and automation. It also provides insight about the possible impact of the Microsoft 365 E5 offer.", - "dataTypesDependencies": [ - "Usage" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "AzureSentinelCostWhite.png", - "AzureSentinelCostBlack.png" - ], - "version": "1.5.1", - "title": "Microsoft Sentinel Cost", - "templateRelativePath": "AzureSentinelCost.json", - "subtitle": "", - "provider": "Microsoft Sentinel Community" - }, - { - "workbookKey": "ADXvsLA", - "logoFileName": "Azure_Sentinel.svg", - "description": "This workbook shows the tables from Microsoft Sentinel which are backed up in ADX. It also provides a comparison between the entries in the Microsoft Sentinel tables and the ADX tables. Lastly some general information about the queries and ingestion on ADX is shown.", - "dataTypesDependencies": [], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "ADXvsLABlack.PNG", - "ADXvsLAWhite.PNG" - ], - "version": "1.0.0", - "title": "ADXvsLA", - "templateRelativePath": "ADXvsLA.json", - "subtitle": "", - "provider": "Microsoft Sentinel Community", - "support": { - "tier": "Community" - }, - "author": { - "name": "Naomi" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ - "Platform" - ] - } - }, - { - "workbookKey": "MicrosoftDefenderForOffice365", - "logoFileName": "office365_logo.svg", - "description": "Gain insights into your Microsoft Defender for Office 365 raw data logs. This workbook lets you look at trends in email senders, attachments and embedded URL data to find anomalies. You can also search by, sender, recipient, subject, attachment or embedded URL to find where the related messages have been sent.", - "dataTypesDependencies": [ - "EmailEvents", - "EmailUrlInfo", - "EmailAttachmentInfo" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "MDOWhite1.png", - "MDOBlack1.png", - "MDOWhite2.png", - "MDOBlack2.png" - ], - "version": "1.0.0", - "title": "Microsoft Defender For Office 365", - "templateRelativePath": "MicrosoftDefenderForOffice365.json", - "subtitle": "", - "provider": "Microsoft Sentinel Community", - "support": { - "tier": "Community" - }, - "author": { - "name": "Brian Delaney" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ "Security - Others" ] - } - }, - { - "workbookKey": "ProofPointThreatDashboard", - "logoFileName": "proofpointlogo.svg", - "description": "Provides an overview of email threat activity based on log data provided by ProofPoint", - "dataTypesDependencies": [ - "ProofpointPOD_message_CL", - "ProofpointPOD_maillog_CL", - "ProofPointTAPClicksBlocked_CL", - "ProofPointTAPClicksPermitted_CL", - "ProofPointTAPMessagesBlocked_CL", - "ProofPointTAPMessagesDelivered_CL" - ], - "dataConnectorsDependencies": [ - "ProofpointTAP", - "ProofpointPOD" - ], - "previewImagesFileNames": [ - "ProofPointThreatDashboardBlack1.png", - "ProofPointThreatDashboardWhite1.png" - ], - "version": "1.0.0", - "title": "ProofPoint Threat Dashboard", - "templateRelativePath": "ProofPointThreatDashboard.json", - "subtitle": "", - "provider": "Microsoft Sentinel Community", - "support": { - "tier": "Community" - }, - "author": { - "name": "reprise99" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ - "Security - Others" - ] - } - }, - { - "workbookKey": "AMAmigrationTracker", - "logoFileName": "Azure_Sentinel.svg", - "description": "See what Azure and Azure Arc servers have Log Analytics agent or Azure Monitor agent installed. Review what DCR (data collection rules) apply to your machines and whether you are collecting logs from those machines into your selected workspaces.", - "dataTypesDependencies": [], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "AMAtrackingWhite1.png", - "AMAtrackingWhite2.png", - "AMAtrackingWhite3.png", - "AMAtrackingWhite4.png", - "AMAtrackingBlack1.png", - "AMAtrackingBlack2.png", - "AMAtrackingBlack3.png", - "AMAtrackingBlack4.png" - ], - "version": "1.1.0", - "title": "AMA migration tracker", - "templateRelativePath": "AMAmigrationTracker.json", - "subtitle": "", - "provider": "Microsoft Sentinel Community", - "support": { - "tier": "Community" - }, - "author": { - "name": "mariavaladas" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ - "Platform", - "Migration" - ] - } - }, - { - "workbookKey": "AdvancedKQL", - "logoFileName": "Azure_Sentinel.svg", - "description": "This interactive Workbook is designed to improve your KQL proficiency by using a use-case driven approach.", - "dataTypesDependencies": [], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "AdvancedKQLWhite.png", - "AdvancedKQLBlack.png" - ], - "version": "1.3.0", - "title": "Advanced KQL for Microsoft Sentinel", - "templateRelativePath": "AdvancedKQL.json", - "subtitle": "", - "provider": "Microsoft Sentinel Community" - }, - { - "workbookKey": "DSTIMWorkbook", - "logoFileName": "DSTIM.svg", - "description": "Identify sensitive data blast radius (i.e., who accessed sensitive data, what kinds of sensitive data, from where and when) in a given data security incident investigation or as part of Threat Hunting. Prioritize your investigation based on insights provided with integrations with Watchlists(VIPUsers, TerminatedEmployees and HighValueAssets), Threat Intelligence feed, UEBA baselines and much more.", - "dataTypesDependencies": [ - "DSMAzureBlobStorageLogs", - "DSMDataClassificationLogs", - "DSMDataLabelingLogs", - "Anomalies", - "ThreatIntelligenceIndicator", - "AADManagedIdentitySignInLogs", - "SecurityAlert", - "SigninLogs" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "DSTIMWorkbookBlack.png", - "DSTIMWorkbookWhite.png" - ], - "version": "1.9.0", - "title": "Data Security - Sensitive Data Impact Assessment", - "templateRelativePath": "DSTIMWorkbook.json", - "subtitle": "", - "provider": "Microsoft", - "featureFlag": "DSTIMWorkbook", - "support": { - "tier": "Community" - }, - "author": { - "name": "avital-m" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ - "Security - Others" - ] - } - }, - { - "workbookKey": "IntrotoKQLWorkbook", - "logoFileName": "Azure_Sentinel.svg", - "description": "Learn and practice the Kusto Query Language. This workbook introduces and provides 100 to 200 level content for new and existing users looking to learn KQL. This workbook will be updated with content over time.", - "dataTypesDependencies": [], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "IntrotoKQL-black.png", - "IntrotoKQL-white.png" - ], - "version": "1.0.0", - "title": "Intro to KQL", - "templateRelativePath": "IntrotoKQL.json", - "subtitle": "", - "provider": "Microsoft Sentinel Community" - }, - { - "workbookKey": "Log4jPostCompromiseHuntingWorkbook", - "logoFileName": "Log4j.svg", - "description": "This hunting workbook is intended to help identify activity related to the Log4j compromise discovered in December 2021.", - "dataTypesDependencies": [ - "SecurityNestedRecommendation", - "AzureDiagnostics", - "OfficeActivity", - "W3CIISLog", - "AWSCloudTrail", - "SigninLogs", - "AADNonInteractiveUserSignInLogs", - "imWebSessions", - "imNetworkSession" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "Log4jPostCompromiseHuntingBlack.png", - "Log4jPostCompromiseHuntingWhite.png" - ], - "version": "1.0.0", - "title": "Log4j Post Compromise Hunting", - "templateRelativePath": "Log4jPostCompromiseHunting.json", - "subtitle": "", - "provider": "Microsoft Sentinel Community" - }, -{ - "workbookKey": "Log4jImpactAssessmentWorkbook", - "logoFileName": "Log4j.svg", - "description": "This hunting workbook is intended to help identify activity related to the Log4j compromise discovered in December 2021.", - "dataTypesDependencies": [ - "SecurityIncident", - "SecurityAlert", - "AzureSecurityCenter", - "MDfESecureScore_CL", - "MDfEExposureScore_CL", - "MDfERecommendations_CL", - "MDfEVulnerabilitiesList_CL" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "Log4jPostCompromiseHuntingBlack.png", - "Log4jPostCompromiseHuntingWhite.png" - ], - "version": "1.0.0", - "title": "Log4j Impact Assessment", - "templateRelativePath": "Log4jImpactAssessment.json", - "subtitle": "", - "provider": "Microsoft Sentinel Community" -}, - { - "workbookKey": "UserMap", - "logoFileName": "Azure_Sentinel.svg", - "description": "This Workbook shows MaliciousIP, User SigninLog Data (this shows user Signin Locations and distance between as well as order visited) and WAF information.", - "dataTypesDependencies": [ - "SigninLogs", - "AzureDiagnostics", - "WireData", - "VMconnection", - "CommonSecurityLog", - "WindowsFirewall", - "W3CIISLog", - "DnsEvents" - ], - "dataConnectorsDependencies": [ - "AzureActiveDirectory" - ], - "previewImagesFileNames": [ - "UserMapBlack.png", - "UserMapWhite.png" - ], - "version": "1.0.1", - "title": "User Map information", - "templateRelativePath": "UserMap.json", - "subtitle": "", - "provider": "Microsoft Sentinel Community", - "support": { - "tier": "Community" - }, - "author": { - "name": "Clive Watson" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ - "Security - Threat Protection" - ] - } - }, - { - "workbookKey": "AWSS3", - "logoFileName": "amazon_web_services_Logo.svg", - "description": "This workbook shows quick summary of AWS S3 data (AWSCloudTrail, AWSGuardDuty, AWSVPCFlow). To visulaize the data, make sure you configure AWS S3 connector and data geting ingested into Sentinel", - "dataTypesDependencies": [ - "AWSCloudTrail", - "AWSGuardDuty", - "AWSVPCFlow" - ], - "dataConnectorsDependencies": [ - "AWSS3" - ], - "previewImagesFileNames": [ - "AWSS3Black.png", - "AWSS3White.png", - "AWSS3White1.png" - ], - "version": "1.0.0", - "title": "AWS S3 Workbook", - "templateRelativePath": "AWSS3.json", - "subtitle": "", - "provider": "Microsoft Sentinel Community", - "support": { - "tier": "Community" - }, - "author": { - "name": "Clive Watson" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ - "Security - Cloud Security" - ] - } - }, - { - "workbookKey": "LogSourcesAndAnalyticRulesCoverageWorkbook", - "logoFileName": "Azure_Sentinel.svg", - "description": "This workbook is intended to show how the different tables in a Log Analytics workspace are being used by the different Microsoft Sentinel features, like analytics, hunting queries, playbooks and queries in general.", - "dataTypesDependencies": [], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "LogSourcesAndAnalyticRulesCoverageBlack.png", - "LogSourcesAndAnalyticRulesCoverageWhite.png" - ], - "version": "1.1.0", - "title": "Log Sources & Analytic Rules Coverage", - "templateRelativePath": "LogSourcesAndAnalyticRulesCoverage.json", - "subtitle": "", - "provider": "Microsoft Sentinel Community", - "support": { - "tier": "Community" - }, - "author": { - "name": "Eli Forbes" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ - "Security - Others" - ] - } - }, - { - "workbookKey": "CiscoFirepower", - "logoFileName": "cisco-logo-72px.svg", - "description": "Gain insights into your Cisco Firepower firewalls. This workbook analyzes Cisco Firepower device logs.", - "dataTypesDependencies": [ - "CommonSecurityLog" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "CiscoFirepowerBlack.png", - "CiscoFirepowerWhite.png" - ], - "version": "1.0.0", - "title": "Cisco Firepower", - "templateRelativePath": "CiscoFirepower.json", - "subtitle": "", - "provider": "Microsoft Sentinel Community", - "support": { - "tier": "Community" - }, - "author": { - "name": "Samik Roy" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ - "Security - Network" - ] - } - }, - { - "workbookKey": "MicrorosftTeams", - "logoFileName": "microsoftteams.svg", - "description": "This workbook is intended to identify the activities on Microrsoft Teams.", - "dataTypesDependencies": [ - "OfficeActivity" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "MicrosoftTeamsBlack.png", - "MicrosoftTeamsWhite.png" - ], - "version": "1.0.0", - "title": "Microsoft Teams", - "templateRelativePath": "MicrosoftTeams.json", - "subtitle": "", - "provider": "Microsoft Sentinel Community" - }, - { - "workbookKey": "ArchivingBasicLogsRetention", - "logoFileName": "ArchivingBasicLogsRetention.svg", - "description": "This workbooks shows workspace and table retention periods, basic logs, and search & restore tables. It also allows you to update table retention periods, plans, and delete search or restore tables.", - "dataTypesDependencies": [], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "ArchivingBasicLogsRetentionBlack1.png", - "ArchivingBasicLogsRetentionWhite1.png" - ], - "version": "1.1.0", - "title": "Archiving, Basic Logs, and Retention", - "templateRelativePath": "ArchivingBasicLogsRetention.json", - "subtitle": "", - "provider": "Microsoft Sentinel Community", - "support": { - "tier": "Community" - }, - "author": { - "name": "seanstark-ms" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ - "Platform", - "IT Operations" - ] - } - }, -{ - "workbookKey": "OktaSingleSignOnWorkbook", - "logoFileName": "okta_logo.svg", - "description": "Gain extensive insight into Okta Single Sign-On (SSO) by analyzing, collecting and correlating Audit and Event events.\nThis workbook provides visibility into message and click events that were permitted, delivered, or blocked.", - "dataTypesDependencies": [ - "Okta_CL", - "OktaSSO" - ], - "dataConnectorsDependencies": [ - "OktaSSO", - "OktaSSOv2" - ], - "previewImagesFileNames": [ - "OktaSingleSignOnWhite.png", - "OktaSingleSignOnBlack.png" - ], - "version": "1.2", - "title": "Okta Single Sign-On", - "templateRelativePath": "OktaSingleSignOn.json", - "subtitle": "", - "provider": "Okta" -}, -{ - "workbookKey": "CiscoMerakiWorkbook", - "logoFileName": "cisco-logo-72px.svg", - "description": "Gain insights into the Events from Cisco Meraki Solution and analyzing all the different types of Security Events. This workbook also helps in identifying the Events from affected devices, IPs and the nodes where malware was successfully detected.\nIP data received in Events is correlated with Threat Intelligence to identify if the reported IP address is known bad based on threat intelligence data.", - "dataTypesDependencies": [ - "meraki_CL", - "CiscoMerakiNativePoller", - "ThreatIntelligenceIndicator" - ], - "dataConnectorsDependencies": [ - "CiscoMeraki", - "CiscoMerakiNativePolling", - "ThreatIntelligence" - ], - "previewImagesFileNames": [ - "CiscoMerakiWorkbookWhite.png", - "CiscoMerakiWorkbookBlack.png" - ], - "version": "1.0.0", - "title": "CiscoMerakiWorkbook", - "templateRelativePath": "CiscoMerakiWorkbook.json", - "subtitle": "", - "provider": "Microsoft" -}, -{ - "workbookKey": "SentinelOneWorkbook", - "logoFileName": "Azure_Sentinel.svg", - "description": "Sets the time name for analysis.", - "dataTypesDependencies": [ - "SentinelOne_CL" - ], - "dataConnectorsDependencies": [ - "SentinelOne" - ], - "previewImagesFileNames": [ - "SentinelOneBlack.png", - "SentinelOneWhite.png" - ], - "version": "1.0.0", - "title": "SentinelOneWorkbook", - "templateRelativePath": "SentinelOne.json", - "subtitle": "", - "provider": "Microsoft" -}, -{ - "workbookKey": "TrendMicroApexOneWorkbook", - "logoFileName": "trendmicro_logo.svg", - "description": "Sets the time name for analysis.", - "dataTypesDependencies": [ - "CommonSecurityLog" - ], - "dataConnectorsDependencies": [ - "TrendMicroApexOne", - "TrendMicroApexOneAma", - "CefAma" - ], - "previewImagesFileNames": [ - "TrendMicroApexOneBlack.png", - "TrendMicroApexOneWhite.png" - ], - "version": "1.0.0", - "title": "Trend Micro Apex One", - "templateRelativePath": "TrendMicroApexOne.json", - "subtitle": "", - "provider": "TrendMicro" -}, -{ - "workbookKey": "ContrastProtect", - "logoFileName": "contrastsecurity_logo.svg", - "description": "Select the time range for this Overview.", - "dataTypesDependencies": [ - "CommonSecurityLog" - ], - "dataConnectorsDependencies": [ - "ContrastProtect", - "ContrastProtectAma", - "CefAma" - ], - "previewImagesFileNames": [ - "ContrastProtectAllBlack.png", - "ContrastProtectAllWhite.png", - "ContrastProtectEffectiveBlack.png", - "ContrastProtectEffectiveWhite.png", - "ContrastProtectSummaryBlack.png", - "ContrastProtectSummaryWhite.png" - ], - "version": "1.0.0", - "title": "Contrast Protect", - "templateRelativePath": "ContrastProtect.json", - "subtitle": "", - "provider": "contrast security" -}, -{ - "workbookKey": "ArmorbloxOverview", - "logoFileName": "armorblox.svg", - "description": "INCIDENTS FROM SELECTED TIME RANGE", - "dataTypesDependencies": [ - "Armorblox_CL" - ], - "dataConnectorsDependencies": [ - "Armorblox" - ], - "previewImagesFileNames": [ - "ArmorbloxOverviewBlack01.png", - "ArmorbloxOverviewBlack02.png", - "ArmorbloxOverviewWhite01.png", - "ArmorbloxOverviewWhite02.png" - ], - "version": "1.0.0", - "title": "Armorblox", - "templateRelativePath": "ArmorbloxOverview.json", - "subtitle": "", - "provider": "Armorblox" -}, -{ - "workbookKey": "CiscoETDWorkbook", - "logoFileName": "cisco-logo-72px.svg", - "description": "Analyze email threat data seamlessly with the workbook, correlating information from the Secure Email Threat Defense API to identify and mitigate suspicious activities, providing insights into trends and allowing for precise filtering and analysis", - "dataTypesDependencies": [ - "CiscoETD_CL" - ], - "dataConnectorsDependencies": [ - "CiscoETD" - ], - "previewImagesFileNames": [ - "CiscoETDBlack01.PNG", - "CiscoETDBlack02.PNG", - "CiscoETDWhite01.PNG", - "CiscoETDWhite02.PNG" - ], - "version": "1.0", - "title": "Cisco Email Threat Defense", - "templateRelativePath": "CiscoETD.json", - "subtitle": "", - "provider": "Cisco" -}, -{ - "workbookKey": "PaloAltoCDL", - "logoFileName": "paloalto_logo.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "CommonSecurityLog" - ], - "dataConnectorsDependencies": [ - "PaloAltoCDL", - "PaloAltoCDLAma", - "CefAma" - ], - "previewImagesFileNames": [ - "PaloAltoBlack.png", - "PaloAltoWhite.png" - ], - "version": "1.0.0", - "title": "Palo Alto Networks Cortex Data Lake", - "templateRelativePath": "PaloAltoCDL.json", - "subtitle": "", - "provider": "Palo Alto Networks" -}, -{ - "workbookKey": "VMwareCarbonBlack", - "logoFileName": "Azure_Sentinel.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "CarbonBlackEvents_CL", - "CarbonBlackAuditLogs_CL", - "CarbonBlackNotifications_CL" - ], - "dataConnectorsDependencies": [ - "VMwareCarbonBlack" - ], - "previewImagesFileNames": [ - "VMwareCarbonBlack.png", - "VMwareCarbonWhite.png" - ], - "version": "1.0.0", - "title": "VMware Carbon Black Cloud", - "templateRelativePath": "VMwareCarbonBlack.json", - "subtitle": "", - "provider": "Microsoft" -}, -{ - "workbookKey": "VMwareSDWAN", - "logoFileName": "vmware_sase_logo.svg", - "description": "This workbook is intended to provide an overview on security events on VMware SD-WAN and Cloud Web Security.", - "dataTypesDependencies": [ - "VMware_CWS_Weblogs_CL", - "VMware_VECO_EventLogs_CL" - ], - "dataConnectorsDependencies": [ - "VMwareSDWAN" - ], - "previewImagesFileNames": [ - "vmwaresdwan_sentinel_audit_overview_Black.png", - "vmwaresdwan_sentinel_audit_overview_White.png", - "vmwaresdwan_sentinel_connectivity_overview_Black.png", - "vmwaresdwan_sentinel_connectivity_overview_White.png", - "vmwaresdwan_sentinel_cws_agents_events_Black.png", - "vmwaresdwan_sentinel_cws_agents_events_White.png", - "vmwaresdwan_sentinel_cws_casb_Black.png", - "vmwaresdwan_sentinel_cws_casb_White.png", - "vmwaresdwan_sentinel_cws_cf_users_policy_Black.png", - "vmwaresdwan_sentinel_cws_cf_users_policy_White.png", - "vmwaresdwan_sentinel_cws_overview_Black.png", - "vmwaresdwan_sentinel_cws_overview_White.png", - "vmwaresdwan_sentinel_cws_sasepop_urlf_Black.png", - "vmwaresdwan_sentinel_cws_sasepop_urlf_White.png", - "vmwaresdwan_sentinel_cws_urlf_Black.png", - "vmwaresdwan_sentinel_cws_urlf_White.png", - "vmwaresdwan_sentinel_efs_idps_categories_Black.png", - "vmwaresdwan_sentinel_efs_idps_categories_White.png", - "vmwaresdwan_sentinel_idps_activity_Black.png", - "vmwaresdwan_sentinel_idps_activity_White.png", - "vmwaresdwan_sentinel_nsd_overview_Black.png", - "vmwaresdwan_sentinel_nsd_overview_White.png", - "vmwaresdwan_sentinel_nsd_via_vcg_Black.png", - "vmwaresdwan_sentinel_nsd_via_vcg_White.png", - "vmwaresdwan_sentinel_sdwan_efs_statefulfw_Black.png", - "vmwaresdwan_sentinel_sdwan_efs_statefulfw_White.png" - ], - "version": "1.0.0", - "title": "VMware SD-WAN and SASE", - "templateRelativePath": "VMwareSASESOCDashboard.json", - "subtitle": "", - "provider": "velocloud" -}, -{ - "workbookKey": "arista-networks", - "logoFileName": "AristaAwakeSecurity.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "CommonSecurityLog" - ], - "dataConnectorsDependencies": [ - "AristaAwakeSecurity", - "CefAma" - ], - "previewImagesFileNames": [ - "AristaAwakeSecurityDevicesBlack.png", - "AristaAwakeSecurityDevicesWhite.png", - "AristaAwakeSecurityModelsBlack.png", - "AristaAwakeSecurityModelsWhite.png", - "AristaAwakeSecurityOverviewBlack.png", - "AristaAwakeSecurityOverviewWhite.png" - ], - "version": "1.0.0", - "title": "Arista Awake", - "templateRelativePath": "AristaAwakeSecurityWorkbook.json", - "subtitle": "", - "provider": "Arista Networks" -}, -{ - "workbookKey": "TomcatWorkbook", - "logoFileName": "Azure_Sentinel.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "Tomcat_CL" - ], - "dataConnectorsDependencies": [ - "ApacheTomcat" - ], - "previewImagesFileNames": [ - "TomcatBlack.png", - "TomcatWhite.png" - ], - "version": "1.0.0", - "title": "ApacheTomcat", - "templateRelativePath": "Tomcat.json", - "subtitle": "", - "provider": "Apache" -}, -{ - "workbookKey": "ClarotyWorkbook", - "logoFileName": "Azure_Sentinel.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "CommonSecurityLog" - ], - "dataConnectorsDependencies": [ - "Claroty", - "ClarotyAma", - "CefAma" - ], - "previewImagesFileNames": [ - "ClarotyBlack.png", - "ClarotyWhite.png" - ], - "version": "1.0.0", - "title": "Claroty", - "templateRelativePath": "ClarotyOverview.json", - "subtitle": "", - "provider": "Claroty" -}, -{ - "workbookKey": "ApacheHTTPServerWorkbook", - "logoFileName": "apache.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "ApacheHTTPServer_CL" - ], - "dataConnectorsDependencies": [ - "ApacheHTTPServer" - ], - "previewImagesFileNames": [ - "ApacheHTTPServerOverviewBlack01.png", - "ApacheHTTPServerOverviewBlack02.png", - "ApacheHTTPServerOverviewWhite01.png", - "ApacheHTTPServerOverviewWhite02.png" - ], - "version": "1.0.0", - "title": "Apache HTTP Server", - "templateRelativePath": "ApacheHTTPServer.json", - "subtitle": "", - "provider": "Apache Software Foundation" -}, -{ - "workbookKey": "OCIWorkbook", - "logoFileName": "Azure_Sentinel.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "OCI_Logs_CL" - ], - "dataConnectorsDependencies": [ - "OracleCloudInfrastructureLogsConnector" - ], - "previewImagesFileNames": [ - "OCIBlack.png", - "OCIWhite.png" - ], - "version": "1.0.0", - "title": "Oracle Cloud Infrastructure", - "templateRelativePath": "OracleCloudInfrastructureOCI.json", - "subtitle": "", - "provider": "Microsoft" -}, -{ - "workbookKey": "OracleWeblogicServerWorkbook", - "logoFileName": "Azure_Sentinel.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "OracleWebLogicServer_CL" - ], - "dataConnectorsDependencies": [ - "OracleWebLogicServer" - ], - "previewImagesFileNames": [ - "OracleWeblogicServerBlack.png", - "OracleWeblogicServerWhite.png" - ], - "version": "1.0.0", - "title": "Oracle WebLogic Server", - "templateRelativePath": "OracleWorkbook.json", - "subtitle": "", - "provider": "Oracle" -}, -{ - "workbookKey": "BitglassWorkbook", - "logoFileName": "Azure_Sentinel.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "BitglassLogs_CL" - ], - "dataConnectorsDependencies": [ - "Bitglass" - ], - "previewImagesFileNames": [ - "BitglassBlack.png", - "BitglassWhite.png" - ], - "version": "1.0.0", - "title": "Bitglass", - "templateRelativePath": "Bitglass.json", - "subtitle": "", - "provider": "Bitglass" -}, -{ - "workbookKey": "NGINXWorkbook", - "logoFileName": "Azure_Sentinel.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "NGINX_CL" - ], - "dataConnectorsDependencies": [ - "NGINXHTTPServer" - ], - "previewImagesFileNames": [ - "NGINXOverviewBlack01.png", - "NGINXOverviewBlack02.png", - "NGINXOverviewWhite01.png", - "NGINXOverviewWhite02.png" - ], - "version": "1.0.0", - "title": "NGINX HTTP Server", - "templateRelativePath": "NGINX.json", - "subtitle": "", - "provider": "Microsoft" -}, -{ - "workbookKey": "vArmourAppContollerWorkbook", - "logoFileName": "varmour-logo.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "CommonSecurityLog" - ], - "dataConnectorsDependencies": [ - "vArmourAC", - "vArmourACAma", - "CefAma" - ], - "previewImagesFileNames": [ - "vArmourAppControllerAppBlack.png", - "vArmourAppControllerAppBlack-1.png", - "vArmourAppControllerAppBlack-2.png", - "vArmourAppControllerAppBlack-3.png", - "vArmourAppControllerAppBlack-4.png", - "vArmourAppControllerAppBlack-5.png", - "vArmourAppControllerAppBlack-6.png", - "vArmourAppControllerAppBlack-7.png", - "vArmourAppControllerAppWhite.png", - "vArmourAppControllerAppWhite-1.png", - "vArmourAppControllerAppWhite-2.png", - "vArmourAppControllerAppWhite-3.png", - "vArmourAppControllerAppWhite-4.png", - "vArmourAppControllerAppWhite-5.png", - "vArmourAppControllerAppWhite-6.png", - "vArmourAppControllerAppWhite-7.png" - ], - "version": "1.0.0", - "title": "vArmour Application Controller", - "templateRelativePath": "vArmour_AppContoller_Workbook.json", - "subtitle": "", - "provider": "vArmour" -}, -{ - "workbookKey": "CorelightWorkbook", - "logoFileName": "corelight.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "Corelight_CL" - ], - "dataConnectorsDependencies": [ - "Corelight" - ], - "previewImagesFileNames": [ - "CorelightConnectionsBlack1.png", - "CorelightConnectionsBlack2.png", - "CorelightConnectionsWhite1.png", - "CorelightConnectionsWhite2.png", - "CorelightDNSBlack1.png", - "CorelightDNSWhite1.png", - "CorelightFileBlack1.png", - "CorelightFileBlack2.png", - "CorelightFileWhite1.png", - "CorelightFileWhite2.png", - "CorelightMainBlack1.png", - "CorelightMainWhite1.png", - "CorelightSoftwareBlack1.png", - "CorelightSoftwareWhite1.png" - ], - "version": "1.0.0", - "title": "Corelight", - "templateRelativePath": "Corelight.json", - "subtitle": "", - "provider": "Corelight" -}, -{ - "workbookKey": "LookoutEvents", - "logoFileName": "lookout.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "Lookout_CL" - ], - "dataConnectorsDependencies": [ - "LookoutAPI" - ], - "previewImagesFileNames": [ - "SampleLookoutWorkBookBlack.png", - "SampleLookoutWorkBookWhite.png" - ], - "version": "1.0.0", - "title": "Lookout", - "templateRelativePath": "LookoutEvents.json", - "subtitle": "", - "provider": "Lookout" -}, -{ - "workbookKey": "sentinel-MicrosoftPurview", - "logoFileName": "MicrosoftPurview.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "AzureDiagnostics" - ], - "dataConnectorsDependencies": [ - "MicrosoftAzurePurview" - ], - "previewImagesFileNames": [ - "" - ], - "version": "1.0.0", - "title": "Microsoft Purview", - "templateRelativePath": "MicrosoftPurview.json", - "subtitle": "", - "provider": "Microsoft" -}, -{ - "workbookKey": "InfobloxCDCB1TDWorkbook", - "logoFileName": "infoblox_logo.svg", - "description": "Get a closer look at your BloxOne DNS Query/Response logs, DHCP logs and Threat Defense security event data. This workbook is intended to help visualize BloxOne query data as part of the Infoblox Cloud solution. Drilldown your data and visualize events, trends, and anomalous changes over time.", - "dataTypesDependencies": [ - "CommonSecurityLog" - ], - "dataConnectorsDependencies": [ - "InfobloxCloudDataConnector", - "InfobloxCloudDataConnectorAma", - "CefAma" - ], - "previewImagesFileNames": [ - "InfobloxCDCB1TDBlack.png", - "InfobloxCDCB1TDWhite.png" - ], - "version": "2.0.0", - "title": "Infoblox CDC BloxOne DDI & Threat Defense DNS Workbook", - "templateRelativePath": "InfobloxCDCB1TDWorkbook.json", - "subtitle": "", - "provider": "Infoblox" -}, -{ - "workbookKey": "InfobloxSOCInsightsWorkbook", - "logoFileName": "infoblox_logo.svg", - "description": "Get a closer look at your Infoblox SOC Insights. This workbook is intended to help visualize your BloxOne SOC Insights data as part of the Infoblox SOC Insights Solution. Drilldown your data and visualize events, trends, and anomalous changes over time.", - "dataTypesDependencies": [ - "InfobloxInsight", - "InfobloxInsightAssets", - "InfobloxInsightComments", - "InfobloxInsightIndicators", - "InfobloxInsightEvents" - ], - "dataConnectorsDependencies": [ - "InfobloxSOCInsightsDataConnector_AMA", - "InfobloxSOCInsightsDataConnector_API", - "InfobloxSOCInsightsDataConnector_Legacy", - "CefAma" - ], - "previewImagesFileNames": [ - "InfobloxSOCInsightsBlack.png", - "InfobloxSOCInsightsWhite.png" - ], - "version": "1.0.0", - "title": "Infoblox SOC Insights Workbook", - "templateRelativePath": "InfobloxSOCInsightsWorkbook.json", - "subtitle": "", - "provider": "Infoblox" -}, -{ - "workbookKey": "UbiquitiUniFiWorkbook", - "logoFileName": "ubiquiti.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "Ubiquiti_CL" - ], - "dataConnectorsDependencies": [ - "UbiquitiUnifi" - ], - "previewImagesFileNames": [ - "UbiquitiOverviewBlack01.png", - "UbiquitiOverviewBlack02.png", - "UbiquitiOverviewWhite01.png", - "UbiquitiOverviewWhite02.png" - ], - "version": "1.0.0", - "title": "Ubiquiti UniFi", - "templateRelativePath": "Ubiquiti.json", - "subtitle": "", - "provider": "Microsoft" -}, -{ - "workbookKey": "VMwareESXiWorkbook", - "logoFileName": "Azure_Sentinel.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "Syslog" - ], - "dataConnectorsDependencies": [ - "VMwareESXi", - "SyslogAma" - ], - "previewImagesFileNames": [ - "VMWareESXiBlack.png", - "VMWareESXiWhite.png" - ], - "version": "1.0.0", - "title": "VMware ESXi", - "templateRelativePath": "VMWareESXi.json", - "subtitle": "", - "provider": "Microsoft" -}, -{ - "workbookKey": "SnowflakeWorkbook", - "logoFileName": "Azure_Sentinel.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "Snowflake_CL" - ], - "dataConnectorsDependencies": [ - "SnowflakeDataConnector" - ], - "previewImagesFileNames": [ - "SnowflakeBlack.png", - "SnowflakeWhite.png" - ], - "version": "1.0.0", - "title": "Snowflake", - "templateRelativePath": "Snowflake.json", - "subtitle": "", - "provider": "Snowflake" -}, -{ - "workbookKey": "LastPassWorkbook", - "logoFileName": "LastPass.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "LastPassNativePoller_CL" - ], - "dataConnectorsDependencies": [ - "LastPassAPIConnector" - ], - "previewImagesFileNames": [ - "LastPassBlack.png", - "LastPassWhite.png" - ], - "version": "1.0.0", - "title": "Lastpass Enterprise Activity Monitoring", - "templateRelativePath": "LastPassWorkbook.json", - "subtitle": "", - "provider": "LastPass" -}, -{ - "workbookKey": "SecurityBridgeWorkbook", - "logoFileName": "SecurityBridgeLogo-Vector-TM_75x75.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "SecurityBridgeLogs" - ], - "dataConnectorsDependencies": [ - "SecurityBridgeSAP" - ], - "previewImagesFileNames": [""], - "version": "1.0.0", - "title": "SecurityBridge App", - "templateRelativePath": "SecurityBridgeThreatDetectionforSAP.json", - "subtitle": "", - "provider": "SecurityBridge" -}, -{ - "workbookKey": "PaloAltoPrismaCloudWorkbook", - "logoFileName": "paloalto_logo.svg", - "description": "Sets the time name for analysis.", - "dataTypesDependencies": [ - "PaloAltoPrismaCloudAlert_CL", - "PaloAltoPrismaCloudAudit_CL" - ], - "dataConnectorsDependencies": [ - "PaloAltoPrismaCloud" - ], - "previewImagesFileNames": [ - "PaloAltoPrismaCloudBlack01.png", - "PaloAltoPrismaCloudBlack02.png", - "PaloAltoPrismaCloudWhite01.png", - "PaloAltoPrismaCloudWhite02.png" - ], - "version": "1.0.0", - "title": "Palo Alto Prisma", - "templateRelativePath": "PaloAltoPrismaCloudOverview.json", - "subtitle": "", - "provider": "Microsoft" -}, -{ - "workbookKey": "PingFederateWorkbook", - "logoFileName": "PingIdentity.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "PingFederateEvent" - ], - "dataConnectorsDependencies": [ - "PingFederate", - "PingFederateAma", - "CefAma" - ], - "previewImagesFileNames": [ - "PingFederateBlack1.png", - "PingFederateWhite1.png" - ], - "version": "1.0.0", - "title": "PingFederate", - "templateRelativePath": "PingFederate.json", - "subtitle": "", - "provider": "Microsoft" -}, -{ - "workbookKey": "McAfeeePOWorkbook", - "logoFileName": "mcafee_logo.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "McAfeeEPOEvent" - ], - "dataConnectorsDependencies": [ - "McAfeeePO", - "SyslogAma" - ], - "previewImagesFileNames": [ - "McAfeeePOBlack1.png", - "McAfeeePOBlack2.png", - "McAfeeePOWhite1.png", - "McAfeeePOWhite2.png" - ], - "version": "1.0.0", - "title": "McAfee ePolicy Orchestrator", - "templateRelativePath": "McAfeeePOOverview.json", - "subtitle": "", - "provider": "Microsoft" -}, -{ - "workbookKey": "OracleDatabaseAudit", - "logoFileName": "oracle_logo.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "Syslog" - ], - "dataConnectorsDependencies": [ - "OracleDatabaseAudit", - "SyslogAma" - ], - "previewImagesFileNames": [ - "OracleDatabaseAuditBlack1.png", - "OracleDatabaseAuditBlack2.png", - "OracleDatabaseAuditWhite1.png", - "OracleDatabaseAuditWhite2.png" - ], - "version": "1.0.0", - "title": "Oracle Database Audit", - "templateRelativePath": "OracleDatabaseAudit.json", - "subtitle": "", - "provider": "Oracle" -}, -{ - "workbookKey": "SenservaProAnalyticsWorkbook", - "logoFileName": "SenservaPro_logo.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "SenservaPro_CL" - ], - "dataConnectorsDependencies": [ - "SenservaPro" - ], - "previewImagesFileNames": [ - "SenservaProAnalyticsBlack.png", - "SenservaProAnalyticsWhite.png" - ], - "version": "1.0.0", - "title": "SenservaProAnalytics", - "templateRelativePath": "SenservaProAnalyticsWorkbook.json", - "subtitle": "", - "provider": "Senserva Pro" -}, -{ - "workbookKey": "SenservaProMultipleWorkspaceWorkbook", - "logoFileName": "SenservaPro_logo.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "SenservaPro_CL" - ], - "dataConnectorsDependencies": [ - "SenservaPro" - ], - "previewImagesFileNames": [ - "SenservaProMultipleWorkspaceWorkbookBlack.png", - "SenservaProMultipleWorkspaceWorkbookWhite.png" - ], - "version": "1.0.0", - "title": "SenservaProMultipleWorkspace", - "templateRelativePath": "SenservaProMultipleWorkspaceWorkbook.json", - "subtitle": "", - "provider": "Senserva Pro" -}, -{ - "workbookKey": "SenservaProSecureScoreMultiTenantWorkbook", - "logoFileName": "SenservaPro_logo.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "SenservaPro_CL" - ], - "dataConnectorsDependencies": [ - "SenservaPro" - ], - "previewImagesFileNames": [ - "SenservaProSecureScoreMultiTenantBlack.png", - "SenservaProSecureScoreMultiTenantWhite.png" - ], - "version": "1.0.0", - "title": "SenservaProSecureScoreMultiTenant", - "templateRelativePath": "SenservaProSecureScoreMultiTenantWorkbook.json", - "subtitle": "", - "provider": "Senserva Pro" -}, -{ - "workbookKey": "CiscoSecureEndpointOverviewWorkbook", - "logoFileName": "cisco-logo-72px.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "CiscoSecureEndpoint" - ], - "dataConnectorsDependencies": [ - "CiscoSecureEndpoint" - ], - "previewImagesFileNames": [ - "CiscoSecureEndpointBlack.png", - "CiscoSecureEndpointWhite.png" - ], - "version": "1.0.0", - "title": "Cisco Secure Endpoint", - "templateRelativePath": "Cisco Secure Endpoint Overview.json", - "subtitle": "", - "provider": "Cisco" -}, -{ - "workbookKey": "InfoSecGlobalWorkbook", - "logoFileName": "infosecglobal.svg", - "description": "Sets the time name for analysis.", - "dataTypesDependencies": [ - "InfoSecAnalytics_CL" - ], - "dataConnectorsDependencies": [ - "InfoSecDataConnector" - ], - "previewImagesFileNames": [ - "InfoSecGlobalWorkbookBlack.png", - "InfoSecGlobalWorkbookWhite.png" - ], - "version": "1.0.0", - "title": "AgileSec Analytics Connector", - "templateRelativePath": "InfoSecGlobal.json", - "subtitle": "", - "provider": "InfoSecGlobal" -}, -{ - "workbookKey": "CrowdStrikeFalconEndpointProtectionWorkbook", - "logoFileName": "crowdstrike.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "CrowdstrikeReplicatorLogs_CL" - ], - "dataConnectorsDependencies": [ - "CrowdstrikeReplicator" - ], - "previewImagesFileNames": [ - "CrowdStrikeFalconEndpointProtectionBlack.png", - "CrowdStrikeFalconEndpointProtectionWhite.png" - ], - "version": "1.0.0", - "title": "CrowdStrike Falcon Endpoint Protection", - "templateRelativePath": "CrowdStrikeFalconEndpointProtection.json", - "subtitle": "", - "provider": "Microsoft" -}, -{ - "workbookKey": "IronDefenseAlertDashboard", - "logoFileName": "IronNet.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "CommonSecurityLog" - ], - "dataConnectorsDependencies": [ - "IronNetIronDefense" - ], - "previewImagesFileNames": [ - "IronDefenseDashboardBlack.png", - "IronDefenseDashboardWhite.png" - ], - "version": "1.0.0", - "title": "IronDefenseAlertDashboard", - "templateRelativePath": "IronDefenseAlertDashboard.json", - "subtitle": "", - "provider": "Microsoft" -}, -{ - "workbookKey": "IronDefenseAlertDetails", - "logoFileName": "IronNet.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "CommonSecurityLog" - ], - "dataConnectorsDependencies": [ - "IronNetIronDefense" - ], - "previewImagesFileNames": [ - "IronDefenseAlertsBlack.png", - "IronDefenseAlertsWhite.png" - ], - "version": "1.0.0", - "title": "IronDefenseAlertDetails", - "templateRelativePath": "IronDefenseAlertDetails.json", - "subtitle": "", - "provider": "Microsoft" -}, -{ - "workbookKey": "CiscoSEGWorkbook", - "logoFileName": "cisco-logo-72px.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "CommonSecurityLog" - ], - "dataConnectorsDependencies": [ - "CiscoSEG", - "CiscoSEGAma", - "CefAma" - ], - "previewImagesFileNames": [ - "CiscoSEGBlack.png", - "CiscoSEGWhite.png" - ], - "version": "1.0.0", - "title": "Cisco Secure Email Gateway", - "templateRelativePath": "CiscoSEG.json", - "subtitle": "", - "provider": "Cisco" -}, -{ - "workbookKey": "EatonForeseerHealthAndAccess", - "logoFileName": "Azure_Sentinel.svg", - "description": "This workbook gives an insight into the health of all the Windows VMs in this subscription running Eaton Foreseer and the unauthorized access into the Eaton Foreseer application running on these VMs.", - "dataTypesDependencies": [ - "SecurityEvent" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "EatonForeseerHealthAndAccessBlack.png", - "EatonForeseerHealthAndAccessWhite.png" - ], - "version": "1.0.0", - "title": "EatonForeseerHealthAndAccess", - "templateRelativePath": "EatonForeseerHealthAndAccess.json", - "subtitle": "", - "provider": "Eaton" -}, -{ - "workbookKey": "PCIDSSComplianceWorkbook", - "logoFileName": "Azure_Sentinel.svg", - "description": "Choose your subscription and workspace in which PCI assets are deployed", - "dataTypesDependencies": [ - "AzureDaignostics", - "SecurityEvent", - "SecurityAlert", - "OracleDatabaseAuditEvent", - "Syslog", - "Anomalies" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "PCIDSSComplianceBlack01.PNG", - "PCIDSSComplianceBlack02.PNG", - "PCIDSSComplianceWhite01.PNG", - "PCIDSSComplianceWhite02.PNG" - ], - "version": "1.0.0", - "title": "PCI DSS Compliance", - "templateRelativePath": "PCIDSSCompliance.json", - "subtitle": "", - "provider": "Microsoft" -}, -{ - "workbookKey": "SonraiSecurityWorkbook", - "logoFileName": "Sonrai.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "Sonrai_Tickets_CL" - ], - "dataConnectorsDependencies": [ - "SonraiDataConnector" - ], - "previewImagesFileNames": [ - "SonraiWorkbookBlack.png", - "SonraiWorkbookWhite.png" - ], - "version": "1.0.0", - "title": "Sonrai", - "templateRelativePath": "Sonrai.json", - "subtitle": "", - "provider": "Sonrai" -}, -{ - "workbookKey": "SemperisDSPWorkbook", - "logoFileName": "Semperis.svg", - "description": "Specify the time range on which to query the data", - "dataTypesDependencies": [ - "dsp_parser" - ], - "dataConnectorsDependencies": [ - "SemperisDSP" - ], - "previewImagesFileNames": [ - "SemperisDSPOverview1Black.png", - "SemperisDSPOverview1White.png", - "SemperisDSPOverview2Black.png", - "SemperisDSPOverview2White.png", - "SemperisDSPOverview3Black.png", - "SemperisDSPOverview3White.png" - ], - "version": "1.0.0", - "title": "Semperis Directory Services Protector", - "templateRelativePath": "SemperisDSPWorkbook.json", - "subtitle": "", - "provider": "Semperis" -}, -{ - "workbookKey": "BoxWorkbook", - "logoFileName": "box.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "BoxEvents_CL" - ], - "dataConnectorsDependencies": [ - "BoxDataConnector" - ], - "previewImagesFileNames": [ - "BoxBlack1.png", - "BoxWhite1.png", - "BoxBlack2.png", - "BoxWhite2.png" - ], - "version": "1.0.0", - "title": "Box", - "templateRelativePath": "Box.json", - "subtitle": "", - "provider": "Box" -}, -{ - "workbookKey": "SymantecEndpointProtection", - "logoFileName": "symantec_logo.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "SymantecEndpointProtection" - ], - "dataConnectorsDependencies": [ - "SymantecEndpointProtection", - "SyslogAma" - ], - "previewImagesFileNames": [ - "SymantecEndpointProtectionBlack.png", - "SymantecEndpointProtectionWhite.png" - ], - "version": "1.0.0", - "title": "Symantec Endpoint Protection", - "templateRelativePath": "SymantecEndpointProtection.json", - "subtitle": "", - "provider": "Symantec" -}, -{ - "workbookKey": "DynamicThreatModeling&Response", - "logoFileName": "Azure_Sentinel.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "SecurityAlert" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "DynamicThreatModeling&ResponseWhite.png", - "DynamicThreatModeling&ResponseBlack.png" - ], - "version": "1.0.0", - "title": "Dynamic Threat Modeling Response", - "templateRelativePath": "DynamicThreatModeling&Response.json", - "subtitle": "", - "provider": "Microsoft" -}, -{ - "workbookKey": "ThreatAnalysis&Response", - "logoFileName": "Azure_Sentinel.svg", - "description": "The Defenders for IoT workbook provide guided investigations for OT entities based on open incidents, alert notifications, and activities for OT assets. They also provide a hunting experience across the MITRE ATT&CK® framework for ICS, and are designed to enable analysts, security engineers, and MSSPs to gain situational awareness of OT security posture.", - "dataTypesDependencies": [ - "SecurityAlert" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "ThreatAnalysis&ResponseWhite1.png", - "ThreatAnalysis&ResponseWhite2.png", - "ThreatAnalysis&ResponseWhite3.png", - "ThreatAnalysis&ResponseWhite4.png", - "ThreatAnalysis&ResponseBlack1.png", - "ThreatAnalysis&ResponseBlack2.png", - "ThreatAnalysis&ResponseBlack3.png", - "ThreatAnalysis&ResponseBlack4.png" - ], - "version": "1.0.1", - "title": "Threat Analysis Response", - "templateRelativePath": "ThreatAnalysis&Response.json", - "subtitle": "", - "provider": "Microsoft" -}, -{ - "workbookKey": "TrendMicroCAS", - "logoFileName": "Trend_Micro_Logo.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "TrendMicroCAS_CL" - ], - "dataConnectorsDependencies": [ - "TrendMicroCAS" - ], - "previewImagesFileNames": [ - "TrendMicroCASBlack.png", - "TrendMicroCASWhite.png" - ], - "version": "1.0.0", - "title": "TrendMicroCAS", - "templateRelativePath": "TrendMicroCAS.json", - "subtitle": "", - "provider": "TrendMicro" -}, -{ - "workbookKey": "GitHubSecurityWorkbook", - "logoFileName": "GitHub.svg", - "description": "Gain insights to GitHub activities that may be interesting for security.", - "dataTypesDependencies": [ - "GitHubAuditLogPolling_CL" - ], - "dataConnectorsDependencies": [ - "GitHubEcAuditLogPolling" - ], - "previewImagesFileNames": [ - "GitHubSecurityBlack.png", - "GitHubSecurityWhite.png" - ], - "version": "1.0.0", - "title": "GithubWorkbook", - "templateRelativePath": "GitHub.json", - "subtitle": "", - "provider": "Microsoft" -}, -{ - "workbookKey": "GCPDNSWorkbook", - "logoFileName": "google_logo.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "GCPCloudDNS" - ], - "dataConnectorsDependencies": [ - "GCPDNSDataConnector" - ], - "previewImagesFileNames": [ - "GCPDNSBlack.png", - "GCPDNSWhite.png" - ], - "version": "1.0.0", - "title": "Google Cloud Platform DNS", - "templateRelativePath": "GCPDNS.json", - "subtitle": "", - "provider": "Microsoft" -}, -{ - "workbookKey": "AtlassianJiraAuditWorkbook", - "logoFileName": "atlassian.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "AtlassianJiraNativePoller_CL" - ], - "dataConnectorsDependencies": [ - "AtlassianJira" - ], - "previewImagesFileNames": [ - "AtlassianJiraAuditWhite.png", - "AtlassianJiraAuditBlack.png" - ], - "version": "1.0.0", - "title": "AtlassianJiraAudit", - "templateRelativePath": "AtlassianJiraAudit.json", - "subtitle": "", - "provider": "Atlassian" -}, -{ - "workbookKey": "DigitalGuardianWorkbook", - "logoFileName": "Azure_Sentinel.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "DigitalGuardianDLPEvent" - ], - "dataConnectorsDependencies": [ - "DigitalGuardianDLP", - "SyslogAma" - ], - "previewImagesFileNames": [ - "DigitalGuardianBlack.png", - "DigitalGuardianWhite.png" - ], - "version": "1.0.0", - "title": "DigitalGuardianDLP", - "templateRelativePath": "DigitalGuardian.json", - "subtitle": "", - "provider": "Digital Guardian" -}, -{ - "workbookKey": "CiscoDuoWorkbook", - "logoFileName": "cisco-logo-72px.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "CiscoDuo_CL" - ], - "dataConnectorsDependencies": [ - "CiscoDuoSecurity" - ], - "previewImagesFileNames": [ - "CiscoDuoWhite.png", - "CiscoDuoBlack.png" - ], - "version": "1.0.0", - "title": "CiscoDuoSecurity", - "templateRelativePath": "CiscoDuo.json", - "subtitle": "", - "provider": "Cisco" -}, -{ - "workbookKey": "SlackAudit", - "logoFileName": "slacklogo.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "SlackAudit_CL" - ], - "dataConnectorsDependencies": [ - "SlackAuditAPI" - ], - "previewImagesFileNames": [ - "SlackAuditApplicationActivityBlack1.png", - "SlackAuditApplicationActivityWhite1.png" - ], - "version": "1.0.0", - "title": "SlackAudit", - "templateRelativePath": "SlackAudit.json", - "subtitle": "", - "provider": "Slack" -}, -{ - "workbookKey": "CiscoWSAWorkbook", - "logoFileName": "cisco-logo-72px.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "Syslog" - ], - "dataConnectorsDependencies": [ - "CiscoWSA", - "SyslogAma" - ], - "previewImagesFileNames": [ - "CiscoWSAWhite.png", - "CiscoWSABlack.png" - ], - "version": "1.0.0", - "title": "CiscoWSA", - "templateRelativePath": "CiscoWSA.json", - "subtitle": "", - "provider": "Cisco" -}, -{ - "workbookKey": "GCP-IAM-Workbook", - "logoFileName": "google_logo.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "GCP_IAM_CL" - ], - "dataConnectorsDependencies": [ - "GCPIAMDataConnector" - ], - "previewImagesFileNames": [ - "GCPIAMBlack01.png", - "GCPIAMBlack02.png", - "GCPIAMWhite01.png", - "GCPIAMWhite02.png" - ], - "version": "1.0.0", - "title": "Google Cloud Platform IAM", - "templateRelativePath": "GCP_IAM.json", - "subtitle": "", - "provider": "Google" -}, -{ - "workbookKey": "ImpervaWAFCloudWorkbook", - "logoFileName": "Imperva_DarkGrey_final_75x75.svg", - "description": "Sets the time name for analysis.", - "dataTypesDependencies": [ - "ImpervaWAFCloud_CL" - ], - "dataConnectorsDependencies": [ - "ImpervaWAFCloudAPI" - ], - "previewImagesFileNames": [ - "ImpervaWAFCloudBlack01.png", - "ImpervaWAFCloudBlack02.png", - "ImpervaWAFCloudWhite01.png", - "ImpervaWAFCloudWhite02.png" - ], - "version": "1.0.0", - "title": "Imperva WAF Cloud Overview", - "templateRelativePath": "Imperva WAF Cloud Overview.json", - "subtitle": "", - "provider": "Microsoft" -}, -{ - "workbookKey": "ZscalerZPAWorkbook", - "logoFileName": "ZscalerLogo.svg", - "description": "Select the time range for this Overview.", - "dataTypesDependencies": [ - "ZPA_CL" - ], - "dataConnectorsDependencies": [ - "ZscalerPrivateAccess", - "CustomLogsAma" - ], - "previewImagesFileNames": [ - "ZscalerZPABlack.png", - "ZscalerZPAWhite.png" - ], - "version": "1.0.0", - "title": "Zscaler Private Access (ZPA)", - "templateRelativePath": "ZscalerZPA.json", - "subtitle": "", - "provider": "Zscaler" -}, -{ - "workbookKey": "GoogleWorkspaceWorkbook", - "logoFileName": "google_logo.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "GWorkspace_ReportsAPI_admin_CL", - "GWorkspace_ReportsAPI_calendar_CL", - "GWorkspace_ReportsAPI_drive_CL", - "GWorkspace_ReportsAPI_login_CL", - "GWorkspace_ReportsAPI_login_CL", - "GWorkspace_ReportsAPI_mobile_CL" - ], - "dataConnectorsDependencies": [ - "GoogleWorkspaceReportsAPI" - ], - "previewImagesFileNames": [ - "GoogleWorkspaceBlack.png", - "GoogleWorkspaceWhite.png" - ], - "version": "1.0.0", - "title": "GoogleWorkspaceReports", - "templateRelativePath": "GoogleWorkspace.json", - "subtitle": "", - "provider": "Microsoft" -}, -{ - "workbookKey": "NCProtectWorkbook", - "logoFileName": "NCProtectIcon.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "NCProtectUAL_CL" - ], - "dataConnectorsDependencies": [ - "NucleusCyberNCProtect" - ], - "previewImagesFileNames": [""], - "version": "1.0.0", - "title": "NucleusCyberProtect", - "templateRelativePath": "NucleusCyber_NCProtect_Workbook.json", - "subtitle": "", - "provider": "archTIS" -}, -{ - "workbookKey": "CiscoISEWorkbook", - "logoFileName": "cisco-logo-72px.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "Syslog" - ], - "dataConnectorsDependencies": [ - "CiscoISE", - "SyslogAma" - ], - "previewImagesFileNames": [ - "CiscoISEBlack1.png", - "CiscoISEBlack2.png", - "CiscoISEWhite1.png", - "CiscoISEWhite2.png" - ], - "version": "1.0.0", - "title": "Cisco ISE", - "templateRelativePath": "CiscoISE.json", - "subtitle": "", - "provider": "Cisco" -}, -{ - "workbookKey": "IoTOTThreatMonitoringwithDefenderforIoTWorkbook", - "logoFileName": "Azure_Sentinel.svg", - "description": "The OT Threat Monitoring with Defender for IoT Workbook features OT filtering for Security Alerts, Incidents, Vulnerabilities and Asset Inventory. The workbook features a dynamic assessment of the MITRE ATT&CK for ICS matrix across your environment to analyze and respond to OT-based threats. This workbook is designed to enable SecOps Analysts, Security Engineers, and MSSPs to gain situational awareness for IT/OT security posture.", - "dataTypesDependencies": [ - "SecurityAlert", - "SecurityIncident" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "IoTOTThreatMonitoringwithDefenderforIoTBlack.png", - "IoTOTThreatMonitoringwithDefenderforIoTWhite.png" - ], - "version": "1.0.0", - "title": "Microsoft Defender for IoT", - "templateRelativePath": "IoTOTThreatMonitoringwithDefenderforIoT.json", - "subtitle": "", - "provider": "Microsoft" -}, -{ - "workbookKey": "ZeroTrust(TIC3.0)Workbook", - "logoFileName": "Azure_Sentinel.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "SecurityRecommendation" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "ZeroTrust(TIC3.0)Black1.PNG", - "ZeroTrust(TIC3.0)White1.PNG" - ], - "version": "1.0.0", - "title": "ZeroTrust(TIC3.0)", - "templateRelativePath": "ZeroTrustTIC3.json", - "subtitle": "", - "provider": "Microsoft" -}, -{ - "workbookKey": "CybersecurityMaturityModelCertification(CMMC)2.0Workbook", - "logoFileName": "Azure_Sentinel.svg", - "description": "Sets the time name for analysis.", - "dataTypesDependencies": [ - "InformationProtectionLogs_CL", - "AuditLogs", - "SecurityIncident", - "SigninLogs", - "AzureActivity" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "CybersecurityMaturityModelCertificationBlack.png", - "CybersecurityMaturityModelCertificationWhite.png" - ], - "version": "1.0.0", - "title": "CybersecurityMaturityModelCertification(CMMC)2.0", - "templateRelativePath": "CybersecurityMaturityModelCertification_CMMCV2.json", - "subtitle": "", - "provider": "Microsoft" -}, -{ - "workbookKey": "NISTSP80053Workbook", - "logoFileName": "Azure_Sentinel.svg", - "description": "Sets the time name for analysis.", - "dataTypesDependencies": [ - "SigninLogs", - "AuditLogs", - "AzureActivity", - "OfficeActivity", - "SecurityEvents", - "CommonSecurityLog", - "SecurityIncident", - "SecurityRecommendation" - ], - "dataConnectorsDependencies": [ - "SecurityEvents" - ], - "previewImagesFileNames": [ - "NISTSP80053Black.png", - "NISTSP80053White.png" - ], - "version": "1.0.0", - "title": "NISTSP80053workbook", - "templateRelativePath": "NISTSP80053.json", - "subtitle": "", - "provider": "Microsoft" -}, -{ - "workbookKey": "DarktraceWorkbook", - "logoFileName": "Darktrace.svg", - "description": "The Darktrace Workbook visualises Model Breach and AI Analyst data received by the Darktrace Data Connector and visualises events across the network, SaaS, IaaS and Email.", - "dataTypesDependencies": [ - "darktrace_model_alerts_CL" - ], - "dataConnectorsDependencies": [ - "DarktraceRESTConnector" - ], - "previewImagesFileNames": [ - "DarktraceWorkbookBlack01.png", - "DarktraceWorkbookBlack02.png", - "DarktraceWorkbookWhite01.png", - "DarktraceWorkbookWhite02.png" - ], - "version": "1.0.1", - "title": "Darktrace", - "templateRelativePath": "DarktraceWorkbook.json", - "subtitle": "", - "provider": "Darktrace" -}, -{ - "workbookKey": "RecordedFutureAlertOverviewWorkbook", - "logoFileName": "RecordedFuture.svg", - "description": "Recorded Future Alerts Overview Workbook. This workbook will visualize playbook alerts imported via the RecordedFuture-Alert-Importer.", - "dataTypesDependencies": [ - "RecordedFuturePortalAlerts_CL" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "RecordedFutureAlertOverviewWhite.png", - "RecordedFutureAlertOverviewBlack.png" - ], - "version": "1.0.1", - "title": "Recorded Future - Alerts Overview", - "templateRelativePath": "RecordedFutureAlertOverview.json", - "subtitle": "", - "provider": "Recorded Future" -}, -{ - "workbookKey": "RecordedFuturePlaybookAlertOverviewWorkbook", - "logoFileName": "RecordedFuture.svg", - "description": "Recorded Future Playbook Alerts Overview Workbook. This workbook will visualize playbook alerts imported via the RecordedFuture-Playbook-Alert-Importer.", - "dataTypesDependencies": [ - "RecordedFuturePlaybookAlerts_CL" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "RecordedFuturePlaybookAlertOverviewWhite1.png", - "RecordedFuturePlaybookAlertOverviewBlack1.png" - ], - "version": "1.0.1", - "title": "Recorded Future - Playbook Alerts Overview", - "templateRelativePath": "RecordedFuturePlaybookAlertOverview.json", - "subtitle": "", - "provider": "Recorded Future" -}, -{ - "workbookKey": "RecordedFutureDomainCorrelationWorkbook", - "logoFileName": "RecordedFuture.svg", - "description": "Recorded Future Domain Correlation Workbook. This workbook will visualize Recorded Future threat intelligence data together with infrastructure logs ingested in to Sentinel.", - "dataTypesDependencies": [ - "ThreatIntelligenceIndicator" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "RecordedFutureDomainCorrelationWhite.png", - "RecordedFutureDomainCorrelationBlack.png" - ], - "version": "1.0.1", - "title": "Recorded Future - Domain Correlation", - "templateRelativePath": "RecordedFutureDomainCorrelation.json", - "subtitle": "", - "provider": "Recorded Future" -}, -{ - "workbookKey": "RecordedFutureHashCorrelationWorkbook", - "logoFileName": "RecordedFuture.svg", - "description": "Recorded Future Hash Correlation Workbook. This workbook will visualize Recorded Future threat intelligence data together with infrastructure logs ingested in to Sentinel.", - "dataTypesDependencies": [ - "ThreatIntelligenceIndicator" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "RecordedFutureHashCorrelationWhite.png", - "RecordedFutureHashCorrelationBlack.png" - ], - "version": "1.0.1", - "title": "Recorded Future - Hash Correlation", - "templateRelativePath": "RecordedFutureHashCorrelation.json", - "subtitle": "", - "provider": "Recorded Future" -}, -{ - "workbookKey": "RecordedFutureIPCorrelationWorkbook", - "logoFileName": "RecordedFuture.svg", - "description": "Recorded Future IP Correlation Workbook. This workbook will visualize Recorded Future threat intelligence data together with infrastructure logs ingested in to Sentinel.", - "dataTypesDependencies": [ - "ThreatIntelligenceIndicator" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "RecordedFutureIPCorrelationWhite.png", - "RecordedFutureIPCorrelationBlack.png" - ], - "version": "1.0.1", - "title": "Recorded Future - IP Correlation", - "templateRelativePath": "RecordedFutureIPCorrelation.json", - "subtitle": "", - "provider": "Recorded Future" -}, -{ - "workbookKey": "RecordedFutureURLCorrelationWorkbook", - "logoFileName": "RecordedFuture.svg", - "description": "Recorded Future URL Correlation Workbook. This workbook will visualize Recorded Future threat intelligence data together with infrastructure logs ingested in to Sentinel.", - "dataTypesDependencies": [ - "ThreatIntelligenceIndicator" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "RecordedFutureUrlCorrelationWhite.png", - "RecordedFutureUrlCorrelationBlack.png" - ], - "version": "1.0.1", - "title": "Recorded Future - URL Correlation", - "templateRelativePath": "RecordedFutureURLCorrelation.json", - "subtitle": "", - "provider": "Recorded Future" -}, -{ - "workbookKey": "RecordedFutureThreatActorHuntingWorkbook", - "logoFileName": "RecordedFuture.svg", - "description": "Recorded Future Threat Actor Hunting Workbook. This workbook will visualize Recorded Future threat map and hunting indicators ingested in to Microsoft Sentinel.", - "dataTypesDependencies": [ - "ThreatIntelligenceIndicator" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "RecordedFutureThreatActorHuntingWhite.png", - "RecordedFutureThreatActorHuntingBlack.png" - ], - "version": "1.0.1", - "title": "Recorded Future - Threat Actor Hunting", - "templateRelativePath": "RecordedFutureThreatActorHunting.json", - "subtitle": "", - "provider": "Recorded Future" -}, -{ - "workbookKey": "RecordedFutureMalwareThreatHuntingWorkbook", - "logoFileName": "RecordedFuture.svg", - "description": "Recorded Future Malware Threat Hunting Workbook. This workbook will visualize Recorded Future malware threat map and hunting indicators ingested in to Microsoft Sentinel.", - "dataTypesDependencies": [ - "ThreatIntelligenceIndicator" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "RecordedFutureMalwareThreatHuntingWhite.png", - "RecordedFutureMalwareThreatHuntingBlack.png" - ], - "version": "1.0.0", - "title": "Recorded Future - Malware Threat Hunting", - "templateRelativePath": "RecordedFutureMalwareThreatHunting.json", - "subtitle": "", - "provider": "Recorded Future" -}, -{ - "workbookKey": "MaturityModelForEventLogManagement_M2131", - "logoFileName": "contrastsecurity_logo.svg", - "description": "Select the time range for this Overview.", - "dataTypesDependencies": [], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "MaturityModelForEventLogManagement_M2131Black.png", - "MaturityModelForEventLogManagement_M2131White.png" - ], - "version": "1.0.0", - "title": "MaturityModelForEventLogManagementM2131", - "templateRelativePath": "MaturityModelForEventLogManagement_M2131.json", - "subtitle": "", - "provider": "Microsoft" -}, -{ - "workbookKey": "AzureSQLSecurityWorkbook", - "logoFileName": "AzureSQL.svg", - "description": "Sets the time window in days to search around the alert", - "dataTypesDependencies": [ - "AzureDiagnostics", - "SecurityAlert", - "SecurityIncident" - ], - "dataConnectorsDependencies": [ - "AzureSql" - ], - "previewImagesFileNames": [""], - "version": "1.0.0", - "title": "Azure SQL Database Workbook", - "templateRelativePath": "Workbook-AzureSQLSecurity.json", - "subtitle": "", - "provider": "Microsoft" -}, -{ - "workbookKey": "ContinuousDiagnostics&Mitigation", - "logoFileName": "Azure_Sentinel.svg", - "description": "Select the time range for this Overview.", - "dataTypesDependencies": [], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "ContinuousDiagnostics&MitigationBlack.png", - "ContinuousDiagnostics&MitigationWhite.png" - ], - "version": "1.0.0", - "title": "ContinuousDiagnostics&Mitigation", - "templateRelativePath": "ContinuousDiagnostics&Mitigation.json", - "subtitle": "", - "provider": "Microsoft" -}, -{ - "workbookKey": "AtlasianJiraAuditWorkbook", - "logoFileName": "atlassian.svg", - "description": "Select the time range for this Overview.", - "dataTypesDependencies": [ - "AtlassianJiraNativePoller_CL" - ], - "dataConnectorsDependencies": [ - "AtlassianJira" - ], - "previewImagesFileNames": [ - "AtlassianJiraAuditBlack.png", - "AtlassianJiraAuditWhite.png" - ], - "version": "1.0.0", - "title": "AtlasianJiraAuditWorkbook", - "templateRelativePath": "AtlasianJiraAuditWorkbook.json", - "subtitle": "", - "provider": "Microsoft" -}, -{ - "workbookKey": "AzureSecurityBenchmark", - "logoFileName": "Azure_Sentinel.svg", - "description": "Azure Security Benchmark v3 Workbook provides a mechanism for viewing log queries, azure resource graph, and policies aligned to ASB controls across Microsoft security offerings, Azure, Microsoft 365, 3rd Party, On-Premises, and Multi-cloud workloads. This workbook enables Security Architects, Engineers, SecOps Analysts, Managers, and IT Pros to gain situational awareness visibility for the security posture of cloud workloads. There are also recommendations for selecting, designing, deploying, and configuring Microsoft offerings for alignment with respective ASB requirements and practices.", - "dataTypesDependencies": [ - "SecurityRegulatoryCompliance", - "AzureDiagnostics", - "SecurityIncident", - "SigninLogs", - "SecurityAlert" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "AzureSecurityBenchmarkBlack.png", - "AzureSecurityBenchmarkWhite.png" - ], - "version": "1.0.0", - "title": "Azure Security Benchmark", - "templateRelativePath": "AzureSecurityBenchmark.json", - "subtitle": "", - "provider": "Microsoft" -}, -{ - "workbookKey": "ZNAccessOrchestratorAudit", - "logoFileName": "ZeroNetworks.svg", - "description": "This workbook provides a summary of ZeroNetworks data.", - "dataTypesDependencies": [ - "ZNAccessOrchestratorAudit_CL", - "ZNAccessOrchestratorAuditNativePoller_CL" - ], - "dataConnectorsDependencies": [ - "ZeroNetworksAccessOrchestratorAuditFunction", - "ZeroNetworksAccessOrchestratorAuditNativePoller" - ], - "previewImagesFileNames": [""], - "version": "1.0.0", - "title": "Zero NetWork", - "templateRelativePath": "ZNSegmentAudit.json", - "subtitle": "", - "provider": "Zero Networks" -}, -{ - "workbookKey": "FireworkWorkbook", - "logoFileName": "Flare.svg", - "description": "Select the time range for this Overview.", - "dataTypesDependencies": [ - "Firework_CL" - ], - "dataConnectorsDependencies": [ - "FlareSystemsFirework" - ], - "previewImagesFileNames": [ - "FireworkOverviewBlack01.png", - "FireworkOverviewBlack02.png", - "FireworkOverviewWhite01.png", - "FireworkOverviewWhite02.png" - ], - "version": "1.0.0", - "title": "FlareSystemsFirework", - "templateRelativePath": "FlareSystemsFireworkOverview.json", - "subtitle": "", - "provider": "Flare Systems" -}, -{ - "workbookKey": "TaniumWorkbook", - "logoFileName": "Tanium.svg", - "description": "Visualize Tanium endpoint and module data", - "dataTypesDependencies": [ - "TaniumComplyCompliance_CL", - "TaniumComplyVulnerabilities_CL", - "TaniumDefenderHealth_CL", - "TaniumDiscoverUnmanagedAssets_CL", - "TaniumHighUptime_CL", - "TaniumMainAsset_CL", - "TaniumPatchListApplicability_CL", - "TaniumPatchListCompliance_CL", - "TaniumSCCMClientHealth_CL", - "TaniumThreatResponse_CL" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "TaniumComplyBlack.png", - "TaniumComplyWhite.png", - "TaniumDiscoverBlack.png", - "TaniumDiscoverWhite.png", - "TaniumMSToolingHealthBlack.png", - "TaniumMSToolingHealthWhite.png", - "TaniumPatchBlack.png", - "TaniumPatchWhite.png", - "TaniumThreatResponseAlertsBlack.png", - "TaniumThreatResponseAlertsWhite.png", - "TaniumThreatResponseBlack.png", - "TaniumThreatResponseWhite.png" - ], - "version": "1.0", - "title": "Tanium Workbook", - "templateRelativePath": "TaniumWorkbook.json", - "subtitle": "", - "provider": "Tanium" -}, -{ - "workbookKey": "ActionableAlertsDashboard", - "logoFileName": "Cybersixgill.svg", - "description": "None.", - "dataTypesDependencies": [ - "CyberSixgill_Alerts_CL" - ], - "dataConnectorsDependencies": [ - "CybersixgillActionableAlerts" - ], - "previewImagesFileNames": [ - "ActionableAlertsDashboardWhite.PNG", - "ActionableAlertsDashboardBlack.PNG" - ], - "version": "1.0.0", - "title": "Cybersixgill Actionable Alerts Dashboard", - "templateRelativePath": "ActionableAlertsDashboard.json", - "subtitle": "", - "provider": "Cybersixgill" -}, -{ - "workbookKey": "ActionableAlertsList", - "logoFileName": "Cybersixgill.svg", - "description": "None.", - "dataTypesDependencies": [ - "CyberSixgill_Alerts_CL" - ], - "dataConnectorsDependencies": [ - "CybersixgillActionableAlerts" - ], - "previewImagesFileNames": [ - "ActionableAlertsListBlack.PNG", - "ActionableAlertsListWhite.PNG"], - "version": "1.0.0", - "title": "Cybersixgill Actionable Alerts List", - "templateRelativePath": "ActionableAlertsList.json", - "subtitle": "", - "provider": "Cybersixgill" -}, -{ - "workbookKey": "ArgosCloudSecurityWorkbook", - "logoFileName": "argos-logo.svg", - "description": "The ARGOS Cloud Security integration for Microsoft Sentinel allows you to have all your important cloud security events in one place.", - "dataTypesDependencies": [ - "ARGOS_CL" - ], - "dataConnectorsDependencies": [ - "ARGOSCloudSecurity" - ], - "previewImagesFileNames": [ - "ARGOSCloudSecurityWorkbookBlack.png", - "ARGOSCloudSecurityWorkbookWhite.png" - ], - "version": "1.0.0", - "title": "ARGOS Cloud Security", - "templateRelativePath": "ARGOSCloudSecurityWorkbook.json", - "subtitle": "", - "provider": "ARGOS Cloud Security" -}, -{ - "workbookKey": "JamfProtectWorkbook", - "logoFileName": "jamf_logo.svg", - "description": "This Jamf Protect Workbook for Microsoft Sentinel enables you to ingest Jamf Protect events forwarded into Microsoft Sentinel.\n Providing reports into all alerts, device controls and Unfied Logs.", - "dataTypesDependencies": [ - "jamfprotect_CL" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "JamfProtectDashboardBlack.png", - "JamfProtectDashboardWhite.png" - ], - "version": "2.0.0", - "title": "Jamf Protect Workbook", - "templateRelativePath": "JamfProtectDashboard.json", - "subtitle": "", - "provider": "Jamf Software, LLC" -}, -{ - "workbookKey": "AIVectraStream", - "logoFileName": "AIVectraDetect.svg", - "description": "", - "dataTypesDependencies": [ - "VectraStream_CL" - ], - "dataConnectorsDependencies": [ - "AIVectraStream" - ], - "previewImagesFileNames": [ - "AIVectraDetectBlack1.png", - "AIVectraDetectWhite1.png" - ], - "version": "1.0.0", - "title": "AIVectraStreamWorkbook", - "templateRelativePath": "AIVectraStreamWorkbook.json", - "subtitle": "", - "provider": "Vectra AI" -}, -{ - "workbookKey": "SecurityScorecardWorkbook", - "logoFileName": "SecurityScorecard-Cybersecurity-Ratings.svg", - "description": "This Workbook provides immediate insight into the data coming from SecurityScorecard's three Sentinel data connectors: SecurityScorecard Cybersecurity Ratings, SecurityScorecard Cybersecurity Ratings - Factors, and SecurityScorecard Cybersecurity Ratings - Issues.", - "dataTypesDependencies": [ - "SecurityScorecardFactor_CL", - "SecurityScorecardIssues_CL", - "SecurityScorecardRatings_CL" - ], - "dataConnectorsDependencies": [ - "SecurityScorecardFactorAzureFunctions", - "SecurityScorecardIssueAzureFunctions", - "SecurityScorecardRatingsAzureFunctions" - ], - "previewImagesFileNames": [ - "SecurityScorecardBlack1.png", - "SecurityScorecardBlack2.png", - "SecurityScorecardBlack3.png", - "SecurityScorecardBlack4.png", - "SecurityScorecardBlack5.png", - "SecurityScorecardBlack6.png", - "SecurityScorecardWhite1.png", - "SecurityScorecardWhite2.png", - "SecurityScorecardWhite3.png", - "SecurityScorecardWhite4.png", - "SecurityScorecardWhite5.png", - "SecurityScorecardWhite6.png" - ], - "version": "1.0.0", - "title": "SecurityScorecard", - "templateRelativePath": "SecurityScorecardWorkbook.json", - "subtitle": "", - "provider": "SecurityScorecard" -}, -{ - "workbookKey": "DigitalShadowsWorkbook", - "logoFileName": "DigitalShadowsLogo.svg", - "description": "For gaining insights into Digital Shadows logs.", - "dataTypesDependencies": [ - "DigitalShadows_CL" - ], - "dataConnectorsDependencies": [ - "DigitalShadowsSearchlightAzureFunctions" - ], - "previewImagesFileNames": [ - "DigitalShadowsBlack1.png", - "DigitalShadowsBlack2.png", - "DigitalShadowsBlack3.png", - "DigitalShadowsWhite1.png", - "DigitalShadowsWhite2.png", - "DigitalShadowsWhite3.png" - ], - "version": "1.0.0", - "title": "Digital Shadows", - "templateRelativePath": "DigitalShadows.json", - "subtitle": "", - "provider": "Digital Shadows" -}, -{ - "workbookKey": "SalesforceServiceCloudWorkbook", - "logoFileName": "salesforce_logo.svg", - "description": "Sets the time name for analysis.", - "dataTypesDependencies": [ - "SalesforceServiceCloud" - ], - "dataConnectorsDependencies": [ - "SalesforceServiceCloud_CL" - ], - "previewImagesFileNames": [""], - "version": "1.0.0", - "title": "Salesforce Service Cloud", - "templateRelativePath": "SalesforceServiceCloud.json", - "subtitle": "", - "provider": "Salesforce" -}, -{ - "workbookKey": "NetworkSessionSolution", - "logoFileName": "Azure_Sentinel.svg", - "description": "This workbook is included as part of Network Session Essentials solution and gives a summary of analyzed traffic, helps with threat analysis and investigating suspicious IP's and traffic analysis. Network Session Essentials Solution also includes playbooks to periodically summarize the logs thus enhancing user experience and improving data search. For the effective usage of workbook, we highly recommend to enable the summarization playbooks that are provided with this solution.", - "dataTypesDependencies": [ - "AWSVPCFlow", - "DeviceNetworkEvents", - "SecurityEvent", - "WindowsEvent", - "CommonSecurityLog", - "Syslog", - "CommonSecurityLog", - "VMConnection", - "AzureDiagnostics", - "AzureDiagnostics", - "CommonSecurityLog", - "Corelight_CL", - "VectraStream", - "CommonSecurityLog", - "CommonSecurityLog", - "Syslog", - "CiscoMerakiNativePoller" - ], - "dataConnectorsDependencies": [ - "AWSS3", - "MicrosoftThreatProtection", - "SecurityEvents", - "WindowsForwardedEvents", - "Zscaler", - "MicrosoftSysmonForLinux", - "PaloAltoNetworks", - "AzureMonitor(VMInsights)", - "AzureFirewall", - "AzureNSG", - "CiscoASA", - "Corelight", - "AIVectraStream", - "CheckPoint", - "Fortinet", - "CiscoMeraki", - "CefAma" - ], - "previewImagesFileNames": [""], - "version": "1.0.0", - "title": "Network Session Essentials", - "templateRelativePath": "NetworkSessionEssentials.json", - "subtitle": "", - "provider": "Microsoft" -}, -{ - "workbookKey": "SAPSODAnalysis", - "logoFileName": "SAPVMIcon.svg", - "description": "SAP SOD Analysis", - "dataTypesDependencies": [ - "SAPAuditLog" - ], - "dataConnectorsDependencies": [ - "SAP" - ], - "previewImagesFileNames": [""], - "version": "2.0.0", - "title": "SAP SOD Analysis", - "templateRelativePath": "SAP - Segregation of Duties v2.0 (by Aliter Consulting).json", - "subtitle": "", - "provider": "Aliter Consulting" -}, -{ - "workbookKey": "TheomWorkbook", - "logoFileName": "theom-logo.svg", - "description": "Theom Alert Statistics", - "dataTypesDependencies": [ - "TheomAlerts_CL" - ], - "dataConnectorsDependencies": [ - "Theom" - ], - "previewImagesFileNames": [ - "TheomWorkbook-black.png", - "TheomWorkbook-white.png" - ], - "version": "1.0.0", - "title": "Theom", - "templateRelativePath": "Theom.json", - "subtitle": "", - "provider": "Theom" -}, -{ - "workbookKey": "DynatraceWorkbooks", - "logoFileName": "dynatrace.svg", - "description": "This workbook brings together queries and visualizations to assist you in identifying potential threats surfaced by Dynatrace.", - "dataTypesDependencies": [ - "DynatraceAttacks", - "DynatraceAuditLogs", - "DynatraceProblems", - "DynatraceRuntimeVulnerabilities" - ], - "dataConnectorsDependencies": [ - "DynatraceAttacks", - "DynatraceAuditLogs", - "DynatraceProblems", - "DynatraceRuntimeVulnerabilities" - ], - "previewImagesFileNames": [ - "DynatraceWorkbookBlack.png", - "DynatraceWorkbookWhite.png" - ], - "version": "3.0.1", - "title": "Dynatrace", - "templateRelativePath": "Dynatrace.json", - "subtitle": "", - "provider": "Dynatrace" -}, -{ - "workbookKey": "MDOWorkbook", - "logoFileName": "Azure_Sentinel.svg", - "description": "Gain extensive insight into your organization's Microsoft Defender for Office Activity by analyzing, and correlating events.\nYou can track malware and phishing detection over time.", - "dataTypesDependencies": [ - "SecurityAlert" - ], - "dataConnectorsDependencies": [ - "MicrosoftThreatProtection" - ], - "previewImagesFileNames": [ - "MDOBlack1.png", - "MDOBlack2.png", - "MDOWhite1.png", - "MDOWhite2.png" - ], - "version": "1.0.0", - "title": "Microsoft Defender XDR MDOWorkbook", - "templateRelativePath": "MDO Insights.json", - "subtitle": "", - "provider": "Microsoft" -}, -{ - "workbookKey": "AnomaliesVisualizationWorkbook", - "logoFileName": "Azure_Sentinel.svg", - "description": "A workbook that provides contextual information to a user for better insight on Anomalies and their impact. The workbook will help with investigation of anomalies as well as identify patterns that can lead to a threat.", - "dataTypesDependencies": [ - "Anomalies" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "AnomaliesVisualizationWorkbookWhite.png", - "AnomaliesVisualizationWorkbookBlack.png" - ], - "version": "1.0.0", - "title": "AnomaliesVisulization", - "templateRelativePath": "AnomaliesVisualization.json", - "subtitle": "", - "provider": "Microsoft Sentinel Community" -}, -{ - "workbookKey": "AnomalyDataWorkbook", - "logoFileName": "Azure_Sentinel.svg", - "description": "A workbook providing details, related Incident, and related Hunting Workbook for a specific Anomaly.", - "dataTypesDependencies": [ - "Anomalies" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "AnomalyDataWorkbookWhite.png", - "AnomalyDataWorkbookBlack.png" - ], - "version": "1.0.0", - "title": "AnomalyData", - "templateRelativePath": "AnomalyData.json", - "subtitle": "", - "provider": "Microsoft Sentinel Community" -}, -{ - "workbookKey": "MicrosoftExchangeLeastPrivilegewithRBAC-Online", - "logoFileName": "Azure_Sentinel.svg", - "description": "This Workbook, dedicated to Exchange Online environments is built to have a simple view of non-standard RBAC delegations on an Exchange Online tenant. This Workbook allow you to go deep dive on custom delegation and roles and also members of each delegation, including the nested level and the group imbrication on your environment.", - "dataTypesDependencies": [ - "ESIExchangeOnlineConfig_CL" - ], - "dataConnectorsDependencies": [ - "ESI-ExchangeOnlineCollector" - ], - "previewImagesFileNames": [ - "MicrosoftExchangeLeastPrivilegewithRBAC-OnlineBlack.png", - "MicrosoftExchangeLeastPrivilegewithRBAC-OnlineWhite.png" - ], - "version": "1.1.0", - "title": "Microsoft Exchange Least Privilege with RBAC - Online", - "templateRelativePath": "Microsoft Exchange Least Privilege with RBAC - Online.json", - "subtitle": "", - "provider": "Microsoft" -}, -{ - "workbookKey": "MicrosoftExchangeLeastPrivilegewithRBAC", - "logoFileName": "Azure_Sentinel.svg", - "description": "This Workbook, dedicated to On-Premises environments is built to have a simple view of non-standard RBAC delegations on an On-Premises Exchange environment. This Workbook allow you to go deep dive on custom delegation and roles and also members of each delegation, including the nested level and the group imbrication on your environment. Required Data Connector: Exchange Security Insights On-Premises Collector.", - "dataTypesDependencies": [ - "ESIExchangeConfig_CL" - ], - "dataConnectorsDependencies": [ - "ESI-ExchangeOnPremisesCollector", - "ESI-ExchangeAdminAuditLogEvents" - ], - "previewImagesFileNames": [ - "MicrosoftExchangeLeastPrivilegewithRBACBlack.png", - "MicrosoftExchangeLeastPrivilegewithRBACWhite.png" - ], - "version": "1.0.1", - "title": "Microsoft Exchange Least Privilege with RBAC", - "templateRelativePath": "Microsoft Exchange Least Privilege with RBAC.json", - "subtitle": "", - "provider": "Microsoft" -}, -{ - "workbookKey": "MicrosoftExchangeSearchAdminAuditLog", - "logoFileName": "Azure_Sentinel.svg", - "description": "This workbook is dedicated to On-Premises Exchange organizations. It uses the MSExchange Management event logs to give you a simple way to view administrators’ activities in your Exchange environment with Cmdlets usage statistics and multiple pivots to understand who and/or what is affected to modifications on your environment. Required Data Connector: Exchange Audit Event logs via Legacy Agent.", - "dataTypesDependencies": [ - "ESIExchangeConfig_CL" - ], - "dataConnectorsDependencies": [ - "ESI-ExchangeOnPremisesCollector", - "ESI-ExchangeAdminAuditLogEvents" - ], - "previewImagesFileNames": [ - "MicrosoftExchangeSearchAdminAuditLogBlack.png", - "MicrosoftExchangeSearchAdminAuditLogWhite.png" - ], - "version": "1.0.1", - "title": "Microsoft Exchange Search AdminAuditLog", - "templateRelativePath": "Microsoft Exchange Search AdminAuditLog.json", - "subtitle": "", - "provider": "Microsoft" -}, -{ - "workbookKey": "MicrosoftExchangeSearchAdminAuditLog-Online", - "logoFileName": "Azure_Sentinel.svg", - "description": "This workbook is dedicated to Online Exchange organizations. It uses the Office Activity logs to give you a simple way to view administrators’ activities in your Exchange environment with Cmdlets usage statistics and multiple pivots to understand who and/or what is affected to modifications on your environment. Required Data Connector: Microsoft 365 (Exchange).", - "dataTypesDependencies": [ - "OfficeActivity" - ], - "dataConnectorsDependencies": [ - "Office365" - ], - "previewImagesFileNames": [ - "MicrosoftExchangeOnlineSearchAdminAuditLogBlack.png", - "MicrosoftExchangeOnlineSearchAdminAuditLogWhite.png" - ], - "version": "1.0.0", - "title": "Microsoft Exchange Search AdminAuditLog - Online", - "templateRelativePath": "Microsoft Exchange Search AdminAuditLog - Online.json", - "subtitle": "", - "provider": "Microsoft" -}, -{ - "workbookKey": "MicrosoftExchangeSecurityMonitoring", - "logoFileName": "Azure_Sentinel.svg", - "description": "This Workbook is dedicated to On-Premises Exchange organizations. It uses the MSExchange Management event logs and Microsoft Exchange Security configuration collected by data connectors. It helps to track admin actions, especially on VIP Users and/or on Sensitive Cmdlets. This workbook allows also to list Exchange Services changes, local account activities and local logon on Exchange Servers. Required Data Connector: Exchange Audit Event logs via Legacy Agent.", - "dataTypesDependencies": [ - "ESIExchangeConfig_CL" - ], - "dataConnectorsDependencies": [ - "ESI-ExchangeOnPremisesCollector", - "ESI-ExchangeAdminAuditLogEvents" - ], - "previewImagesFileNames": [ - "MicrosoftExchangeSecurityMonitoringBlack.png", - "MicrosoftExchangeSecurityMonitoringWhite.png" - ], - "version": "1.0.1", - "title": "Microsoft Exchange Admin Activity", - "templateRelativePath": "Microsoft Exchange Admin Activity.json", - "subtitle": "", - "provider": "Microsoft" -}, -{ - "workbookKey": "MicrosoftExchangeAdminActivity-Online", - "logoFileName": "Azure_Sentinel.svg", - "description": "This Workbook is dedicated to Online Exchange organizations. It uses Office Activity logs. It helps to track admin actions, especially on VIP Users and/or on Sensitive Cmdlets. Required Data Connector: Microsoft 365 (Exchange).", - "dataTypesDependencies": [ - "OfficeActivity" - ], - "dataConnectorsDependencies": [ - "Office365" - ], - "previewImagesFileNames": [ - "MicrosoftExchangeAdminActivity-OnlineBlack.png", - "MicrosoftExchangeAdminActivity-OnlineWhite.png" - ], - "version": "1.0.0", - "title": "Microsoft Exchange Online Admin Activity", - "templateRelativePath": "Microsoft Exchange Admin Activity - Online.json", - "subtitle": "", - "provider": "Microsoft" -}, -{ - "workbookKey": "MicrosoftExchangeSecurityReview-Online", - "logoFileName": "Azure_Sentinel.svg", - "description": "This Workbook is dedicated to Exchange Online tenants. It displays and highlights current Security configuration on various Exchange components specific to Online including delegations, the transport configuration and the linked security risks, and risky protocols.", - "dataTypesDependencies": [ - "ESIExchangeOnlineConfig_CL" - ], - "dataConnectorsDependencies": [ - "ESI-ExchangeOnlineCollector" - ], - "previewImagesFileNames": [ - "MicrosoftExchangeSecurityReview-OnlineBlack.png", - "MicrosoftExchangeSecurityReview-OnlineWhite.png" - ], - "version": "1.1.0", - "title": "Microsoft Exchange Security Review - Online", - "templateRelativePath": "Microsoft Exchange Security Review - Online.json", - "subtitle": "", - "provider": "Microsoft" -}, -{ - "workbookKey": "MicrosoftExchangeSecurityReview", - "logoFileName": "Azure_Sentinel.svg", - "description": "This Workbook is dedicated to On-Premises Exchange organizations. It displays and highlights current Security configuration on various Exchange components including delegations, rights on databases, Exchange and most important AD Groups with members including nested groups, local administrators of servers. This workbook helps also to understand the transport configuration and the linked security risks. Required Data Connector: Exchange Security Insights On-Premises Collector.", - "dataTypesDependencies": [ - "ESIExchangeConfig_CL" - ], - "dataConnectorsDependencies": [ - "ESI-ExchangeOnPremisesCollector", - "ESI-ExchangeAdminAuditLogEvents" - ], - "previewImagesFileNames": [ - "MicrosoftExchangeSecurityReviewBlack.png", - "MicrosoftExchangeSecurityReviewWhite.png" - ], - "version": "1.0.1", - "title": "Microsoft Exchange Security Review", - "templateRelativePath": "Microsoft Exchange Security Review.json", - "subtitle": "", - "provider": "Microsoft" -}, -{ - "workbookKey": "ibossMalwareAndC2Workbook", - "logoFileName": "iboss_logo.svg", - "description": "A workbook providing insights into malware and C2 activity detected by iboss.", - "dataTypesDependencies": [], - "dataConnectorsDependencies": [ - "ibossAma", - "CefAma" - ], - "previewImagesFileNames": [""], - "version": "1.0.0", - "title": "iboss Malware and C2", - "templateRelativePath": "ibossMalwareAndC2.json", - "subtitle": "", - "provider": "iboss" -}, -{ - "workbookKey": "ibossWebUsageWorkbook", - "logoFileName": "iboss_logo.svg", - "description": "A workbook providing insights into web usage activity detected by iboss.", - "dataTypesDependencies": [], - "dataConnectorsDependencies": [ - "ibossAma", - "CefAma" - ], - "previewImagesFileNames": [""], - "version": "1.0.0", - "title": "iboss Web Usage", - "templateRelativePath": "ibossWebUsage.json", - "subtitle": "", - "provider": "iboss" -}, -{ - "workbookKey": "CynerioOverviewWorkbook", - "logoFileName": "Cynerio.svg", - "description": "An overview of Cynerio Security events", - "dataTypesDependencies": ["CynerioEvent_CL"], - "dataConnectorsDependencies": ["CynerioSecurityEvents"], - "previewImagesFileNames": ["CynerioOverviewBlack.png", "CynerioOverviewWhite.png"], - "version": "1.0.0", - "title": "Cynerio Overview Workbook", - "templateRelativePath": "CynerioOverviewWorkbook.json", - "subtitle": "", - "provider": "Cynerio" -}, -{ - "workbookKey": "ReversingLabs-CapabilitiesOverview", - "logoFileName": "reversinglabs.svg", - "description": "The ReversingLabs-CapabilitiesOverview workbook provides a high level look at your threat intelligence capabilities and how they relate to your operations.", - "dataTypesDependencies": [], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "ReversingLabsTiSummary-White.png", - "ReversingLabsTiSummary-Black.png", - "ReversingLabsOpsSummary-White.png", - "ReversingLabsOpsSummary-Black.png" - ], - "version": "1.1.1", - "title": "ReversingLabs-CapabilitiesOverview", - "templateRelativePath": "ReversingLabs-CapabilitiesOverview.json", - "subtitle": "", - "provider": "ReversingLabs" -}, -{ - "workbookKey": "vCenter", - "logoFileName": "Azure_Sentinel.svg", - "description": "This data connector depends on a parser based on Kusto Function **vCenter** to work as expected. [Follow steps to get this Kusto Function](https://aka.ms/sentinel-vCenter-parser)", - "dataTypesDependencies": [ - "vCenter_CL" - ], - "dataConnectorsDependencies": [ - "VMwarevCenter" - ], - "previewImagesFileNames": [""], - "version": "1.0.0", - "title": "vCenter", - "templateRelativePath": "vCenter.json", - "subtitle": "", - "provider": "VMware" -}, -{ - "workbookKey": "SAP-Monitors-AlertsandPerformance", - "logoFileName": "SAPVMIcon.svg", - "description": "SAP -Monitors- Alerts and Performance", - "dataTypesDependencies": [ - "SAPAuditLog" - ], - "dataConnectorsDependencies": [ - "SAP" - ], - "previewImagesFileNames": [""], - "version": "2.0.1", - "title": "SAP -Monitors- Alerts and Performance", - "templateRelativePath": "SAP -Monitors- Alerts and Performance.json", - "subtitle": "", - "provider": "Microsoft" -}, -{ - "workbookKey": "SAP-SecurityAuditlogandInitialAccess", - "logoFileName": "SAPVMIcon.svg", - "description": "SAP -Security Audit log and Initial Access", - "dataTypesDependencies": [ - "SAPAuditLog" - ], - "dataConnectorsDependencies": [ - "SAP" - ], - "previewImagesFileNames": [""], - "version": "2.0.1", - "title": "SAP -Security Audit log and Initial Access", - "templateRelativePath": "SAP -Security Audit log and Initial Access.json", - "subtitle": "", - "provider": "Microsoft" -}, -{ - "workbookKey": "DNSSolutionWorkbook", - "logoFileName": "Azure_Sentinel.svg", - "description": "This workbook is included as part of the DNS Essentials solution and gives a summary of analyzed DNS traffic. It also helps with threat analysis and investigating suspicious Domains, IPs and DNS traffic. DNS Essentials Solution also includes a playbook to periodically summarize the logs, thus enhancing the user experience and improving data search. For effective usage of workbook, we highly recommend enabling the summarization playbook that is provided with this solution.", - "dataTypesDependencies": [], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "DNSDomainWorkbookWhite.png", - "DNSDomainWorkbookBlack.png" - ], - "version": "1.0.0", - "title": "DNS Solution Workbook", - "templateRelativePath": "DNSSolutionWorkbook.json", - "subtitle": "", - "provider": "Microsoft" -}, -{ - "workbookKey": "MicrosoftPowerBIActivityWorkbook", - "logoFileName": "PowerBILogo.svg", - "description": "This workbook provides details on Microsoft PowerBI Activity", - "dataTypesDependencies": [ - "PowerBIActivity" - ], - "dataConnectorsDependencies": [ - "Microsoft PowerBI (Preview)" - ], - "previewImagesFileNames": [ - "MicrosoftPowerBIActivityWorkbookBlack.png", - "MicrosoftPowerBIActivityWorkbookWhite.png" - ], - "version": "1.0.0", - "title": "Microsoft PowerBI Activity Workbook", - "templateRelativePath": "MicrosoftPowerBIActivityWorkbook.json", - "subtitle": "", - "provider": "Microsoft" -}, -{ - "workbookKey": "MicrosoftThreatIntelligenceWorkbook", - "logoFileName": "Azure_Sentinel.svg", - "description": "Gain insights into threat indicators ingestion and search for indicators at scale across Microsoft 1st Party, 3rd Party, On-Premises, Hybrid, and Multi-Cloud Workloads. Indicators Search facilitates a simple interface for finding IP, File, Hash, Sender and more across your data. Seamless pivots to correlate indicators with Microsoft Sentinel: Incidents to make your threat intelligence actionable.", - "dataTypesDependencies": [ - "ThreatIntelligenceIndicator", - "SecurityIncident" - ], - "dataConnectorsDependencies": [ - "ThreatIntelligence", - "ThreatIntelligenceTaxii" - ], - "previewImagesFileNames": [ - "ThreatIntelligenceWhite.png", - "ThreatIntelligenceBlack.png" - ], - "version": "1.0.0", - "title": "Threat Intelligence", - "templateRelativePath": "MicrosoftThreatIntelligence.json", - "subtitle": "", - "provider": "Microsoft" -}, - { - "workbookKey": "MicrosoftDefenderForEndPoint", - "logoFileName": "Azure_Sentinel.svg", - "description": "A wokbook to provide details about Microsoft Defender for Endpoint Advance Hunting to Overview & Analyse data brought through M365 Defender Connector.", - "dataTypesDependencies": [], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "microsoftdefenderforendpointwhite.png", - "microsoftdefenderforendpointblack.png" - ], - "version": "1.0.0", - "title": "Microsoft Defender For EndPoint", - "templateRelativePath": "MicrosoftDefenderForEndPoint.json", - "subtitle": "", - "provider": "Microsoft Sentinel Community" - }, - { - "workbookKey": "MicrosoftSentinelDeploymentandMigrationTracker", - "logoFileName": "Azure_Sentinel.svg", - "description": "Use this workbook as a tool to define, track, and complete key deployment/migraiton tasks for Microsoft Sentinel. This workbook serves as a central hub for monitoring and configuring key areas of the product without having to leave the workbook and start over.", - "dataTypesDependencies": [], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "microsoftsentineldeploymentandmigration-black.png", - "microsoftsentineldeploymentandmigration-white.png" - ], - "version": "1.1.2", - "title": "Microsoft Sentinel Deployment and Migration Tracker", - "templateRelativePath": "MicrosoftSentinelDeploymentandMigrationTracker.json", - "subtitle": "", - "provider": "Microsoft Sentinel Community", - "support": { - "tier": "Community" - }, - "author": { - "name": "Matt Lowe" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ - "Platform" - ] - } - }, - { - "workbookKey": "MicrosoftDefenderForIdentity", - "logoFileName": "Azure_Sentinel.svg", - "description": "Use this workbook to analyse the advance hunting data ingested for Defender For Identity.", - "dataTypesDependencies": [ - "IdentityLogonEvents", - "IdentityQueryEvents", - "IdentityDirectoryEvents", - "SecurityAlert" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "microsoftdefenderforidentity-black.png", - "microsoftdefenderforidentity-white.png" - ], - "version": "1.0.0", - "title": "Microsoft Defender For Identity", - "templateRelativePath": "MicrosoftDefenderForIdentity.json", - "subtitle": "", - "provider": "Microsoft Sentinel Community" - }, -{ - "workbookKey": "EsetProtect", - "logoFileName": "eset-logo.svg", - "description": "Visualize events and threats from Eset protect.", - "dataTypesDependencies": [ - "ESETPROTECT" - ], - "dataConnectorsDependencies": [ - "ESETPROTECT" - ], - "previewImagesFileNames": [ - "ESETPROTECTBlack.png", - "ESETPROTECTWhite.png" - ], - "version": "1.0.0", - "title": "EsetProtect", - "templateRelativePath": "ESETPROTECT.json", - "subtitle": "", - "provider": "Community" -}, -{ - "workbookKey": "CyberArkEPMWorkbook", - "logoFileName": "CyberArk_Logo.svg", - "description": "Sets the time name for analysis", - "dataTypesDependencies": [ - "CyberArkEPM_CL" - ], - "dataConnectorsDependencies": [ - "CyberArkEPM" - ], - "previewImagesFileNames": [ - "CyberArkEPMBlack.png", - "CyberArkEPMWhite.png" - ], - "version": "1.0.0", - "title": "CyberArk EPM", - "templateRelativePath": "CyberArkEPM.json", - "subtitle": "", - "provider": "CyberArk" -}, -{ - "workbookKey": "IncidentTasksWorkbook", - "logoFileName": "Azure_Sentinel.svg", - "description": "Use this workbook to review and modify existing incidents with tasks. This workbook provides views that higlight incident tasks that are open, closed, or deleted, as well as incidents with tasks that are either owned or unassigned. The workbook also provides SOC metrics around incident task performance, such as percentage of incidents without tasks, average time to close tasks, and more.", - "dataTypesDependencies": [], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "Tasks-Black.png", - "Tasks-White.png" -], - "version": "1.1.0", - "title": "Incident Tasks Workbook", - "templateRelativePath": "IncidentTasksWorkbook.json", - "subtitle": "", - "provider": "Microsoft" -}, - { - "workbookKey": "SentinelWorkspaceReconTools", - "logoFileName": "Azure_Sentinel.svg", - "description": "A workbook providing investigation tools for key tables. Good for incident response, tuning, and cost optimizaiton. An attempt to bring the Windows EventViewer experience to the cloud.", - "dataTypesDependencies": [ - "AzureActivity", - "AuditLogs", - "SigninLogs", - "SecurityIncident", - "SecurityAlert", - "CommonSecurityLog", - "Events", - "SecurityEvents", - "Syslog", - "WindowsSecurityEvents" - ], - "dataConnectorsDependencies": [ - "AzureActivity", - "AzureActiveDirectory", - "SecurityEvents", - "WindowsSecurityEvents" - ], - "previewImagesFileNames": [ - "SentinelWorkspaceReconToolsWhite.png", - "SentinelWorkspaceReconToolsBlack.png" - ], - "version": "1.0.1", - "title": "Sentinel Workspace Recon Tools", - "templateRelativePath": "SentinelWorkspaceReconTools.json", - "subtitle": "", - "provider": "Microsoft Sentinel Community", - "support": { - "tier": "Community" - }, - "author": { - "name": "Andrew Blumhardt" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ - "Security - Others" - ] - } - }, - { - "workbookKey": "SyslogOverview", - "logoFileName": "Azure_Sentinel.svg", - "description": "A workbook designed to show an overview about the data ingested through Syslog.", - "dataTypesDependencies": [ - "Syslog" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "syslogoverview-white.png", - "syslogoverview-black.png" - ], - "version": "1.0.0", - "title": "Syslog Overview", - "templateRelativePath": "syslogoverview.json", - "subtitle": "", - "provider": "Microsoft Sentinel Community", - "support": { - "tier": "Community" - }, - "author": { - "name": "Samik Roy" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ - "Application" - ] - } - }, - { - "workbookKey": "SentinelHealth", - "logoFileName": "Azure_Sentinel.svg", - "description": "A workbook to show data fo Sentinel Health.", - "dataTypesDependencies": [ - "SentinelHealth" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "SentinelHealthWhite.png", - "SentinelHealthBlack.png" - ], - "version": "1.0.0", - "title": "Sentinel Health", - "templateRelativePath": "SentinelHealth.json", - "subtitle": "", - "provider": "Microsoft Sentinel Community", - "support": { - "tier": "Microsoft" - }, - "author": { - "name": "Samik Roy" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ "Platform" ] - } - }, - { - "workbookKey": "MicrosoftSentinelCostGBP", - "logoFileName": "Azure_Sentinel.svg", - "description": "This workbook provides an estimated cost in GBP (£) across the main billed items in Microsoft Sentinel: ingestion, retention and automation. It also provides insight about the possible impact of the Microsoft 365 E5 offer.", - "dataTypesDependencies": [], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ "MicrosoftSentinelCostGBPWhite.png", "MicrosoftSentinelCostGBPBlack.png"], - "version": "1.6.1", - "title": "Microsoft Sentinel Cost (GBP)", - "templateRelativePath": "MicrosoftSentinelCostGBP.json", - "subtitle": "", - "provider": "Microsoft Sentinel Community", - "support": { - "tier": "Microsoft" - }, - "author": { - "name": "noodlemctwoodle" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ "Platform" ] - } - }, - { - "workbookKey": "SentinelCosts", - "logoFileName": "Azure_Sentinel.svg", - "description": "A workbook to demonstrate insights into the costs of Sentinel environment.", - "dataTypesDependencies": [], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "SentinelCostsWhite.png", - "SentinelCostsBlack.png" - ], - "version": "1.5.1", - "title": "Sentinel Costs", - "templateRelativePath": "SentinelCosts.json", - "subtitle": "", - "provider": "Microsoft Sentinel Community", - "support": { - "tier": "Microsoft" - }, - "author": { - "name": "Yahya Abulhaj" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ "Platform" ] - } - }, - { - "workbookKey": "AnalyticsHealthAudit", - "logoFileName": "Azure_Sentinel.svg", - "description": "This workbook provides visibility on the health and audit of your analytics rules. You will be able to find out whether an analytics rule is running as expected and get a list of changes made to an analytic rule.", - "dataTypesDependencies": ["SentinelHealth", "SentinelAudit"], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ "AnalyticsHealthAuditWhite.png", "AnalyticsHealthAuditBlack.png" ], - "version": "1.0.0", - "title": "Analytics Health & Audit", - "templateRelativePath": "AnalyticsHealthAudit.json", - "subtitle": "", - "provider": "Microsoft Sentinel Community", - "support": { - "tier": "Microsoft" - }, - "author": { - "name": "Microsoft Corporation" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ - "IT Operations", - "Platform" - ] - } - }, - { - "workbookKey": "AzureLogCoverage", - "logoFileName": "Azure_Sentinel.svg", - "description": "This Workbook pulls the current Azure inventory via Azure Resource Graph explorer and compares it with data written to one or more selected Log Analytics workspaces to determine which resources are sending data and which ones are not. This can be used to expose gaps in your logging coverage and/or identify inactive resources.", - "dataTypesDependencies": [], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "AzureLogCoverageWhite1.png", - "AzureLogCoverageWhite2.png", - "AzureLogCoverageBlack1.png", - "AzureLogCoverageBlack2.png" - ], - "version": "1.1.0", - "title": "Azure Log Coverage", - "templateRelativePath": "AzureLogCoverage.json", - "subtitle": "", - "provider": "Microsoft Sentinel Community", - "support": { - "tier": "Community" - }, - "author": { - "name": "Alex Anders" - }, - "source": { - "kind": "Community" - } - }, + { + "workbookKey": "1PasswordWorkbook", + "logoFileName": "1password.svg", + "description": "Gain insights and comprehensive monitoring into 1Password events data by analyzing traffic and user activities.\nThis workbook provides insights into various 1Password events types.\nYou can use this workbook to get visibility in to your 1Password Security Events and quickly identify threats, anamolies, traffic patterns, application usage, blocked IP addresses and more.", + "dataTypesDependencies": [ + "OnePasswordEventLogs_CL" + ], + "dataConnectorsDependencies": [ + "1Password" + ], + "previewImagesFileNames": [ + "1PasswordLogsBlack1.png", + "1PasswordLogsBlack2.png", + "1PasswordLogsBlack3.png", + "1PasswordLogsBlack4.png", + "1PasswordLogsWhite1.png", + "1PasswordLogsWhite2.png", + "1PasswordLogsWhite3.png", + "1PasswordLogsWhite4.png" + ], + "version": "1.0.0", + "title": "1Password Events Workbook", + "templateRelativePath": "1Password.json", + "subtitle": "", + "provider": "1Password" + }, + { + "workbookKey": "42CrunchAPIProtectionWorkbook", + "logoFileName": "42CrunchLogo.svg", + "description": "Monitor and protect APIs using the 42Crunch API microfirewall", + "dataTypesDependencies": [ + "apifirewall_log_1_CL" + ], + "dataConnectorsDependencies": [ + "42CrunchAPIProtection" + ], + "previewImagesFileNames": [ + "42CrunchInstancesBlack.png", + "42CrunchInstancesWhite.png", + "42CrunchRequestsBlack.png", + "42CrunchRequestsWhite.png", + "42CrunchStatusBlack.png", + "42CrunchStatusWhite.png" + ], + "version": "1.0.0", + "title": "42Crunch API Protection Workbook", + "templateRelativePath": "42CrunchAPIProtectionWorkbook.json", + "subtitle": "", + "provider": "42Crunch" + }, + { + "workbookKey": "AttackSurfaceReduction", + "logoFileName": "M365securityposturelogo.svg", + "description": "This workbook helps you implement the ASR rules of Windows/Defender, and to monitor them over time. The workbook can filter on ASR rules in Audit mode and Block mode.", + "dataTypesDependencies": [ + "DeviceEvents" + ], + "dataConnectorsDependencies": [ + "MicrosoftThreatProtection" + ], + "previewImagesFileNames": [ + "AttackSurfaceReductionWhite.png", + "AttackSurfaceReductionBlack.png" + ], + "version": "1.0.0", + "title": "Attack Surface Reduction Dashboard", + "templateRelativePath": "AttackSurfaceReduction.json", + "subtitle": "", + "provider": "Microsoft Sentinel community" + }, + { + "workbookKey": "ForcepointNGFWAdvanced", + "logoFileName": "FPAdvLogo.svg", + "description": "Gain threat intelligence correlated security and application insights on Forcepoint NGFW (Next Generation Firewall). Monitor Forcepoint logging servers health.", + "dataTypesDependencies": [ + "CommonSecurityLog", + "ThreatIntelligenceIndicator" + ], + "dataConnectorsDependencies": [ + "ForcepointNgfw", + "ThreatIntelligence", + "ForcepointNgfwAma", + "CefAma" + ], + "previewImagesFileNames": [ + "ForcepointNGFWAdvancedWhite.png", + "ForcepointNGFWAdvancedBlack.png" + ], + "version": "1.0.0", + "title": "Forcepoint Next Generation Firewall (NGFW) Advanced Workbook", + "templateRelativePath": "ForcepointNGFWAdvanced.json", + "subtitle": "", + "provider": "Forcepoint" + }, + { + "workbookKey": "AzureActivityWorkbook", + "logoFileName": "azureactivity_logo.svg", + "description": "Gain extensive insight into your organization's Azure Activity by analyzing, and correlating all user operations and events.\nYou can learn about all user operations, trends, and anomalous changes over time.\nThis workbook gives you the ability to drill down into caller activities and summarize detected failure and warning events.", + "dataTypesDependencies": [ + "AzureActivity" + ], + "dataConnectorsDependencies": [ + "AzureActivity" + ], + "previewImagesFileNames": [ + "AzureActivityWhite1.png", + "AzureActivityBlack1.png" + ], + "version": "2.0.0", + "title": "Azure Activity", + "templateRelativePath": "AzureActivity.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "IdentityAndAccessWorkbook", + "logoFileName": "Microsoft_logo.svg", + "description": "Gain insights into Identity and access operations by collecting and analyzing security logs, using the audit and sign-in logs to gather insights into use of Microsoft products.\nYou can view anomalies and trends across login events from all users and machines. This workbook also identifies suspicious entities from login and access events.", + "dataTypesDependencies": [ + "SecurityEvent" + ], + "dataConnectorsDependencies": [ + "SecurityEvents", + "WindowsSecurityEvents" + ], + "previewImagesFileNames": [ + "IdentityAndAccessWhite.png", + "IdentityAndAccessBlack.png" + ], + "version": "1.1.0", + "title": "Identity & Access", + "templateRelativePath": "IdentityAndAccess.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "ConditionalAccessTrendsandChangesWorkbook", + "logoFileName": "Microsoft_logo.svg", + "description": "Gain insights into Conditional Access Trends and Changes.", + "dataTypesDependencies": [ + "SigninLogs" + ], + "dataConnectorsDependencies": [ + "AzureActiveDirectory" + ], + "previewImagesFileNames": [ + "catrendsWhite.png", + "catrendsBlack.png" + ], + "version": "1.0.0", + "title": "Conditional Access Trends and Changes", + "templateRelativePath": "ConditionalAccessTrendsandChanges.json", + "subtitle": "", + "provider": "Microsoft", + "support": { + "tier": "Community" + }, + "author": { + "name": "Microsoft Sentinel Community" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "Identity" + ] + } + }, + { + "workbookKey": "CheckPointWorkbook", + "logoFileName": "checkpoint_logo.svg", + "description": "Gain insights into Check Point network activities, including number of gateways and servers, security incidents, and identify infected hosts.", + "dataTypesDependencies": [ + "CommonSecurityLog" + ], + "dataConnectorsDependencies": [ + "CheckPoint" + ], + "previewImagesFileNames": [ + "CheckPointWhite.png", + "CheckPointBlack.png" + ], + "version": "1.0.0", + "title": "Check Point Software Technologies", + "templateRelativePath": "CheckPoint.json", + "subtitle": "", + "provider": "Check Point" + }, + { + "workbookKey": "CiscoWorkbook", + "logoFileName": "cisco_logo.svg", + "description": "Gain insights into your Cisco ASA firewalls by analyzing traffic, events, and firewall operations.\nThis workbook analyzes Cisco ASA threat events and identifies suspicious ports, users, protocols and IP addresses.\nYou can learn about trends across user and data traffic directions, and drill down into the Cisco filter results.\nEasily detect attacks on your organization by monitoring management operations, such as configuration and logins.", + "dataTypesDependencies": [ + "CommonSecurityLog" + ], + "dataConnectorsDependencies": [ + "CiscoASA" + ], + "previewImagesFileNames": [ + "CiscoWhite.png", + "CiscoBlack.png" + ], + "version": "1.1.0", + "title": "Cisco - ASA", + "templateRelativePath": "Cisco.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "ExchangeOnlineWorkbook", + "logoFileName": "office365_logo.svg", + "description": "Gain insights into Microsoft Exchange online by tracing and analyzing all Exchange operations and user activities.\nThis workbook let you monitor user activities, including logins, account operations, permission changes, and mailbox creations to discover suspicious trends among them.", + "dataTypesDependencies": [ + "OfficeActivity" + ], + "dataConnectorsDependencies": [ + "Office365" + ], + "previewImagesFileNames": [ + "ExchangeOnlineWhite.png", + "ExchangeOnlineBlack.png" + ], + "version": "2.0.0", + "title": "Exchange Online", + "templateRelativePath": "ExchangeOnline.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "CloudNGFW-OverviewWorkbook", + "logoFileName": "paloalto_logo.svg", + "description": "Gain insights and comprehensive monitoring into Azure CloudNGFW by Palo Alto Networks by analyzing traffic and activities.\nThis workbook correlates all Palo Alto data with threat events to identify suspicious entities and relationships.\nYou can learn about trends across user and data traffic, and drill down into Palo Alto Wildfire and filter results.", + "dataTypesDependencies": [ + "fluentbit_CL" + ], + "dataConnectorsDependencies": [ + "CloudNgfwByPAN" + ], + "previewImagesFileNames": [ + "PaloAltoOverviewWhite1.png", + "PaloAltoOverviewBlack1.png", + "PaloAltoOverviewWhite2.png", + "PaloAltoOverviewBlack2.png", + "PaloAltoOverviewWhite3.png", + "PaloAltoOverviewBlack3.png" + ], + "version": "1.2.0", + "title": "Azure CloudNGFW By Palo Alto Networks - Overview", + "templateRelativePath": "CloudNGFW-Overview.json", + "subtitle": "", + "provider": "Palo Alto Networks" + }, + { + "workbookKey": "CloudNGFW-NetworkThreatWorkbook", + "logoFileName": "paloalto_logo.svg", + "description": "Gain insights into Azure CloudNGFW activities by analyzing threat events.\nYou can extract meaningful security information by correlating data between threats, applications, and time.\nThis workbook makes it easy to track malware, vulnerability, and virus log events.", + "dataTypesDependencies": [ + "fluentbit_CL" + ], + "dataConnectorsDependencies": [ + "CloudNgfwByPAN" + ], + "previewImagesFileNames": [ + "PaloAltoNetworkThreatWhite1.png", + "PaloAltoNetworkThreatBlack1.png", + "PaloAltoNetworkThreatWhite2.png", + "PaloAltoNetworkThreatBlack2.png" + ], + "version": "1.2.0", + "title": "Azure CloudNGFW By Palo Alto Networks - Network Threats", + "templateRelativePath": "CloudNGFW-NetworkThreat.json", + "subtitle": "", + "provider": "Palo Alto Networks" + }, + { + "workbookKey": "PaloAltoOverviewWorkbook", + "logoFileName": "paloalto_logo.svg", + "description": "Gain insights and comprehensive monitoring into Palo Alto firewalls by analyzing traffic and activities.\nThis workbook correlates all Palo Alto data with threat events to identify suspicious entities and relationships.\nYou can learn about trends across user and data traffic, and drill down into Palo Alto Wildfire and filter results.", + "dataTypesDependencies": [ + "CommonSecurityLog" + ], + "dataConnectorsDependencies": [ + "PaloAltoNetworks", + "CefAma" + ], + "previewImagesFileNames": [ + "PaloAltoOverviewWhite1.png", + "PaloAltoOverviewBlack1.png", + "PaloAltoOverviewWhite2.png", + "PaloAltoOverviewBlack2.png", + "PaloAltoOverviewWhite3.png", + "PaloAltoOverviewBlack3.png" + ], + "version": "1.2.0", + "title": "Palo Alto overview", + "templateRelativePath": "PaloAltoOverview.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "PaloAltoNetworkThreatWorkbook", + "logoFileName": "paloalto_logo.svg", + "description": "Gain insights into Palo Alto network activities by analyzing threat events.\nYou can extract meaningful security information by correlating data between threats, applications, and time.\nThis workbook makes it easy to track malware, vulnerability, and virus log events.", + "dataTypesDependencies": [ + "CommonSecurityLog" + ], + "dataConnectorsDependencies": [ + "PaloAltoNetworks", + "CefAma" + ], + "previewImagesFileNames": [ + "PaloAltoNetworkThreatWhite1.png", + "PaloAltoNetworkThreatBlack1.png", + "PaloAltoNetworkThreatWhite2.png", + "PaloAltoNetworkThreatBlack2.png" + ], + "version": "1.1.0", + "title": "Palo Alto Network Threat", + "templateRelativePath": "PaloAltoNetworkThreat.json", + "subtitle": "", + "provider": "Palo Alto Networks" + }, + { + "workbookKey": "EsetSMCWorkbook", + "logoFileName": "eset-logo.svg", + "description": "Visualize events and threats from Eset Security Management Center.", + "dataTypesDependencies": [ + "eset_CL" + ], + "dataConnectorsDependencies": [ + "EsetSMC" + ], + "previewImagesFileNames": [ + "esetSMCWorkbook-black.png", + "esetSMCWorkbook-white.png" + ], + "version": "1.0.0", + "title": "Eset Security Management Center Overview", + "templateRelativePath": "esetSMCWorkbook.json", + "subtitle": "", + "provider": "Community", + "support": { + "tier": "Community" + }, + "author": { + "name": "Tomáš Kubica" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "Security - Others" + ] + } + }, + { + "workbookKey": "FortigateWorkbook", + "logoFileName": "fortinet_logo.svg", + "description": "Gain insights into Fortigate firewalls by analyzing traffic and activities.\nThis workbook finds correlations in Fortigate threat events and identifies suspicious ports, users, protocols and IP addresses.\nYou can learn about trends across user and data traffic, and drill down into the Fortigate filter results.\nEasily detect attacks on your organization by monitoring management operations such as configuration and logins.", + "dataTypesDependencies": [ + "CommonSecurityLog" + ], + "dataConnectorsDependencies": [ + "Fortinet", + "CefAma" + ], + "previewImagesFileNames": [ + "FortigateWhite.png", + "FortigateBlack.png" + ], + "version": "1.1.0", + "title": "FortiGate", + "templateRelativePath": "Fortigate.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "DnsWorkbook", + "logoFileName": "dns_logo.svg", + "description": "Gain extensive insight into your organization's DNS by analyzing, collecting and correlating all DNS events.\nThis workbook exposes a variety of information about suspicious queries, malicious IP addresses and domain operations.", + "dataTypesDependencies": [ + "DnsInventory", + "DnsEvents" + ], + "dataConnectorsDependencies": [ + "DNS" + ], + "previewImagesFileNames": [ + "DnsWhite.png", + "DnsBlack.png" + ], + "version": "1.3.0", + "title": "DNS", + "templateRelativePath": "Dns.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "Office365Workbook", + "logoFileName": "office365_logo.svg", + "description": "Gain insights into Office 365 by tracing and analyzing all operations and activities. You can drill down into your SharePoint, OneDrive, and Exchange.\nThis workbook lets you find usage trends across users, files, folders, and mailboxes, making it easier to identify anomalies in your network.", + "dataTypesDependencies": [ + "OfficeActivity" + ], + "dataConnectorsDependencies": [ + "Office365" + ], + "previewImagesFileNames": [ + "Office365White1.png", + "Office365Black1.png", + "Office365White2.png", + "Office365Black2.png", + "Office365White3.png", + "Office365Black3.png" + ], + "version": "2.0.1", + "title": "Office 365", + "templateRelativePath": "Office365.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "SharePointAndOneDriveWorkbook", + "logoFileName": "office365_logo.svg", + "description": "Gain insights into SharePoint and OneDrive by tracing and analyzing all operations and activities.\nYou can view trends across user operation, find correlations between users and files, and identify interesting information such as user IP addresses.", + "dataTypesDependencies": [ + "OfficeActivity" + ], + "dataConnectorsDependencies": [ + "Office365" + ], + "previewImagesFileNames": [ + "SharePointAndOneDriveBlack1.png", + "SharePointAndOneDriveBlack2.png", + "SharePointAndOneDriveWhite1.png", + "SharePointAndOneDriveWhite2.png" + ], + "version": "2.0.0", + "title": "SharePoint & OneDrive", + "templateRelativePath": "SharePointAndOneDrive.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "AzureActiveDirectorySigninLogsWorkbook", + "logoFileName": "azureactivedirectory_logo.svg", + "description": "Gain insights into Microsoft Entra ID by connecting Microsoft Sentinel and using the sign-in logs to gather insights around Microsoft Entra ID scenarios. \nYou can learn about sign-in operations, such as user sign-ins and locations, email addresses, and IP addresses of your users, as well as failed activities and the errors that triggered the failures.", + "dataTypesDependencies": [ + "SigninLogs" + ], + "dataConnectorsDependencies": [ + "AzureActiveDirectory" + ], + "previewImagesFileNames": [ + "AADsigninBlack1.png", + "AADsigninBlack2.png", + "AADsigninWhite1.png", + "AADsigninWhite2.png" + ], + "version": "2.4.0", + "title": "Microsoft Entra ID Sign-in logs", + "templateRelativePath": "AzureActiveDirectorySignins.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "VirtualMachinesInsightsWorkbook", + "logoFileName": "azurevirtualmachine_logo.svg", + "description": "Gain rich insight into your organization's virtual machines from Azure Monitor, which analyzes and correlates data in your VM network. \nYou will get visibility on your VM parameters and behavior, and will be able to trace sent and received data. \nIdentify malicious attackers and their targets, and drill down into the protocols, source and destination IP addresses, countries, and ports the attacks occur across.", + "dataTypesDependencies": [ + "VMConnection", + "ServiceMapComputer_CL", + "ServiceMapProcess_CL" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "VMInsightBlack1.png", + "VMInsightWhite1.png" + ], + "version": "1.3.0", + "title": "VM insights", + "templateRelativePath": "VirtualMachinesInsights.json", + "subtitle": "", + "provider": "Microsoft", + "support": { + "tier": "Microsoft" + }, + "author": { + "name": "Microsoft Corporation" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "IT Operations", + "Platform" + ] + } + }, + { + "workbookKey": "AzureActiveDirectoryAuditLogsWorkbook", + "logoFileName": "azureactivedirectory_logo.svg", + "description": "Gain insights into Microsoft Entra ID by connecting Microsoft Sentinel and using the audit logs to gather insights around Microsoft Entra ID scenarios. \nYou can learn about user operations, including password and group management, device activities, and top active users and apps.", + "dataTypesDependencies": [ + "AuditLogs" + ], + "dataConnectorsDependencies": [ + "AzureActiveDirectory" + ], + "previewImagesFileNames": [ + "AzureADAuditLogsBlack1.png", + "AzureADAuditLogsWhite1.png" + ], + "version": "1.2.0", + "title": "Microsoft Entra ID Audit logs", + "templateRelativePath": "AzureActiveDirectoryAuditLogs.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "ThreatIntelligenceWorkbook", + "logoFileName": "Azure_Sentinel.svg", + "description": "Gain insights into threat indicators ingestion and search for indicators at scale across Microsoft 1st Party, 3rd Party, On-Premises, Hybrid, and Multi-Cloud Workloads. Indicators Search facilitates a simple interface for finding IP, File, Hash, Sender and more across your data. Seamless pivots to correlate indicators with Microsoft Sentinel: Incidents to make your threat intelligence actionable.", + "dataTypesDependencies": [ + "ThreatIntelligenceIndicator", + "SecurityIncident" + ], + "dataConnectorsDependencies": [ + "ThreatIntelligence", + "ThreatIntelligenceTaxii", + "MicrosoftDefenderThreatIntelligence", + "ThreatIntelligenceUploadIndicatorsAPI" + ], + "previewImagesFileNames": [ + "ThreatIntelligenceWhite.png", + "ThreatIntelligenceBlack.png" + ], + "version": "5.0.0", + "title": "Threat Intelligence", + "templateRelativePath": "ThreatIntelligence.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "WebApplicationFirewallOverviewWorkbook", + "logoFileName": "waf_logo.svg", + "description": "Gain insights into your organization's Azure web application firewall (WAF). You will get a general overview of your application gateway firewall and application gateway access events.", + "dataTypesDependencies": [ + "AzureDiagnostics" + ], + "dataConnectorsDependencies": [ + "WAF" + ], + "previewImagesFileNames": [ + "WAFOverviewBlack.png", + "WAFOverviewWhite.png" + ], + "version": "1.1.0", + "title": "Microsoft Web Application Firewall (WAF) - overview", + "templateRelativePath": "WebApplicationFirewallOverview.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "WebApplicationFirewallFirewallEventsWorkbook", + "logoFileName": "waf_logo.svg", + "description": "Gain insights into your organization's Azure web application firewall (WAF). You will get visibility in to your application gateway firewall. You can view anomalies and trends across all firewall event triggers, attack events, blocked URL addresses and more.", + "dataTypesDependencies": [ + "AzureDiagnostics" + ], + "dataConnectorsDependencies": [ + "WAF" + ], + "previewImagesFileNames": [ + "WAFFirewallEventsBlack1.png", + "WAFFirewallEventsBlack2.png", + "WAFFirewallEventsWhite1.png", + "WAFFirewallEventsWhite2.png" + ], + "version": "1.1.0", + "title": "Microsoft Web Application Firewall (WAF) - firewall events", + "templateRelativePath": "WebApplicationFirewallFirewallEvents.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "WebApplicationFirewallGatewayAccessEventsWorkbook", + "logoFileName": "waf_logo.svg", + "description": "Gain insights into your organization's Azure web application firewall (WAF). You will get visibility in to your application gateway access events. You can view anomalies and trends across received and sent data, client IP addresses, URL addresses and more, and drill down into details.", + "dataTypesDependencies": [ + "AzureDiagnostics" + ], + "dataConnectorsDependencies": [ + "WAF" + ], + "previewImagesFileNames": [ + "WAFGatewayAccessEventsBlack1.png", + "WAFGatewayAccessEventsBlack2.png", + "WAFGatewayAccessEventsWhite1.png", + "WAFGatewayAccessEventsWhite2.png" + ], + "version": "1.2.0", + "title": "Microsoft Web Application Firewall (WAF) - gateway access events", + "templateRelativePath": "WebApplicationFirewallGatewayAccessEvents.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "LinuxMachinesWorkbook", + "logoFileName": "azurevirtualmachine_logo.svg", + "description": "Gain insights into your workspaces' Linux machines by connecting Microsoft Sentinel and using the logs to gather insights around Linux events and errors.", + "dataTypesDependencies": [ + "Syslog" + ], + "dataConnectorsDependencies": [ + "Syslog" + ], + "previewImagesFileNames": [ + "LinuxMachinesWhite.png", + "LinuxMachinesBlack.png" + ], + "version": "1.1.0", + "title": "Linux machines", + "templateRelativePath": "LinuxMachines.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "AzureFirewallWorkbook", + "logoFileName": "AzFirewalls.svg", + "description": "Gain insights into Azure Firewall events. You can learn about your application and network rules, see metrics for firewall activities across URLs, ports, and addresses across multiple workspaces.", + "dataTypesDependencies": [ + "AzureDiagnostics" + ], + "dataConnectorsDependencies": [ + "AzureFirewall" + ], + "previewImagesFileNames": [ + "AzureFirewallWorkbookWhite1.PNG", + "AzureFirewallWorkbookBlack1.PNG", + "AzureFirewallWorkbookWhite2.PNG", + "AzureFirewallWorkbookBlack2.PNG", + "AzureFirewallWorkbookWhite3.PNG", + "AzureFirewallWorkbookBlack3.PNG", + "AzureFirewallWorkbookWhite4.PNG", + "AzureFirewallWorkbookBlack4.PNG", + "AzureFirewallWorkbookWhite5.PNG", + "AzureFirewallWorkbookBlack5.PNG" + ], + "version": "1.3.0", + "title": "Azure Firewall", + "templateRelativePath": "AzureFirewallWorkbook.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "AzureFirewallWorkbook-StructuredLogs", + "logoFileName": "AzFirewalls.svg", + "description": "Gain insights into Azure Firewall events using the new Structured Logs for Azure Firewall. You can learn about your application and network rules, see metrics for firewall activities across URLs, ports, and addresses across multiple workspaces.", + "dataTypesDependencies": [ + "AZFWNetworkRule", + "AZFWApplicationRule", + "AZFWDnsQuery", + "AZFWThreatIntel" + ], + "dataConnectorsDependencies": [ + "AzureFirewall" + ], + "previewImagesFileNames": [ + "AzureFirewallWorkbookWhite1.PNG", + "AzureFirewallWorkbookBlack1.PNG", + "AzureFirewallWorkbookWhite2.PNG", + "AzureFirewallWorkbookBlack2.PNG", + "AzureFirewallWorkbookWhite3.PNG", + "AzureFirewallWorkbookBlack3.PNG", + "AzureFirewallWorkbookWhite4.PNG", + "AzureFirewallWorkbookBlack4.PNG", + "AzureFirewallWorkbookWhite5.PNG", + "AzureFirewallWorkbookBlack5.PNG" + ], + "version": "1.0.0", + "title": "Azure Firewall Structured Logs", + "templateRelativePath": "AzureFirewallWorkbook-StructuredLogs.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "AzureDDoSStandardProtection", + "logoFileName": "AzDDoS.svg", + "description": "This workbook visualizes security-relevant Azure DDoS events across several filterable panels. Offering a summary tab, metrics and a investigate tabs across multiple workspaces.", + "dataTypesDependencies": [ + "AzureDiagnostics" + ], + "dataConnectorsDependencies": [ + "DDOS" + ], + "previewImagesFileNames": [ + "AzureDDoSWhite1.PNG", + "AzureDDoSBlack1.PNG", + "AzureDDoSWhite2.PNG", + "AzureDDoSBlack2.PNG", + "AzureDDoSWhite2.PNG", + "AzureDDoSBlack2.PNG" + ], + "version": "1.0.2", + "title": "Azure DDoS Protection Workbook", + "templateRelativePath": "AzDDoSStandardWorkbook.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "MicrosoftCloudAppSecurityWorkbook", + "logoFileName": "Microsoft_logo.svg", + "description": "Using this workbook, you can identify which cloud apps are being used in your organization, gain insights from usage trends and drill down to a specific user and application.", + "dataTypesDependencies": [ + "McasShadowItReporting" + ], + "dataConnectorsDependencies": [ + "MicrosoftCloudAppSecurity" + ], + "previewImagesFileNames": [ + "McasDiscoveryBlack.png", + "McasDiscoveryWhite.png" + ], + "version": "1.2.0", + "title": "Microsoft Cloud App Security - discovery logs", + "templateRelativePath": "MicrosoftCloudAppSecurity.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "F5BIGIPSytemMetricsWorkbook", + "logoFileName": "f5_logo.svg", + "description": "Gain insight into F5 BIG-IP health and performance. This workbook provides visibility of various metrics including CPU, memory, connectivity, throughput and disk utilization.", + "dataTypesDependencies": [ + "F5Telemetry_system_CL", + "F5Telemetry_AVR_CL" + ], + "dataConnectorsDependencies": [ + "F5BigIp" + ], + "previewImagesFileNames": [ + "F5SMBlack.png", + "F5SMWhite.png" + ], + "version": "1.1.0", + "title": "F5 BIG-IP System Metrics", + "templateRelativePath": "F5BIGIPSystemMetrics.json", + "subtitle": "", + "provider": "F5 Networks" + }, + { + "workbookKey": "F5NetworksWorkbook", + "logoFileName": "f5_logo.svg", + "description": "Gain insights into F5 BIG-IP Application Security Manager (ASM), by analyzing traffic and activities.\nThis workbook provides insight into F5's web application firewall events and identifies attack traffic patterns across multiple ASM instances as well as overall BIG-IP health.", + "dataTypesDependencies": [ + "F5Telemetry_LTM_CL", + "F5Telemetry_system_CL", + "F5Telemetry_ASM_CL" + ], + "dataConnectorsDependencies": [ + "F5BigIp" + ], + "previewImagesFileNames": [ + "F5White.png", + "F5Black.png" + ], + "version": "1.1.0", + "title": "F5 BIG-IP ASM", + "templateRelativePath": "F5Networks.json", + "subtitle": "", + "provider": "F5 Networks" + }, + { + "workbookKey": "AzureNetworkWatcherWorkbook", + "logoFileName": "networkwatcher_logo.svg", + "description": "Gain deeper understanding of your organization's Azure network traffic by analyzing, and correlating Network Security Group flow logs. \nYou can trace malicious traffic flows, and drill down into their protocols, source and destination IP addresses, machines, countries, and subnets. \nThis workbook also helps you protect your network by identifying weak NSG rules.", + "dataTypesDependencies": [ + "AzureNetworkAnalytics_CL" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "AzureNetworkWatcherWhite.png", + "AzureNetworkWatcherBlack.png" + ], + "version": "1.1.0", + "title": "Azure Network Watcher", + "templateRelativePath": "AzureNetworkWatcher.json", + "subtitle": "", + "provider": "Microsoft", + "support": { + "tier": "Microsoft" + }, + "author": { + "name": "Microsoft Corporation" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "Security - Network" + ] + } + }, + { + "workbookKey": "ZscalerFirewallWorkbook", + "logoFileName": "zscaler_logo.svg", + "description": "Gain insights into your ZIA cloud firewall logs by connecting to Microsoft Sentinel.\nThe Zscaler firewall overview workbook provides an overview and ability to drill down into all cloud firewall activity in your Zscaler instance including non-web related networking events, security events, firewall rules, and bandwidth consumption", + "dataTypesDependencies": [ + "CommonSecurityLog" + ], + "dataConnectorsDependencies": [ + "Zscaler", + "CefAma" + ], + "previewImagesFileNames": [ + "ZscalerFirewallWhite1.png", + "ZscalerFirewallBlack1.png", + "ZscalerFirewallWhite2.png", + "ZscalerFirewallBlack2.png" + ], + "version": "1.1.0", + "title": "Zscaler Firewall", + "templateRelativePath": "ZscalerFirewall.json", + "subtitle": "", + "provider": "Zscaler" + }, + { + "workbookKey": "ZscalerWebOverviewWorkbook", + "logoFileName": "zscaler_logo.svg", + "description": "Gain insights into your ZIA web logs by connecting to Microsoft Sentinel.\nThe Zscaler web overview workbook provides a bird's eye view and ability to drill down into all the security and networking events related to web transactions, types of devices, and bandwidth consumption.", + "dataTypesDependencies": [ + "CommonSecurityLog" + ], + "dataConnectorsDependencies": [ + "Zscaler", + "CefAma" + ], + "previewImagesFileNames": [ + "ZscalerWebOverviewWhite.png", + "ZscalerWebOverviewBlack.png" + ], + "version": "1.1.0", + "title": "Zscaler Web Overview", + "templateRelativePath": "ZscalerWebOverview.json", + "subtitle": "", + "provider": "Zscaler" + }, + { + "workbookKey": "ZscalerThreatsOverviewWorkbook", + "logoFileName": "zscaler_logo.svg", + "description": "Gain insights into threats blocked by Zscaler Internet access on your network.\nThe Zscaler threat overview workbook shows your entire threat landscape including blocked malware, IPS/AV rules, and blocked cloud apps. Threats are displayed by threat categories, filetypes, inbound vs outbound threats, usernames, user location, and more.", + "dataTypesDependencies": [ + "CommonSecurityLog" + ], + "dataConnectorsDependencies": [ + "Zscaler", + "CefAma" + ], + "previewImagesFileNames": [ + "ZscalerThreatsWhite.png", + "ZscalerThreatsBlack.png" + ], + "version": "1.2.0", + "title": "Zscaler Threats", + "templateRelativePath": "ZscalerThreats.json", + "subtitle": "", + "provider": "Zscaler" + }, + { + "workbookKey": "ZscalerOffice365AppsWorkbook", + "logoFileName": "zscaler_logo.svg", + "description": "Gain insights into Office 365 use on your network.\nThe Zscaler Office 365 overview workbook shows you the Microsoft apps running on your network and their individual bandwidth consumption. It also helps identify phishing attempts in which attackers disguised themselves as Microsoft services.", + "dataTypesDependencies": [ + "CommonSecurityLog" + ], + "dataConnectorsDependencies": [ + "Zscaler", + "CefAma" + ], + "previewImagesFileNames": [ + "ZscalerOffice365White.png", + "ZscalerOffice365Black.png" + ], + "version": "1.1.0", + "title": "Zscaler Office365 Apps", + "templateRelativePath": "ZscalerOffice365Apps.json", + "subtitle": "", + "provider": "Zscaler" + }, + { + "workbookKey": "InsecureProtocolsWorkbook", + "logoFileName": "Microsoft_logo.svg", + "description": "Gain insights into insecure protocol traffic by collecting and analyzing security events from Microsoft products.\nYou can view analytics and quickly identify use of weak authentication as well as sources of legacy protocol traffic, like NTLM and SMBv1.\nYou will also have the ability to monitor use of weak ciphers, allowing you to find weak spots in your organization's security.", + "dataTypesDependencies": [ + "SecurityEvent", + "Event", + "SigninLogs" + ], + "dataConnectorsDependencies": [ + "SecurityEvents", + "AzureActiveDirectory", + "WindowsSecurityEvents" + ], + "previewImagesFileNames": [ + "InsecureProtocolsWhite1.png", + "InsecureProtocolsBlack1.png", + "InsecureProtocolsWhite2.png", + "InsecureProtocolsBlack2.png" + ], + "version": "2.1.0", + "title": "Insecure Protocols", + "templateRelativePath": "InsecureProtocols.json", + "subtitle": "", + "provider": "Microsoft", + "support": { + "tier": "Microsoft" + }, + "author": { + "name": "Microsoft Corporation" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "Security - Others" + ] + } + }, + { + "workbookKey": "usecasemapper", + "logoFileName": "ucasemapper.svg", + "description": "A simple tool to map Use Cases to Content Hub relevant Microsoft Sentinel solutions", + "previewImagesFileNames": [ + "useCaseMapperWhite1.png", + "useCaseMapperWhite2.png", + "useCaseMapperWhite3.png", + "useCaseMapperBlack1.png", + "useCaseMapperBlack2.png", + "useCaseMapperBlack3.png" + ], + "version": "1.0.0", + "title": "Use Case Mapper", + "templateRelativePath": "usecasemapper.json", + "dataTypesDependencies": [], + "dataConnectorsDependencies": [], + "subtitle": "", + "provider": "Microsoft Sentinel community", + "support": { + "tier": "Community" + }, + "author": { + "name": "Microsoft Sentinel Community" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "Security - Cloud Security" + ] + } + }, + { + "workbookKey": "AzureInformationProtectionWorkbook", + "logoFileName": "informationProtection.svg", + "description": "The Azure Information Protection Usage report workbook provides information on the volume of labeled and protected documents and emails over time, label distribution of files by label type, along with where the label was applied.", + "dataTypesDependencies": [ + "SecurityEvent", + "Event", + "SigninLogs" + ], + "dataConnectorsDependencies": [ + "SecurityEvents", + "AzureActiveDirectory", + "WindowsSecurityEvents" + ], + "previewImagesFileNames": [ + "InsecureProtocolsWhite1.png", + "InsecureProtocolsBlack1.png", + "InsecureProtocolsWhite2.png", + "InsecureProtocolsBlack2.png" + ], + "version": "2.1.0", + "title": "Insecure Protocols", + "templateRelativePath": "InsecureProtocols.json", + "subtitle": "", + "provider": "Microsoft", + "support": { + "tier": "Microsoft" + }, + "author": { + "name": "Amit Bergman" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "Security - Others" + ] + } + }, + { + "workbookKey": "AmazonWebServicesNetworkActivitiesWorkbook", + "logoFileName": "amazon_web_services_Logo.svg", + "description": "Gain insights into AWS network related resource activities, including the creation, update, and deletions of security groups, network ACLs and routes, gateways, elastic load balancers, VPCs, subnets, and network interfaces.", + "dataTypesDependencies": [ + "AWSCloudTrail" + ], + "dataConnectorsDependencies": [ + "AWS" + ], + "previewImagesFileNames": [ + "AwsNetworkActivitiesWhite.png", + "AwsNetworkActivitiesBlack.png" + ], + "version": "1.0.0", + "title": "AWS Network Activities", + "templateRelativePath": "AmazonWebServicesNetworkActivities.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "AmazonWebServicesUserActivitiesWorkbook", + "logoFileName": "amazon_web_services_Logo.svg", + "description": "Gain insights into AWS user activities, including failed sign-in attempts, IP addresses, regions, user agents, and identity types, as well as potential malicious user activities with assumed roles.", + "dataTypesDependencies": [ + "AWSCloudTrail" + ], + "dataConnectorsDependencies": [ + "AWS" + ], + "previewImagesFileNames": [ + "AwsUserActivitiesWhite.png", + "AwsUserActivitiesBlack.png" + ], + "version": "1.0.0", + "title": "AWS User Activities", + "templateRelativePath": "AmazonWebServicesUserActivities.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "TrendMicroDeepSecurityAttackActivityWorkbook", + "logoFileName": "trendmicro_logo.svg", + "description": "Visualize and gain insights into the MITRE ATT&CK related activity detected by Trend Micro Deep Security.", + "dataTypesDependencies": [ + "CommonSecurityLog" + ], + "dataConnectorsDependencies": [ + "TrendMicro", + "CefAma" + ], + "previewImagesFileNames": [ + "TrendMicroDeepSecurityAttackActivityWhite.png", + "TrendMicroDeepSecurityAttackActivityBlack.png" + ], + "version": "1.0.0", + "title": "Trend Micro Deep Security ATT&CK Related Activity", + "templateRelativePath": "TrendMicroDeepSecurityAttackActivity.json", + "subtitle": "", + "provider": "Trend Micro" + }, + { + "workbookKey": "TrendMicroDeepSecurityOverviewWorkbook", + "logoFileName": "trendmicro_logo.svg", + "description": "Gain insights into your Trend Micro Deep Security security event data by visualizing your Deep Security Anti-Malware, Firewall, Integrity Monitoring, Intrusion Prevention, Log Inspection, and Web Reputation event data.", + "dataTypesDependencies": [ + "CommonSecurityLog" + ], + "dataConnectorsDependencies": [ + "TrendMicro", + "CefAma" + ], + "previewImagesFileNames": [ + "TrendMicroDeepSecurityOverviewWhite1.png", + "TrendMicroDeepSecurityOverviewBlack1.png", + "TrendMicroDeepSecurityOverviewWhite2.png", + "TrendMicroDeepSecurityOverviewBlack2.png" + ], + "version": "1.0.0", + "title": "Trend Micro Deep Security Events", + "templateRelativePath": "TrendMicroDeepSecurityOverview.json", + "subtitle": "", + "provider": "Trend Micro" + }, + { + "workbookKey": "ExtraHopDetectionSummaryWorkbook", + "logoFileName": "extrahop_logo.svg", + "description": "Gain insights into ExtraHop Reveal(x) detections by analyzing traffic and activities.\nThis workbook provides an overview of security detections in your organization's network, including high-risk detections and top participants.", + "dataTypesDependencies": [ + "CommonSecurityLog" + ], + "dataConnectorsDependencies": [ + "ExtraHopNetworks", + "ExtraHopNetworksAma", + "CefAma" + ], + "previewImagesFileNames": [ + "ExtrahopWhite.png", + "ExtrahopBlack.png" + ], + "version": "1.0.0", + "title": "ExtraHop", + "templateRelativePath": "ExtraHopDetectionSummary.json", + "subtitle": "", + "provider": "ExtraHop Networks" + }, + { + "workbookKey": "BarracudaCloudFirewallWorkbook", + "logoFileName": "barracuda_logo.svg", + "description": "Gain insights into your Barracuda CloudGen Firewall by analyzing firewall operations and events.\nThis workbook provides insights into rule enforcement, network activities, including number of connections, top users, and helps you identify applications that are popular on your network.", + "dataTypesDependencies": [ + "CommonSecurityLog", + "Syslog" + ], + "dataConnectorsDependencies": [ + "BarracudaCloudFirewall", + "SyslogAma" + ], + "previewImagesFileNames": [ + "BarracudaWhite1.png", + "BarracudaBlack1.png", + "BarracudaWhite2.png", + "BarracudaBlack2.png" + ], + "version": "1.0.0", + "title": "Barracuda CloudGen FW", + "templateRelativePath": "Barracuda.json", + "subtitle": "", + "provider": "Barracuda" + }, + { + "workbookKey": "CitrixWorkbook", + "logoFileName": "citrix_logo.svg", + "description": "Citrix Analytics for Security aggregates and correlates information across network traffic, users, files and endpoints in Citrix environments. This generates actionable insights that enable Citrix administrators and security teams to remediate user security threats through automation while optimizing IT operations. Machine learning and artificial intelligence empowers Citrix Analytics for Security to identify and take automated action to prevent data exfiltration. While delivered as a cloud service, Citrix Analytics for Security can generate insights from resources located on-premises, in the cloud, or in hybrid architectures. The Citrix Analytics Workbook further enhances the value of both your Citrix Analytics for Security and Microsoft Sentinel. The Workbook enables you to integrate data sources together, helping you gain even richer insights. It also gives Security Operations (SOC) teams the ability to correlate data from disparate logs, helping you identify and proactively remediate security risk quickly. Additionally, valuable dashboards that were unique to the Citrix Analytics for Security can now be implemented in Sentinel. You can also create new custom Workbooks that were not previously available, helping extend the value of both investments.", + "dataTypesDependencies": [ + "CitrixAnalytics_userProfile_CL", + "CitrixAnalytics_riskScoreChange_CL", + "CitrixAnalytics_indicatorSummary_CL", + "CitrixAnalytics_indicatorEventDetails_CL" + ], + "dataConnectorsDependencies": [ + "Citrix" + ], + "previewImagesFileNames": [ + "CitrixWhite.png", + "CitrixBlack.png" + ], + "version": "2.1.0", + "title": "Citrix Analytics", + "templateRelativePath": "Citrix.json", + "subtitle": "", + "provider": "Citrix Systems Inc." + }, + { + "workbookKey": "OneIdentityWorkbook", + "logoFileName": "oneIdentity_logo.svg", + "description": "This simple workbook gives an overview of sessions going through your SafeGuard for Privileged Sessions device.", + "dataTypesDependencies": [ + "CommonSecurityLog" + ], + "dataConnectorsDependencies": [ + "OneIdentity" + ], + "previewImagesFileNames": [ + "OneIdentityWhite.png", + "OneIdentityBlack.png" + ], + "version": "1.0.0", + "title": "One Identity", + "templateRelativePath": "OneIdentity.json", + "subtitle": "", + "provider": "One Identity LLC.", + "support": { + "tier": "Community" + }, + "author": { + "name": "Amit Bergman" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "Identity" + ] + } + }, + { + "workbookKey": "SecurityStatusWorkbook", + "logoFileName": "Azure_Sentinel.svg", + "description": "This workbook gives an overview of Security Settings for VMs and Azure Arc.", + "dataTypesDependencies": [ + "CommonSecurityLog", + "SecurityEvent", + "Syslog" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "AzureSentinelSecurityStatusBlack.png", + "AzureSentinelSecurityStatusWhite.png" + ], + "version": "1.3.0", + "title": "Security Status", + "templateRelativePath": "SecurityStatus.json", + "subtitle": "", + "provider": "Microsoft", + "author": { + "name": "Microsoft" + }, + "support": { + "tier": "Microsoft" + }, + "categories": { + "verticals": [], + "domains": [ + "IT Operations", + "Security - Others", + "Compliance" + ] + } + }, + { + "workbookKey": "AzureSentinelSecurityAlertsWorkbook", + "logoFileName": "Azure_Sentinel.svg", + "description": "Security Alerts dashboard for alerts in your Microsoft Sentinel environment.", + "dataTypesDependencies": [ + "SecurityAlert" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "AzureSentinelSecurityAlertsWhite.png", + "AzureSentinelSecurityAlertsBlack.png" + ], + "version": "1.1.0", + "title": "Security Alerts", + "templateRelativePath": "AzureSentinelSecurityAlerts.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "SquadraTechnologiesSecRMMWorkbook", + "logoFileName": "SquadraTechnologiesLogo.svg", + "description": "This workbook gives an overview of security data for removable storage activity such as USB thumb drives and USB connected mobile devices.", + "dataTypesDependencies": [ + "secRMM_CL" + ], + "dataConnectorsDependencies": [ + "SquadraTechnologiesSecRmm" + ], + "previewImagesFileNames": [ + "SquadraTechnologiesSecRMMWhite.PNG", + "SquadraTechnologiesSecRMMBlack.PNG" + ], + "version": "1.0.0", + "title": "Squadra Technologies SecRMM - USB removable storage security", + "templateRelativePath": "SquadraTechnologiesSecRMM.json", + "subtitle": "", + "provider": "Squadra Technologies" + }, + { + "workbookKey": "IoT-Alerts", + "logoFileName": "IoTIcon.svg", + "description": "Gain insights into your IoT data workloads from Azure IoT Hub managed deployments, monitor alerts across all your IoT Hub deployments, detect devices at risk and act upon potential threats.", + "dataTypesDependencies": [ + "SecurityAlert" + ], + "dataConnectorsDependencies": [ + "IoT" + ], + "previewImagesFileNames": [ + "IOTBlack1.png", + "IOTWhite1.png" + ], + "version": "1.2.0", + "title": "Azure Defender for IoT Alerts", + "templateRelativePath": "IOT_Alerts.json", + "subtitle": "", + "provider": "Microsoft", + "support": { + "tier": "Community" + }, + "author": { + "name": "morshabi" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "Internet of Things (IoT)" + ] + } + }, + { + "workbookKey": "IoTAssetDiscovery", + "logoFileName": "IoTIcon.svg", + "description": "IoT Devices asset discovery from Firewall logs By Azure Defender for IoT", + "dataTypesDependencies": [ + "CommonSecurityLog" + ], + "dataConnectorsDependencies": [ + "Fortinet" + ], + "previewImagesFileNames": [ + "workbook-iotassetdiscovery-screenshot-Black.PNG", + "workbook-iotassetdiscovery-screenshot-White.PNG" + ], + "version": "1.0.0", + "title": "IoT Asset Discovery", + "templateRelativePath": "IoTAssetDiscovery.json", + "subtitle": "", + "provider": "Microsoft", + "support": { + "tier": "Community" + }, + "author": { + "name": "jomeczyk" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "Internet of Things (IoT)" + ] + } + }, + { + "workbookKey": "ForcepointCASBWorkbook", + "logoFileName": "FP_Green_Emblem_RGB-01.svg", + "description": "Get insights on user risk with the Forcepoint CASB (Cloud Access Security Broker) workbook.", + "dataTypesDependencies": [ + "CommonSecurityLog" + ], + "dataConnectorsDependencies": [ + "ForcepointCasb", + "ForcepointCasbAma", + "CefAma" + ], + "previewImagesFileNames": [ + "ForcepointCASBWhite.png", + "ForcepointCASBBlack.png" + ], + "version": "1.0.0", + "title": "Forcepoint Cloud Access Security Broker (CASB)", + "templateRelativePath": "ForcepointCASB.json", + "subtitle": "", + "provider": "Forcepoint" + }, + { + "workbookKey": "ForcepointNGFWWorkbook", + "logoFileName": "FP_Green_Emblem_RGB-01.svg", + "description": "Get insights on firewall activities with the Forcepoint NGFW (Next Generation Firewall) workbook.", + "dataTypesDependencies": [ + "CommonSecurityLog" + ], + "dataConnectorsDependencies": [ + "ForcepointNgfw", + "ForcepointNgfwAma", + "CefAma" + ], + "previewImagesFileNames": [ + "ForcepointNGFWWhite.png", + "ForcepointNGFWBlack.png" + ], + "version": "1.0.0", + "title": "Forcepoint Next Generation Firewall (NGFW)", + "templateRelativePath": "ForcepointNGFW.json", + "subtitle": "", + "provider": "Forcepoint" + }, + { + "workbookKey": "ForcepointDLPWorkbook", + "logoFileName": "FP_Green_Emblem_RGB-01.svg", + "description": "Get insights on DLP incidents with the Forcepoint DLP (Data Loss Prevention) workbook.", + "dataTypesDependencies": [ + "ForcepointDLPEvents_CL" + ], + "dataConnectorsDependencies": [ + "ForcepointDlp" + ], + "previewImagesFileNames": [ + "ForcepointDLPWhite.png", + "ForcepointDLPBlack.png" + ], + "version": "1.0.0", + "title": "Forcepoint Data Loss Prevention (DLP)", + "templateRelativePath": "ForcepointDLP.json", + "subtitle": "", + "provider": "Forcepoint" + }, + { + "workbookKey": "ZimperiumMTDWorkbook", + "logoFileName": "ZIMPERIUM-logo_square2.svg", + "description": "This workbook provides insights on Zimperium Mobile Threat Defense (MTD) threats and mitigations.", + "dataTypesDependencies": [ + "ZimperiumThreatLog_CL", + "ZimperiumMitigationLog_CL" + ], + "dataConnectorsDependencies": [ + "ZimperiumMtdAlerts" + ], + "previewImagesFileNames": [ + "ZimperiumWhite.png", + "ZimperiumBlack.png" + ], + "version": "1.0.0", + "title": "Zimperium Mobile Threat Defense (MTD)", + "templateRelativePath": "ZimperiumWorkbooks.json", + "subtitle": "", + "provider": "Zimperium" + }, + { + "workbookKey": "AzureAuditActivityAndSigninWorkbook", + "logoFileName": "azureactivedirectory_logo.svg", + "description": "Gain insights into Microsoft Entra ID Audit, Activity and Signins with one workbook. This workbook can be used by Security and Azure administrators.", + "dataTypesDependencies": [ + "AzureActivity", + "AuditLogs", + "SigninLogs" + ], + "dataConnectorsDependencies": [ + "AzureActiveDirectory" + ], + "previewImagesFileNames": [ + "AzureAuditActivityAndSigninWhite1.png", + "AzureAuditActivityAndSigninWhite2.png", + "AzureAuditActivityAndSigninBlack1.png", + "AzureAuditActivityAndSigninBlack2.png" + ], + "version": "1.3.0", + "title": "Azure AD Audit, Activity and Sign-in logs", + "templateRelativePath": "AzureAuditActivityAndSignin.json", + "subtitle": "", + "provider": "Microsoft Sentinel community", + "support": { + "tier": "Community" + }, + "author": { + "name": "Sem Tijsseling" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "Identity" + ] + } + }, + { + "workbookKey": "WindowsFirewall", + "logoFileName": "Microsoft_logo.svg", + "description": "Gain insights into Windows Firewall logs in combination with security and Azure signin logs", + "dataTypesDependencies": [ + "WindowsFirewall", + "SecurityEvent", + "SigninLogs" + ], + "dataConnectorsDependencies": [ + "SecurityEvents", + "WindowsFirewall", + "WindowsSecurityEvents" + ], + "previewImagesFileNames": [ + "WindowsFirewallWhite1.png", + "WindowsFirewallWhite2.png", + "WindowsFirewallBlack1.png", + "WindowsFirewallBlack2.png" + ], + "version": "1.0.0", + "title": "Windows Firewall", + "templateRelativePath": "WindowsFirewall.json", + "subtitle": "", + "provider": "Microsoft Sentinel community" + }, + { + "workbookKey": "EventAnalyzerwWorkbook", + "logoFileName": "Azure_Sentinel.svg", + "description": "The Event Analyzer workbook allows to explore, audit and speed up analysis of Windows Event Logs, including all event details and attributes, such as security, application, system, setup, directory service, DNS and others.", + "dataTypesDependencies": [ + "SecurityEvent" + ], + "dataConnectorsDependencies": [ + "SecurityEvents", + "WindowsSecurityEvents" + ], + "previewImagesFileNames": [ + "EventAnalyzer-Workbook-White.png", + "EventAnalyzer-Workbook-Black.png" + ], + "version": "1.0.0", + "title": "Event Analyzer", + "templateRelativePath": "EventAnalyzer.json", + "subtitle": "", + "provider": "Microsoft Sentinel community" + }, + { + "workbookKey": "ASC-ComplianceandProtection", + "logoFileName": "Azure_Sentinel.svg", + "description": "Gain insight into regulatory compliance, alert trends, security posture, and more with this workbook based on Azure Security Center data.", + "dataTypesDependencies": [ + "SecurityAlert", + "ProtectionStatus", + "SecurityRecommendation", + "SecurityBaseline", + "SecurityBaselineSummary", + "Update", + "ConfigurationChange" + ], + "dataConnectorsDependencies": [ + "AzureSecurityCenter" + ], + "previewImagesFileNames": [ + "ASCCaPBlack.png", + "ASCCaPWhite.png" + ], + "version": "1.2.0", + "title": "ASC Compliance and Protection", + "templateRelativePath": "ASC-ComplianceandProtection.json", + "subtitle": "", + "provider": "Microsoft Sentinel community", + "support": { + "tier": "Community" + }, + "author": { + "name": "Matt Lowe" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "Security - Cloud Security" + ] + } + }, + { + "workbookKey": "AIVectraDetectWorkbook", + "logoFileName": "AIVectraDetect.svg", + "description": "Start investigating network attacks surfaced by Vectra Detect directly from Sentinel. View critical hosts, accounts, campaigns and detections. Also monitor Vectra system health and audit logs.", + "dataTypesDependencies": [ + "CommonSecurityLog" + ], + "dataConnectorsDependencies": [ + "AIVectraDetect", + "CefAma" + ], + "previewImagesFileNames": [ + "AIVectraDetectWhite1.png", + "AIVectraDetectBlack1.png" + ], + "version": "1.1.1", + "title": "Vectra AI Detect", + "templateRelativePath": "AIVectraDetectWorkbook.json", + "subtitle": "", + "provider": "Vectra AI" + }, + { + "workbookKey": "Perimeter81OverviewWorkbook", + "logoFileName": "Perimeter81_Logo.svg", + "description": "Gain insights and comprehensive monitoring into your Perimeter 81 account by analyzing activities.", + "dataTypesDependencies": [ + "Perimeter81_CL" + ], + "dataConnectorsDependencies": [ + "Perimeter81ActivityLogs" + ], + "previewImagesFileNames": [ + "Perimeter81OverviewWhite1.png", + "Perimeter81OverviewBlack1.png", + "Perimeter81OverviewWhite2.png", + "Perimeter81OverviewBlack2.png" + ], + "version": "1.0.0", + "title": "Perimeter 81 Overview", + "templateRelativePath": "Perimeter81OverviewWorkbook.json", + "subtitle": "", + "provider": "Perimeter 81" + }, + { + "workbookKey": "SymantecProxySGWorkbook", + "logoFileName": "symantec_logo.svg", + "description": "Gain insight into Symantec ProxySG by analyzing, collecting and correlating proxy data.\nThis workbook provides visibility into ProxySG Access logs", + "dataTypesDependencies": [ + "Syslog" + ], + "dataConnectorsDependencies": [ + "SymantecProxySG", + "SyslogAma" + ], + "previewImagesFileNames": [ + "SymantecProxySGWhite.png", + "SymantecProxySGBlack.png" + ], + "version": "1.0.0", + "title": "Symantec ProxySG", + "templateRelativePath": "SymantecProxySG.json", + "subtitle": "", + "provider": "Symantec" + }, + { + "workbookKey": "IllusiveASMWorkbook", + "logoFileName": "illusive_logo_workbook.svg", + "description": "Gain insights into your organization's Cyber Hygiene and Attack Surface risk.\nIllusive ASM automates discovery and clean-up of credential violations, allows drill-down inspection of pathways to critical assets, and provides risk insights that inform intelligent decision-making to reduce attacker mobility.", + "dataTypesDependencies": [ + "CommonSecurityLog" + ], + "dataConnectorsDependencies": [ + "illusiveAttackManagementSystem", + "illusiveAttackManagementSystemAma", + "CefAma" + ], + "previewImagesFileNames": [ + "IllusiveASMWhite.png", + "IllusiveASMBlack.png" + ], + "version": "1.0.0", + "title": "Illusive ASM Dashboard", + "templateRelativePath": "IllusiveASM.json", + "subtitle": "", + "provider": "Illusive" + }, + { + "workbookKey": "IllusiveADSWorkbook", + "logoFileName": "illusive_logo_workbook.svg", + "description": "Gain insights into unauthorized lateral movement in your organization's network.\nIllusive ADS is designed to paralyzes attackers and eradicates in-network threats by creating a hostile environment for the attackers across all the layers of the attack surface.", + "dataTypesDependencies": [ + "CommonSecurityLog" + ], + "dataConnectorsDependencies": [ + "illusiveAttackManagementSystem", + "illusiveAttackManagementSystemAma", + "CefAma" + ], + "previewImagesFileNames": [ + "IllusiveADSWhite.png", + "IllusiveADSBlack.png" + ], + "version": "1.0.0", + "title": "Illusive ADS Dashboard", + "templateRelativePath": "IllusiveADS.json", + "subtitle": "", + "provider": "Illusive" + }, + { + "workbookKey": "PulseConnectSecureWorkbook", + "logoFileName": "Azure_Sentinel.svg", + "description": "Gain insight into Pulse Secure VPN by analyzing, collecting and correlating vulnerability data.\nThis workbook provides visibility into user VPN activities", + "dataTypesDependencies": [ + "Syslog" + ], + "dataConnectorsDependencies": [ + "PulseConnectSecure", + "SyslogAma" + ], + "previewImagesFileNames": [ + "PulseConnectSecureWhite.png", + "PulseConnectSecureBlack.png" + ], + "version": "1.0.0", + "title": "Pulse Connect Secure", + "templateRelativePath": "PulseConnectSecure.json", + "subtitle": "", + "provider": "Pulse Secure" + }, + { + "workbookKey": "InfobloxNIOSWorkbook", + "logoFileName": "infoblox_logo.svg", + "description": "Gain insight into Infoblox NIOS by analyzing, collecting and correlating DHCP and DNS data.\nThis workbook provides visibility into DHCP and DNS traffic", + "dataTypesDependencies": [ + "Syslog" + ], + "dataConnectorsDependencies": [ + "InfobloxNIOS", + "SyslogAma" + ], + "previewImagesFileNames": [ + "InfobloxNIOSWhite.png", + "InfobloxNIOSBlack.png" + ], + "version": "1.1.0", + "title": "Infoblox NIOS", + "templateRelativePath": "Infoblox-Workbook-V2.json", + "subtitle": "", + "provider": "Infoblox" + }, + { + "workbookKey": "SymantecVIPWorkbook", + "logoFileName": "symantec_logo.svg", + "description": "Gain insight into Symantec VIP by analyzing, collecting and correlating strong authentication data.\nThis workbook provides visibility into user authentications", + "dataTypesDependencies": [ + "Syslog" + ], + "dataConnectorsDependencies": [ + "SymantecVIP", + "SyslogAma" + ], + "previewImagesFileNames": [ + "SymantecVIPWhite.png", + "SymantecVIPBlack.png" + ], + "version": "1.0.0", + "title": "Symantec VIP", + "templateRelativePath": "SymantecVIP.json", + "subtitle": "", + "provider": "Symantec" + }, + { + "workbookKey": "ProofPointTAPWorkbook", + "logoFileName": "proofpointlogo.svg", + "description": "Gain extensive insight into Proofpoint Targeted Attack Protection (TAP) by analyzing, collecting and correlating TAP log events.\nThis workbook provides visibility into message and click events that were permitted, delivered, or blocked", + "dataTypesDependencies": [ + "ProofPointTAPMessagesBlocked_CL", + "ProofPointTAPMessagesDelivered_CL", + "ProofPointTAPClicksPermitted_CL", + "ProofPointTAPClicksBlocked_CL" + ], + "dataConnectorsDependencies": [ + "ProofpointTAP" + ], + "previewImagesFileNames": [ + "ProofpointTAPWhite.png", + "ProofpointTAPBlack.png" + ], + "version": "1.0.0", + "title": "Proofpoint TAP", + "templateRelativePath": "ProofpointTAP.json", + "subtitle": "", + "provider": "Proofpoint" + }, + { + "workbookKey": "QualysVMWorkbook", + "logoFileName": "qualys_logo.svg", + "description": "Gain insight into Qualys Vulnerability Management by analyzing, collecting and correlating vulnerability data.\nThis workbook provides visibility into vulnerabilities detected from vulnerability scans", + "dataTypesDependencies": [ + "QualysHostDetection_CL" + ], + "dataConnectorsDependencies": [ + "QualysVulnerabilityManagement" + ], + "previewImagesFileNames": [ + "QualysVMWhite.png", + "QualysVMBlack.png" + ], + "version": "1.0.0", + "title": "Qualys Vulnerability Management", + "templateRelativePath": "QualysVM.json", + "subtitle": "", + "provider": "Qualys" + }, + { + "workbookKey": "QualysVMV2Workbook", + "logoFileName": "qualys_logo.svg", + "description": "Gain insight into Qualys Vulnerability Management by analyzing, collecting and correlating vulnerability data.\nThis workbook provides visibility into vulnerabilities detected from vulnerability scans", + "dataTypesDependencies": [ + "QualysHostDetectionV2_CL" + ], + "dataConnectorsDependencies": [ + "QualysVulnerabilityManagement" + ], + "previewImagesFileNames": [ + "QualysVMWhite.png", + "QualysVMBlack.png" + ], + "version": "1.0.0", + "title": "Qualys Vulnerability Management", + "templateRelativePath": "QualysVMv2.json", + "subtitle": "", + "provider": "Qualys" + }, + { + "workbookKey": "GitHubSecurity", + "logoFileName": "GitHub.svg", + "description": "Gain insights to GitHub activities that may be interesting for security.", + "dataTypesDependencies": [ + "Github_CL", + "GitHubRepoLogs_CL" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "GitHubSecurityWhite.png", + "GitHubSecurityBlack.png" + ], + "version": "1.0.0", + "title": "GitHub Security", + "templateRelativePath": "GitHubSecurityWorkbook.json", + "subtitle": "", + "provider": "Microsoft Sentinel community" + }, + { + "workbookKey": "VisualizationDemo", + "logoFileName": "Azure_Sentinel.svg", + "description": "Learn and explore the many ways of displaying information within Microsoft Sentinel workbooks", + "dataTypesDependencies": [ + "SecurityAlert" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "VisualizationDemoBlack.png", + "VisualizationDemoWhite.png" + ], + "version": "1.0.0", + "title": "Visualizations Demo", + "templateRelativePath": "VisualizationDemo.json", + "subtitle": "", + "provider": "Microsoft Sentinel Community", + "support": { + "tier": "Community" + }, + "author": { + "name": "Matt Lowe" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "Platform" + ] + } + }, + { + "workbookKey": "SophosXGFirewallWorkbook", + "logoFileName": "sophos_logo.svg", + "description": "Gain insight into Sophos XG Firewall by analyzing, collecting and correlating firewall data.\nThis workbook provides visibility into network traffic", + "dataTypesDependencies": [ + "Syslog" + ], + "dataConnectorsDependencies": [ + "SophosXGFirewall", + "SyslogAma" + ], + "previewImagesFileNames": [ + "SophosXGFirewallWhite.png", + "SophosXGFirewallBlack.png" + ], + "version": "1.0.0", + "title": "Sophos XG Firewall", + "templateRelativePath": "SophosXGFirewall.json", + "subtitle": "", + "provider": "Sophos" + }, + { + "workbookKey": "SysmonThreatHuntingWorkbook", + "logoFileName": "sysmonthreathunting_logo.svg", + "description": "Simplify your threat hunts using Sysmon data mapped to MITRE ATT&CK data. This workbook gives you the ability to drilldown into system activity based on known ATT&CK techniques as well as other threat hunting entry points such as user activity, network connections or virtual machine Sysmon events.\nPlease note that for this workbook to work you must have deployed Sysmon on your virtual machines in line with the instructions at https://github.com/BlueTeamLabs/sentinel-attack/wiki/Onboarding-sysmon-data-to-Azure-Sentinel", + "dataTypesDependencies": [ + "Event" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "SysmonThreatHuntingWhite1.png", + "SysmonThreatHuntingBlack1.png" + ], + "version": "1.4.0", + "title": "Sysmon Threat Hunting", + "templateRelativePath": "SysmonThreatHunting.json", + "subtitle": "", + "provider": "Microsoft Sentinel community", + "support": { + "tier": "Community" + }, + "author": { + "name": "Edoardo Gerosa" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "Security - Threat Protection", + "Application" + ] + } + }, + { + "workbookKey": "WebApplicationFirewallWAFTypeEventsWorkbook", + "logoFileName": "webapplicationfirewall(WAF)_logo.svg", + "description": "Gain insights into your organization's Azure web application firewall (WAF) across various services such as Azure Front Door Service and Application Gateway. You can view event triggers, full messages, attacks over time, among other data. Several aspects of the workbook are interactable to allow users to further understand their data", + "dataTypesDependencies": [ + "AzureDiagnostics" + ], + "dataConnectorsDependencies": [ + "WAF" + ], + "previewImagesFileNames": [ + "WAFFirewallWAFTypeEventsBlack1.PNG", + "WAFFirewallWAFTypeEventsBlack2.PNG", + "WAFFirewallWAFTypeEventsBlack3.PNG", + "WAFFirewallWAFTypeEventsBlack4.PNG", + "WAFFirewallWAFTypeEventsWhite1.png", + "WAFFirewallWAFTypeEventsWhite2.PNG", + "WAFFirewallWAFTypeEventsWhite3.PNG", + "WAFFirewallWAFTypeEventsWhite4.PNG" + ], + "version": "1.1.0", + "title": "Microsoft Web Application Firewall (WAF) - Azure WAF", + "templateRelativePath": "WebApplicationFirewallWAFTypeEvents.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "OrcaAlertsOverviewWorkbook", + "logoFileName": "Orca_logo.svg", + "description": "A visualized overview of Orca security alerts.\nExplore, analize and learn about your security posture using Orca alerts Overview", + "dataTypesDependencies": [ + "OrcaAlerts_CL" + ], + "dataConnectorsDependencies": [ + "OrcaSecurityAlerts" + ], + "previewImagesFileNames": [ + "OrcaAlertsWhite.png", + "OrcaAlertsBlack.png" + ], + "version": "1.1.0", + "title": "Orca alerts overview", + "templateRelativePath": "OrcaAlerts.json", + "subtitle": "", + "provider": "Orca Security" + }, + { + "workbookKey": "CyberArkWorkbook", + "logoFileName": "CyberArk_Logo.svg", + "description": "The CyberArk Syslog connector allows you to easily connect all your CyberArk security solution logs with your Microsoft Sentinel, to view dashboards, create custom alerts, and improve investigation. Integration between CyberArk and Microsoft Sentinel makes use of the CEF Data Connector to properly parse and display CyberArk Syslog messages.", + "dataTypesDependencies": [ + "CommonSecurityLog" + ], + "dataConnectorsDependencies": [ + "CyberArk", + "CyberArkAma", + "CefAma" + ], + "previewImagesFileNames": [ + "CyberArkActivitiesWhite.PNG", + "CyberArkActivitiesBlack.PNG" + ], + "version": "1.1.0", + "title": "CyberArk EPV Events", + "templateRelativePath": "CyberArkEPV.json", + "subtitle": "", + "provider": "CyberArk" + }, + { + "workbookKey": "UserEntityBehaviorAnalyticsWorkbook", + "logoFileName": "Azure_Sentinel.svg", + "description": "Identify compromised users and insider threats using User and Entity Behavior Analytics. Gain insights into anomalous user behavior from baselines learned from behavior patterns", + "dataTypesDependencies": [ + "Anomalies" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "UserEntityBehaviorAnalyticsBlack2.png", + "UserEntityBehaviorAnalyticsWhite2.png" + ], + "version": "2.0", + "title": "User And Entity Behavior Analytics", + "templateRelativePath": "UserEntityBehaviorAnalytics.json", + "subtitle": "", + "provider": "Microsoft", + "support": { + "tier": "Microsoft" + }, + "author": { + "name": "Microsoft Corporation" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "User Behavior (UEBA)" + ] + } + }, + { + "workbookKey": "CitrixWAF", + "logoFileName": "citrix_logo.svg", + "description": "Gain insight into the Citrix WAF logs", + "dataTypesDependencies": [ + "CommonSecurityLog" + ], + "dataConnectorsDependencies": [ + "CitrixWAF", + "CitrixWAFAma", + "CefAma" + ], + "previewImagesFileNames": [ + "CitrixWAFBlack.png", + "CitrixWAFWhite.png" + ], + "version": "1.0.0", + "title": "Citrix WAF (Web App Firewall)", + "templateRelativePath": "CitrixWAF.json", + "subtitle": "", + "provider": "Citrix Systems Inc." + }, + { + "workbookKey": "UnifiSGWorkbook", + "logoFileName": "Azure_Sentinel.svg", + "description": "Gain insights into Unifi Security Gateways analyzing traffic and activities.", + "dataTypesDependencies": [ + "CommonSecurityLog" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "UnifiSGBlack.png", + "UnifiSGWhite.png" + ], + "version": "1.0.0", + "title": "Unifi Security Gateway", + "templateRelativePath": "UnifiSG.json", + "subtitle": "", + "provider": "Microsoft Sentinel community", + "support": { + "tier": "Community" + }, + "author": { + "name": "SecurityJedi" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "Security - Network" + ] + } + }, + { + "workbookKey": "UnifiSGNetflowWorkbook", + "logoFileName": "Azure_Sentinel.svg", + "description": "Gain insights into Unifi Security Gateways analyzing traffic and activities using Netflow.", + "dataTypesDependencies": [ + "netflow_CL" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "UnifiSGNetflowBlack.png", + "UnifiSGNetflowWhite.png" + ], + "version": "1.0.0", + "title": "Unifi Security Gateway - NetFlow", + "templateRelativePath": "UnifiSGNetflow.json", + "subtitle": "", + "provider": "Microsoft Sentinel community", + "support": { + "tier": "Community" + }, + "author": { + "name": "SecurityJedi" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "Security - Network" + ] + } + }, + { + "workbookKey": "NormalizedNetworkEventsWorkbook", + "logoFileName": "Azure_Sentinel.svg", + "description": "See insights on multiple networking appliances and other network sessions, that have been parsed or mapped to the normalized networking sessions table. Note this requires enabling parsers for the different products - to learn more, visit https://aka.ms/sentinelnormalizationdocs", + "dataTypesDependencies": [], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "NormalizedNetworkEventsWhite.png", + "NormalizedNetworkEventsBlack.png" + ], + "version": "1.0.0", + "title": "Normalized network events", + "templateRelativePath": "NormalizedNetworkEvents.json", + "subtitle": "", + "provider": "Microsoft", + "support": { + "tier": "Community" + }, + "author": { + "name": "yoav fransis" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "Networking" + ] + } + }, + { + "workbookKey": "WorkspaceAuditingWorkbook", + "logoFileName": "Azure_Sentinel.svg", + "description": "Workspace auditing report\r\nUse this report to understand query runs across your workspace.", + "dataTypesDependencies": [ + "LAQueryLogs" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "WorkspaceAuditingWhite.png", + "WorkspaceAuditingBlack.png" + ], + "version": "1.0.0", + "title": "Workspace audit", + "templateRelativePath": "WorkspaceAuditing.json", + "subtitle": "", + "provider": "Microsoft Sentinel community", + "support": { + "tier": "Community" + }, + "author": { + "name": "Sarah Young" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "IT Operations" + ] + } + }, + { + "workbookKey": "MITREATTACKWorkbook", + "logoFileName": "Azure_Sentinel.svg", + "description": "Workbook to showcase MITRE ATT&CK Coverage for Microsoft Sentinel", + "dataTypesDependencies": [ + "SecurityAlert" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "MITREATTACKWhite1.PNG", + "MITREATTACKWhite2.PNG", + "MITREATTACKBlack1.PNG", + "MITREATTACKBlack2.PNG" + ], + "version": "1.0.1", + "title": "MITRE ATT&CK Workbook", + "templateRelativePath": "MITREAttack.json", + "subtitle": "", + "provider": "Microsoft Sentinel community" + }, + { + "workbookKey": "BETTERMTDWorkbook", + "logoFileName": "BETTER_MTD_logo.svg", + "description": "Workbook using the BETTER Mobile Threat Defense (MTD) connector, to give insights into your mobile devices, installed application and overall device security posture.", + "dataTypesDependencies": [ + "BetterMTDDeviceLog_CL", + "BetterMTDAppLog_CL", + "BetterMTDIncidentLog_CL", + "BetterMTDNetflowLog_CL" + ], + "dataConnectorsDependencies": [ + "BetterMTD" + ], + "previewImagesFileNames": [ + "BetterMTDWorkbookPreviewWhite1.png", + "BetterMTDWorkbookPreviewWhite2.png", + "BetterMTDWorkbookPreviewWhite3.png", + "BetterMTDWorkbookPreviewBlack1.png", + "BetterMTDWorkbookPreviewBlack2.png", + "BetterMTDWorkbookPreviewBlack3.png" + ], + "version": "1.1.0", + "title": "BETTER Mobile Threat Defense (MTD)", + "templateRelativePath": "BETTER_MTD_Workbook.json", + "subtitle": "", + "provider": "BETTER Mobile" + }, + { + "workbookKey": "AlsidIoEWorkbook", + "logoFileName": "Alsid.svg", + "description": "Workbook showcasing the state and evolution of your Alsid for AD Indicators of Exposures alerts.", + "dataTypesDependencies": [ + "AlsidForADLog_CL" + ], + "dataConnectorsDependencies": [ + "AlsidForAD" + ], + "previewImagesFileNames": [ + "AlsidIoEBlack1.png", + "AlsidIoEBlack2.png", + "AlsidIoEBlack3.png", + "AlsidIoEWhite1.png", + "AlsidIoEWhite2.png", + "AlsidIoEWhite3.png" + ], + "version": "1.0.0", + "title": "Alsid for AD | Indicators of Exposure", + "templateRelativePath": "AlsidIoE.json", + "subtitle": "", + "provider": "Alsid" + }, + { + "workbookKey": "AlsidIoAWorkbook", + "logoFileName": "Alsid.svg", + "description": "Workbook showcasing the state and evolution of your Alsid for AD Indicators of Attack alerts.", + "dataTypesDependencies": [ + "AlsidForADLog_CL" + ], + "dataConnectorsDependencies": [ + "AlsidForAD" + ], + "previewImagesFileNames": [ + "AlsidIoABlack1.png", + "AlsidIoABlack2.png", + "AlsidIoABlack3.png", + "AlsidIoAWhite1.png", + "AlsidIoAWhite2.png", + "AlsidIoAWhite3.png" + ], + "version": "1.0.0", + "title": "Alsid for AD | Indicators of Attack", + "templateRelativePath": "AlsidIoA.json", + "subtitle": "", + "provider": "Alsid" + }, + { + "workbookKey": "InvestigationInsightsWorkbook", + "logoFileName": "Microsoft_logo.svg", + "description": "Help analysts gain insight into incident, bookmark and entity data through the Investigation Insights Workbook. This workbook provides common queries and detailed visualizations to help an analyst investigate suspicious activities quickly with an easy to use interface. Analysts can start their investigation from a Microsoft Sentinel incident, bookmark, or by simply entering the entity data into the workbook manually.", + "dataTypesDependencies": [ + "AuditLogs", + "AzureActivity", + "CommonSecurityLog", + "OfficeActivity", + "SecurityEvent", + "SigninLogs", + "ThreatIntelligenceIndicator" + ], + "dataConnectorsDependencies": [ + "AzureActivity", + "SecurityEvents", + "Office365", + "AzureActiveDirectory", + "ThreatIntelligence", + "ThreatIntelligenceTaxii", + "WindowsSecurityEvents" + ], + "previewImagesFileNames": [ + "InvestigationInsightsWhite1.png", + "InvestigationInsightsBlack1.png", + "InvestigationInsightsWhite2.png", + "InvestigationInsightsBlack2.png" + ], + "version": "1.4.1", + "title": "Investigation Insights", + "templateRelativePath": "InvestigationInsights.json", + "subtitle": "", + "provider": "Microsoft Sentinel community" + }, + { + "workbookKey": "AksSecurityWorkbook", + "logoFileName": "Kubernetes_services.svg", + "description": "See insights about the security of your AKS clusters. The workbook helps to identify sensitive operations in the clusters and get insights based on Azure Defender alerts.", + "dataTypesDependencies": [ + "SecurityAlert", + "AzureDiagnostics" + ], + "dataConnectorsDependencies": [ + "AzureSecurityCenter", + "AzureKubernetes" + ], + "previewImagesFileNames": [ + "AksSecurityWhite.png", + "AksSecurityBlack.png" + ], + "version": "1.5.0", + "title": "Azure Kubernetes Service (AKS) Security", + "templateRelativePath": "AksSecurity.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "AzureKeyVaultWorkbook", + "logoFileName": "KeyVault.svg", + "description": "See insights about the security of your Azure key vaults. The workbook helps to identify sensitive operations in the key vaults and get insights based on Azure Defender alerts.", + "dataTypesDependencies": [ + "SecurityAlert", + "AzureDiagnostics" + ], + "dataConnectorsDependencies": [ + "AzureSecurityCenter", + "AzureKeyVault" + ], + "previewImagesFileNames": [ + "AkvSecurityWhite.png", + "AkvSecurityBlack.png" + ], + "version": "1.1.0", + "title": "Azure Key Vault Security", + "templateRelativePath": "AzureKeyVaultWorkbook.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "IncidentOverview", + "logoFileName": "Azure_Sentinel.svg", + "description": "The Incident Overview workbook is designed to assist in triaging and investigation by providing in-depth information about the incident, including:\r\n* General information\r\n* Entity data\r\n* Triage time (time between incident creation and first response)\r\n* Mitigation time (time between incident creation and closing)\r\n* Comments\r\n\r\nCustomize this workbook by saving and editing it. \r\nYou can reach this workbook template from the incidents panel as well. Once you have customized it, the link from the incident panel will open the customized workbook instead of the template.\r\n", + "dataTypesDependencies": [ + "SecurityAlert", + "SecurityIncident" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "IncidentOverviewBlack1.png", + "IncidentOverviewWhite1.png", + "IncidentOverviewBlack2.png", + "IncidentOverviewWhite2.png" + ], + "version": "2.1.0", + "title": "Incident overview", + "templateRelativePath": "IncidentOverview.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "SecurityOperationsEfficiency", + "logoFileName": "Azure_Sentinel.svg", + "description": "Security operations center managers can view overall efficiency metrics and measures regarding the performance of their team. They can find operations by multiple indicators over time including severity, MITRE tactics, mean time to triage, mean time to resolve and more. The SOC manager can develop a picture of the performance in both general and specific areas over time and use it to improve efficiency.", + "dataTypesDependencies": [ + "SecurityAlert", + "SecurityIncident" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "SecurityEfficiencyWhite1.png", + "SecurityEfficiencyWhite2.png", + "SecurityEfficiencyBlack1.png", + "SecurityEfficiencyBlack2.png" + ], + "version": "1.5.1", + "title": "Security Operations Efficiency", + "templateRelativePath": "SecurityOperationsEfficiency.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "DataCollectionHealthMonitoring", + "logoFileName": "Azure_Sentinel.svg", + "description": "Gain insights into your workspace's data ingestion status. In this workbook, you can view additional monitors and detect anomalies that will help you determine your workspace's data collection health.", + "dataTypesDependencies": [], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "HealthMonitoringWhite1.png", + "HealthMonitoringWhite2.png", + "HealthMonitoringWhite3.png", + "HealthMonitoringBlack1.png", + "HealthMonitoringBlack2.png", + "HealthMonitoringBlack3.png" + ], + "version": "1.0.0", + "title": "Data collection health monitoring", + "templateRelativePath": "DataCollectionHealthMonitoring.json", + "subtitle": "", + "provider": "Microsoft", + "support": { + "tier": "Community" + }, + "author": { + "name": "morshabi" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "IT Operations", + "Platform" + ] + } + }, + { + "workbookKey": "OnapsisAlarmsWorkbook", + "logoFileName": "onapsis_logo.svg", + "description": "Gain insights into what is going on in your SAP Systems with this overview of the alarms triggered in the Onapsis Platform. Incidents are enriched with context and next steps to help your Security team respond effectively.", + "dataTypesDependencies": [ + "CommonSecurityLog" + ], + "dataConnectorsDependencies": [ + "OnapsisPlatform", + "CefAma" + ], + "previewImagesFileNames": [ + "OnapsisWhite1.PNG", + "OnapsisBlack1.PNG", + "OnapsisWhite2.PNG", + "OnapsisBlack2.PNG" + ], + "version": "1.0.0", + "title": "Onapsis Alarms Overview", + "templateRelativePath": "OnapsisAlarmsOverview.json", + "subtitle": "", + "provider": "Onapsis" + }, + { + "workbookKey": "DelineaWorkbook", + "logoFileName": "DelineaLogo.svg", + "description": "The Delinea Secret Server Syslog connector", + "dataTypesDependencies": [ + "CommonSecurityLog" + ], + "dataConnectorsDependencies": [ + "DelineaSecretServer_CEF", + "DelineaSecretServerAma", + "CefAma" + ], + "previewImagesFileNames": [ + "DelineaWorkbookWhite.PNG", + "DelineaWorkbookBlack.PNG" + ], + "version": "1.0.0", + "title": "Delinea Secret Server Workbook", + "templateRelativePath": "DelineaWorkbook.json", + "subtitle": "", + "provider": "Delinea" + }, + { + "workbookKey": "ForcepointCloudSecurityGatewayWorkbook", + "logoFileName": "Forcepoint_new_logo.svg", + "description": "Use this report to understand query runs across your workspace.", + "dataTypesDependencies": [ + "CommonSecurityLog" + ], + "dataConnectorsDependencies": [ + "ForcepointCSG", + "ForcepointCSGAma", + "CefAma" + ], + "previewImagesFileNames": [ + "ForcepointCloudSecurityGatewayWhite.png", + "ForcepointCloudSecurityGatewayBlack.png" + ], + "version": "1.0.0", + "title": "Forcepoint Cloud Security Gateway Workbook", + "templateRelativePath": "ForcepointCloudSecuirtyGateway.json", + "subtitle": "", + "provider": "Forcepoint" + }, + { + "workbookKey": "IntsightsIOCWorkbook", + "logoFileName": "IntSights_logo.svg", + "description": "This Microsoft Sentinel workbook provides an overview of Indicators of Compromise (IOCs) and their correlations allowing users to analyze and visualize indicators based on severity, type, and other parameters.", + "dataTypesDependencies": [ + "ThreatIntelligenceIndicator", + "SecurityAlert" + ], + "dataConnectorsDependencies": [ + "ThreatIntelligenceTaxii" + ], + "previewImagesFileNames": [ + "IntsightsIOCWhite.png", + "IntsightsMatchedWhite.png", + "IntsightsMatchedBlack.png", + "IntsightsIOCBlack.png" + ], + "version": "2.0.0", + "title": "IntSights IOC Workbook", + "templateRelativePath": "IntsightsIOCWorkbook.json", + "subtitle": "", + "provider": "IntSights Cyber Intelligence" + }, + { + "workbookKey": "DarktraceSummaryWorkbook", + "logoFileName": "Darktrace.svg", + "description": "A workbook containing relevant KQL queries to help you visualise the data in model breaches from the Darktrace Connector", + "dataTypesDependencies": [ + "CommonSecurityLog" + ], + "dataConnectorsDependencies": [ + "Darktrace", + "DarktraceAma", + "CefAma" + ], + "previewImagesFileNames": [ + "AIA-DarktraceSummaryWhite.png", + "AIA-DarktraceSummaryBlack.png" + ], + "version": "1.1.0", + "title": "AI Analyst Darktrace Model Breach Summary", + "templateRelativePath": "AIA-Darktrace.json", + "subtitle": "", + "provider": "Darktrace" + }, + { + "workbookKey": "TrendMicroXDR", + "logoFileName": "trendmicro_logo.svg", + "description": "Gain insights from Trend Vision One with this overview of the Alerts triggered.", + "dataTypesDependencies": [ + "TrendMicro_XDR_WORKBENCH_CL" + ], + "dataConnectorsDependencies": [ + "TrendMicroXDR" + ], + "previewImagesFileNames": [ + "TrendMicroXDROverviewWhite.png", + "TrendMicroXDROverviewBlack.png" + ], + "version": "1.3.0", + "title": "Trend Vision One Alert Overview", + "templateRelativePath": "TrendMicroXDROverview.json", + "subtitle": "", + "provider": "Trend Micro" + }, + { + "workbookKey": "CyberpionOverviewWorkbook", + "logoFileName": "cyberpion_logo.svg", + "description": "Use Cyberpion's Security Logs and this workbook, to get an overview of your online assets, gain insights into their current state, and find ways to better secure your ecosystem.", + "dataTypesDependencies": [ + "CyberpionActionItems_CL" + ], + "dataConnectorsDependencies": [ + "CyberpionSecurityLogs" + ], + "previewImagesFileNames": [ + "CyberpionActionItemsBlack.png", + "CyberpionActionItemsWhite.png" + ], + "version": "1.0.0", + "title": "Cyberpion Overview", + "templateRelativePath": "CyberpionOverviewWorkbook.json", + "subtitle": "", + "provider": "Cyberpion" + }, + { + "workbookKey": "SolarWindsPostCompromiseHuntingWorkbook", + "logoFileName": "MSTIC-Logo.svg", + "description": "This hunting workbook is intended to help identify activity related to the Solorigate compromise and subsequent attacks discovered in December 2020", + "dataTypesDependencies": [ + "CommonSecurityLog", + "SigninLogs", + "AuditLogs", + "AADServicePrincipalSignInLogs", + "OfficeActivity", + "BehaviorAnalytics", + "SecurityEvent", + "DeviceProcessEvents", + "SecurityAlert", + "DnsEvents" + ], + "dataConnectorsDependencies": [ + "AzureActiveDirectory", + "SecurityEvents", + "Office365", + "MicrosoftThreatProtection", + "DNS", + "WindowsSecurityEvents" + ], + "previewImagesFileNames": [ + "SolarWindsPostCompromiseHuntingWhite.png", + "SolarWindsPostCompromiseHuntingBlack.png" + ], + "version": "1.5.1", + "title": "SolarWinds Post Compromise Hunting", + "templateRelativePath": "SolarWindsPostCompromiseHunting.json", + "subtitle": "", + "provider": "Microsoft", + "support": { + "tier": "Microsoft" + }, + "author": { + "name": "Shain" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "Security - Others" + ] + } + }, + { + "workbookKey": "ProofpointPODWorkbook", + "logoFileName": "proofpointlogo.svg", + "description": "Gain insights into your Proofpoint on Demand Email Security activities, including maillog and messages data. The Workbook provides users with an executive dashboard showing the reporting capabilities, message traceability and monitoring.", + "dataTypesDependencies": [ + "ProofpointPOD_maillog_CL", + "ProofpointPOD_message_CL" + ], + "dataConnectorsDependencies": [ + "ProofpointPOD" + ], + "previewImagesFileNames": [ + "ProofpointPODMainBlack1.png", + "ProofpointPODMainBlack2.png", + "ProofpointPODMainWhite1.png", + "ProofpointPODMainWhite2.png", + "ProofpointPODMessageSummaryBlack.png", + "ProofpointPODMessageSummaryWhite.png", + "ProofpointPODTLSBlack.png", + "ProofpointPODTLSWhite.png" + ], + "version": "1.0.0", + "title": "Proofpoint On-Demand Email Security", + "templateRelativePath": "ProofpointPOD.json", + "subtitle": "", + "provider": "Proofpoint" + }, + { + "workbookKey": "CiscoUmbrellaWorkbook", + "logoFileName": "cisco_logo.svg", + "description": "Gain insights into Cisco Umbrella activities, including the DNS, Proxy and Cloud Firewall data. Workbook shows general information along with threat landscape including categories, blocked destinations and URLs.", + "dataTypesDependencies": [ + "Cisco_Umbrella_dns_CL", + "Cisco_Umbrella_proxy_CL", + "Cisco_Umbrella_ip_CL", + "Cisco_Umbrella_cloudfirewall_CL" + ], + "dataConnectorsDependencies": [ + "CiscoUmbrellaDataConnector" + ], + "previewImagesFileNames": [ + "CiscoUmbrellaDNSBlack1.png", + "CiscoUmbrellaDNSBlack2.png", + "CiscoUmbrellaDNSWhite1.png", + "CiscoUmbrellaDNSWhite2.png", + "CiscoUmbrellaFirewallBlack.png", + "CiscoUmbrellaFirewallWhite.png", + "CiscoUmbrellaMainBlack1.png", + "CiscoUmbrellaMainBlack2.png", + "CiscoUmbrellaMainWhite1.png", + "CiscoUmbrellaMainWhite2.png", + "CiscoUmbrellaProxyBlack1.png", + "CiscoUmbrellaProxyBlack2.png", + "CiscoUmbrellaProxyWhite1.png", + "CiscoUmbrellaProxyWhite2.png" + ], + "version": "1.0.0", + "title": "Cisco Umbrella", + "templateRelativePath": "CiscoUmbrella.json", + "subtitle": "", + "provider": "Cisco" + }, + { + "workbookKey": "AnalyticsEfficiencyWorkbook", + "logoFileName": "Azure_Sentinel.svg", + "description": "Gain insights into the efficacy of your analytics rules. In this workbook you can analyze and monitor the analytics rules found in your workspace to achieve better performance by your SOC.", + "dataTypesDependencies": [ + "SecurityAlert", + "SecurityIncident" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "AnalyticsEfficiencyBlack.png", + "AnalyticsEfficiencyWhite.png" + ], + "version": "1.2.0", + "title": "Analytics Efficiency", + "templateRelativePath": "AnalyticsEfficiency.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "WorkspaceUsage", + "logoFileName": "Azure_Sentinel.svg", + "description": "Gain insights into your workspace's usage. In this workbook, you can view your workspace's data consumption, latency, recommended tasks and Cost and Usage statistics.", + "dataTypesDependencies": [], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "WorkspaceUsageBlack.png", + "WorkspaceUsageWhite.png" + ], + "version": "1.6.0", + "title": "Workspace Usage Report", + "templateRelativePath": "WorkspaceUsage.json", + "subtitle": "", + "provider": "Microsoft Sentinel community", + "support": { + "tier": "Community" + }, + "author": { + "name": "Clive Watson" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "IT Operations" + ] + } + }, + { + "workbookKey": "SentinelCentral", + "logoFileName": "Azure_Sentinel.svg", + "description": "Use this report to view Incident (and Alert data) across many workspaces, this works with Azure Lighthouse and across any subscription you have access to.", + "dataTypesDependencies": [ + "SecurityIncident" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "SentinelCentralBlack.png", + "SentinelCentralWhite.png" + ], + "version": "2.1.1", + "title": "Microsoft Sentinel Central", + "templateRelativePath": "SentinelCentral.json", + "subtitle": "", + "provider": "Microsoft Sentinel community" + }, + { + "workbookKey": "CognniIncidentsWorkbook", + "logoFileName": "cognni-logo.svg", + "description": "Gain intelligent insights into the risks to your important financial, legal, HR, and governance information. This workbook lets you monitor your at-risk information to determine when and why incidents occurred, as well as who was involved. These incidents are broken into high, medium, and low risk incidents for each information category.", + "dataTypesDependencies": [ + "CognniIncidents_CL" + ], + "dataConnectorsDependencies": [ + "CognniSentinelDataConnector" + ], + "previewImagesFileNames": [ + "CognniBlack.PNG", + "CognniWhite.PNG" + ], + "version": "1.0.0", + "title": "Cognni Important Information Incidents", + "templateRelativePath": "CognniIncidentsWorkbook.json", + "subtitle": "", + "provider": "Cognni" + }, + { + "workbookKey": "pfsense", + "logoFileName": "pfsense_logo.svg", + "description": "Gain insights into pfsense logs from both filterlog and nginx.", + "dataTypesDependencies": [ + "CommonSecurityLog" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "pfsenseBlack.png", + "pfsenseWhite.png" + ], + "version": "1.0.0", + "title": "pfsense", + "templateRelativePath": "pfsense.json", + "subtitle": "", + "provider": "Microsoft Sentinel community", + "support": { + "tier": "Community" + }, + "author": { + "name": "dicolanl" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "Security - Network" + ] + } + }, + { + "workbookKey": "ExchangeCompromiseHunting", + "logoFileName": "MSTIC-Logo.svg", + "description": "This workbook is intended to help defenders in responding to the Exchange Server vulnerabilities disclosed in March 2021, as well as hunting for potential compromise activity. More details on these vulnearbilities can be found at: https://aka.ms/exchangevulns", + "dataTypesDependencies": [ + "SecurityEvent", + "W3CIISLog" + ], + "dataConnectorsDependencies": [ + "SecurityEvents", + "AzureMonitor(IIS)", + "WindowsSecurityEvents" + ], + "previewImagesFileNames": [ + "ExchangeBlack.png", + "ExchangeWhite.png" + ], + "version": "1.0.0", + "title": "Exchange Compromise Hunting", + "templateRelativePath": "ExchangeCompromiseHunting.json", + "subtitle": "", + "provider": "Microsoft", + "support": { + "tier": "Community" + }, + "author": { + "name": "Pete Bryan" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "Security - Threat Protection" + ] + } + }, + { + "workbookKey": "SOCProcessFramework", + "logoFileName": "Azure_Sentinel.svg", + "description": "Built by Microsoft's Sentinel GBB's - This workbook contains years of SOC Best Practices and is intended to help SOCs mature and leverage industry standards in Operationalizing their SOC in using Microsoft Sentinel. It contains Processes and Procedures every SOC should consider and builds a high level of operational excellence.", + "dataTypesDependencies": [], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "SOCProcessFrameworkCoverImage1White.png", + "SOCProcessFrameworkCoverImage1Black.png", + "SOCProcessFrameworkCoverImage2White.png", + "SOCProcessFrameworkCoverImage2Black.png" + ], + "version": "1.1.0", + "title": "SOC Process Framework", + "templateRelativePath": "SOCProcessFramework.json", + "subtitle": "", + "provider": "Microsoft Sentinel Community" + }, + { + "workbookKey": "Building_a_SOCLargeStaffWorkbook", + "logoFileName": "Azure_Sentinel.svg", + "description": "Built by Microsoft's Sentinel GBB's - This workbook contains years of SOC Best Practices and is intended to help SOCs mature and leverage industry standards in Operationalizing their SOC in using Microsoft Sentinel. It contains Processes and Procedures every SOC should consider and builds a high level of operational excellence.", + "dataTypesDependencies": [], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "SOCProcessFrameworkCoverImage1White.png", + "SOCProcessFrameworkCoverImage1Black.png", + "SOCProcessFrameworkCoverImage2White.png", + "SOCProcessFrameworkCoverImage2Black.png" + ], + "version": "1.1.0", + "title": "SOC Large Staff", + "templateRelativePath": "Building_a_SOCLargeStaff.json", + "subtitle": "", + "provider": "Microsoft Sentinel Community" + }, + { + "workbookKey": "Building_a_SOCMediumStaffWorkbook", + "logoFileName": "Azure_Sentinel.svg", + "description": "Built by Microsoft's Sentinel GBB's - This workbook contains years of SOC Best Practices and is intended to help SOCs mature and leverage industry standards in Operationalizing their SOC in using Microsoft Sentinel. It contains Processes and Procedures every SOC should consider and builds a high level of operational excellence.", + "dataTypesDependencies": [], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "SOCProcessFrameworkCoverImage1White.png", + "SOCProcessFrameworkCoverImage1Black.png", + "SOCProcessFrameworkCoverImage2White.png", + "SOCProcessFrameworkCoverImage2Black.png" + ], + "version": "1.1.0", + "title": "SOC Medium Staff", + "templateRelativePath": "Building_a_SOCMediumStaff.json", + "subtitle": "", + "provider": "Microsoft Sentinel Community" + }, + { + "workbookKey": "Building_a_SOCPartTimeStaffWorkbook", + "logoFileName": "Azure_Sentinel.svg", + "description": "Built by Microsoft's Sentinel GBB's - This workbook contains years of SOC Best Practices and is intended to help SOCs mature and leverage industry standards in Operationalizing their SOC in using Microsoft Sentinel. It contains Processes and Procedures every SOC should consider and builds a high level of operational excellence.", + "dataTypesDependencies": [], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "SOCProcessFrameworkCoverImage1White.png", + "SOCProcessFrameworkCoverImage1Black.png", + "SOCProcessFrameworkCoverImage2White.png", + "SOCProcessFrameworkCoverImage2Black.png" + ], + "version": "1.1.0", + "title": "SOC Part Time Staff", + "templateRelativePath": "Building_a_SOCPartTimeStaff.json", + "subtitle": "", + "provider": "Microsoft Sentinel Community" + }, + { + "workbookKey": "Building_a_SOCSmallStaffWorkbook", + "logoFileName": "Azure_Sentinel.svg", + "description": "Built by Microsoft's Sentinel GBB's - This workbook contains years of SOC Best Practices and is intended to help SOCs mature and leverage industry standards in Operationalizing their SOC in using Microsoft Sentinel. It contains Processes and Procedures every SOC should consider and builds a high level of operational excellence.", + "dataTypesDependencies": [], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "SOCProcessFrameworkCoverImage1White.png", + "SOCProcessFrameworkCoverImage1Black.png", + "SOCProcessFrameworkCoverImage2White.png", + "SOCProcessFrameworkCoverImage2Black.png" + ], + "version": "1.1.0", + "title": "SOC Small Staff", + "templateRelativePath": "Building_a_SOCSmallStaff.json", + "subtitle": "", + "provider": "Microsoft Sentinel Community" + }, + { + "workbookKey": "SOCIRPlanningWorkbook", + "logoFileName": "Azure_Sentinel.svg", + "description": "Built by Microsoft's Sentinel GBB's - This workbook contains years of SOC Best Practices and is intended to help SOCs mature and leverage industry standards in Operationalizing their SOC in using Microsoft Sentinel. It contains Processes and Procedures every SOC should consider and builds a high level of operational excellence.", + "dataTypesDependencies": [], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "SOCProcessFrameworkCoverImage1White.png", + "SOCProcessFrameworkCoverImage1Black.png", + "SOCProcessFrameworkCoverImage2White.png", + "SOCProcessFrameworkCoverImage2Black.png" + ], + "version": "1.1.0", + "title": "SOC IR Planning", + "templateRelativePath": "SOCIRPlanning.json", + "subtitle": "", + "provider": "Microsoft Sentinel Community" + }, + { + "workbookKey": "UpdateSOCMaturityScoreWorkbook", + "logoFileName": "Azure_Sentinel.svg", + "description": "Built by Microsoft's Sentinel GBB's - This workbook contains years of SOC Best Practices and is intended to help SOCs mature and leverage industry standards in Operationalizing their SOC in using Microsoft Sentinel. It contains Processes and Procedures every SOC should consider and builds a high level of operational excellence.", + "dataTypesDependencies": [], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "SOCProcessFrameworkCoverImage1White.png", + "SOCProcessFrameworkCoverImage1Black.png", + "SOCProcessFrameworkCoverImage2White.png", + "SOCProcessFrameworkCoverImage2Black.png" + ], + "version": "1.1.0", + "title": "Update SOC Maturity Score", + "templateRelativePath": "UpdateSOCMaturityScore.json", + "subtitle": "", + "provider": "Microsoft Sentinel Community" + }, + { + "workbookKey": "Microsoft365SecurityPosture", + "logoFileName": "M365securityposturelogo.svg", + "description": "This workbook presents security posture data collected from Azure Security Center, M365 Defender, Defender for Endpoint, and Microsoft Cloud App Security. This workbook relies on the M365 Security Posture Playbook in order to bring the data in.", + "dataTypesDependencies": [ + "M365SecureScore_CL", + "MDfESecureScore_CL", + "MDfEExposureScore_CL", + "MDfERecommendations_CL", + "MDfEVulnerabilitiesList_CL", + "McasShadowItReporting" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "M365securitypostureblack.png", + "M365securityposturewhite.png" + ], + "version": "1.0.0", + "title": "Microsoft 365 Security Posture", + "templateRelativePath": "M365SecurityPosture.json", + "subtitle": "", + "provider": "Microsoft Sentinel Community", + "support": { + "tier": "Community" + }, + "author": { + "name": "Matt Lowe" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "Security - Others" + ] + } + }, + { + "workbookKey": "AzureSentinelCost", + "logoFileName": "Azure_Sentinel.svg", + "description": "This workbook provides an estimated cost across the main billed items in Microsoft Sentinel: ingestion, retention and automation. It also provides insight about the possible impact of the Microsoft 365 E5 offer.", + "dataTypesDependencies": [ + "Usage" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "AzureSentinelCostWhite.png", + "AzureSentinelCostBlack.png" + ], + "version": "1.5.1", + "title": "Microsoft Sentinel Cost", + "templateRelativePath": "AzureSentinelCost.json", + "subtitle": "", + "provider": "Microsoft Sentinel Community" + }, + { + "workbookKey": "ADXvsLA", + "logoFileName": "Azure_Sentinel.svg", + "description": "This workbook shows the tables from Microsoft Sentinel which are backed up in ADX. It also provides a comparison between the entries in the Microsoft Sentinel tables and the ADX tables. Lastly some general information about the queries and ingestion on ADX is shown.", + "dataTypesDependencies": [], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "ADXvsLABlack.PNG", + "ADXvsLAWhite.PNG" + ], + "version": "1.0.0", + "title": "ADXvsLA", + "templateRelativePath": "ADXvsLA.json", + "subtitle": "", + "provider": "Microsoft Sentinel Community", + "support": { + "tier": "Community" + }, + "author": { + "name": "Naomi" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "Platform" + ] + } + }, + { + "workbookKey": "MicrosoftDefenderForOffice365", + "logoFileName": "office365_logo.svg", + "description": "Gain insights into your Microsoft Defender for Office 365 raw data logs. This workbook lets you look at trends in email senders, attachments and embedded URL data to find anomalies. You can also search by, sender, recipient, subject, attachment or embedded URL to find where the related messages have been sent.", + "dataTypesDependencies": [ + "EmailEvents", + "EmailUrlInfo", + "EmailAttachmentInfo" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "MDOWhite1.png", + "MDOBlack1.png", + "MDOWhite2.png", + "MDOBlack2.png" + ], + "version": "1.0.0", + "title": "Microsoft Defender For Office 365", + "templateRelativePath": "MicrosoftDefenderForOffice365.json", + "subtitle": "", + "provider": "Microsoft Sentinel Community", + "support": { + "tier": "Community" + }, + "author": { + "name": "Brian Delaney" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "Security - Others" + ] + } + }, + { + "workbookKey": "ProofPointThreatDashboard", + "logoFileName": "proofpointlogo.svg", + "description": "Provides an overview of email threat activity based on log data provided by ProofPoint", + "dataTypesDependencies": [ + "ProofpointPOD_message_CL", + "ProofpointPOD_maillog_CL", + "ProofPointTAPClicksBlocked_CL", + "ProofPointTAPClicksPermitted_CL", + "ProofPointTAPMessagesBlocked_CL", + "ProofPointTAPMessagesDelivered_CL" + ], + "dataConnectorsDependencies": [ + "ProofpointTAP", + "ProofpointPOD" + ], + "previewImagesFileNames": [ + "ProofPointThreatDashboardBlack1.png", + "ProofPointThreatDashboardWhite1.png" + ], + "version": "1.0.0", + "title": "ProofPoint Threat Dashboard", + "templateRelativePath": "ProofPointThreatDashboard.json", + "subtitle": "", + "provider": "Microsoft Sentinel Community", + "support": { + "tier": "Community" + }, + "author": { + "name": "reprise99" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "Security - Others" + ] + } + }, + { + "workbookKey": "AMAmigrationTracker", + "logoFileName": "Azure_Sentinel.svg", + "description": "See what Azure and Azure Arc servers have Log Analytics agent or Azure Monitor agent installed. Review what DCR (data collection rules) apply to your machines and whether you are collecting logs from those machines into your selected workspaces.", + "dataTypesDependencies": [], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "AMAtrackingWhite1.png", + "AMAtrackingWhite2.png", + "AMAtrackingWhite3.png", + "AMAtrackingWhite4.png", + "AMAtrackingBlack1.png", + "AMAtrackingBlack2.png", + "AMAtrackingBlack3.png", + "AMAtrackingBlack4.png" + ], + "version": "1.1.0", + "title": "AMA migration tracker", + "templateRelativePath": "AMAmigrationTracker.json", + "subtitle": "", + "provider": "Microsoft Sentinel Community", + "support": { + "tier": "Community" + }, + "author": { + "name": "mariavaladas" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "Platform", + "Migration" + ] + } + }, + { + "workbookKey": "AdvancedKQL", + "logoFileName": "Azure_Sentinel.svg", + "description": "This interactive Workbook is designed to improve your KQL proficiency by using a use-case driven approach.", + "dataTypesDependencies": [], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "AdvancedKQLWhite.png", + "AdvancedKQLBlack.png" + ], + "version": "1.3.0", + "title": "Advanced KQL for Microsoft Sentinel", + "templateRelativePath": "AdvancedKQL.json", + "subtitle": "", + "provider": "Microsoft Sentinel Community" + }, + { + "workbookKey": "DSTIMWorkbook", + "logoFileName": "DSTIM.svg", + "description": "Identify sensitive data blast radius (i.e., who accessed sensitive data, what kinds of sensitive data, from where and when) in a given data security incident investigation or as part of Threat Hunting. Prioritize your investigation based on insights provided with integrations with Watchlists(VIPUsers, TerminatedEmployees and HighValueAssets), Threat Intelligence feed, UEBA baselines and much more.", + "dataTypesDependencies": [ + "DSMAzureBlobStorageLogs", + "DSMDataClassificationLogs", + "DSMDataLabelingLogs", + "Anomalies", + "ThreatIntelligenceIndicator", + "AADManagedIdentitySignInLogs", + "SecurityAlert", + "SigninLogs" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "DSTIMWorkbookBlack.png", + "DSTIMWorkbookWhite.png" + ], + "version": "1.9.0", + "title": "Data Security - Sensitive Data Impact Assessment", + "templateRelativePath": "DSTIMWorkbook.json", + "subtitle": "", + "provider": "Microsoft", + "featureFlag": "DSTIMWorkbook", + "support": { + "tier": "Community" + }, + "author": { + "name": "avital-m" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "Security - Others" + ] + } + }, + { + "workbookKey": "IntrotoKQLWorkbook", + "logoFileName": "Azure_Sentinel.svg", + "description": "Learn and practice the Kusto Query Language. This workbook introduces and provides 100 to 200 level content for new and existing users looking to learn KQL. This workbook will be updated with content over time.", + "dataTypesDependencies": [], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "IntrotoKQL-black.png", + "IntrotoKQL-white.png" + ], + "version": "1.0.0", + "title": "Intro to KQL", + "templateRelativePath": "IntrotoKQL.json", + "subtitle": "", + "provider": "Microsoft Sentinel Community" + }, + { + "workbookKey": "Log4jPostCompromiseHuntingWorkbook", + "logoFileName": "Log4j.svg", + "description": "This hunting workbook is intended to help identify activity related to the Log4j compromise discovered in December 2021.", + "dataTypesDependencies": [ + "SecurityNestedRecommendation", + "AzureDiagnostics", + "OfficeActivity", + "W3CIISLog", + "AWSCloudTrail", + "SigninLogs", + "AADNonInteractiveUserSignInLogs", + "imWebSessions", + "imNetworkSession" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "Log4jPostCompromiseHuntingBlack.png", + "Log4jPostCompromiseHuntingWhite.png" + ], + "version": "1.0.0", + "title": "Log4j Post Compromise Hunting", + "templateRelativePath": "Log4jPostCompromiseHunting.json", + "subtitle": "", + "provider": "Microsoft Sentinel Community" + }, + { + "workbookKey": "Log4jImpactAssessmentWorkbook", + "logoFileName": "Log4j.svg", + "description": "This hunting workbook is intended to help identify activity related to the Log4j compromise discovered in December 2021.", + "dataTypesDependencies": [ + "SecurityIncident", + "SecurityAlert", + "AzureSecurityCenter", + "MDfESecureScore_CL", + "MDfEExposureScore_CL", + "MDfERecommendations_CL", + "MDfEVulnerabilitiesList_CL" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "Log4jPostCompromiseHuntingBlack.png", + "Log4jPostCompromiseHuntingWhite.png" + ], + "version": "1.0.0", + "title": "Log4j Impact Assessment", + "templateRelativePath": "Log4jImpactAssessment.json", + "subtitle": "", + "provider": "Microsoft Sentinel Community" + }, + { + "workbookKey": "UserMap", + "logoFileName": "Azure_Sentinel.svg", + "description": "This Workbook shows MaliciousIP, User SigninLog Data (this shows user Signin Locations and distance between as well as order visited) and WAF information.", + "dataTypesDependencies": [ + "SigninLogs", + "AzureDiagnostics", + "WireData", + "VMconnection", + "CommonSecurityLog", + "WindowsFirewall", + "W3CIISLog", + "DnsEvents" + ], + "dataConnectorsDependencies": [ + "AzureActiveDirectory" + ], + "previewImagesFileNames": [ + "UserMapBlack.png", + "UserMapWhite.png" + ], + "version": "1.0.1", + "title": "User Map information", + "templateRelativePath": "UserMap.json", + "subtitle": "", + "provider": "Microsoft Sentinel Community", + "support": { + "tier": "Community" + }, + "author": { + "name": "Clive Watson" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "Security - Threat Protection" + ] + } + }, + { + "workbookKey": "AWSS3", + "logoFileName": "amazon_web_services_Logo.svg", + "description": "This workbook shows quick summary of AWS S3 data (AWSCloudTrail, AWSGuardDuty, AWSVPCFlow). To visulaize the data, make sure you configure AWS S3 connector and data geting ingested into Sentinel", + "dataTypesDependencies": [ + "AWSCloudTrail", + "AWSGuardDuty", + "AWSVPCFlow" + ], + "dataConnectorsDependencies": [ + "AWSS3" + ], + "previewImagesFileNames": [ + "AWSS3Black.png", + "AWSS3White.png", + "AWSS3White1.png" + ], + "version": "1.0.0", + "title": "AWS S3 Workbook", + "templateRelativePath": "AWSS3.json", + "subtitle": "", + "provider": "Microsoft Sentinel Community", + "support": { + "tier": "Community" + }, + "author": { + "name": "Clive Watson" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "Security - Cloud Security" + ] + } + }, + { + "workbookKey": "LogSourcesAndAnalyticRulesCoverageWorkbook", + "logoFileName": "Azure_Sentinel.svg", + "description": "This workbook is intended to show how the different tables in a Log Analytics workspace are being used by the different Microsoft Sentinel features, like analytics, hunting queries, playbooks and queries in general.", + "dataTypesDependencies": [], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "LogSourcesAndAnalyticRulesCoverageBlack.png", + "LogSourcesAndAnalyticRulesCoverageWhite.png" + ], + "version": "1.1.0", + "title": "Log Sources & Analytic Rules Coverage", + "templateRelativePath": "LogSourcesAndAnalyticRulesCoverage.json", + "subtitle": "", + "provider": "Microsoft Sentinel Community", + "support": { + "tier": "Community" + }, + "author": { + "name": "Eli Forbes" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "Security - Others" + ] + } + }, + { + "workbookKey": "CiscoFirepower", + "logoFileName": "cisco-logo-72px.svg", + "description": "Gain insights into your Cisco Firepower firewalls. This workbook analyzes Cisco Firepower device logs.", + "dataTypesDependencies": [ + "CommonSecurityLog" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "CiscoFirepowerBlack.png", + "CiscoFirepowerWhite.png" + ], + "version": "1.0.0", + "title": "Cisco Firepower", + "templateRelativePath": "CiscoFirepower.json", + "subtitle": "", + "provider": "Microsoft Sentinel Community", + "support": { + "tier": "Community" + }, + "author": { + "name": "Samik Roy" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "Security - Network" + ] + } + }, + { + "workbookKey": "MicrorosftTeams", + "logoFileName": "microsoftteams.svg", + "description": "This workbook is intended to identify the activities on Microrsoft Teams.", + "dataTypesDependencies": [ + "OfficeActivity" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "MicrosoftTeamsBlack.png", + "MicrosoftTeamsWhite.png" + ], + "version": "1.0.0", + "title": "Microsoft Teams", + "templateRelativePath": "MicrosoftTeams.json", + "subtitle": "", + "provider": "Microsoft Sentinel Community" + }, + { + "workbookKey": "ArchivingBasicLogsRetention", + "logoFileName": "ArchivingBasicLogsRetention.svg", + "description": "This workbooks shows workspace and table retention periods, basic logs, and search & restore tables. It also allows you to update table retention periods, plans, and delete search or restore tables.", + "dataTypesDependencies": [], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "ArchivingBasicLogsRetentionBlack1.png", + "ArchivingBasicLogsRetentionWhite1.png" + ], + "version": "1.1.0", + "title": "Archiving, Basic Logs, and Retention", + "templateRelativePath": "ArchivingBasicLogsRetention.json", + "subtitle": "", + "provider": "Microsoft Sentinel Community", + "support": { + "tier": "Community" + }, + "author": { + "name": "seanstark-ms" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "Platform", + "IT Operations" + ] + } + }, + { + "workbookKey": "OktaSingleSignOnWorkbook", + "logoFileName": "okta_logo.svg", + "description": "Gain extensive insight into Okta Single Sign-On (SSO) by analyzing, collecting and correlating Audit and Event events.\nThis workbook provides visibility into message and click events that were permitted, delivered, or blocked.", + "dataTypesDependencies": [ + "Okta_CL", + "OktaSSO" + ], + "dataConnectorsDependencies": [ + "OktaSSO", + "OktaSSOv2" + ], + "previewImagesFileNames": [ + "OktaSingleSignOnWhite.png", + "OktaSingleSignOnBlack.png" + ], + "version": "1.2", + "title": "Okta Single Sign-On", + "templateRelativePath": "OktaSingleSignOn.json", + "subtitle": "", + "provider": "Okta" + }, + { + "workbookKey": "CiscoMerakiWorkbook", + "logoFileName": "cisco-logo-72px.svg", + "description": "Gain insights into the Events from Cisco Meraki Solution and analyzing all the different types of Security Events. This workbook also helps in identifying the Events from affected devices, IPs and the nodes where malware was successfully detected.\nIP data received in Events is correlated with Threat Intelligence to identify if the reported IP address is known bad based on threat intelligence data.", + "dataTypesDependencies": [ + "meraki_CL", + "CiscoMerakiNativePoller", + "ThreatIntelligenceIndicator" + ], + "dataConnectorsDependencies": [ + "CiscoMeraki", + "CiscoMerakiNativePolling", + "ThreatIntelligence" + ], + "previewImagesFileNames": [ + "CiscoMerakiWorkbookWhite.png", + "CiscoMerakiWorkbookBlack.png" + ], + "version": "1.0.0", + "title": "CiscoMerakiWorkbook", + "templateRelativePath": "CiscoMerakiWorkbook.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "SentinelOneWorkbook", + "logoFileName": "Azure_Sentinel.svg", + "description": "Sets the time name for analysis.", + "dataTypesDependencies": [ + "SentinelOne_CL" + ], + "dataConnectorsDependencies": [ + "SentinelOne" + ], + "previewImagesFileNames": [ + "SentinelOneBlack.png", + "SentinelOneWhite.png" + ], + "version": "1.0.0", + "title": "SentinelOneWorkbook", + "templateRelativePath": "SentinelOne.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "TrendMicroApexOneWorkbook", + "logoFileName": "trendmicro_logo.svg", + "description": "Sets the time name for analysis.", + "dataTypesDependencies": [ + "CommonSecurityLog" + ], + "dataConnectorsDependencies": [ + "TrendMicroApexOne", + "TrendMicroApexOneAma", + "CefAma" + ], + "previewImagesFileNames": [ + "TrendMicroApexOneBlack.png", + "TrendMicroApexOneWhite.png" + ], + "version": "1.0.0", + "title": "Trend Micro Apex One", + "templateRelativePath": "TrendMicroApexOne.json", + "subtitle": "", + "provider": "TrendMicro" + }, + { + "workbookKey": "ContrastProtect", + "logoFileName": "contrastsecurity_logo.svg", + "description": "Select the time range for this Overview.", + "dataTypesDependencies": [ + "CommonSecurityLog" + ], + "dataConnectorsDependencies": [ + "ContrastProtect", + "ContrastProtectAma", + "CefAma" + ], + "previewImagesFileNames": [ + "ContrastProtectAllBlack.png", + "ContrastProtectAllWhite.png", + "ContrastProtectEffectiveBlack.png", + "ContrastProtectEffectiveWhite.png", + "ContrastProtectSummaryBlack.png", + "ContrastProtectSummaryWhite.png" + ], + "version": "1.0.0", + "title": "Contrast Protect", + "templateRelativePath": "ContrastProtect.json", + "subtitle": "", + "provider": "contrast security" + }, + { + "workbookKey": "ArmorbloxOverview", + "logoFileName": "armorblox.svg", + "description": "INCIDENTS FROM SELECTED TIME RANGE", + "dataTypesDependencies": [ + "Armorblox_CL" + ], + "dataConnectorsDependencies": [ + "Armorblox" + ], + "previewImagesFileNames": [ + "ArmorbloxOverviewBlack01.png", + "ArmorbloxOverviewBlack02.png", + "ArmorbloxOverviewWhite01.png", + "ArmorbloxOverviewWhite02.png" + ], + "version": "1.0.0", + "title": "Armorblox", + "templateRelativePath": "ArmorbloxOverview.json", + "subtitle": "", + "provider": "Armorblox" + }, + { + "workbookKey": "CiscoETDWorkbook", + "logoFileName": "cisco-logo-72px.svg", + "description": "Analyze email threat data seamlessly with the workbook, correlating information from the Secure Email Threat Defense API to identify and mitigate suspicious activities, providing insights into trends and allowing for precise filtering and analysis", + "dataTypesDependencies": [ + "CiscoETD_CL" + ], + "dataConnectorsDependencies": [ + "CiscoETD" + ], + "previewImagesFileNames": [ + "CiscoETDBlack01.PNG", + "CiscoETDBlack02.PNG", + "CiscoETDWhite01.PNG", + "CiscoETDWhite02.PNG" + ], + "version": "1.0", + "title": "Cisco Email Threat Defense", + "templateRelativePath": "CiscoETD.json", + "subtitle": "", + "provider": "Cisco" + }, + { + "workbookKey": "PaloAltoCDL", + "logoFileName": "paloalto_logo.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "CommonSecurityLog" + ], + "dataConnectorsDependencies": [ + "PaloAltoCDL", + "PaloAltoCDLAma", + "CefAma" + ], + "previewImagesFileNames": [ + "PaloAltoBlack.png", + "PaloAltoWhite.png" + ], + "version": "1.0.0", + "title": "Palo Alto Networks Cortex Data Lake", + "templateRelativePath": "PaloAltoCDL.json", + "subtitle": "", + "provider": "Palo Alto Networks" + }, + { + "workbookKey": "VMwareCarbonBlack", + "logoFileName": "Azure_Sentinel.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "CarbonBlackEvents_CL", + "CarbonBlackAuditLogs_CL", + "CarbonBlackNotifications_CL" + ], + "dataConnectorsDependencies": [ + "VMwareCarbonBlack" + ], + "previewImagesFileNames": [ + "VMwareCarbonBlack.png", + "VMwareCarbonWhite.png" + ], + "version": "1.0.0", + "title": "VMware Carbon Black Cloud", + "templateRelativePath": "VMwareCarbonBlack.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "VMwareSDWAN", + "logoFileName": "vmware_sase_logo.svg", + "description": "This workbook is intended to provide an overview on security events on VMware SD-WAN and Cloud Web Security.", + "dataTypesDependencies": [ + "VMware_CWS_Weblogs_CL", + "VMware_VECO_EventLogs_CL" + ], + "dataConnectorsDependencies": [ + "VMwareSDWAN" + ], + "previewImagesFileNames": [ + "vmwaresdwan_sentinel_audit_overview_Black.png", + "vmwaresdwan_sentinel_audit_overview_White.png", + "vmwaresdwan_sentinel_connectivity_overview_Black.png", + "vmwaresdwan_sentinel_connectivity_overview_White.png", + "vmwaresdwan_sentinel_cws_agents_events_Black.png", + "vmwaresdwan_sentinel_cws_agents_events_White.png", + "vmwaresdwan_sentinel_cws_casb_Black.png", + "vmwaresdwan_sentinel_cws_casb_White.png", + "vmwaresdwan_sentinel_cws_cf_users_policy_Black.png", + "vmwaresdwan_sentinel_cws_cf_users_policy_White.png", + "vmwaresdwan_sentinel_cws_overview_Black.png", + "vmwaresdwan_sentinel_cws_overview_White.png", + "vmwaresdwan_sentinel_cws_sasepop_urlf_Black.png", + "vmwaresdwan_sentinel_cws_sasepop_urlf_White.png", + "vmwaresdwan_sentinel_cws_urlf_Black.png", + "vmwaresdwan_sentinel_cws_urlf_White.png", + "vmwaresdwan_sentinel_efs_idps_categories_Black.png", + "vmwaresdwan_sentinel_efs_idps_categories_White.png", + "vmwaresdwan_sentinel_idps_activity_Black.png", + "vmwaresdwan_sentinel_idps_activity_White.png", + "vmwaresdwan_sentinel_nsd_overview_Black.png", + "vmwaresdwan_sentinel_nsd_overview_White.png", + "vmwaresdwan_sentinel_nsd_via_vcg_Black.png", + "vmwaresdwan_sentinel_nsd_via_vcg_White.png", + "vmwaresdwan_sentinel_sdwan_efs_statefulfw_Black.png", + "vmwaresdwan_sentinel_sdwan_efs_statefulfw_White.png" + ], + "version": "1.0.0", + "title": "VMware SD-WAN and SASE", + "templateRelativePath": "VMwareSASESOCDashboard.json", + "subtitle": "", + "provider": "velocloud" + }, + { + "workbookKey": "arista-networks", + "logoFileName": "AristaAwakeSecurity.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "CommonSecurityLog" + ], + "dataConnectorsDependencies": [ + "AristaAwakeSecurity", + "CefAma" + ], + "previewImagesFileNames": [ + "AristaAwakeSecurityDevicesBlack.png", + "AristaAwakeSecurityDevicesWhite.png", + "AristaAwakeSecurityModelsBlack.png", + "AristaAwakeSecurityModelsWhite.png", + "AristaAwakeSecurityOverviewBlack.png", + "AristaAwakeSecurityOverviewWhite.png" + ], + "version": "1.0.0", + "title": "Arista Awake", + "templateRelativePath": "AristaAwakeSecurityWorkbook.json", + "subtitle": "", + "provider": "Arista Networks" + }, + { + "workbookKey": "TomcatWorkbook", + "logoFileName": "Azure_Sentinel.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "Tomcat_CL" + ], + "dataConnectorsDependencies": [ + "ApacheTomcat" + ], + "previewImagesFileNames": [ + "TomcatBlack.png", + "TomcatWhite.png" + ], + "version": "1.0.0", + "title": "ApacheTomcat", + "templateRelativePath": "Tomcat.json", + "subtitle": "", + "provider": "Apache" + }, + { + "workbookKey": "ClarotyWorkbook", + "logoFileName": "Azure_Sentinel.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "CommonSecurityLog" + ], + "dataConnectorsDependencies": [ + "Claroty", + "ClarotyAma", + "CefAma" + ], + "previewImagesFileNames": [ + "ClarotyBlack.png", + "ClarotyWhite.png" + ], + "version": "1.0.0", + "title": "Claroty", + "templateRelativePath": "ClarotyOverview.json", + "subtitle": "", + "provider": "Claroty" + }, + { + "workbookKey": "ApacheHTTPServerWorkbook", + "logoFileName": "apache.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "ApacheHTTPServer_CL" + ], + "dataConnectorsDependencies": [ + "ApacheHTTPServer" + ], + "previewImagesFileNames": [ + "ApacheHTTPServerOverviewBlack01.png", + "ApacheHTTPServerOverviewBlack02.png", + "ApacheHTTPServerOverviewWhite01.png", + "ApacheHTTPServerOverviewWhite02.png" + ], + "version": "1.0.0", + "title": "Apache HTTP Server", + "templateRelativePath": "ApacheHTTPServer.json", + "subtitle": "", + "provider": "Apache Software Foundation" + }, + { + "workbookKey": "OCIWorkbook", + "logoFileName": "Azure_Sentinel.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "OCI_Logs_CL" + ], + "dataConnectorsDependencies": [ + "OracleCloudInfrastructureLogsConnector" + ], + "previewImagesFileNames": [ + "OCIBlack.png", + "OCIWhite.png" + ], + "version": "1.0.0", + "title": "Oracle Cloud Infrastructure", + "templateRelativePath": "OracleCloudInfrastructureOCI.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "OracleWeblogicServerWorkbook", + "logoFileName": "Azure_Sentinel.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "OracleWebLogicServer_CL" + ], + "dataConnectorsDependencies": [ + "OracleWebLogicServer" + ], + "previewImagesFileNames": [ + "OracleWeblogicServerBlack.png", + "OracleWeblogicServerWhite.png" + ], + "version": "1.0.0", + "title": "Oracle WebLogic Server", + "templateRelativePath": "OracleWorkbook.json", + "subtitle": "", + "provider": "Oracle" + }, + { + "workbookKey": "BitglassWorkbook", + "logoFileName": "Azure_Sentinel.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "BitglassLogs_CL" + ], + "dataConnectorsDependencies": [ + "Bitglass" + ], + "previewImagesFileNames": [ + "BitglassBlack.png", + "BitglassWhite.png" + ], + "version": "1.0.0", + "title": "Bitglass", + "templateRelativePath": "Bitglass.json", + "subtitle": "", + "provider": "Bitglass" + }, + { + "workbookKey": "NGINXWorkbook", + "logoFileName": "Azure_Sentinel.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "NGINX_CL" + ], + "dataConnectorsDependencies": [ + "NGINXHTTPServer" + ], + "previewImagesFileNames": [ + "NGINXOverviewBlack01.png", + "NGINXOverviewBlack02.png", + "NGINXOverviewWhite01.png", + "NGINXOverviewWhite02.png" + ], + "version": "1.0.0", + "title": "NGINX HTTP Server", + "templateRelativePath": "NGINX.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "vArmourAppContollerWorkbook", + "logoFileName": "varmour-logo.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "CommonSecurityLog" + ], + "dataConnectorsDependencies": [ + "vArmourAC", + "vArmourACAma", + "CefAma" + ], + "previewImagesFileNames": [ + "vArmourAppControllerAppBlack.png", + "vArmourAppControllerAppBlack-1.png", + "vArmourAppControllerAppBlack-2.png", + "vArmourAppControllerAppBlack-3.png", + "vArmourAppControllerAppBlack-4.png", + "vArmourAppControllerAppBlack-5.png", + "vArmourAppControllerAppBlack-6.png", + "vArmourAppControllerAppBlack-7.png", + "vArmourAppControllerAppWhite.png", + "vArmourAppControllerAppWhite-1.png", + "vArmourAppControllerAppWhite-2.png", + "vArmourAppControllerAppWhite-3.png", + "vArmourAppControllerAppWhite-4.png", + "vArmourAppControllerAppWhite-5.png", + "vArmourAppControllerAppWhite-6.png", + "vArmourAppControllerAppWhite-7.png" + ], + "version": "1.0.0", + "title": "vArmour Application Controller", + "templateRelativePath": "vArmour_AppContoller_Workbook.json", + "subtitle": "", + "provider": "vArmour" + }, + { + "workbookKey": "CorelightWorkbook", + "logoFileName": "corelight.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "Corelight_CL" + ], + "dataConnectorsDependencies": [ + "Corelight" + ], + "previewImagesFileNames": [ + "CorelightConnectionsBlack1.png", + "CorelightConnectionsBlack2.png", + "CorelightConnectionsWhite1.png", + "CorelightConnectionsWhite2.png", + "CorelightDNSBlack1.png", + "CorelightDNSWhite1.png", + "CorelightFileBlack1.png", + "CorelightFileBlack2.png", + "CorelightFileWhite1.png", + "CorelightFileWhite2.png", + "CorelightMainBlack1.png", + "CorelightMainWhite1.png", + "CorelightSoftwareBlack1.png", + "CorelightSoftwareWhite1.png" + ], + "version": "1.0.0", + "title": "Corelight", + "templateRelativePath": "Corelight.json", + "subtitle": "", + "provider": "Corelight" + }, + { + "workbookKey": "LookoutEvents", + "logoFileName": "lookout.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "Lookout_CL" + ], + "dataConnectorsDependencies": [ + "LookoutAPI" + ], + "previewImagesFileNames": [ + "SampleLookoutWorkBookBlack.png", + "SampleLookoutWorkBookWhite.png" + ], + "version": "1.0.0", + "title": "Lookout", + "templateRelativePath": "LookoutEvents.json", + "subtitle": "", + "provider": "Lookout" + }, + { + "workbookKey": "sentinel-MicrosoftPurview", + "logoFileName": "MicrosoftPurview.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "AzureDiagnostics" + ], + "dataConnectorsDependencies": [ + "MicrosoftAzurePurview" + ], + "previewImagesFileNames": [ + "" + ], + "version": "1.0.0", + "title": "Microsoft Purview", + "templateRelativePath": "MicrosoftPurview.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "InfobloxCDCB1TDWorkbook", + "logoFileName": "infoblox_logo.svg", + "description": "Get a closer look at your BloxOne DNS Query/Response logs, DHCP logs and Threat Defense security event data. This workbook is intended to help visualize BloxOne query data as part of the Infoblox Cloud solution. Drilldown your data and visualize events, trends, and anomalous changes over time.", + "dataTypesDependencies": [ + "CommonSecurityLog" + ], + "dataConnectorsDependencies": [ + "InfobloxCloudDataConnector", + "InfobloxCloudDataConnectorAma", + "CefAma" + ], + "previewImagesFileNames": [ + "InfobloxCDCB1TDBlack.png", + "InfobloxCDCB1TDWhite.png" + ], + "version": "2.0.0", + "title": "Infoblox CDC BloxOne DDI & Threat Defense DNS Workbook", + "templateRelativePath": "InfobloxCDCB1TDWorkbook.json", + "subtitle": "", + "provider": "Infoblox" + }, + { + "workbookKey": "InfobloxSOCInsightsWorkbook", + "logoFileName": "infoblox_logo.svg", + "description": "Get a closer look at your Infoblox SOC Insights. This workbook is intended to help visualize your BloxOne SOC Insights data as part of the Infoblox SOC Insights Solution. Drilldown your data and visualize events, trends, and anomalous changes over time.", + "dataTypesDependencies": [ + "InfobloxInsight", + "InfobloxInsightAssets", + "InfobloxInsightComments", + "InfobloxInsightIndicators", + "InfobloxInsightEvents" + ], + "dataConnectorsDependencies": [ + "InfobloxSOCInsightsDataConnector_AMA", + "InfobloxSOCInsightsDataConnector_API", + "InfobloxSOCInsightsDataConnector_Legacy", + "CefAma" + ], + "previewImagesFileNames": [ + "InfobloxSOCInsightsBlack.png", + "InfobloxSOCInsightsWhite.png" + ], + "version": "1.0.0", + "title": "Infoblox SOC Insights Workbook", + "templateRelativePath": "InfobloxSOCInsightsWorkbook.json", + "subtitle": "", + "provider": "Infoblox" + }, + { + "workbookKey": "UbiquitiUniFiWorkbook", + "logoFileName": "ubiquiti.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "Ubiquiti_CL" + ], + "dataConnectorsDependencies": [ + "UbiquitiUnifi" + ], + "previewImagesFileNames": [ + "UbiquitiOverviewBlack01.png", + "UbiquitiOverviewBlack02.png", + "UbiquitiOverviewWhite01.png", + "UbiquitiOverviewWhite02.png" + ], + "version": "1.0.0", + "title": "Ubiquiti UniFi", + "templateRelativePath": "Ubiquiti.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "VMwareESXiWorkbook", + "logoFileName": "Azure_Sentinel.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "Syslog" + ], + "dataConnectorsDependencies": [ + "VMwareESXi", + "SyslogAma" + ], + "previewImagesFileNames": [ + "VMWareESXiBlack.png", + "VMWareESXiWhite.png" + ], + "version": "1.0.0", + "title": "VMware ESXi", + "templateRelativePath": "VMWareESXi.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "SnowflakeWorkbook", + "logoFileName": "Azure_Sentinel.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "Snowflake_CL" + ], + "dataConnectorsDependencies": [ + "SnowflakeDataConnector" + ], + "previewImagesFileNames": [ + "SnowflakeBlack.png", + "SnowflakeWhite.png" + ], + "version": "1.0.0", + "title": "Snowflake", + "templateRelativePath": "Snowflake.json", + "subtitle": "", + "provider": "Snowflake" + }, + { + "workbookKey": "LastPassWorkbook", + "logoFileName": "LastPass.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "LastPassNativePoller_CL" + ], + "dataConnectorsDependencies": [ + "LastPassAPIConnector" + ], + "previewImagesFileNames": [ + "LastPassBlack.png", + "LastPassWhite.png" + ], + "version": "1.0.0", + "title": "Lastpass Enterprise Activity Monitoring", + "templateRelativePath": "LastPassWorkbook.json", + "subtitle": "", + "provider": "LastPass" + }, + { + "workbookKey": "SecurityBridgeWorkbook", + "logoFileName": "SecurityBridgeLogo-Vector-TM_75x75.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "SecurityBridgeLogs" + ], + "dataConnectorsDependencies": [ + "SecurityBridgeSAP" + ], + "previewImagesFileNames": [ + "" + ], + "version": "1.0.0", + "title": "SecurityBridge App", + "templateRelativePath": "SecurityBridgeThreatDetectionforSAP.json", + "subtitle": "", + "provider": "SecurityBridge" + }, + { + "workbookKey": "PaloAltoPrismaCloudWorkbook", + "logoFileName": "paloalto_logo.svg", + "description": "Sets the time name for analysis.", + "dataTypesDependencies": [ + "PaloAltoPrismaCloudAlert_CL", + "PaloAltoPrismaCloudAudit_CL" + ], + "dataConnectorsDependencies": [ + "PaloAltoPrismaCloud" + ], + "previewImagesFileNames": [ + "PaloAltoPrismaCloudBlack01.png", + "PaloAltoPrismaCloudBlack02.png", + "PaloAltoPrismaCloudWhite01.png", + "PaloAltoPrismaCloudWhite02.png" + ], + "version": "1.0.0", + "title": "Palo Alto Prisma", + "templateRelativePath": "PaloAltoPrismaCloudOverview.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "PingFederateWorkbook", + "logoFileName": "PingIdentity.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "PingFederateEvent" + ], + "dataConnectorsDependencies": [ + "PingFederate", + "PingFederateAma", + "CefAma" + ], + "previewImagesFileNames": [ + "PingFederateBlack1.png", + "PingFederateWhite1.png" + ], + "version": "1.0.0", + "title": "PingFederate", + "templateRelativePath": "PingFederate.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "McAfeeePOWorkbook", + "logoFileName": "mcafee_logo.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "McAfeeEPOEvent" + ], + "dataConnectorsDependencies": [ + "McAfeeePO", + "SyslogAma" + ], + "previewImagesFileNames": [ + "McAfeeePOBlack1.png", + "McAfeeePOBlack2.png", + "McAfeeePOWhite1.png", + "McAfeeePOWhite2.png" + ], + "version": "1.0.0", + "title": "McAfee ePolicy Orchestrator", + "templateRelativePath": "McAfeeePOOverview.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "OracleDatabaseAudit", + "logoFileName": "oracle_logo.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "Syslog" + ], + "dataConnectorsDependencies": [ + "OracleDatabaseAudit", + "SyslogAma" + ], + "previewImagesFileNames": [ + "OracleDatabaseAuditBlack1.png", + "OracleDatabaseAuditBlack2.png", + "OracleDatabaseAuditWhite1.png", + "OracleDatabaseAuditWhite2.png" + ], + "version": "1.0.0", + "title": "Oracle Database Audit", + "templateRelativePath": "OracleDatabaseAudit.json", + "subtitle": "", + "provider": "Oracle" + }, + { + "workbookKey": "SenservaProAnalyticsWorkbook", + "logoFileName": "SenservaPro_logo.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "SenservaPro_CL" + ], + "dataConnectorsDependencies": [ + "SenservaPro" + ], + "previewImagesFileNames": [ + "SenservaProAnalyticsBlack.png", + "SenservaProAnalyticsWhite.png" + ], + "version": "1.0.0", + "title": "SenservaProAnalytics", + "templateRelativePath": "SenservaProAnalyticsWorkbook.json", + "subtitle": "", + "provider": "Senserva Pro" + }, + { + "workbookKey": "SenservaProMultipleWorkspaceWorkbook", + "logoFileName": "SenservaPro_logo.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "SenservaPro_CL" + ], + "dataConnectorsDependencies": [ + "SenservaPro" + ], + "previewImagesFileNames": [ + "SenservaProMultipleWorkspaceWorkbookBlack.png", + "SenservaProMultipleWorkspaceWorkbookWhite.png" + ], + "version": "1.0.0", + "title": "SenservaProMultipleWorkspace", + "templateRelativePath": "SenservaProMultipleWorkspaceWorkbook.json", + "subtitle": "", + "provider": "Senserva Pro" + }, + { + "workbookKey": "SenservaProSecureScoreMultiTenantWorkbook", + "logoFileName": "SenservaPro_logo.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "SenservaPro_CL" + ], + "dataConnectorsDependencies": [ + "SenservaPro" + ], + "previewImagesFileNames": [ + "SenservaProSecureScoreMultiTenantBlack.png", + "SenservaProSecureScoreMultiTenantWhite.png" + ], + "version": "1.0.0", + "title": "SenservaProSecureScoreMultiTenant", + "templateRelativePath": "SenservaProSecureScoreMultiTenantWorkbook.json", + "subtitle": "", + "provider": "Senserva Pro" + }, + { + "workbookKey": "CiscoSecureEndpointOverviewWorkbook", + "logoFileName": "cisco-logo-72px.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "CiscoSecureEndpoint" + ], + "dataConnectorsDependencies": [ + "CiscoSecureEndpoint" + ], + "previewImagesFileNames": [ + "CiscoSecureEndpointBlack.png", + "CiscoSecureEndpointWhite.png" + ], + "version": "1.0.0", + "title": "Cisco Secure Endpoint", + "templateRelativePath": "Cisco Secure Endpoint Overview.json", + "subtitle": "", + "provider": "Cisco" + }, + { + "workbookKey": "InfoSecGlobalWorkbook", + "logoFileName": "infosecglobal.svg", + "description": "Sets the time name for analysis.", + "dataTypesDependencies": [ + "InfoSecAnalytics_CL" + ], + "dataConnectorsDependencies": [ + "InfoSecDataConnector" + ], + "previewImagesFileNames": [ + "InfoSecGlobalWorkbookBlack.png", + "InfoSecGlobalWorkbookWhite.png" + ], + "version": "1.0.0", + "title": "AgileSec Analytics Connector", + "templateRelativePath": "InfoSecGlobal.json", + "subtitle": "", + "provider": "InfoSecGlobal" + }, + { + "workbookKey": "CrowdStrikeFalconEndpointProtectionWorkbook", + "logoFileName": "crowdstrike.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "CrowdstrikeReplicatorLogs_CL" + ], + "dataConnectorsDependencies": [ + "CrowdstrikeReplicator" + ], + "previewImagesFileNames": [ + "CrowdStrikeFalconEndpointProtectionBlack.png", + "CrowdStrikeFalconEndpointProtectionWhite.png" + ], + "version": "1.0.0", + "title": "CrowdStrike Falcon Endpoint Protection", + "templateRelativePath": "CrowdStrikeFalconEndpointProtection.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "IronDefenseAlertDashboard", + "logoFileName": "IronNet.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "CommonSecurityLog" + ], + "dataConnectorsDependencies": [ + "IronNetIronDefense" + ], + "previewImagesFileNames": [ + "IronDefenseDashboardBlack.png", + "IronDefenseDashboardWhite.png" + ], + "version": "1.0.0", + "title": "IronDefenseAlertDashboard", + "templateRelativePath": "IronDefenseAlertDashboard.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "IronDefenseAlertDetails", + "logoFileName": "IronNet.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "CommonSecurityLog" + ], + "dataConnectorsDependencies": [ + "IronNetIronDefense" + ], + "previewImagesFileNames": [ + "IronDefenseAlertsBlack.png", + "IronDefenseAlertsWhite.png" + ], + "version": "1.0.0", + "title": "IronDefenseAlertDetails", + "templateRelativePath": "IronDefenseAlertDetails.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "CiscoSEGWorkbook", + "logoFileName": "cisco-logo-72px.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "CommonSecurityLog" + ], + "dataConnectorsDependencies": [ + "CiscoSEG", + "CiscoSEGAma", + "CefAma" + ], + "previewImagesFileNames": [ + "CiscoSEGBlack.png", + "CiscoSEGWhite.png" + ], + "version": "1.0.0", + "title": "Cisco Secure Email Gateway", + "templateRelativePath": "CiscoSEG.json", + "subtitle": "", + "provider": "Cisco" + }, + { + "workbookKey": "EatonForeseerHealthAndAccess", + "logoFileName": "Azure_Sentinel.svg", + "description": "This workbook gives an insight into the health of all the Windows VMs in this subscription running Eaton Foreseer and the unauthorized access into the Eaton Foreseer application running on these VMs.", + "dataTypesDependencies": [ + "SecurityEvent" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "EatonForeseerHealthAndAccessBlack.png", + "EatonForeseerHealthAndAccessWhite.png" + ], + "version": "1.0.0", + "title": "EatonForeseerHealthAndAccess", + "templateRelativePath": "EatonForeseerHealthAndAccess.json", + "subtitle": "", + "provider": "Eaton" + }, + { + "workbookKey": "PCIDSSComplianceWorkbook", + "logoFileName": "Azure_Sentinel.svg", + "description": "Choose your subscription and workspace in which PCI assets are deployed", + "dataTypesDependencies": [ + "AzureDaignostics", + "SecurityEvent", + "SecurityAlert", + "OracleDatabaseAuditEvent", + "Syslog", + "Anomalies" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "PCIDSSComplianceBlack01.PNG", + "PCIDSSComplianceBlack02.PNG", + "PCIDSSComplianceWhite01.PNG", + "PCIDSSComplianceWhite02.PNG" + ], + "version": "1.0.0", + "title": "PCI DSS Compliance", + "templateRelativePath": "PCIDSSCompliance.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "SonraiSecurityWorkbook", + "logoFileName": "Sonrai.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "Sonrai_Tickets_CL" + ], + "dataConnectorsDependencies": [ + "SonraiDataConnector" + ], + "previewImagesFileNames": [ + "SonraiWorkbookBlack.png", + "SonraiWorkbookWhite.png" + ], + "version": "1.0.0", + "title": "Sonrai", + "templateRelativePath": "Sonrai.json", + "subtitle": "", + "provider": "Sonrai" + }, + { + "workbookKey": "SemperisDSPWorkbook", + "logoFileName": "Semperis.svg", + "description": "Specify the time range on which to query the data", + "dataTypesDependencies": [ + "dsp_parser" + ], + "dataConnectorsDependencies": [ + "SemperisDSP" + ], + "previewImagesFileNames": [ + "SemperisDSPOverview1Black.png", + "SemperisDSPOverview1White.png", + "SemperisDSPOverview2Black.png", + "SemperisDSPOverview2White.png", + "SemperisDSPOverview3Black.png", + "SemperisDSPOverview3White.png" + ], + "version": "1.0.0", + "title": "Semperis Directory Services Protector", + "templateRelativePath": "SemperisDSPWorkbook.json", + "subtitle": "", + "provider": "Semperis" + }, + { + "workbookKey": "BoxWorkbook", + "logoFileName": "box.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "BoxEvents_CL" + ], + "dataConnectorsDependencies": [ + "BoxDataConnector" + ], + "previewImagesFileNames": [ + "BoxBlack1.png", + "BoxWhite1.png", + "BoxBlack2.png", + "BoxWhite2.png" + ], + "version": "1.0.0", + "title": "Box", + "templateRelativePath": "Box.json", + "subtitle": "", + "provider": "Box" + }, + { + "workbookKey": "SymantecEndpointProtection", + "logoFileName": "symantec_logo.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "SymantecEndpointProtection" + ], + "dataConnectorsDependencies": [ + "SymantecEndpointProtection", + "SyslogAma" + ], + "previewImagesFileNames": [ + "SymantecEndpointProtectionBlack.png", + "SymantecEndpointProtectionWhite.png" + ], + "version": "1.0.0", + "title": "Symantec Endpoint Protection", + "templateRelativePath": "SymantecEndpointProtection.json", + "subtitle": "", + "provider": "Symantec" + }, + { + "workbookKey": "DynamicThreatModeling&Response", + "logoFileName": "Azure_Sentinel.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "SecurityAlert" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "DynamicThreatModeling&ResponseWhite.png", + "DynamicThreatModeling&ResponseBlack.png" + ], + "version": "1.0.0", + "title": "Dynamic Threat Modeling Response", + "templateRelativePath": "DynamicThreatModeling&Response.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "ThreatAnalysis&Response", + "logoFileName": "Azure_Sentinel.svg", + "description": "The Defenders for IoT workbook provide guided investigations for OT entities based on open incidents, alert notifications, and activities for OT assets. They also provide a hunting experience across the MITRE ATT&CK® framework for ICS, and are designed to enable analysts, security engineers, and MSSPs to gain situational awareness of OT security posture.", + "dataTypesDependencies": [ + "SecurityAlert" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "ThreatAnalysis&ResponseWhite1.png", + "ThreatAnalysis&ResponseWhite2.png", + "ThreatAnalysis&ResponseWhite3.png", + "ThreatAnalysis&ResponseWhite4.png", + "ThreatAnalysis&ResponseBlack1.png", + "ThreatAnalysis&ResponseBlack2.png", + "ThreatAnalysis&ResponseBlack3.png", + "ThreatAnalysis&ResponseBlack4.png" + ], + "version": "1.0.1", + "title": "Threat Analysis Response", + "templateRelativePath": "ThreatAnalysis&Response.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "TrendMicroCAS", + "logoFileName": "Trend_Micro_Logo.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "TrendMicroCAS_CL" + ], + "dataConnectorsDependencies": [ + "TrendMicroCAS" + ], + "previewImagesFileNames": [ + "TrendMicroCASBlack.png", + "TrendMicroCASWhite.png" + ], + "version": "1.0.0", + "title": "TrendMicroCAS", + "templateRelativePath": "TrendMicroCAS.json", + "subtitle": "", + "provider": "TrendMicro" + }, + { + "workbookKey": "GitHubSecurityWorkbook", + "logoFileName": "GitHub.svg", + "description": "Gain insights to GitHub activities that may be interesting for security.", + "dataTypesDependencies": [ + "GitHubAuditLogPolling_CL" + ], + "dataConnectorsDependencies": [ + "GitHubEcAuditLogPolling" + ], + "previewImagesFileNames": [ + "GitHubSecurityBlack.png", + "GitHubSecurityWhite.png" + ], + "version": "1.0.0", + "title": "GithubWorkbook", + "templateRelativePath": "GitHub.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "GCPDNSWorkbook", + "logoFileName": "google_logo.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "GCPCloudDNS" + ], + "dataConnectorsDependencies": [ + "GCPDNSDataConnector" + ], + "previewImagesFileNames": [ + "GCPDNSBlack.png", + "GCPDNSWhite.png" + ], + "version": "1.0.0", + "title": "Google Cloud Platform DNS", + "templateRelativePath": "GCPDNS.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "AtlassianJiraAuditWorkbook", + "logoFileName": "atlassian.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "AtlassianJiraNativePoller_CL" + ], + "dataConnectorsDependencies": [ + "AtlassianJira" + ], + "previewImagesFileNames": [ + "AtlassianJiraAuditWhite.png", + "AtlassianJiraAuditBlack.png" + ], + "version": "1.0.0", + "title": "AtlassianJiraAudit", + "templateRelativePath": "AtlassianJiraAudit.json", + "subtitle": "", + "provider": "Atlassian" + }, + { + "workbookKey": "DigitalGuardianWorkbook", + "logoFileName": "Azure_Sentinel.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "DigitalGuardianDLPEvent" + ], + "dataConnectorsDependencies": [ + "DigitalGuardianDLP", + "SyslogAma" + ], + "previewImagesFileNames": [ + "DigitalGuardianBlack.png", + "DigitalGuardianWhite.png" + ], + "version": "1.0.0", + "title": "DigitalGuardianDLP", + "templateRelativePath": "DigitalGuardian.json", + "subtitle": "", + "provider": "Digital Guardian" + }, + { + "workbookKey": "CiscoDuoWorkbook", + "logoFileName": "cisco-logo-72px.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "CiscoDuo_CL" + ], + "dataConnectorsDependencies": [ + "CiscoDuoSecurity" + ], + "previewImagesFileNames": [ + "CiscoDuoWhite.png", + "CiscoDuoBlack.png" + ], + "version": "1.0.0", + "title": "CiscoDuoSecurity", + "templateRelativePath": "CiscoDuo.json", + "subtitle": "", + "provider": "Cisco" + }, + { + "workbookKey": "SlackAudit", + "logoFileName": "slacklogo.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "SlackAudit_CL" + ], + "dataConnectorsDependencies": [ + "SlackAuditAPI" + ], + "previewImagesFileNames": [ + "SlackAuditApplicationActivityBlack1.png", + "SlackAuditApplicationActivityWhite1.png" + ], + "version": "1.0.0", + "title": "SlackAudit", + "templateRelativePath": "SlackAudit.json", + "subtitle": "", + "provider": "Slack" + }, + { + "workbookKey": "CiscoWSAWorkbook", + "logoFileName": "cisco-logo-72px.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "Syslog" + ], + "dataConnectorsDependencies": [ + "CiscoWSA", + "SyslogAma" + ], + "previewImagesFileNames": [ + "CiscoWSAWhite.png", + "CiscoWSABlack.png" + ], + "version": "1.0.0", + "title": "CiscoWSA", + "templateRelativePath": "CiscoWSA.json", + "subtitle": "", + "provider": "Cisco" + }, + { + "workbookKey": "GCP-IAM-Workbook", + "logoFileName": "google_logo.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "GCP_IAM_CL" + ], + "dataConnectorsDependencies": [ + "GCPIAMDataConnector" + ], + "previewImagesFileNames": [ + "GCPIAMBlack01.png", + "GCPIAMBlack02.png", + "GCPIAMWhite01.png", + "GCPIAMWhite02.png" + ], + "version": "1.0.0", + "title": "Google Cloud Platform IAM", + "templateRelativePath": "GCP_IAM.json", + "subtitle": "", + "provider": "Google" + }, + { + "workbookKey": "ImpervaWAFCloudWorkbook", + "logoFileName": "Imperva_DarkGrey_final_75x75.svg", + "description": "Sets the time name for analysis.", + "dataTypesDependencies": [ + "ImpervaWAFCloud_CL" + ], + "dataConnectorsDependencies": [ + "ImpervaWAFCloudAPI" + ], + "previewImagesFileNames": [ + "ImpervaWAFCloudBlack01.png", + "ImpervaWAFCloudBlack02.png", + "ImpervaWAFCloudWhite01.png", + "ImpervaWAFCloudWhite02.png" + ], + "version": "1.0.0", + "title": "Imperva WAF Cloud Overview", + "templateRelativePath": "Imperva WAF Cloud Overview.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "ZscalerZPAWorkbook", + "logoFileName": "ZscalerLogo.svg", + "description": "Select the time range for this Overview.", + "dataTypesDependencies": [ + "ZPA_CL" + ], + "dataConnectorsDependencies": [ + "ZscalerPrivateAccess", + "CustomLogsAma" + ], + "previewImagesFileNames": [ + "ZscalerZPABlack.png", + "ZscalerZPAWhite.png" + ], + "version": "1.0.0", + "title": "Zscaler Private Access (ZPA)", + "templateRelativePath": "ZscalerZPA.json", + "subtitle": "", + "provider": "Zscaler" + }, + { + "workbookKey": "GoogleWorkspaceWorkbook", + "logoFileName": "google_logo.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "GWorkspace_ReportsAPI_admin_CL", + "GWorkspace_ReportsAPI_calendar_CL", + "GWorkspace_ReportsAPI_drive_CL", + "GWorkspace_ReportsAPI_login_CL", + "GWorkspace_ReportsAPI_login_CL", + "GWorkspace_ReportsAPI_mobile_CL" + ], + "dataConnectorsDependencies": [ + "GoogleWorkspaceReportsAPI" + ], + "previewImagesFileNames": [ + "GoogleWorkspaceBlack.png", + "GoogleWorkspaceWhite.png" + ], + "version": "1.0.0", + "title": "GoogleWorkspaceReports", + "templateRelativePath": "GoogleWorkspace.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "NCProtectWorkbook", + "logoFileName": "NCProtectIcon.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "NCProtectUAL_CL" + ], + "dataConnectorsDependencies": [ + "NucleusCyberNCProtect" + ], + "previewImagesFileNames": [ + "" + ], + "version": "1.0.0", + "title": "NucleusCyberProtect", + "templateRelativePath": "NucleusCyber_NCProtect_Workbook.json", + "subtitle": "", + "provider": "archTIS" + }, + { + "workbookKey": "CiscoISEWorkbook", + "logoFileName": "cisco-logo-72px.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "Syslog" + ], + "dataConnectorsDependencies": [ + "CiscoISE", + "SyslogAma" + ], + "previewImagesFileNames": [ + "CiscoISEBlack1.png", + "CiscoISEBlack2.png", + "CiscoISEWhite1.png", + "CiscoISEWhite2.png" + ], + "version": "1.0.0", + "title": "Cisco ISE", + "templateRelativePath": "CiscoISE.json", + "subtitle": "", + "provider": "Cisco" + }, + { + "workbookKey": "IoTOTThreatMonitoringwithDefenderforIoTWorkbook", + "logoFileName": "Azure_Sentinel.svg", + "description": "The OT Threat Monitoring with Defender for IoT Workbook features OT filtering for Security Alerts, Incidents, Vulnerabilities and Asset Inventory. The workbook features a dynamic assessment of the MITRE ATT&CK for ICS matrix across your environment to analyze and respond to OT-based threats. This workbook is designed to enable SecOps Analysts, Security Engineers, and MSSPs to gain situational awareness for IT/OT security posture.", + "dataTypesDependencies": [ + "SecurityAlert", + "SecurityIncident" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "IoTOTThreatMonitoringwithDefenderforIoTBlack.png", + "IoTOTThreatMonitoringwithDefenderforIoTWhite.png" + ], + "version": "1.0.0", + "title": "Microsoft Defender for IoT", + "templateRelativePath": "IoTOTThreatMonitoringwithDefenderforIoT.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "ZeroTrust(TIC3.0)Workbook", + "logoFileName": "Azure_Sentinel.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "SecurityRecommendation" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "ZeroTrust(TIC3.0)Black1.PNG", + "ZeroTrust(TIC3.0)White1.PNG" + ], + "version": "1.0.0", + "title": "ZeroTrust(TIC3.0)", + "templateRelativePath": "ZeroTrustTIC3.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "CybersecurityMaturityModelCertification(CMMC)2.0Workbook", + "logoFileName": "Azure_Sentinel.svg", + "description": "Sets the time name for analysis.", + "dataTypesDependencies": [ + "InformationProtectionLogs_CL", + "AuditLogs", + "SecurityIncident", + "SigninLogs", + "AzureActivity" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "CybersecurityMaturityModelCertificationBlack.png", + "CybersecurityMaturityModelCertificationWhite.png" + ], + "version": "1.0.0", + "title": "CybersecurityMaturityModelCertification(CMMC)2.0", + "templateRelativePath": "CybersecurityMaturityModelCertification_CMMCV2.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "NISTSP80053Workbook", + "logoFileName": "Azure_Sentinel.svg", + "description": "Sets the time name for analysis.", + "dataTypesDependencies": [ + "SigninLogs", + "AuditLogs", + "AzureActivity", + "OfficeActivity", + "SecurityEvents", + "CommonSecurityLog", + "SecurityIncident", + "SecurityRecommendation" + ], + "dataConnectorsDependencies": [ + "SecurityEvents" + ], + "previewImagesFileNames": [ + "NISTSP80053Black.png", + "NISTSP80053White.png" + ], + "version": "1.0.0", + "title": "NISTSP80053workbook", + "templateRelativePath": "NISTSP80053.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "DarktraceWorkbook", + "logoFileName": "Darktrace.svg", + "description": "The Darktrace Workbook visualises Model Breach and AI Analyst data received by the Darktrace Data Connector and visualises events across the network, SaaS, IaaS and Email.", + "dataTypesDependencies": [ + "darktrace_model_alerts_CL" + ], + "dataConnectorsDependencies": [ + "DarktraceRESTConnector" + ], + "previewImagesFileNames": [ + "DarktraceWorkbookBlack01.png", + "DarktraceWorkbookBlack02.png", + "DarktraceWorkbookWhite01.png", + "DarktraceWorkbookWhite02.png" + ], + "version": "1.0.1", + "title": "Darktrace", + "templateRelativePath": "DarktraceWorkbook.json", + "subtitle": "", + "provider": "Darktrace" + }, + { + "workbookKey": "RecordedFutureAlertOverviewWorkbook", + "logoFileName": "RecordedFuture.svg", + "description": "Recorded Future Alerts Overview Workbook. This workbook will visualize playbook alerts imported via the RecordedFuture-Alert-Importer.", + "dataTypesDependencies": [ + "RecordedFuturePortalAlerts_CL" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "RecordedFutureAlertOverviewWhite.png", + "RecordedFutureAlertOverviewBlack.png" + ], + "version": "1.0.1", + "title": "Recorded Future - Alerts Overview", + "templateRelativePath": "RecordedFutureAlertOverview.json", + "subtitle": "", + "provider": "Recorded Future" + }, + { + "workbookKey": "RecordedFuturePlaybookAlertOverviewWorkbook", + "logoFileName": "RecordedFuture.svg", + "description": "Recorded Future Playbook Alerts Overview Workbook. This workbook will visualize playbook alerts imported via the RecordedFuture-Playbook-Alert-Importer.", + "dataTypesDependencies": [ + "RecordedFuturePlaybookAlerts_CL" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "RecordedFuturePlaybookAlertOverviewWhite1.png", + "RecordedFuturePlaybookAlertOverviewBlack1.png" + ], + "version": "1.0.1", + "title": "Recorded Future - Playbook Alerts Overview", + "templateRelativePath": "RecordedFuturePlaybookAlertOverview.json", + "subtitle": "", + "provider": "Recorded Future" + }, + { + "workbookKey": "RecordedFutureDomainCorrelationWorkbook", + "logoFileName": "RecordedFuture.svg", + "description": "Recorded Future Domain Correlation Workbook. This workbook will visualize Recorded Future threat intelligence data together with infrastructure logs ingested in to Sentinel.", + "dataTypesDependencies": [ + "ThreatIntelligenceIndicator" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "RecordedFutureDomainCorrelationWhite.png", + "RecordedFutureDomainCorrelationBlack.png" + ], + "version": "1.0.1", + "title": "Recorded Future - Domain Correlation", + "templateRelativePath": "RecordedFutureDomainCorrelation.json", + "subtitle": "", + "provider": "Recorded Future" + }, + { + "workbookKey": "RecordedFutureHashCorrelationWorkbook", + "logoFileName": "RecordedFuture.svg", + "description": "Recorded Future Hash Correlation Workbook. This workbook will visualize Recorded Future threat intelligence data together with infrastructure logs ingested in to Sentinel.", + "dataTypesDependencies": [ + "ThreatIntelligenceIndicator" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "RecordedFutureHashCorrelationWhite.png", + "RecordedFutureHashCorrelationBlack.png" + ], + "version": "1.0.1", + "title": "Recorded Future - Hash Correlation", + "templateRelativePath": "RecordedFutureHashCorrelation.json", + "subtitle": "", + "provider": "Recorded Future" + }, + { + "workbookKey": "RecordedFutureIPCorrelationWorkbook", + "logoFileName": "RecordedFuture.svg", + "description": "Recorded Future IP Correlation Workbook. This workbook will visualize Recorded Future threat intelligence data together with infrastructure logs ingested in to Sentinel.", + "dataTypesDependencies": [ + "ThreatIntelligenceIndicator" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "RecordedFutureIPCorrelationWhite.png", + "RecordedFutureIPCorrelationBlack.png" + ], + "version": "1.0.1", + "title": "Recorded Future - IP Correlation", + "templateRelativePath": "RecordedFutureIPCorrelation.json", + "subtitle": "", + "provider": "Recorded Future" + }, + { + "workbookKey": "RecordedFutureURLCorrelationWorkbook", + "logoFileName": "RecordedFuture.svg", + "description": "Recorded Future URL Correlation Workbook. This workbook will visualize Recorded Future threat intelligence data together with infrastructure logs ingested in to Sentinel.", + "dataTypesDependencies": [ + "ThreatIntelligenceIndicator" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "RecordedFutureUrlCorrelationWhite.png", + "RecordedFutureUrlCorrelationBlack.png" + ], + "version": "1.0.1", + "title": "Recorded Future - URL Correlation", + "templateRelativePath": "RecordedFutureURLCorrelation.json", + "subtitle": "", + "provider": "Recorded Future" + }, + { + "workbookKey": "RecordedFutureThreatActorHuntingWorkbook", + "logoFileName": "RecordedFuture.svg", + "description": "Recorded Future Threat Actor Hunting Workbook. This workbook will visualize Recorded Future threat map and hunting indicators ingested in to Microsoft Sentinel.", + "dataTypesDependencies": [ + "ThreatIntelligenceIndicator" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "RecordedFutureThreatActorHuntingWhite.png", + "RecordedFutureThreatActorHuntingBlack.png" + ], + "version": "1.0.1", + "title": "Recorded Future - Threat Actor Hunting", + "templateRelativePath": "RecordedFutureThreatActorHunting.json", + "subtitle": "", + "provider": "Recorded Future" + }, + { + "workbookKey": "RecordedFutureMalwareThreatHuntingWorkbook", + "logoFileName": "RecordedFuture.svg", + "description": "Recorded Future Malware Threat Hunting Workbook. This workbook will visualize Recorded Future malware threat map and hunting indicators ingested in to Microsoft Sentinel.", + "dataTypesDependencies": [ + "ThreatIntelligenceIndicator" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "RecordedFutureMalwareThreatHuntingWhite.png", + "RecordedFutureMalwareThreatHuntingBlack.png" + ], + "version": "1.0.0", + "title": "Recorded Future - Malware Threat Hunting", + "templateRelativePath": "RecordedFutureMalwareThreatHunting.json", + "subtitle": "", + "provider": "Recorded Future" + }, + { + "workbookKey": "MaturityModelForEventLogManagement_M2131", + "logoFileName": "contrastsecurity_logo.svg", + "description": "Select the time range for this Overview.", + "dataTypesDependencies": [], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "MaturityModelForEventLogManagement_M2131Black.png", + "MaturityModelForEventLogManagement_M2131White.png" + ], + "version": "1.0.0", + "title": "MaturityModelForEventLogManagementM2131", + "templateRelativePath": "MaturityModelForEventLogManagement_M2131.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "AzureSQLSecurityWorkbook", + "logoFileName": "AzureSQL.svg", + "description": "Sets the time window in days to search around the alert", + "dataTypesDependencies": [ + "AzureDiagnostics", + "SecurityAlert", + "SecurityIncident" + ], + "dataConnectorsDependencies": [ + "AzureSql" + ], + "previewImagesFileNames": [ + "" + ], + "version": "1.0.0", + "title": "Azure SQL Database Workbook", + "templateRelativePath": "Workbook-AzureSQLSecurity.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "ContinuousDiagnostics&Mitigation", + "logoFileName": "Azure_Sentinel.svg", + "description": "Select the time range for this Overview.", + "dataTypesDependencies": [], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "ContinuousDiagnostics&MitigationBlack.png", + "ContinuousDiagnostics&MitigationWhite.png" + ], + "version": "1.0.0", + "title": "ContinuousDiagnostics&Mitigation", + "templateRelativePath": "ContinuousDiagnostics&Mitigation.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "AtlasianJiraAuditWorkbook", + "logoFileName": "atlassian.svg", + "description": "Select the time range for this Overview.", + "dataTypesDependencies": [ + "AtlassianJiraNativePoller_CL" + ], + "dataConnectorsDependencies": [ + "AtlassianJira" + ], + "previewImagesFileNames": [ + "AtlassianJiraAuditBlack.png", + "AtlassianJiraAuditWhite.png" + ], + "version": "1.0.0", + "title": "AtlasianJiraAuditWorkbook", + "templateRelativePath": "AtlasianJiraAuditWorkbook.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "AzureSecurityBenchmark", + "logoFileName": "Azure_Sentinel.svg", + "description": "Azure Security Benchmark v3 Workbook provides a mechanism for viewing log queries, azure resource graph, and policies aligned to ASB controls across Microsoft security offerings, Azure, Microsoft 365, 3rd Party, On-Premises, and Multi-cloud workloads. This workbook enables Security Architects, Engineers, SecOps Analysts, Managers, and IT Pros to gain situational awareness visibility for the security posture of cloud workloads. There are also recommendations for selecting, designing, deploying, and configuring Microsoft offerings for alignment with respective ASB requirements and practices.", + "dataTypesDependencies": [ + "SecurityRegulatoryCompliance", + "AzureDiagnostics", + "SecurityIncident", + "SigninLogs", + "SecurityAlert" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "AzureSecurityBenchmarkBlack.png", + "AzureSecurityBenchmarkWhite.png" + ], + "version": "1.0.0", + "title": "Azure Security Benchmark", + "templateRelativePath": "AzureSecurityBenchmark.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "ZNAccessOrchestratorAudit", + "logoFileName": "ZeroNetworks.svg", + "description": "This workbook provides a summary of ZeroNetworks data.", + "dataTypesDependencies": [ + "ZNAccessOrchestratorAudit_CL", + "ZNAccessOrchestratorAuditNativePoller_CL" + ], + "dataConnectorsDependencies": [ + "ZeroNetworksAccessOrchestratorAuditFunction", + "ZeroNetworksAccessOrchestratorAuditNativePoller" + ], + "previewImagesFileNames": [ + "" + ], + "version": "1.0.0", + "title": "Zero NetWork", + "templateRelativePath": "ZNSegmentAudit.json", + "subtitle": "", + "provider": "Zero Networks" + }, + { + "workbookKey": "FireworkWorkbook", + "logoFileName": "Flare.svg", + "description": "Select the time range for this Overview.", + "dataTypesDependencies": [ + "Firework_CL" + ], + "dataConnectorsDependencies": [ + "FlareSystemsFirework" + ], + "previewImagesFileNames": [ + "FireworkOverviewBlack01.png", + "FireworkOverviewBlack02.png", + "FireworkOverviewWhite01.png", + "FireworkOverviewWhite02.png" + ], + "version": "1.0.0", + "title": "FlareSystemsFirework", + "templateRelativePath": "FlareSystemsFireworkOverview.json", + "subtitle": "", + "provider": "Flare Systems" + }, + { + "workbookKey": "TaniumWorkbook", + "logoFileName": "Tanium.svg", + "description": "Visualize Tanium endpoint and module data", + "dataTypesDependencies": [ + "TaniumComplyCompliance_CL", + "TaniumComplyVulnerabilities_CL", + "TaniumDefenderHealth_CL", + "TaniumDiscoverUnmanagedAssets_CL", + "TaniumHighUptime_CL", + "TaniumMainAsset_CL", + "TaniumPatchListApplicability_CL", + "TaniumPatchListCompliance_CL", + "TaniumSCCMClientHealth_CL", + "TaniumThreatResponse_CL" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "TaniumComplyBlack.png", + "TaniumComplyWhite.png", + "TaniumDiscoverBlack.png", + "TaniumDiscoverWhite.png", + "TaniumMSToolingHealthBlack.png", + "TaniumMSToolingHealthWhite.png", + "TaniumPatchBlack.png", + "TaniumPatchWhite.png", + "TaniumThreatResponseAlertsBlack.png", + "TaniumThreatResponseAlertsWhite.png", + "TaniumThreatResponseBlack.png", + "TaniumThreatResponseWhite.png" + ], + "version": "1.0", + "title": "Tanium Workbook", + "templateRelativePath": "TaniumWorkbook.json", + "subtitle": "", + "provider": "Tanium" + }, + { + "workbookKey": "ActionableAlertsDashboard", + "logoFileName": "Cybersixgill.svg", + "description": "None.", + "dataTypesDependencies": [ + "CyberSixgill_Alerts_CL" + ], + "dataConnectorsDependencies": [ + "CybersixgillActionableAlerts" + ], + "previewImagesFileNames": [ + "ActionableAlertsDashboardWhite.PNG", + "ActionableAlertsDashboardBlack.PNG" + ], + "version": "1.0.0", + "title": "Cybersixgill Actionable Alerts Dashboard", + "templateRelativePath": "ActionableAlertsDashboard.json", + "subtitle": "", + "provider": "Cybersixgill" + }, + { + "workbookKey": "ActionableAlertsList", + "logoFileName": "Cybersixgill.svg", + "description": "None.", + "dataTypesDependencies": [ + "CyberSixgill_Alerts_CL" + ], + "dataConnectorsDependencies": [ + "CybersixgillActionableAlerts" + ], + "previewImagesFileNames": [ + "ActionableAlertsListBlack.PNG", + "ActionableAlertsListWhite.PNG" + ], + "version": "1.0.0", + "title": "Cybersixgill Actionable Alerts List", + "templateRelativePath": "ActionableAlertsList.json", + "subtitle": "", + "provider": "Cybersixgill" + }, + { + "workbookKey": "ArgosCloudSecurityWorkbook", + "logoFileName": "argos-logo.svg", + "description": "The ARGOS Cloud Security integration for Microsoft Sentinel allows you to have all your important cloud security events in one place.", + "dataTypesDependencies": [ + "ARGOS_CL" + ], + "dataConnectorsDependencies": [ + "ARGOSCloudSecurity" + ], + "previewImagesFileNames": [ + "ARGOSCloudSecurityWorkbookBlack.png", + "ARGOSCloudSecurityWorkbookWhite.png" + ], + "version": "1.0.0", + "title": "ARGOS Cloud Security", + "templateRelativePath": "ARGOSCloudSecurityWorkbook.json", + "subtitle": "", + "provider": "ARGOS Cloud Security" + }, + { + "workbookKey": "JamfProtectWorkbook", + "logoFileName": "jamf_logo.svg", + "description": "This Jamf Protect Workbook for Microsoft Sentinel enables you to ingest Jamf Protect events forwarded into Microsoft Sentinel.\n Providing reports into all alerts, device controls and Unfied Logs.", + "dataTypesDependencies": [ + "jamfprotect_CL" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "JamfProtectDashboardBlack.png", + "JamfProtectDashboardWhite.png" + ], + "version": "2.0.0", + "title": "Jamf Protect Workbook", + "templateRelativePath": "JamfProtectDashboard.json", + "subtitle": "", + "provider": "Jamf Software, LLC" + }, + { + "workbookKey": "AIVectraStream", + "logoFileName": "AIVectraDetect.svg", + "description": "", + "dataTypesDependencies": [ + "VectraStream_CL" + ], + "dataConnectorsDependencies": [ + "AIVectraStream" + ], + "previewImagesFileNames": [ + "AIVectraDetectBlack1.png", + "AIVectraDetectWhite1.png" + ], + "version": "1.0.0", + "title": "AIVectraStreamWorkbook", + "templateRelativePath": "AIVectraStreamWorkbook.json", + "subtitle": "", + "provider": "Vectra AI" + }, + { + "workbookKey": "SecurityScorecardWorkbook", + "logoFileName": "SecurityScorecard-Cybersecurity-Ratings.svg", + "description": "This Workbook provides immediate insight into the data coming from SecurityScorecard's three Sentinel data connectors: SecurityScorecard Cybersecurity Ratings, SecurityScorecard Cybersecurity Ratings - Factors, and SecurityScorecard Cybersecurity Ratings - Issues.", + "dataTypesDependencies": [ + "SecurityScorecardFactor_CL", + "SecurityScorecardIssues_CL", + "SecurityScorecardRatings_CL" + ], + "dataConnectorsDependencies": [ + "SecurityScorecardFactorAzureFunctions", + "SecurityScorecardIssueAzureFunctions", + "SecurityScorecardRatingsAzureFunctions" + ], + "previewImagesFileNames": [ + "SecurityScorecardBlack1.png", + "SecurityScorecardBlack2.png", + "SecurityScorecardBlack3.png", + "SecurityScorecardBlack4.png", + "SecurityScorecardBlack5.png", + "SecurityScorecardBlack6.png", + "SecurityScorecardWhite1.png", + "SecurityScorecardWhite2.png", + "SecurityScorecardWhite3.png", + "SecurityScorecardWhite4.png", + "SecurityScorecardWhite5.png", + "SecurityScorecardWhite6.png" + ], + "version": "1.0.0", + "title": "SecurityScorecard", + "templateRelativePath": "SecurityScorecardWorkbook.json", + "subtitle": "", + "provider": "SecurityScorecard" + }, + { + "workbookKey": "DigitalShadowsWorkbook", + "logoFileName": "DigitalShadowsLogo.svg", + "description": "For gaining insights into Digital Shadows logs.", + "dataTypesDependencies": [ + "DigitalShadows_CL" + ], + "dataConnectorsDependencies": [ + "DigitalShadowsSearchlightAzureFunctions" + ], + "previewImagesFileNames": [ + "DigitalShadowsBlack1.png", + "DigitalShadowsBlack2.png", + "DigitalShadowsBlack3.png", + "DigitalShadowsWhite1.png", + "DigitalShadowsWhite2.png", + "DigitalShadowsWhite3.png" + ], + "version": "1.0.0", + "title": "Digital Shadows", + "templateRelativePath": "DigitalShadows.json", + "subtitle": "", + "provider": "Digital Shadows" + }, + { + "workbookKey": "SalesforceServiceCloudWorkbook", + "logoFileName": "salesforce_logo.svg", + "description": "Sets the time name for analysis.", + "dataTypesDependencies": [ + "SalesforceServiceCloud" + ], + "dataConnectorsDependencies": [ + "SalesforceServiceCloud_CL" + ], + "previewImagesFileNames": [ + "" + ], + "version": "1.0.0", + "title": "Salesforce Service Cloud", + "templateRelativePath": "SalesforceServiceCloud.json", + "subtitle": "", + "provider": "Salesforce" + }, + { + "workbookKey": "NetworkSessionSolution", + "logoFileName": "Azure_Sentinel.svg", + "description": "This workbook is included as part of Network Session Essentials solution and gives a summary of analyzed traffic, helps with threat analysis and investigating suspicious IP's and traffic analysis. Network Session Essentials Solution also includes playbooks to periodically summarize the logs thus enhancing user experience and improving data search. For the effective usage of workbook, we highly recommend to enable the summarization playbooks that are provided with this solution.", + "dataTypesDependencies": [ + "AWSVPCFlow", + "DeviceNetworkEvents", + "SecurityEvent", + "WindowsEvent", + "CommonSecurityLog", + "Syslog", + "CommonSecurityLog", + "VMConnection", + "AzureDiagnostics", + "AzureDiagnostics", + "CommonSecurityLog", + "Corelight_CL", + "VectraStream", + "CommonSecurityLog", + "CommonSecurityLog", + "Syslog", + "CiscoMerakiNativePoller" + ], + "dataConnectorsDependencies": [ + "AWSS3", + "MicrosoftThreatProtection", + "SecurityEvents", + "WindowsForwardedEvents", + "Zscaler", + "MicrosoftSysmonForLinux", + "PaloAltoNetworks", + "AzureMonitor(VMInsights)", + "AzureFirewall", + "AzureNSG", + "CiscoASA", + "Corelight", + "AIVectraStream", + "CheckPoint", + "Fortinet", + "CiscoMeraki", + "CefAma" + ], + "previewImagesFileNames": [ + "" + ], + "version": "1.0.0", + "title": "Network Session Essentials", + "templateRelativePath": "NetworkSessionEssentials.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "SAPSODAnalysis", + "logoFileName": "SAPVMIcon.svg", + "description": "SAP SOD Analysis", + "dataTypesDependencies": [ + "SAPAuditLog" + ], + "dataConnectorsDependencies": [ + "SAP" + ], + "previewImagesFileNames": [ + "" + ], + "version": "2.0.0", + "title": "SAP SOD Analysis", + "templateRelativePath": "SAP - Segregation of Duties v2.0 (by Aliter Consulting).json", + "subtitle": "", + "provider": "Aliter Consulting" + }, + { + "workbookKey": "TheomWorkbook", + "logoFileName": "theom-logo.svg", + "description": "Theom Alert Statistics", + "dataTypesDependencies": [ + "TheomAlerts_CL" + ], + "dataConnectorsDependencies": [ + "Theom" + ], + "previewImagesFileNames": [ + "TheomWorkbook-black.png", + "TheomWorkbook-white.png" + ], + "version": "1.0.0", + "title": "Theom", + "templateRelativePath": "Theom.json", + "subtitle": "", + "provider": "Theom" + }, + { + "workbookKey": "DynatraceWorkbooks", + "logoFileName": "dynatrace.svg", + "description": "This workbook brings together queries and visualizations to assist you in identifying potential threats surfaced by Dynatrace.", + "dataTypesDependencies": [ + "DynatraceAttacks", + "DynatraceAuditLogs", + "DynatraceProblems", + "DynatraceRuntimeVulnerabilities" + ], + "dataConnectorsDependencies": [ + "DynatraceAttacks", + "DynatraceAuditLogs", + "DynatraceProblems", + "DynatraceRuntimeVulnerabilities" + ], + "previewImagesFileNames": [ + "DynatraceWorkbookBlack.png", + "DynatraceWorkbookWhite.png" + ], + "version": "3.0.1", + "title": "Dynatrace", + "templateRelativePath": "Dynatrace.json", + "subtitle": "", + "provider": "Dynatrace" + }, + { + "workbookKey": "MDOWorkbook", + "logoFileName": "Azure_Sentinel.svg", + "description": "Gain extensive insight into your organization's Microsoft Defender for Office Activity by analyzing, and correlating events.\nYou can track malware and phishing detection over time.", + "dataTypesDependencies": [ + "SecurityAlert" + ], + "dataConnectorsDependencies": [ + "MicrosoftThreatProtection" + ], + "previewImagesFileNames": [ + "MDOBlack1.png", + "MDOBlack2.png", + "MDOWhite1.png", + "MDOWhite2.png" + ], + "version": "1.0.0", + "title": "Microsoft Defender XDR MDOWorkbook", + "templateRelativePath": "MDO Insights.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "AnomaliesVisualizationWorkbook", + "logoFileName": "Azure_Sentinel.svg", + "description": "A workbook that provides contextual information to a user for better insight on Anomalies and their impact. The workbook will help with investigation of anomalies as well as identify patterns that can lead to a threat.", + "dataTypesDependencies": [ + "Anomalies" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "AnomaliesVisualizationWorkbookWhite.png", + "AnomaliesVisualizationWorkbookBlack.png" + ], + "version": "1.0.0", + "title": "AnomaliesVisulization", + "templateRelativePath": "AnomaliesVisualization.json", + "subtitle": "", + "provider": "Microsoft Sentinel Community" + }, + { + "workbookKey": "AnomalyDataWorkbook", + "logoFileName": "Azure_Sentinel.svg", + "description": "A workbook providing details, related Incident, and related Hunting Workbook for a specific Anomaly.", + "dataTypesDependencies": [ + "Anomalies" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "AnomalyDataWorkbookWhite.png", + "AnomalyDataWorkbookBlack.png" + ], + "version": "1.0.0", + "title": "AnomalyData", + "templateRelativePath": "AnomalyData.json", + "subtitle": "", + "provider": "Microsoft Sentinel Community" + }, + { + "workbookKey": "MicrosoftExchangeLeastPrivilegewithRBAC-Online", + "logoFileName": "Azure_Sentinel.svg", + "description": "This Workbook, dedicated to Exchange Online environments is built to have a simple view of non-standard RBAC delegations on an Exchange Online tenant. This Workbook allow you to go deep dive on custom delegation and roles and also members of each delegation, including the nested level and the group imbrication on your environment.", + "dataTypesDependencies": [ + "ESIExchangeOnlineConfig_CL" + ], + "dataConnectorsDependencies": [ + "ESI-ExchangeOnlineCollector" + ], + "previewImagesFileNames": [ + "MicrosoftExchangeLeastPrivilegewithRBAC-OnlineBlack.png", + "MicrosoftExchangeLeastPrivilegewithRBAC-OnlineWhite.png" + ], + "version": "1.1.0", + "title": "Microsoft Exchange Least Privilege with RBAC - Online", + "templateRelativePath": "Microsoft Exchange Least Privilege with RBAC - Online.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "MicrosoftExchangeLeastPrivilegewithRBAC", + "logoFileName": "Azure_Sentinel.svg", + "description": "This Workbook, dedicated to On-Premises environments is built to have a simple view of non-standard RBAC delegations on an On-Premises Exchange environment. This Workbook allow you to go deep dive on custom delegation and roles and also members of each delegation, including the nested level and the group imbrication on your environment. Required Data Connector: Exchange Security Insights On-Premises Collector.", + "dataTypesDependencies": [ + "ESIExchangeConfig_CL" + ], + "dataConnectorsDependencies": [ + "ESI-ExchangeOnPremisesCollector", + "ESI-ExchangeAdminAuditLogEvents" + ], + "previewImagesFileNames": [ + "MicrosoftExchangeLeastPrivilegewithRBACBlack.png", + "MicrosoftExchangeLeastPrivilegewithRBACWhite.png" + ], + "version": "1.0.1", + "title": "Microsoft Exchange Least Privilege with RBAC", + "templateRelativePath": "Microsoft Exchange Least Privilege with RBAC.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "MicrosoftExchangeSearchAdminAuditLog", + "logoFileName": "Azure_Sentinel.svg", + "description": "This workbook is dedicated to On-Premises Exchange organizations. It uses the MSExchange Management event logs to give you a simple way to view administrators’ activities in your Exchange environment with Cmdlets usage statistics and multiple pivots to understand who and/or what is affected to modifications on your environment. Required Data Connector: Exchange Audit Event logs via Legacy Agent.", + "dataTypesDependencies": [ + "ESIExchangeConfig_CL" + ], + "dataConnectorsDependencies": [ + "ESI-ExchangeOnPremisesCollector", + "ESI-ExchangeAdminAuditLogEvents" + ], + "previewImagesFileNames": [ + "MicrosoftExchangeSearchAdminAuditLogBlack.png", + "MicrosoftExchangeSearchAdminAuditLogWhite.png" + ], + "version": "1.0.1", + "title": "Microsoft Exchange Search AdminAuditLog", + "templateRelativePath": "Microsoft Exchange Search AdminAuditLog.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "MicrosoftExchangeSearchAdminAuditLog-Online", + "logoFileName": "Azure_Sentinel.svg", + "description": "This workbook is dedicated to Online Exchange organizations. It uses the Office Activity logs to give you a simple way to view administrators’ activities in your Exchange environment with Cmdlets usage statistics and multiple pivots to understand who and/or what is affected to modifications on your environment. Required Data Connector: Microsoft 365 (Exchange).", + "dataTypesDependencies": [ + "OfficeActivity" + ], + "dataConnectorsDependencies": [ + "Office365" + ], + "previewImagesFileNames": [ + "MicrosoftExchangeOnlineSearchAdminAuditLogBlack.png", + "MicrosoftExchangeOnlineSearchAdminAuditLogWhite.png" + ], + "version": "1.0.0", + "title": "Microsoft Exchange Search AdminAuditLog - Online", + "templateRelativePath": "Microsoft Exchange Search AdminAuditLog - Online.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "MicrosoftExchangeSecurityMonitoring", + "logoFileName": "Azure_Sentinel.svg", + "description": "This Workbook is dedicated to On-Premises Exchange organizations. It uses the MSExchange Management event logs and Microsoft Exchange Security configuration collected by data connectors. It helps to track admin actions, especially on VIP Users and/or on Sensitive Cmdlets. This workbook allows also to list Exchange Services changes, local account activities and local logon on Exchange Servers. Required Data Connector: Exchange Audit Event logs via Legacy Agent.", + "dataTypesDependencies": [ + "ESIExchangeConfig_CL" + ], + "dataConnectorsDependencies": [ + "ESI-ExchangeOnPremisesCollector", + "ESI-ExchangeAdminAuditLogEvents" + ], + "previewImagesFileNames": [ + "MicrosoftExchangeSecurityMonitoringBlack.png", + "MicrosoftExchangeSecurityMonitoringWhite.png" + ], + "version": "1.0.1", + "title": "Microsoft Exchange Admin Activity", + "templateRelativePath": "Microsoft Exchange Admin Activity.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "MicrosoftExchangeAdminActivity-Online", + "logoFileName": "Azure_Sentinel.svg", + "description": "This Workbook is dedicated to Online Exchange organizations. It uses Office Activity logs. It helps to track admin actions, especially on VIP Users and/or on Sensitive Cmdlets. Required Data Connector: Microsoft 365 (Exchange).", + "dataTypesDependencies": [ + "OfficeActivity" + ], + "dataConnectorsDependencies": [ + "Office365" + ], + "previewImagesFileNames": [ + "MicrosoftExchangeAdminActivity-OnlineBlack.png", + "MicrosoftExchangeAdminActivity-OnlineWhite.png" + ], + "version": "1.0.0", + "title": "Microsoft Exchange Online Admin Activity", + "templateRelativePath": "Microsoft Exchange Admin Activity - Online.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "MicrosoftExchangeSecurityReview-Online", + "logoFileName": "Azure_Sentinel.svg", + "description": "This Workbook is dedicated to Exchange Online tenants. It displays and highlights current Security configuration on various Exchange components specific to Online including delegations, the transport configuration and the linked security risks, and risky protocols.", + "dataTypesDependencies": [ + "ESIExchangeOnlineConfig_CL" + ], + "dataConnectorsDependencies": [ + "ESI-ExchangeOnlineCollector" + ], + "previewImagesFileNames": [ + "MicrosoftExchangeSecurityReview-OnlineBlack.png", + "MicrosoftExchangeSecurityReview-OnlineWhite.png" + ], + "version": "1.1.0", + "title": "Microsoft Exchange Security Review - Online", + "templateRelativePath": "Microsoft Exchange Security Review - Online.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "MicrosoftExchangeSecurityReview", + "logoFileName": "Azure_Sentinel.svg", + "description": "This Workbook is dedicated to On-Premises Exchange organizations. It displays and highlights current Security configuration on various Exchange components including delegations, rights on databases, Exchange and most important AD Groups with members including nested groups, local administrators of servers. This workbook helps also to understand the transport configuration and the linked security risks. Required Data Connector: Exchange Security Insights On-Premises Collector.", + "dataTypesDependencies": [ + "ESIExchangeConfig_CL" + ], + "dataConnectorsDependencies": [ + "ESI-ExchangeOnPremisesCollector", + "ESI-ExchangeAdminAuditLogEvents" + ], + "previewImagesFileNames": [ + "MicrosoftExchangeSecurityReviewBlack.png", + "MicrosoftExchangeSecurityReviewWhite.png" + ], + "version": "1.0.1", + "title": "Microsoft Exchange Security Review", + "templateRelativePath": "Microsoft Exchange Security Review.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "ibossMalwareAndC2Workbook", + "logoFileName": "iboss_logo.svg", + "description": "A workbook providing insights into malware and C2 activity detected by iboss.", + "dataTypesDependencies": [], + "dataConnectorsDependencies": [ + "ibossAma", + "CefAma" + ], + "previewImagesFileNames": [ + "" + ], + "version": "1.0.0", + "title": "iboss Malware and C2", + "templateRelativePath": "ibossMalwareAndC2.json", + "subtitle": "", + "provider": "iboss" + }, + { + "workbookKey": "ibossWebUsageWorkbook", + "logoFileName": "iboss_logo.svg", + "description": "A workbook providing insights into web usage activity detected by iboss.", + "dataTypesDependencies": [], + "dataConnectorsDependencies": [ + "ibossAma", + "CefAma" + ], + "previewImagesFileNames": [ + "" + ], + "version": "1.0.0", + "title": "iboss Web Usage", + "templateRelativePath": "ibossWebUsage.json", + "subtitle": "", + "provider": "iboss" + }, + { + "workbookKey": "CynerioOverviewWorkbook", + "logoFileName": "Cynerio.svg", + "description": "An overview of Cynerio Security events", + "dataTypesDependencies": [ + "CynerioEvent_CL" + ], + "dataConnectorsDependencies": [ + "CynerioSecurityEvents" + ], + "previewImagesFileNames": [ + "CynerioOverviewBlack.png", + "CynerioOverviewWhite.png" + ], + "version": "1.0.0", + "title": "Cynerio Overview Workbook", + "templateRelativePath": "CynerioOverviewWorkbook.json", + "subtitle": "", + "provider": "Cynerio" + }, + { + "workbookKey": "ReversingLabs-CapabilitiesOverview", + "logoFileName": "reversinglabs.svg", + "description": "The ReversingLabs-CapabilitiesOverview workbook provides a high level look at your threat intelligence capabilities and how they relate to your operations.", + "dataTypesDependencies": [], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "ReversingLabsTiSummary-White.png", + "ReversingLabsTiSummary-Black.png", + "ReversingLabsOpsSummary-White.png", + "ReversingLabsOpsSummary-Black.png" + ], + "version": "1.1.1", + "title": "ReversingLabs-CapabilitiesOverview", + "templateRelativePath": "ReversingLabs-CapabilitiesOverview.json", + "subtitle": "", + "provider": "ReversingLabs" + }, + { + "workbookKey": "vCenter", + "logoFileName": "Azure_Sentinel.svg", + "description": "This data connector depends on a parser based on Kusto Function **vCenter** to work as expected. [Follow steps to get this Kusto Function](https://aka.ms/sentinel-vCenter-parser)", + "dataTypesDependencies": [ + "vCenter_CL" + ], + "dataConnectorsDependencies": [ + "VMwarevCenter" + ], + "previewImagesFileNames": [ + "" + ], + "version": "1.0.0", + "title": "vCenter", + "templateRelativePath": "vCenter.json", + "subtitle": "", + "provider": "VMware" + }, + { + "workbookKey": "SAP-Monitors-AlertsandPerformance", + "logoFileName": "SAPVMIcon.svg", + "description": "SAP -Monitors- Alerts and Performance", + "dataTypesDependencies": [ + "SAPAuditLog" + ], + "dataConnectorsDependencies": [ + "SAP" + ], + "previewImagesFileNames": [ + "" + ], + "version": "2.0.1", + "title": "SAP -Monitors- Alerts and Performance", + "templateRelativePath": "SAP -Monitors- Alerts and Performance.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "SAP-SecurityAuditlogandInitialAccess", + "logoFileName": "SAPVMIcon.svg", + "description": "SAP -Security Audit log and Initial Access", + "dataTypesDependencies": [ + "SAPAuditLog" + ], + "dataConnectorsDependencies": [ + "SAP" + ], + "previewImagesFileNames": [ + "" + ], + "version": "2.0.1", + "title": "SAP -Security Audit log and Initial Access", + "templateRelativePath": "SAP -Security Audit log and Initial Access.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "DNSSolutionWorkbook", + "logoFileName": "Azure_Sentinel.svg", + "description": "This workbook is included as part of the DNS Essentials solution and gives a summary of analyzed DNS traffic. It also helps with threat analysis and investigating suspicious Domains, IPs and DNS traffic. DNS Essentials Solution also includes a playbook to periodically summarize the logs, thus enhancing the user experience and improving data search. For effective usage of workbook, we highly recommend enabling the summarization playbook that is provided with this solution.", + "dataTypesDependencies": [], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "DNSDomainWorkbookWhite.png", + "DNSDomainWorkbookBlack.png" + ], + "version": "1.0.0", + "title": "DNS Solution Workbook", + "templateRelativePath": "DNSSolutionWorkbook.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "MicrosoftPowerBIActivityWorkbook", + "logoFileName": "PowerBILogo.svg", + "description": "This workbook provides details on Microsoft PowerBI Activity", + "dataTypesDependencies": [ + "PowerBIActivity" + ], + "dataConnectorsDependencies": [ + "Microsoft PowerBI (Preview)" + ], + "previewImagesFileNames": [ + "MicrosoftPowerBIActivityWorkbookBlack.png", + "MicrosoftPowerBIActivityWorkbookWhite.png" + ], + "version": "1.0.0", + "title": "Microsoft PowerBI Activity Workbook", + "templateRelativePath": "MicrosoftPowerBIActivityWorkbook.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "MicrosoftThreatIntelligenceWorkbook", + "logoFileName": "Azure_Sentinel.svg", + "description": "Gain insights into threat indicators ingestion and search for indicators at scale across Microsoft 1st Party, 3rd Party, On-Premises, Hybrid, and Multi-Cloud Workloads. Indicators Search facilitates a simple interface for finding IP, File, Hash, Sender and more across your data. Seamless pivots to correlate indicators with Microsoft Sentinel: Incidents to make your threat intelligence actionable.", + "dataTypesDependencies": [ + "ThreatIntelligenceIndicator", + "SecurityIncident" + ], + "dataConnectorsDependencies": [ + "ThreatIntelligence", + "ThreatIntelligenceTaxii" + ], + "previewImagesFileNames": [ + "ThreatIntelligenceWhite.png", + "ThreatIntelligenceBlack.png" + ], + "version": "1.0.0", + "title": "Threat Intelligence", + "templateRelativePath": "MicrosoftThreatIntelligence.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "MicrosoftDefenderForEndPoint", + "logoFileName": "Azure_Sentinel.svg", + "description": "A wokbook to provide details about Microsoft Defender for Endpoint Advance Hunting to Overview & Analyse data brought through M365 Defender Connector.", + "dataTypesDependencies": [], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "microsoftdefenderforendpointwhite.png", + "microsoftdefenderforendpointblack.png" + ], + "version": "1.0.0", + "title": "Microsoft Defender For EndPoint", + "templateRelativePath": "MicrosoftDefenderForEndPoint.json", + "subtitle": "", + "provider": "Microsoft Sentinel Community" + }, + { + "workbookKey": "MicrosoftSentinelDeploymentandMigrationTracker", + "logoFileName": "Azure_Sentinel.svg", + "description": "Use this workbook as a tool to define, track, and complete key deployment/migraiton tasks for Microsoft Sentinel. This workbook serves as a central hub for monitoring and configuring key areas of the product without having to leave the workbook and start over.", + "dataTypesDependencies": [], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "microsoftsentineldeploymentandmigration-black.png", + "microsoftsentineldeploymentandmigration-white.png" + ], + "version": "1.1.2", + "title": "Microsoft Sentinel Deployment and Migration Tracker", + "templateRelativePath": "MicrosoftSentinelDeploymentandMigrationTracker.json", + "subtitle": "", + "provider": "Microsoft Sentinel Community", + "support": { + "tier": "Community" + }, + "author": { + "name": "Matt Lowe" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "Platform" + ] + } + }, + { + "workbookKey": "MicrosoftDefenderForIdentity", + "logoFileName": "Azure_Sentinel.svg", + "description": "Use this workbook to analyse the advance hunting data ingested for Defender For Identity.", + "dataTypesDependencies": [ + "IdentityLogonEvents", + "IdentityQueryEvents", + "IdentityDirectoryEvents", + "SecurityAlert" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "microsoftdefenderforidentity-black.png", + "microsoftdefenderforidentity-white.png" + ], + "version": "1.0.0", + "title": "Microsoft Defender For Identity", + "templateRelativePath": "MicrosoftDefenderForIdentity.json", + "subtitle": "", + "provider": "Microsoft Sentinel Community" + }, + { + "workbookKey": "EsetProtect", + "logoFileName": "eset-logo.svg", + "description": "Visualize events and threats from Eset protect.", + "dataTypesDependencies": [ + "ESETPROTECT" + ], + "dataConnectorsDependencies": [ + "ESETPROTECT" + ], + "previewImagesFileNames": [ + "ESETPROTECTBlack.png", + "ESETPROTECTWhite.png" + ], + "version": "1.0.0", + "title": "EsetProtect", + "templateRelativePath": "ESETPROTECT.json", + "subtitle": "", + "provider": "Community" + }, + { + "workbookKey": "CyberArkEPMWorkbook", + "logoFileName": "CyberArk_Logo.svg", + "description": "Sets the time name for analysis", + "dataTypesDependencies": [ + "CyberArkEPM_CL" + ], + "dataConnectorsDependencies": [ + "CyberArkEPM" + ], + "previewImagesFileNames": [ + "CyberArkEPMBlack.png", + "CyberArkEPMWhite.png" + ], + "version": "1.0.0", + "title": "CyberArk EPM", + "templateRelativePath": "CyberArkEPM.json", + "subtitle": "", + "provider": "CyberArk" + }, + { + "workbookKey": "IncidentTasksWorkbook", + "logoFileName": "Azure_Sentinel.svg", + "description": "Use this workbook to review and modify existing incidents with tasks. This workbook provides views that higlight incident tasks that are open, closed, or deleted, as well as incidents with tasks that are either owned or unassigned. The workbook also provides SOC metrics around incident task performance, such as percentage of incidents without tasks, average time to close tasks, and more.", + "dataTypesDependencies": [], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "Tasks-Black.png", + "Tasks-White.png" + ], + "version": "1.1.0", + "title": "Incident Tasks Workbook", + "templateRelativePath": "IncidentTasksWorkbook.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "SentinelWorkspaceReconTools", + "logoFileName": "Azure_Sentinel.svg", + "description": "A workbook providing investigation tools for key tables. Good for incident response, tuning, and cost optimizaiton. An attempt to bring the Windows EventViewer experience to the cloud.", + "dataTypesDependencies": [ + "AzureActivity", + "AuditLogs", + "SigninLogs", + "SecurityIncident", + "SecurityAlert", + "CommonSecurityLog", + "Events", + "SecurityEvents", + "Syslog", + "WindowsSecurityEvents" + ], + "dataConnectorsDependencies": [ + "AzureActivity", + "AzureActiveDirectory", + "SecurityEvents", + "WindowsSecurityEvents" + ], + "previewImagesFileNames": [ + "SentinelWorkspaceReconToolsWhite.png", + "SentinelWorkspaceReconToolsBlack.png" + ], + "version": "1.0.1", + "title": "Sentinel Workspace Recon Tools", + "templateRelativePath": "SentinelWorkspaceReconTools.json", + "subtitle": "", + "provider": "Microsoft Sentinel Community", + "support": { + "tier": "Community" + }, + "author": { + "name": "Andrew Blumhardt" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "Security - Others" + ] + } + }, + { + "workbookKey": "SyslogOverview", + "logoFileName": "Azure_Sentinel.svg", + "description": "A workbook designed to show an overview about the data ingested through Syslog.", + "dataTypesDependencies": [ + "Syslog" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "syslogoverview-white.png", + "syslogoverview-black.png" + ], + "version": "1.0.0", + "title": "Syslog Overview", + "templateRelativePath": "syslogoverview.json", + "subtitle": "", + "provider": "Microsoft Sentinel Community", + "support": { + "tier": "Community" + }, + "author": { + "name": "Samik Roy" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "Application" + ] + } + }, + { + "workbookKey": "SentinelHealth", + "logoFileName": "Azure_Sentinel.svg", + "description": "A workbook to show data fo Sentinel Health.", + "dataTypesDependencies": [ + "SentinelHealth" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "SentinelHealthWhite.png", + "SentinelHealthBlack.png" + ], + "version": "1.0.0", + "title": "Sentinel Health", + "templateRelativePath": "SentinelHealth.json", + "subtitle": "", + "provider": "Microsoft Sentinel Community", + "support": { + "tier": "Microsoft" + }, + "author": { + "name": "Samik Roy" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "Platform" + ] + } + }, + { + "workbookKey": "MicrosoftSentinelCostGBP", + "logoFileName": "Azure_Sentinel.svg", + "description": "This workbook provides an estimated cost in GBP (£) across the main billed items in Microsoft Sentinel: ingestion, retention and automation. It also provides insight about the possible impact of the Microsoft 365 E5 offer.", + "dataTypesDependencies": [], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "MicrosoftSentinelCostGBPWhite.png", + "MicrosoftSentinelCostGBPBlack.png" + ], + "version": "1.6.1", + "title": "Microsoft Sentinel Cost (GBP)", + "templateRelativePath": "MicrosoftSentinelCostGBP.json", + "subtitle": "", + "provider": "Microsoft Sentinel Community", + "support": { + "tier": "Microsoft" + }, + "author": { + "name": "noodlemctwoodle" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "Platform" + ] + } + }, + { + "workbookKey": "SentinelCosts", + "logoFileName": "Azure_Sentinel.svg", + "description": "A workbook to demonstrate insights into the costs of Sentinel environment.", + "dataTypesDependencies": [], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "SentinelCostsWhite.png", + "SentinelCostsBlack.png" + ], + "version": "1.5.1", + "title": "Sentinel Costs", + "templateRelativePath": "SentinelCosts.json", + "subtitle": "", + "provider": "Microsoft Sentinel Community", + "support": { + "tier": "Microsoft" + }, + "author": { + "name": "Yahya Abulhaj" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "Platform" + ] + } + }, + { + "workbookKey": "AnalyticsHealthAudit", + "logoFileName": "Azure_Sentinel.svg", + "description": "This workbook provides visibility on the health and audit of your analytics rules. You will be able to find out whether an analytics rule is running as expected and get a list of changes made to an analytic rule.", + "dataTypesDependencies": [ + "SentinelHealth", + "SentinelAudit" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "AnalyticsHealthAuditWhite.png", + "AnalyticsHealthAuditBlack.png" + ], + "version": "1.0.0", + "title": "Analytics Health & Audit", + "templateRelativePath": "AnalyticsHealthAudit.json", + "subtitle": "", + "provider": "Microsoft Sentinel Community", + "support": { + "tier": "Microsoft" + }, + "author": { + "name": "Microsoft Corporation" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "IT Operations", + "Platform" + ] + } + }, + { + "workbookKey": "AzureLogCoverage", + "logoFileName": "Azure_Sentinel.svg", + "description": "This Workbook pulls the current Azure inventory via Azure Resource Graph explorer and compares it with data written to one or more selected Log Analytics workspaces to determine which resources are sending data and which ones are not. This can be used to expose gaps in your logging coverage and/or identify inactive resources.", + "dataTypesDependencies": [], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "AzureLogCoverageWhite1.png", + "AzureLogCoverageWhite2.png", + "AzureLogCoverageBlack1.png", + "AzureLogCoverageBlack2.png" + ], + "version": "1.1.0", + "title": "Azure Log Coverage", + "templateRelativePath": "AzureLogCoverage.json", + "subtitle": "", + "provider": "Microsoft Sentinel Community", + "support": { + "tier": "Community" + }, + "author": { + "name": "Alex Anders" + }, + "source": { + "kind": "Community" + } + }, { "workbookKey": "AzureSensitiveOperationsReview", "logoFileName": "Azure_Sentinel.svg", - "description": "Monitor Sesnitive Operations in Azure Activity using Azure Threat Research Matrix ", - "dataTypesDependencies": [ "AzureActivity" ], - "dataConnectorsDependencies": [ "AzureActivity" ], - "previewImagesFileNames": [ "SensitiveoperationSecurityBlack.png", "SensitiveoperationSecurityWhite.png" ], + "description": "Monitor Sesnitive Operations in Azure Activity using Azure Threat Research Matrix ", + "dataTypesDependencies": [ + "AzureActivity" + ], + "dataConnectorsDependencies": [ + "AzureActivity" + ], + "previewImagesFileNames": [ + "SensitiveoperationSecurityBlack.png", + "SensitiveoperationSecurityWhite.png" + ], + "version": "1.0.0", + "title": "Azure SensitiveOperations Review Workbook", + "templateRelativePath": "SensitiveOperationsinAzureActivityLogReview.json", + "subtitle": "", + "provider": "Microsoft Sentinel community", + "support": { + "tier": "Microsoft" + }, + "author": { + "name": "Microsoft Corporation" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "IT Operations", + "Platform" + ] + } + }, + { + "workbookKey": "MicrosoftSentinelCostEUR", + "logoFileName": "Azure_Sentinel.svg", + "description": "This workbook provides an estimated cost in EUR (€) across the main billed items in Microsoft Sentinel: ingestion, retention and automation. It also provides insight about the possible impact of the Microsoft 365 E5 offer.", + "dataTypesDependencies": [], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "MicrosoftSentinelCostEURWhite.png", + "MicrosoftSentinelCostEURBlack.png" + ], + "version": "1.2.0", + "title": "Microsoft Sentinel Cost (EUR)", + "templateRelativePath": "MicrosoftSentinelCostEUR.json", + "subtitle": "", + "provider": "Microsoft Sentinel Community", + "support": { + "tier": "Microsoft" + }, + "author": { + "name": "Marco Passanisi" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "Platform" + ] + } + }, + { + "workbookKey": "LogAnalyticsQueryAnalysis", + "logoFileName": "Azure_Sentinel.svg", + "description": "This workbook provides an analysis on Log Analytics Query Logs.", + "dataTypesDependencies": [], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "LogAnalyticsQueryAnalysisBlack.PNG", + "LogAnalyticsQueryAnalysisWhite.PNG" + ], + "version": "1.0.0", + "title": "Log Analytics Query Analysis", + "templateRelativePath": "LogAnalyticsQueryAnalysis.json", + "subtitle": "", + "provider": "Microsoft Sentinel Community", + "support": { + "tier": "Microsoft" + }, + "author": { + "name": "Samik Roy" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "Platform" + ] + } + }, + { + "workbookKey": "AcscEssential8", + "logoFileName": "ACSClogo.svg", + "description": "This workbook provides insights on the health state of Azure resources against requirements by the ACSC Essential 8.", + "dataTypesDependencies": [ + "DeviceTvmSecureConfigurationAssessment" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "AcscEssential8Black1.png", + "AcscEssential8White1.png", + "AcscEssential8Black2.png", + "AcscEssential8White2.png" + ], + "version": "2.0.0", + "title": "ACSC Essential 8", + "templateRelativePath": "AcscEssential8.json", + "subtitle": "", + "provider": "Microsoft", + "support": { + "tier": "Microsoft" + }, + "author": { + "name": "Microsoft Corporation" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "Compliance", + "IT Operations" + ] + } + }, + { + "workbookKey": "TalonInsights", + "logoFileName": "Talon.svg", + "description": "This workbook provides Talon Security Insights on Log Analytics Query Logs", + "dataTypesDependencies": [], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "TalonInsightsBlack.png", + "TalonInsightsWhite.png" + ], + "version": "2.0.0", + "title": "Talon Insights", + "templateRelativePath": "TalonInsights.json", + "subtitle": "", + "provider": "Talon Cyber Security" + }, + { + "workbookKey": "manualincident", + "logoFileName": "Azure_Sentinel.svg", + "description": "This workbook gives the ability for efficient incident management by enabling manual creation of Microsoft Sentinel incidents directly from within the workbook.", + "dataTypesDependencies": [ + "" + ], + "dataConnectorsDependencies": [ + "" + ], + "previewImagesFileNames": [ + "ManualincidentWhite.png", + "ManualincidentBlack.png" + ], + "version": "1.0.0", + "title": "Incident Management with Microsoft Sentinel Manual Creation of Incidents Workbook", + "templateRelativePath": "ManualSentinelIncident.json", + "subtitle": "", + "provider": "Microsoft Sentinel community", + "support": { + "tier": "Community" + }, + "author": { + "name": "Microsoft Sentinel Community" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "Security - Others" + ] + } + }, + { + "workbookKey": "CofenseTriageThreatIndicators", + "logoFileName": "CofenseTriage.svg", + "description": "This workbook provides visualization of Cofense Triage threat indicators which are ingested in the Microsoft Sentinel Threat intelligence.", + "dataTypesDependencies": [ + "ThreatIntelligenceIndicator", + "Report_links_data_CL" + ], + "dataConnectorsDependencies": [ + "CofenseTriageDataConnector" + ], + "previewImagesFileNames": [ + "CofenseTriageThreatIndicatorsWhite1.png", + "CofenseTriageThreatIndicatorsBlack1.png" + ], + "version": "1.0", + "title": "CofenseTriageThreatIndicators", + "templateRelativePath": "CofenseTriageThreatIndicators.json", + "subtitle": "", + "provider": "Cofense" + }, + { + "workbookKey": "OptimizationWorkbook", + "logoFileName": "optimization.svg", + "description": "This workbook aims to help you gain insights into your current Microsoft Sentinel environment, while also providing recommendations for optimizing costs, improving operational effectiveness, and offering a management overview.", + "dataTypesDependencies": [ + "SentinelHealth", + "SentinelAudit" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "OptimizationWorkbookBlack.png", + "OptimizationWorkbookWhite.png" + ], + "version": "1.4.0", + "title": "Microsoft Sentinel Optimization Workbook", + "templateRelativePath": "OptimizationWorkbook.json", + "subtitle": "", + "provider": "Microsoft", + "support": { + "tier": "Microsoft" + }, + "author": { + "name": "Jeremy Tan, Matthew Lowe, Margaret Mwaura" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "IT Operations" + ] + } + }, + { + "workbookKey": "DataCollectionRuleToolkit", + "logoFileName": "Azure_Sentinel.svg", + "description": "Use this workbook solution to create, review, and modify data collection rules for Microsoft Sentinel. This workbook provides a click-through experience that centralizes key components from Microsoft Sentinel, Azure Log Analytics, and Azure Monitor to enable users to create new DCRs, modify existing DCRs, and review all DCRs in the environment.", + "dataTypesDependencies": [], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "Dcr-toolkit-Black.png", + "Dcr-toolkit-White.png" + ], + "version": "1.2.0", + "title": "Data Collection Rule Toolkit", + "templateRelativePath": "DCR-Toolkit.json", + "subtitle": "", + "provider": "Microsoft Sentinel Community", + "support": { + "tier": "Community" + }, + "author": { + "name": "Microsoft Sentinel Community" + }, + "source": { + "kind": "Community" + }, + "categories": { + "domains": [ + "Data Collection" + ] + } + }, + { + "workbookKey": "NetskopeWorkbook", + "logoFileName": "Netskope_logo.svg", + "description": "Gain insights and comprehensive monitoring into Netskope events data by analyzing traffic and user activities.\nThis workbook provides insights into various Netskope events types such as Cloud Firewall, Network Private Access, Applications, Security Alerts as well as Web Transactions.\nYou can use this workbook to get visibility in to your Netskope Security Cloud and quickly identify threats, anamolies, traffic patterns, cloud application useage, blocked URL addresses and more.", + "dataTypesDependencies": [ + "Netskope_Events_CL", + "Netskope_Alerts_CL", + "Netskope_WebTX_CL" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "Netskope-ApplicationEvents-Black.png", + "Netskope-ApplicationEvents-White.png", + "Netskope-SecurityAlerts-DLP-Black.png", + "Netskope-SecurityAlerts-DLP-White.png", + "Netskope-NetworkEvents-CFW-Black.png", + "Netskope-NetworkEvents-CFW-White.png", + "Netskope-SecurityAlerts-Malsite-Black.png", + "Netskope-SecurityAlerts-Malsite-White.png", + "Netskope-NetworkEvents-NPA-Black.png", + "Netskope-NetworkEvents-NPA-White.png", + "Netskope-SecurityAlerts-Malware-White.png", + "Netskope-SecurityAlerts-Malware-Black.png", + "Netskope-SecurityAlerts-BehaviorAnalytics-Black.png", + "Netskope-SecurityAlerts-BehaviorAnalytics-White.png", + "Netskope-SecurityAlerts-Overview-Black.png", + "Netskope-SecurityAlerts-Overview-White.png", + "Netskope-SecurityAlerts-CompormisedCredentials-Black.png", + "Netskope-SecurityAlerts-CompromisedCredentials-White.png", + "Netskope-WebTransactions-Black.png", + "Netskope-WebTransactions-White.png" + ], + "version": "1.0", + "title": "Netskope", + "templateRelativePath": "NetskopeEvents.json", + "subtitle": "", + "provider": "Netskope" + }, + { + "workbookKey": "AIShield", + "logoFileName": "AIShield_Logo.svg", + "description": "Visualize events generated by AIShield. This workbook is dependent on a parser AIShield which is a part of the solution deployment.", + "dataTypesDependencies": [ + "AIShield" + ], + "dataConnectorsDependencies": [ + "AIShield" + ], + "previewImagesFileNames": [ + "AIShieldBlack.png", + "AIShieldWhite.png" + ], "version": "1.0.0", - "title": "Azure SensitiveOperations Review Workbook", - "templateRelativePath": "SensitiveOperationsinAzureActivityLogReview.json", + "title": "AIShield Workbook", + "templateRelativePath": "AIShield.json", "subtitle": "", - "provider": "Microsoft Sentinel community", + "provider": "Community" + }, + { + "workbookKey": "AdvancedWorkbookConcepts", + "logoFileName": "Azure_Sentinel.svg", + "description": "Use this workbook to view and learn advanced concepts for workbooks in Azure Monitor and Microsoft Sentinel. Examples are provided in order to teach users how the concepts look, work, and are built.", + "dataTypesDependencies": [], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "Advancedworkbookconcepts-Black.png", + "Advancedworkbookconcepts-White.png" + ], + "version": "1.1.0", + "title": "Advanced Workbook Concepts", + "templateRelativePath": "AdvancedWorkbookConcepts.json", + "subtitle": "", + "provider": "Microsoft Sentinel Community", "support": { - "tier": "Microsoft" - }, + "tier": "Microsoft" + }, "author": { - "name": "Microsoft Corporation" - }, + "name": "Microsoft Sentinel Community" + }, "source": { - "kind": "Community" - }, + "kind": "Community" + }, "categories": { - "domains": [ - "IT Operations", - "Platform" - ] - } - }, - { - "workbookKey": "MicrosoftSentinelCostEUR", - "logoFileName": "Azure_Sentinel.svg", - "description": "This workbook provides an estimated cost in EUR (€) across the main billed items in Microsoft Sentinel: ingestion, retention and automation. It also provides insight about the possible impact of the Microsoft 365 E5 offer.", - "dataTypesDependencies": [], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ "MicrosoftSentinelCostEURWhite.png", "MicrosoftSentinelCostEURBlack.png"], - "version": "1.2.0", - "title": "Microsoft Sentinel Cost (EUR)", - "templateRelativePath": "MicrosoftSentinelCostEUR.json", - "subtitle": "", - "provider": "Microsoft Sentinel Community", - "support": { - "tier": "Microsoft" + "domains": [ + "Workbooks", + "Reporting", + "Visualization" + ] + } + }, + { + "workbookKey": "NetCleanProActiveWorkbook", + "logoFileName": "NetCleanImpactLogo.svg", + "description": "This workbook provides insights on NetClean ProActive Incidents.", + "dataTypesDependencies": [ + "Netclean_Incidents_CL" + ], + "dataConnectorsDependencies": [ + "Netclean_ProActive_Incidents" + ], + "previewImagesFileNames": [ + "NetCleanProActiveBlack1.png", + "NetCleanProActiveBlack2.png", + "NetCleanProActiveWhite1.png", + "NetCleanProActiveWhite2.png" + ], + "version": "1.0.0", + "title": "NetClean ProActive", + "templateRelativePath": "NetCleanProActiveWorkbook.json", + "subtitle": "", + "provider": "NetClean" + }, + { + "workbookKey": "AutomationHealth", + "logoFileName": "Azure_Sentinel.svg", + "description": "Have a holistic overview of your automation health, gain insights about failures, correlate Microsoft Sentinel health with Logic Apps diagnostics logs and deep dive automation details per incident", + "dataTypesDependencies": [ + "SentinelHealth" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "AutomationHealthBlack.png", + "AutomationHealthWhite.png" + ], + "version": "2.0.0", + "title": "Automation health", + "templateRelativePath": "AutomationHealth.json", + "subtitle": "", + "provider": "Microsoft Sentinel Community" + }, + { + "workbookKey": "PlaybooksHealth", + "logoFileName": "Azure_Sentinel.svg", + "description": "The workbook will provide you with deeper insights regarding the status, activity, and billing of each playbook. You can use the workbook's logic to monitor the general health of the playbooks.", + "dataTypesDependencies": [], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "PlaybookHealthWhite.PNG", + "PlaybookHealthBlack.PNG" + ], + "version": "1.0.0", + "title": "Playbooks health monitoring (preview)", + "templateRelativePath": "PlaybookHealth.json", + "subtitle": "", + "provider": "Microsoft Sentinel Community", + "support": { + "tier": "Microsoft" }, "author": { - "name": "Marco Passanisi" + "name": "Microsoft Corporation" }, "source": { - "kind": "Community" + "kind": "Community" }, "categories": { - "domains": [ "Platform" ] + "domains": [ + "IT Operations", + "Platform" + ] } - }, - { - "workbookKey": "LogAnalyticsQueryAnalysis", - "logoFileName": "Azure_Sentinel.svg", - "description": "This workbook provides an analysis on Log Analytics Query Logs.", - "dataTypesDependencies": [], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ "LogAnalyticsQueryAnalysisBlack.PNG", "LogAnalyticsQueryAnalysisWhite.PNG"], - "version": "1.0.0", - "title": "Log Analytics Query Analysis", - "templateRelativePath": "LogAnalyticsQueryAnalysis.json", - "subtitle": "", - "provider": "Microsoft Sentinel Community", - "support": { - "tier": "Microsoft" + }, + { + "workbookKey": "CiscoSDWANWorkbook", + "logoFileName": "cisco-logo-72px.svg", + "description": "Cisco SD-WAN Workbook equips administrators with the necessary tools to implement robust security measures and stay ahead of emerging threats.By leveraging the insights and recommendations provided in the workbook, network administrators can effectively protect their SD-WAN infrastructure from potential vulnerabilities and ensure a secure and reliable network connectivity for their organization.", + "dataTypesDependencies": [ + "Syslog", + "CiscoSDWANNetflow_CL" + ], + "dataConnectorsDependencies": [ + "CiscoSDWAN" + ], + "previewImagesFileNames": [ + "CiscoSDWANWhite1.png", + "CiscoSDWANWhite2.png", + "CiscoSDWANWhite3.png", + "CiscoSDWANBlack1.png", + "CiscoSDWANBlack2.png", + "CiscoSDWANBlack3.png" + ], + "version": "1.0.0", + "title": "Cisco SD-WAN", + "templateRelativePath": "CiscoSDWAN.json", + "provider": "Cisco" + }, + { + "workbookKey": "SAP-AuditControls", + "logoFileName": "SAPVMIcon.svg", + "description": "SAP -Audit Controls (Preview)", + "dataTypesDependencies": [ + "SAPAuditLog" + ], + "dataConnectorsDependencies": [ + "SAP" + ], + "previewImagesFileNames": [ + "" + ], + "version": "1.0.0", + "title": "SAP -Audit Controls (Preview)", + "templateRelativePath": "SAP -Audit Controls (Preview).json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "ZoomReports", + "logoFileName": "Azure_Sentinel.svg", + "description": "Visualize various details & visuals on Zoom Report data ingested though the solution. This also have a dependency on the parser which is available as a part of Zoom solution named Zoom", + "dataTypesDependencies": [ + "Zoom" + ], + "dataConnectorsDependencies": [ + "Zoom Reports" + ], + "previewImagesFileNames": [ + "ZoomReportsBlack.png", + "ZoomReportsWhite.png" + ], + "version": "1.0.0", + "title": "Zoom Reports", + "templateRelativePath": "ZoomReports.json", + "subtitle": "", + "provider": "Community" + }, + { + "workbookKey": "InsiderRiskManagementWorkbook", + "logoFileName": "Azure_Sentinel.svg", + "description": "The Microsoft Insider Risk Management Workbook integrates telemetry from 25+ Microsoft security products to provide actionable insights into insider risk management. Reporting tools provide “Go to Alert” links to provide deeper integration between products and a simplified user experience for exploring alerts. ", + "dataTypesDependencies": [ + "SigninLogsSigninLogs", + "AuditLogs", + "AzureActivity", + "OfficeActivity", + "InformationProtectionLogs_CL", + "SecurityIncident" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "InsiderRiskManagementBlack.png", + "InsiderRiskManagementWhite.png" + ], + "version": "1.0.0", + "title": "Insider Risk Management", + "templateRelativePath": "InsiderRiskManagement.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "Fortiweb-workbook", + "logoFileName": "Azure_Sentinel.svg", + "description": "This workbook depends on a parser based on a Kusto Function to work as expected [**Fortiweb**](https://aka.ms/sentinel-FortiwebDataConnector-parser) which is deployed with the Microsoft Sentinel Solution.", + "dataTypesDependencies": [ + "CommonSecurityLog" + ], + "dataConnectorsDependencies": [ + "FortinetFortiWeb" + ], + "previewImagesFileNames": [ + "" + ], + "version": "1.0.0", + "title": "Fortiweb-workbook", + "templateRelativePath": "Fortiweb-workbook.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "WebSessionEssentialsWorkbook", + "logoFileName": "Azure_Sentinel.svg", + "description": "The 'Web Session Essentials' workbook provides real-time insights into activity and potential threats in your network. This workbook is designed for network teams, security architects, analysts, and consultants to monitor, identify and investigate threats on Web servers, Web Proxies and Web Security Gateways assets. This Workbook gives a summary of analysed web traffic and helps with threat analysis and investigating suspicious http traffic.", + "dataTypesDependencies": [], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "WebSessionEssentialsWorkbookWhite.png", + "WebSessionEssentialsWorkbookBlack.png" + ], + "version": "1.0.0", + "title": "Web Session Essentials Workbook", + "templateRelativePath": "WebSessionEssentials.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "IslandAdminAuditOverview", + "logoFileName": "island.svg", + "description": "This workbook provides a view into the activities of administrators in the Island Management Console.", + "dataTypesDependencies": [], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "" + ], + "version": "1.0.0", + "title": "Island Admin Audit Overview", + "templateRelativePath": "IslandAdminAuditOverview.json", + "subtitle": "", + "provider": "Island" + }, + { + "workbookKey": "IslandUserActivityOverview", + "logoFileName": "island.svg", + "description": "This workbook provides a view into the activities of users while using the Island Enterprise Browser.", + "dataTypesDependencies": [], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "" + ], + "version": "1.0.0", + "title": "Island User Activity Overview", + "templateRelativePath": "IslandUserActivityOverview.json", + "subtitle": "", + "provider": "Island" + }, + { + "workbookKey": "BloodHoundEnterpriseAttackPathWorkbook", + "logoFileName": "BHE_Logo.svg", + "description": "Gain insights into BloodHound Enterprise attack paths.", + "dataTypesDependencies": [ + "BloodHoundEnterprise" + ], + "dataConnectorsDependencies": [ + "BloodHoundEnterprise" + ], + "previewImagesFileNames": [ + "" + ], + "version": "1.0", + "title": "BloodHound Enterprise Attack Paths", + "templateRelativePath": "BloodHoundEnterpriseAttackPath.json", + "subtitle": "", + "provider": "SpecterOps" + }, + { + "workbookKey": "BloodHoundEnterprisePostureWorkbook", + "logoFileName": "BHE_Logo.svg", + "description": "Gain insights into BloodHound Enterprise domain posture.", + "dataTypesDependencies": [ + "BloodHoundEnterprise" + ], + "dataConnectorsDependencies": [ + "BloodHoundEnterprise" + ], + "previewImagesFileNames": [ + "" + ], + "version": "1.0", + "title": "BloodHound Enterprise Posture", + "templateRelativePath": "BloodHoundEnterprisePosture.json", + "subtitle": "", + "provider": "SpecterOps" + }, + { + "workbookKey": "BitSightWorkbook", + "logoFileName": "BitSight.svg", + "description": "Gain insights into BitSight data.", + "dataTypesDependencies": [ + "Alerts_data_CL", + "BitsightBreaches_data_CL", + "BitsightCompany_details_CL", + "BitsightCompany_rating_details_CL", + "BitsightDiligence_historical_statistics_CL", + "BitsightDiligence_statistics_CL", + "BitsightFindings_summary_CL", + "BitsightFindings_data_CL", + "BitsightGraph_data_CL", + "BitsightIndustrial_statistics_CL", + "BitsightObservation_statistics_CL" + ], + "dataConnectorsDependencies": [ + "BitSightDatConnector" + ], + "previewImagesFileNames": [ + "BitSightWhite1.png", + "BitSightBlack1.png" + ], + "version": "1.0.0", + "title": "BitSight", + "templateRelativePath": "BitSightWorkbook.json", + "subtitle": "", + "provider": "BitSight" + }, + { + "workbookKey": "VectraXDR", + "logoFileName": "", + "description": "This workbook provides visualization of Audit, Detections, Entity Scoring, Lockdown and Health data.", + "dataTypesDependencies": [ + "Audits_Data_CL", + "Detections_Data_CL", + "Entity_Scoring_Data_CL", + "Lockdown_Data_CL", + "Health_Data_CL" + ], + "dataConnectorsDependencies": [ + "VectraDataConnector" + ], + "previewImagesFileNames": [ + "VectraXDRWhite1.png", + "VectraXDRWhite2.png", + "VectraXDRWhite3.png", + "VectraXDRWhite4.png", + "VectraXDRWhite5.png", + "VectraXDRBlack1.png", + "VectraXDRBlack2.png", + "VectraXDRBlack3.png", + "VectraXDRBlack4.png", + "VectraXDRBlack5.png" + ], + "version": "2.0.0", + "title": "Vectra XDR", + "templateRelativePath": "VectraXDR.json", + "subtitle": "", + "provider": "Vectra" + }, + { + "workbookKey": "CloudflareWorkbook", + "logoFileName": "cloudflare.svg", + "description": "Gain insights into Cloudflare events. You will get visibility on your Cloudflare web traffic, security, reliability.", + "dataTypesDependencies": [ + "Cloudflare_CL" + ], + "dataConnectorsDependencies": [ + "CloudflareDataConnector" + ], + "previewImagesFileNames": [ + "CloudflareOverviewWhite01.png", + "CloudflareOverviewWhite02.png", + "CloudflareOverviewBlack01.png", + "CloudflareOverviewBlack02.png" + ], + "version": "1.0", + "title": "Cloudflare", + "templateRelativePath": "Cloudflare.json", + "subtitle": "", + "provider": "Cloudflare" + }, + { + "workbookKey": "CofenseIntelligenceWorkbook", + "logoFileName": "CofenseTriage.svg", + "description": "This workbook provides visualization of Cofense Intelligence threat indicators which are ingested in the Microsoft Sentinel Threat intelligence.", + "dataTypesDependencies": [ + "ThreatIntelligenceIndicator", + "Malware_Data" + ], + "dataConnectorsDependencies": [ + "CofenseIntelligenceDataConnector" + ], + "previewImagesFileNames": [ + "CofenseIntelligenceWhite1.png", + "CofenseIntelligenceBlack1.png" + ], + "version": "1.0", + "title": "CofenseIntelligenceThreatIndicators", + "templateRelativePath": "CofenseIntelligenceThreatIndicators.json", + "subtitle": "", + "provider": "Cofense" + }, + { + "workbookKey": "EgressDefendMetricWorkbook", + "logoFileName": "Egress-logo.svg", + "description": "A workbook providing insights into Egress Defend.", + "dataTypesDependencies": [ + "EgressDefend_CL" + ], + "previewImagesFileNames": [ + "EgressDefendMetricWorkbookBlack01.png", + "EgressDefendMetricWorkbookWhite01.png" + ], + "version": "1.0.0", + "title": "Egress Defend Insights", + "templateRelativePath": "DefendMetrics.json", + "subtitle": "Defend Metrics", + "provider": "Egress Software Technologies" + }, + { + "workbookKey": "UserWorkbook-alexdemichieli-github-update-1", + "logoFileName": "GitHub.svg", + "description": "Gain insights to GitHub activities that may be interesting for security.", + "dataTypesDependencies": [ + "GitHubAuditLogPolling_CL" + ], + "dataConnectorsDependencies": [ + "GitHubEcAuditLogPolling" + ], + "previewImagesFileNames": [ + "" + ], + "version": "1.0.0", + "title": "GitHub Security", + "templateRelativePath": "GitHubAdvancedSecurity.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "SalemDashboard", + "logoFileName": "salem_logo.svg", + "description": "Monitor Salem Performance", + "dataTypesDependencies": [ + "SalemAlerts_CL" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "" + ], + "version": "1.0.0", + "title": "Salem Alerts Workbook", + "templateRelativePath": "SalemDashboard.json", + "subtitle": "", + "provider": "SalemCyber" + }, + { + "workbookKey": "MimecastAuditWorkbook", + "logoFileName": "Mimecast.svg", + "description": "A workbook providing insights into Mimecast Audit.", + "dataTypesDependencies": [ + "MimecastAudit_CL" + ], + "previewImagesFileNames": [ + "MimecastAuditBlack1.png", + "MimecastAuditBlack2.png", + "MimecastAuditWhite1.png", + "MimecastAuditWhite2.png" + ], + "version": "1.0.0", + "title": "MimecastAudit", + "templateRelativePath": "MimecastAudit.json", + "subtitle": "Mimecast Audit", + "provider": "Mimecast" + }, + { + "workbookKey": "MailGuard365Workbook", + "logoFileName": "MailGuard365_logo.svg", + "description": "MailGuard 365 Workbook", + "dataTypesDependencies": [ + "MailGuard365_Threats_CL" + ], + "dataConnectorsDependencies": [ + "MailGuard365" + ], + "previewImagesFileNames": [ + "MailGuard365WorkbookWhite1.png", + "MailGuard365WorkbookWhite2.png", + "MailGuard365WorkbookBlack1.png", + "MailGuard365WorkbookBlack2.png" + ], + "version": "1.0.0", + "title": "MailGuard365", + "templateRelativePath": "MailGuard365Dashboard.json", + "subtitle": "", + "provider": "MailGuard 365" + }, + { + "workbookKey": "MimecastTIRegionalWorkbook", + "logoFileName": "Mimecast.svg", + "description": "A workbook providing insights into Mimecast Regional Threat indicator.", + "dataTypesDependencies": [ + "ThreatIntelligenceIndicator" + ], + "dataConnectorsDependencies": [ + "MimecastTIRegionalConnectorAzureFunctions" + ], + "previewImagesFileNames": [ + "MimecastTIReginalWhite.png", + "MimecastTIRegionalBlack.png" + ], + "version": "1.0.0", + "title": "MimecastTIRegional", + "templateRelativePath": "MimecastTIRegional.json", + "subtitle": "Mimecast TI Regional", + "provider": "Mimecast" + }, + { + "workbookKey": "DataminrPulseAlerts", + "logoFileName": "DataminrPulse.svg", + "description": "This Workbook provides insight into the data coming from DataminrPulse.", + "dataTypesDependencies": [ + "DataminrPulse_Alerts_CL" + ], + "dataConnectorsDependencies": [ + "DataminrPulseAlerts" + ], + "previewImagesFileNames": [ + "DataminrPulseAlertsBlack1.png", + "DataminrPulseAlertsBlack2.png", + "DataminrPulseAlertsBlack3.png", + "DataminrPulseAlertsBlack4.png", + "DataminrPulseAlertsBlack5.png", + "DataminrPulseAlertsWhite1.png", + "DataminrPulseAlertsWhite2.png", + "DataminrPulseAlertsWhite3.png", + "DataminrPulseAlertsWhite4.png", + "DataminrPulseAlertsWhite5.png" + ], + "version": "1.0.0", + "title": "Dataminr Pulse Alerts", + "templateRelativePath": "DataminrPulseAlerts.json", + "provider": "Dataminr" + }, + { + "workbookKey": "DoDZeroTrustWorkbook", + "logoFileName": "", + "description": "This workbook solution provides an intuitive, customizable, framework intended to help track/report Zero Trust implementation in accordance with the latest DoD Zero Trust Strategy.", + "dataTypesDependencies": [], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "DoDZeroTrustWorkbook1Black.png", + "DoDZeroTrustWorkbook2Black.png", + "DoDZeroTrustWorkbook3Black.png", + "DoDZeroTrustWorkbook1White.png", + "DoDZeroTrustWorkbook2White.png", + "DoDZeroTrustWorkbook3White.png" + ], + "version": "1.1.0", + "title": "DoD Zero Trust Strategy Workbook", + "templateRelativePath": "DoDZeroTrustWorkbook.json", + "subtitle": "", + "provider": "Microsoft", + "support": { + "tier": "Microsoft" }, "author": { - "name": "Samik Roy" + "name": "Lili Davoudian, Chhorn Lim, Jay Pelletier, Michael Crane" }, "source": { - "kind": "Community" + "kind": "Community" }, "categories": { - "domains": [ "Platform" ] + "domains": [ + "IT Operations" + ] } - }, - { - "workbookKey": "AcscEssential8", - "logoFileName": "ACSClogo.svg", - "description": "This workbook provides insights on the health state of Azure resources against requirements by the ACSC Essential 8.", - "dataTypesDependencies": [ "DeviceTvmSecureConfigurationAssessment" ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ "AcscEssential8Black1.png", "AcscEssential8White1.png", "AcscEssential8Black2.png", "AcscEssential8White2.png" ], - "version": "2.0.0", - "title": "ACSC Essential 8", - "templateRelativePath": "AcscEssential8.json", - "subtitle": "", - "provider": "Microsoft", - "support": { - "tier": "Microsoft" - }, + }, + { + "workbookKey": "GreyNoiseIntellegenceOverviewWorkbook", + "logoFileName": "greynoise_logomark_black.svg", + "description": "This workbook provides visualization of GreyNoise Intelligence threat indicators which are ingested in the Microsoft Sentinel Threat intelligence.", + "dataTypesDependencies": [ + "ThreatIntelligenceIndicator" + ], + "dataConnectorsDependencies": [ + "GreyNoise2SentinelAPI" + ], + "previewImagesFileNames": [ + "GreyNoiseOverviewWhite.png", + "GreyNoiseOverviewBlack.png" + ], + "version": "1.0", + "title": "GreyNoise Intelligence Threat Indicators", + "templateRelativePath": "GreyNoiseOverview.json", + "subtitle": "", + "provider": "GreyNoise Intelligence, Inc." + }, + { + "workbookKey": "WizFindingsWorkbook", + "logoFileName": "Wiz_logo.svg", + "description": "A visualized overview of Wiz Findings.\nExplore, analize and learn about your security posture using Wiz Findings Overview", + "dataTypesDependencies": [ + "WizIssues_CL", + "WizVulnerabilities_CL", + "WizAuditLogs_CL", + "WizIssuesV2_CL", + "WizVulnerabilitiesV2_CL", + "WizAuditLogs_CL" + ], + "dataConnectorsDependencies": [ + "Wiz" + ], + "previewImagesFileNames": [ + "WizFindingsBlack1.png", + "WizFindingsBlack2.png", + "WizFindingsBlack3.png", + "WizFindingsWhite1.png", + "WizFindingsWhite2.png", + "WizFindingsWhite3.png" + ], + "version": "2.0.0", + "title": "Wiz Findings overview", + "templateRelativePath": "WizFindings.json", + "subtitle": "", + "provider": "Wiz" + }, + { + "workbookKey": "ThreatConnectOverviewWorkbook", + "logoFileName": "ThreatConnect.svg", + "description": "This workbook provides visualization of ThreatConnect threat indicators which are ingested in the Microsoft Sentinel Threat intelligence.", + "dataTypesDependencies": [ + "ThreatIntelligenceIndicator" + ], + "dataConnectorsDependencies": [ + "ThreatIntelligence" + ], + "previewImagesFileNames": [ + "ThreatConnectOverviewBlack.png", + "ThreatConnectOverviewWhite.png" + ], + "version": "1.0.0", + "title": "ThreatConnect Overview Workbook", + "templateRelativePath": "ThreatConnectOverview.json", + "subtitle": "", + "provider": "ThreatConnect, Inc." + }, + { + "workbookKey": "Sentinel_Central", + "logoFileName": "Azure_Sentinel.svg", + "description": "Use this report to view Incident (and Alert data) across many workspaces, this works with Azure Lighthouse and across any subscription you have access to.", + "dataTypesDependencies": [ + "SecurityEvent" + ], + "dataConnectorsDependencies": [ + "IdentityAndAccessWhite.png", + "IdentityAndAccessBlack.png" + ], + "previewImagesFileNames": [ + "SentinelCentralBlack.png", + "SentinelCentralWhite.png" + ], + "version": "2.1.2", + "title": "Sentinel Central", + "templateRelativePath": "Sentinel_Central.json", + "subtitle": "", + "provider": "Microsoft Sentinel community", + "support": { + "tier": "Community" + }, "author": { - "name": "Microsoft Corporation" - }, + "name": "Clive Watson" + }, "source": { - "kind": "Community" - }, + "kind": "Community" + }, + "categories": { + "domains": [ + "Security" + ] + } + }, + { + "workbookKey": "AuthomizeWorkbook", + "logoFileName": "Authomize.svg", + "description": "Manage your Authorization Security Lifecycle across all XaaS environments and Private Clouds. Using Authomize AI-based engine continuously monitor the relationships between identities and assets and gain insight into security risks and events.", + "dataTypesDependencies": [ + "Authomize_v2_CL" + ], + "dataConnectorsDependencies": [ + "Authomize" + ], + "previewImagesFileNames": [ + "AuthomizeITDREventMonitoring-Black.png", + "AuthomizeITDREventMonitoring-White.png" + ], + "version": "1.0.0", + "title": "Authomize ITDR Event Monitoring for Identities", + "templateRelativePath": "Authomize.json", + "subtitle": "", + "provider": "Authomize" + }, + { + "workbookKey": "GigamonConnector", + "logoFileName": "gigamon.svg", + "description": "A visualized overview of Gigamon AMX Data Connector .\nExplore, analize and learn about your security posture using Gigamon AMX data connector Overview.", + "dataTypesDependencies": [ + "Gigamon_CL" + ], + "dataConnectorsDependencies": [ + "GigamonDataConnector" + ], + "previewImagesFileNames": [ + "GigamonWorkbookBlack.png", + "GigamonWorkbookWhite.png" + ], + "version": "1.0.0", + "title": "Gigamon Workbook", + "templateRelativePath": "Gigamon.json", + "subtitle": "", + "provider": "Gigamon" + }, + { + "workbookKey": "PrancerSentinelAnalyticsWorkbook", + "description": "Monitor and analyze Prancer PAC and CSPM scan results.", + "logoFileName": "Prancer.svg", + "dataTypesDependencies": [ + "prancer_CL" + ], + "dataConnectorsDependencies": [ + "PrancerLogData" + ], + "previewImagesFileNames": [ + "PrancerBlack.png", + "PrancerWhite.png" + ], + "version": "1.0.0", + "title": "Prancer Microsoft Sentinel Analytics Workbook", + "templateRelativePath": "PrancerSentinelAnalytics.json", + "subtitle": "", + "provider": "Prancer" + }, + { + "workbookKey": "ValenceSecurityAlertsWorkbook", + "logoFileName": "ValenceSecurityLogo.svg", + "description": "SaaS security alerts from Valence Security.", + "dataTypesDependencies": [ + "ValenceAlert_CL" + ], + "dataConnectorsDependencies": [ + "ValenceSecurity" + ], + "previewImagesFileNames": [ + "ValenceAlertsBlack.png", + "ValenceAlertsWhite.png" + ], + "version": "1.0.0", + "title": "Valence Security Alerts Workbook", + "templateRelativePath": "ValenceAlertsWorkbook.json", + "subtitle": "", + "provider": "Valence Security" + }, + { + "workbookKey": "MalwareProtectionEssentialsWorkbook", + "logoFileName": "Azure_Sentinel.svg", + "description": "This workbook provides details about Suspicious Malware Activities from File, Process and Registry events generated by EDR (Endpoint Detection and Response) solutions.", + "dataTypesDependencies": [ + "_ASim_FileEvent", + "_ASim_ProcessEvent" + ], + "previewImagesFileNames": [ + "MalwareProtectionEssentialsWhite.png", + "MalwareProtectionEssentialsBlack.png" + ], + "version": "1.0.0", + "title": "Malware Protection Essentials", + "templateRelativePath": "MalwareProtectionEssentialsWorkbook.json", + "subtitle": "", + "provider": "Microsoft Sentinel community" + }, + { + "workbookKey": "VaronisSaaSWorkbook", + "logoFileName": "VaronisLogo.svg", + "description": "Security alerts from Varonis SaaS", + "dataTypesDependencies": [ + "VaronisAlerts_CL" + ], + "dataConnectorsDependencies": [ + "VaronisSaaS" + ], + "previewImagesFileNames": [ + "VaronisSaaSAssetsBlack.png", + "VaronisSaaSAssetsWhite.png", + "VaronisSaaSDevicesBlack.png", + "VaronisSaaSDevicesWhite.png", + "VaronisSaaSMainBlack.png", + "VaronisSaaSMainWhite.png", + "VaronisSaaSThreatsBlack.png", + "VaronisSaaSThreatsWhite.png", + "VaronisSaaSUsersBlack.png", + "VaronisSaaSUsersWhite.png" + ], + "version": "1.0.0", + "title": "Varonis SaaS Workbook", + "templateRelativePath": "VaronisSaaS.json", + "subtitle": "", + "provider": "Varonis" + }, + { + "workbookKey": "FortinetFortiNdrCloudWorkbook", + "logoFileName": "fortinet_logo.svg", + "description": "Gain insights into Fortinet FortiNDR CLoud events, including the Suricata, Observation and Detections data.", + "dataTypesDependencies": [ + "FncEventsSuricata_CL", + "FncEventsObservation_CL", + "FncEventsDetections_CL" + ], + "dataConnectorsDependencies": [ + "FortinetFortiNdrCloudDataConnector" + ], + "previewImagesFileNames": [ + "FncDetectionDashboardBlack.png", + "FncDetectionDashboardWhite.png", + "FncObservationDashboardBlack.png", + "FncObservationDashboardWhite.png", + "FncSuricataDashboardBlack.png", + "FncSuricataDashboardWhite.png", + "FncMainDashboardBlack.png", + "FncMainDashboardWhite.png" + ], + "version": "1.0.0", + "title": "FortiNDR Cloud", + "templateRelativePath": "FortinetFortiNdrCloudWorkbook.json", + "subtitle": "", + "provider": "Fortinet" + }, + { + "workbookKey": "WithSecureTopComputersByInfection", + "logoFileName": "WithSecure.svg", + "description": "Top 3 computers by amount of infections.", + "dataTypesDependencies": [ + "WsSecurityEvents_CL" + ], + "dataConnectorsDependencies": [ + "WithSecureElementsViaFunction" + ], + "previewImagesFileNames": [ + "WithSecureTopComputersByInfectionsBlack.png", + "WithSecureTopComputersByInfectionsWhite.png" + ], + "version": "1.0", + "title": "WithSecure - Top computers by infections", + "templateRelativePath": "WithSecureTopComputersByInfections.json", + "subtitle": "", + "provider": "WithSecure" + }, + { + "workbookKey": "AzureOpenAIMonitoring", + "logoFileName": "", + "description": "Welcome to this Azure OpenAI Monitoring Workbook\n#### This workbook will help to monitor your Azure Open AI Instances\n\n** Please enable diagnostics settings for the Open AI instance to view the workbook.", + "dataTypesDependencies": [], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "AzureOpenAIMonitoringWhite.PNG", + "AzureOpenAIMonitoringBlack.PNG" + ], + "version": "1.0", + "title": "Azure OpenAI Monitoring Workbook", + "templateRelativePath": "AzureOpenAIMonitoring.json", + "subtitle": "", + "provider": "Microsoft Sentinel Community" + }, + { + "workbookKey": "SonicWallWorkbook", + "logoFileName": "sonicwall_logo.svg", + "description": "A collection of queries to provide visibility into the events reported by your SonicWall firewalls.", + "dataTypesDependencies": [ + "CommonSecurityLog", + "ASimNetworkSessionSonicWallFirewall" + ], + "dataConnectorsDependencies": [ + "SonicWallFirewall", + "CefAma" + ], + "previewImagesFileNames": [ + "SonicWallWorkbookWhite.png", + "SonicWallWorkbookBlack.png" + ], + "version": "1.0.0", + "title": "SonicWall Workbook", + "templateRelativePath": "SonicWallFirewall.json", + "subtitle": "", + "provider": "SonicWall" + }, + { + "workbookKey": "AzureServiceHealthWorkbook", + "logoFileName": "", + "description": "A collection of queries to provide visibility into Azure Service Health across the subscriptions.", + "dataTypesDependencies": [ + "AzureActivity" + ], + "dataConnectorsDependencies": [ + "AzureActivity" + ], + "previewImagesFileNames": [ + "AzureServiceHealthWhite.png", + "AzureServiceHealthBlack.png" + ], + "version": "1.0.0", + "title": "Azure Service Health Workbook", + "templateRelativePath": "AzureServiceHealthWorkbook.json", + "subtitle": "", + "provider": "Microsoft Sentinel Community" + }, + { + "workbookKey": "EgressPreventMetricWorkbook", + "logoFileName": "Egress-logo.svg", + "description": "A workbook providing insights into Egress Defend.", + "dataTypesDependencies": [ + "EgressEvents_CL" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "EgressPreventWorkbookBlack01.png", + "EgressPreventWorkbookWhite01.png" + ], + "version": "1.0.0", + "title": "Egress Defend Insights", + "templateRelativePath": "PreventWorkbook.json", + "subtitle": "Iris Prevent Metrics", + "provider": "Egress Software Technologies" + }, + { + "workbookKey": "NetskopeDashboard", + "logoFileName": "Netskope.svg", + "description": "A workbook providing insights into Netskope Alerts, Events and WebTransactions.", + "dataConnectorsDependencies": [ + "NetskopeDataConnector" + ], + "dataTypesDependencies": [ + "eventsapplicationdata_CL", + "alertscompromisedcredentialdata_CL", + "alertsctepdata_CL", + "alertsdlpdata_CL", + "alertsmalsitedata_CL", + "alertsmalwaredata_CL", + "alertspolicydata_CL", + "alertsquarantinedata_CL", + "alertsremediationdata_CL", + "alertssecurityassessmentdata_CL", + "alertsubadata_CL", + "NetskopeWebtxData_CL" + ], + "previewImagesFileNames": [ + "NetskopeDashboardBlack1.png", + "NetskopeDashboardBlack2.png", + "NetskopeDashboardBlack3.png", + "NetskopeDashboardWhite1.png", + "NetskopeDashboardWhite2.png", + "NetskopeDashboardWhite3.png" + ], + "version": "1.0.0", + "title": "NetskopeDashboard", + "templateRelativePath": "NetskopeDashboard.json", + "subtitle": "Netskope Dashboard for Alerts, Events and WebTransactions", + "provider": "Netskope" + }, + { + "workbookKey": "BitwardenEventLogsOrganization", + "logoFileName": "Bitwarden.svg", + "description": "This workbook provides insights on Bitwarden Organizations Event Logs.", + "dataConnectorsDependencies": [ + "BitwardenEventLogs" + ], + "dataTypesDependencies": [ + "BitwardenEventLogs_CL", + "BitwardenGroups_CL", + "BitwardenMembers_CL" + ], + "previewImagesFileNames": [ + "BitwardenEventLogsOrganizationWhite1.png", + "BitwardenEventLogsOrganizationWhite2.png", + "BitwardenEventLogsOrganizationBlack1.png", + "BitwardenEventLogsOrganizationBlack2.png" + ], + "version": "1.0.0", + "title": "Bitwarden Organization Events", + "templateRelativePath": "BitwardenEventLogsOrganization.json", + "subtitle": "", + "provider": "Bitwarden" + }, + { + "workbookKey": "BitwardenEventLogsAuthentication", + "logoFileName": "Bitwarden.svg", + "description": "This workbook provides insights on Bitwarden Authentication Event Logs.", + "dataConnectorsDependencies": [ + "BitwardenEventLogs" + ], + "dataTypesDependencies": [ + "BitwardenEventLogs_CL", + "BitwardenGroups_CL", + "BitwardenMembers_CL" + ], + "previewImagesFileNames": [ + "BitwardenEventLogsAuthenticationWhite1.png", + "BitwardenEventLogsAuthenticationWhite2.png", + "BitwardenEventLogsAuthenticationBlack1.png", + "BitwardenEventLogsAuthenticationBlack2.png" + ], + "version": "1.0.0", + "title": "Bitwarden Authentication Events", + "templateRelativePath": "BitwardenEventLogsAuthentication.json", + "subtitle": "", + "provider": "Bitwarden" + }, + { + "workbookKey": "BitwardenEventLogsVaultItems", + "logoFileName": "Bitwarden.svg", + "description": "This workbook provides insights on Bitwarden Vault Items Event Logs.", + "dataConnectorsDependencies": [ + "BitwardenEventLogs" + ], + "dataTypesDependencies": [ + "BitwardenEventLogs_CL", + "BitwardenGroups_CL", + "BitwardenMembers_CL" + ], + "previewImagesFileNames": [ + "BitwardenEventLogsVaultItemsWhite1.png", + "BitwardenEventLogsVaultItemsWhite2.png", + "BitwardenEventLogsVaultItemsBlack1.png", + "BitwardenEventLogsVaultItemsBlack2.png" + ], + "version": "1.0.0", + "title": "Bitwarden Vault Items Events", + "templateRelativePath": "BitwardenEventLogsVaultItems.json", + "subtitle": "", + "provider": "Bitwarden" + }, + { + "workbookKey": "CodelessConnectorBuilder", + "logoFileName": "Azure_Sentinel.svg", + "description": "Create custom codeless connectors on demand with this UI-like workbook. Templates can be generated by going step by step in this workbook while filling out the different values.", + "dataTypesDependencies": [], + "previewImagesFileNames": [ + "CodelessConnectorBuilderBlack.png", + "CodelessConnectorBuilderWhite.png" + ], + "version": "1.0.0", + "title": "Codeless Connector Builder", + "templateRelativePath": "CodelessConnectorBuilder.json", + "subtitle": "", + "provider": "Microsoft Sentinel Community" + }, + { + "workbookKey": "IllumioAuditableEventsWorkbook", + "logoFileName": "IllumioLogo.svg", + "description": "A collection of queries to provide visibility into auditable events reported by Illumio.", + "dataTypesDependencies": [ + "Illumio_Auditable_Events_CL" + ], + "dataConnectorsDependencies": [ + "IllumioSaaSDataConnector" + ], + "previewImagesFileNames": [ + "IllumioAuditableEventsBlack.png", + "IllumioAuditableEventsWhite.png" + ], + "version": "1.0.0", + "title": "Illumio Auditable Events Workbook", + "templateRelativePath": "IllumioAuditableEvents.json", + "subtitle": "", + "provider": "Illumio" + }, + { + "workbookKey": "IllumioFlowEventsWorkbook", + "logoFileName": "IllumioLogo.svg", + "description": "A collection of queries to provide visibility into the flow events reported by Illumio.", + "dataTypesDependencies": [ + "Illumio_Flows_Events_CL" + ], + "dataConnectorsDependencies": [ + "IllumioSaaSDataConnector" + ], + "previewImagesFileNames": [ + "IllumioFlowEventsBlack.png", + "IllumioFlowEventsWhite.png" + ], + "version": "1.0.0", + "title": "Illumio Flow Data Workbook", + "templateRelativePath": "IllumioFlowData.json", + "subtitle": "", + "provider": "Illumio" + }, + { + "workbookKey": "IllumioWorkloadsStatsWorkbook", + "logoFileName": "IllumioLogo.svg", + "description": "This workbook leverages workloads api of Illumio and presents insights", + "dataTypesDependencies": [ + "Illumio_Workloads_Summarized_API_CL" + ], + "dataConnectorsDependencies": [ + "IllumioSaaSDataConnector" + ], + "previewImagesFileNames": [ + "IllumioWorkloadsSummarizedBlack.png", + "IllumioWorkloadsSummarizedWhite.png" + ], + "version": "1.1.0", + "title": "Illumio Workload Stats Workbook", + "templateRelativePath": "IllumioWorkloadsStats.json", + "subtitle": "", + "provider": "Illumio" + }, + { + "workbookKey": "CEFOverview", + "logoFileName": "Azure_Sentinel.svg", + "description": "This Workbook gives an overview of ingestion of logs in the CommonSecurityLog table.", + "dataTypesDependencies": [ + "CommonSecurityLog" + ], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "CEFOverviewWhite.png", + "CEFOverviewBlack.png" + ], + "version": "1.0.0", + "title": "Common Event Format Logs Overview", + "templateRelativePath": "CEFOverviewWorkbook.json", + "provider": "", + "support": { + "tier": "Microsoft" + }, + "author": { + "name": "Microsoft" + }, "categories": { - "domains": [ - "Compliance", + "domains": [ "IT Operations" - ] - } - } , - { - "workbookKey": "TalonInsights", - "logoFileName": "Talon.svg", - "description": "This workbook provides Talon Security Insights on Log Analytics Query Logs", - "dataTypesDependencies": [], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "TalonInsightsBlack.png", - "TalonInsightsWhite.png" - ], - "version": "2.0.0", - "title": "Talon Insights", - "templateRelativePath": "TalonInsights.json", - "subtitle": "", - "provider": "Talon Cyber Security" - }, - { - "workbookKey": "manualincident", - "logoFileName": "Azure_Sentinel.svg", - "description": "This workbook gives the ability for efficient incident management by enabling manual creation of Microsoft Sentinel incidents directly from within the workbook.", - "dataTypesDependencies": [ "" ], - "dataConnectorsDependencies": [ "" ], - "previewImagesFileNames": [ "ManualincidentWhite.png", "ManualincidentBlack.png" ], - "version": "1.0.0", - "title": "Incident Management with Microsoft Sentinel Manual Creation of Incidents Workbook", - "templateRelativePath": "ManualSentinelIncident.json", - "subtitle": "", - "provider": "Microsoft Sentinel community", - "support": { - "tier": "Community" - }, - "author": { - "name": "Microsoft Sentinel Community" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ - "Security - Others" - ] - } - }, - { - "workbookKey": "CofenseTriageThreatIndicators", - "logoFileName": "CofenseTriage.svg", - "description": "This workbook provides visualization of Cofense Triage threat indicators which are ingested in the Microsoft Sentinel Threat intelligence.", - "dataTypesDependencies": [ - "ThreatIntelligenceIndicator", - "Report_links_data_CL" - ], - "dataConnectorsDependencies": [ - "CofenseTriageDataConnector" - ], - "previewImagesFileNames": [ - "CofenseTriageThreatIndicatorsWhite1.png", - "CofenseTriageThreatIndicatorsBlack1.png" - ], - "version": "1.0", - "title": "CofenseTriageThreatIndicators", - "templateRelativePath": "CofenseTriageThreatIndicators.json", - "subtitle": "", - "provider": "Cofense" - }, - { - "workbookKey": "OptimizationWorkbook", - "logoFileName": "optimization.svg", - "description": "This workbook aims to help you gain insights into your current Microsoft Sentinel environment, while also providing recommendations for optimizing costs, improving operational effectiveness, and offering a management overview.", - "dataTypesDependencies": ["SentinelHealth", "SentinelAudit"], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "OptimizationWorkbookBlack.png", - "OptimizationWorkbookWhite.png" - ], - "version": "1.4.0", - "title": "Microsoft Sentinel Optimization Workbook", - "templateRelativePath": "OptimizationWorkbook.json", - "subtitle": "", - "provider": "Microsoft", - "support": { - "tier": "Microsoft" - }, - "author": { - "name": "Jeremy Tan, Matthew Lowe, Margaret Mwaura" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ - "IT Operations" - ] - } - }, - { - "workbookKey": "DataCollectionRuleToolkit", - "logoFileName": "Azure_Sentinel.svg", - "description": "Use this workbook solution to create, review, and modify data collection rules for Microsoft Sentinel. This workbook provides a click-through experience that centralizes key components from Microsoft Sentinel, Azure Log Analytics, and Azure Monitor to enable users to create new DCRs, modify existing DCRs, and review all DCRs in the environment.", - "dataTypesDependencies": [], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ "Dcr-toolkit-Black.png", "Dcr-toolkit-White.png"], - "version": "1.2.0", - "title": "Data Collection Rule Toolkit", - "templateRelativePath": "DCR-Toolkit.json", - "subtitle": "", - "provider": "Microsoft Sentinel Community", - "support": { - "tier": "Community" - }, - "author": { - "name": "Microsoft Sentinel Community" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ - "Data Collection" - ] - } - }, - - { - "workbookKey": "NetskopeWorkbook", - "logoFileName": "Netskope_logo.svg", - "description": "Gain insights and comprehensive monitoring into Netskope events data by analyzing traffic and user activities.\nThis workbook provides insights into various Netskope events types such as Cloud Firewall, Network Private Access, Applications, Security Alerts as well as Web Transactions.\nYou can use this workbook to get visibility in to your Netskope Security Cloud and quickly identify threats, anamolies, traffic patterns, cloud application useage, blocked URL addresses and more.", - "dataTypesDependencies": [ - "Netskope_Events_CL", - "Netskope_Alerts_CL", - "Netskope_WebTX_CL" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "Netskope-ApplicationEvents-Black.png", - "Netskope-ApplicationEvents-White.png", - "Netskope-SecurityAlerts-DLP-Black.png", - "Netskope-SecurityAlerts-DLP-White.png", - "Netskope-NetworkEvents-CFW-Black.png", - "Netskope-NetworkEvents-CFW-White.png", - "Netskope-SecurityAlerts-Malsite-Black.png", - "Netskope-SecurityAlerts-Malsite-White.png", - "Netskope-NetworkEvents-NPA-Black.png", - "Netskope-NetworkEvents-NPA-White.png", - "Netskope-SecurityAlerts-Malware-White.png", - "Netskope-SecurityAlerts-Malware-Black.png", - "Netskope-SecurityAlerts-BehaviorAnalytics-Black.png", - "Netskope-SecurityAlerts-BehaviorAnalytics-White.png", - "Netskope-SecurityAlerts-Overview-Black.png", - "Netskope-SecurityAlerts-Overview-White.png", - "Netskope-SecurityAlerts-CompormisedCredentials-Black.png", - "Netskope-SecurityAlerts-CompromisedCredentials-White.png", - "Netskope-WebTransactions-Black.png", - "Netskope-WebTransactions-White.png" - ], - "version": "1.0", - "title": "Netskope", - "templateRelativePath": "NetskopeEvents.json", - "subtitle": "", - "provider": "Netskope" - }, - { - "workbookKey": "AIShield", - "logoFileName": "AIShield_Logo.svg", - "description": "Visualize events generated by AIShield. This workbook is dependent on a parser AIShield which is a part of the solution deployment.", - "dataTypesDependencies": [ - "AIShield" - ], - "dataConnectorsDependencies": [ - "AIShield" - ], - "previewImagesFileNames": [ - "AIShieldBlack.png", - "AIShieldWhite.png" - ], - "version": "1.0.0", - "title": "AIShield Workbook", - "templateRelativePath": "AIShield.json", - "subtitle": "", - "provider": "Community" - }, - { - "workbookKey": "AdvancedWorkbookConcepts", - "logoFileName": "Azure_Sentinel.svg", - "description": "Use this workbook to view and learn advanced concepts for workbooks in Azure Monitor and Microsoft Sentinel. Examples are provided in order to teach users how the concepts look, work, and are built.", - "dataTypesDependencies": [], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ "Advancedworkbookconcepts-Black.png", "Advancedworkbookconcepts-White.png"], - "version": "1.1.0", - "title": "Advanced Workbook Concepts", - "templateRelativePath": "AdvancedWorkbookConcepts.json", - "subtitle": "", - "provider": "Microsoft Sentinel Community", - "support": { - "tier": "Microsoft" - }, -"author": { - "name": "Microsoft Sentinel Community" - }, -"source": { - "kind": "Community" - }, -"categories": { - "domains": [ - "Workbooks", - "Reporting", - "Visualization" - ] - } -}, -{ - "workbookKey": "NetCleanProActiveWorkbook", - "logoFileName": "NetCleanImpactLogo.svg", - "description": "This workbook provides insights on NetClean ProActive Incidents.", - "dataTypesDependencies": [ - "Netclean_Incidents_CL" - ], - "dataConnectorsDependencies": [ - "Netclean_ProActive_Incidents" - ], - "previewImagesFileNames": [ - "NetCleanProActiveBlack1.png", - "NetCleanProActiveBlack2.png", - "NetCleanProActiveWhite1.png", - "NetCleanProActiveWhite2.png" - ], - "version": "1.0.0", - "title": "NetClean ProActive", - "templateRelativePath": "NetCleanProActiveWorkbook.json", - "subtitle": "", - "provider": "NetClean" - }, - { - "workbookKey": "AutomationHealth", - "logoFileName": "Azure_Sentinel.svg", - "description": "Have a holistic overview of your automation health, gain insights about failures, correlate Microsoft Sentinel health with Logic Apps diagnostics logs and deep dive automation details per incident", - "dataTypesDependencies": [ - "SentinelHealth" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "AutomationHealthBlack.png", - "AutomationHealthWhite.png" - ], - "version": "2.0.0", - "title": "Automation health", - "templateRelativePath": "AutomationHealth.json", - "subtitle": "", - "provider": "Microsoft Sentinel Community" - }, -{ - "workbookKey": "PlaybooksHealth", - "logoFileName": "Azure_Sentinel.svg", - "description": "The workbook will provide you with deeper insights regarding the status, activity, and billing of each playbook. You can use the workbook's logic to monitor the general health of the playbooks.", - "dataTypesDependencies": [], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "PlaybookHealthWhite.PNG", - "PlaybookHealthBlack.PNG" - ], - "version": "1.0.0", - "title": "Playbooks health monitoring (preview)", - "templateRelativePath": "PlaybookHealth.json", - "subtitle": "", - "provider": "Microsoft Sentinel Community", - "support": { - "tier": "Microsoft" - }, - "author": { - "name": "Microsoft Corporation" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ - "IT Operations", - "Platform" - ] - } - }, - { - "workbookKey": "CiscoSDWANWorkbook", - "logoFileName": "cisco-logo-72px.svg", - "description": "Cisco SD-WAN Workbook equips administrators with the necessary tools to implement robust security measures and stay ahead of emerging threats.By leveraging the insights and recommendations provided in the workbook, network administrators can effectively protect their SD-WAN infrastructure from potential vulnerabilities and ensure a secure and reliable network connectivity for their organization.", - "dataTypesDependencies": [ - "Syslog", - "CiscoSDWANNetflow_CL" - ], - "dataConnectorsDependencies": ["CiscoSDWAN"], - "previewImagesFileNames": [ - "CiscoSDWANWhite1.png", - "CiscoSDWANWhite2.png", - "CiscoSDWANWhite3.png", - "CiscoSDWANBlack1.png", - "CiscoSDWANBlack2.png", - "CiscoSDWANBlack3.png" - ], - "version": "1.0.0", - "title": "Cisco SD-WAN", - "templateRelativePath": "CiscoSDWAN.json", - "provider": "Cisco" - }, - { - "workbookKey": "SAP-AuditControls", - "logoFileName": "SAPVMIcon.svg", - "description": "SAP -Audit Controls (Preview)", - "dataTypesDependencies": [ - "SAPAuditLog" - ], - "dataConnectorsDependencies": [ - "SAP" - ], - "previewImagesFileNames": [""], - "version": "1.0.0", - "title": "SAP -Audit Controls (Preview)", - "templateRelativePath": "SAP -Audit Controls (Preview).json", - "subtitle": "", - "provider": "Microsoft" -}, - { - "workbookKey": "ZoomReports", - "logoFileName": "Azure_Sentinel.svg", - "description": "Visualize various details & visuals on Zoom Report data ingested though the solution. This also have a dependency on the parser which is available as a part of Zoom solution named Zoom", - "dataTypesDependencies": [ "Zoom" ], - "dataConnectorsDependencies": ["Zoom Reports"], - "previewImagesFileNames": [ "ZoomReportsBlack.png", "ZoomReportsWhite.png" ], - "version": "1.0.0", - "title": "Zoom Reports", - "templateRelativePath": "ZoomReports.json", - "subtitle": "", - "provider": "Community" - }, - { - "workbookKey": "InsiderRiskManagementWorkbook", - "logoFileName": "Azure_Sentinel.svg", - "description": "The Microsoft Insider Risk Management Workbook integrates telemetry from 25+ Microsoft security products to provide actionable insights into insider risk management. Reporting tools provide \u201cGo to Alert\u201d links to provide deeper integration between products and a simplified user experience for exploring alerts. ", - "dataTypesDependencies": [ - "SigninLogsSigninLogs", - "AuditLogs", - "AzureActivity", - "OfficeActivity", - "InformationProtectionLogs_CL", - "SecurityIncident" - ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "InsiderRiskManagementBlack.png", - "InsiderRiskManagementWhite.png" - ], - "version": "1.0.0", - "title": "Insider Risk Management", - "templateRelativePath": "InsiderRiskManagement.json", - "subtitle": "", - "provider": "Microsoft" - }, - { - "workbookKey": "Fortiweb-workbook", - "logoFileName": "Azure_Sentinel.svg", - "description": "This workbook depends on a parser based on a Kusto Function to work as expected [**Fortiweb**](https://aka.ms/sentinel-FortiwebDataConnector-parser) which is deployed with the Microsoft Sentinel Solution.", - "dataTypesDependencies": [ - "CommonSecurityLog" - ], - "dataConnectorsDependencies": [ - "FortinetFortiWeb" - ], - "previewImagesFileNames": [""], - "version": "1.0.0", - "title": "Fortiweb-workbook", - "templateRelativePath": "Fortiweb-workbook.json", - "subtitle": "", - "provider": "Microsoft" - }, - { - "workbookKey": "WebSessionEssentialsWorkbook", - "logoFileName": "Azure_Sentinel.svg", - "description": "The 'Web Session Essentials' workbook provides real-time insights into activity and potential threats in your network. This workbook is designed for network teams, security architects, analysts, and consultants to monitor, identify and investigate threats on Web servers, Web Proxies and Web Security Gateways assets. This Workbook gives a summary of analysed web traffic and helps with threat analysis and investigating suspicious http traffic.", - "dataTypesDependencies": [], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "WebSessionEssentialsWorkbookWhite.png", - "WebSessionEssentialsWorkbookBlack.png" - ], - "version": "1.0.0", - "title": "Web Session Essentials Workbook", - "templateRelativePath": "WebSessionEssentials.json", - "subtitle": "", - "provider": "Microsoft" - }, - { - "workbookKey": "IslandAdminAuditOverview", - "logoFileName": "island.svg", - "description": "This workbook provides a view into the activities of administrators in the Island Management Console.", - "dataTypesDependencies": [], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [""], - "version": "1.0.0", - "title": "Island Admin Audit Overview", - "templateRelativePath": "IslandAdminAuditOverview.json", - "subtitle": "", - "provider": "Island" - }, - { - "workbookKey": "IslandUserActivityOverview", - "logoFileName": "island.svg", - "description": "This workbook provides a view into the activities of users while using the Island Enterprise Browser.", - "dataTypesDependencies": [], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [""], - "version": "1.0.0", - "title": "Island User Activity Overview", - "templateRelativePath": "IslandUserActivityOverview.json", - "subtitle": "", - "provider": "Island" - }, - { - "workbookKey": "BloodHoundEnterpriseAttackPathWorkbook", - "logoFileName": "BHE_Logo.svg", - "description": "Gain insights into BloodHound Enterprise attack paths.", - "dataTypesDependencies": [ "BloodHoundEnterprise" ], - "dataConnectorsDependencies": [ "BloodHoundEnterprise" ], - "previewImagesFileNames": [""], - "version": "1.0", - "title": "BloodHound Enterprise Attack Paths", - "templateRelativePath": "BloodHoundEnterpriseAttackPath.json", - "subtitle": "", - "provider": "SpecterOps" -}, -{ - "workbookKey": "BloodHoundEnterprisePostureWorkbook", - "logoFileName": "BHE_Logo.svg", - "description": "Gain insights into BloodHound Enterprise domain posture.", - "dataTypesDependencies": [ "BloodHoundEnterprise" ], - "dataConnectorsDependencies": [ "BloodHoundEnterprise" ], - "previewImagesFileNames": [""], - "version": "1.0", - "title": "BloodHound Enterprise Posture", - "templateRelativePath": "BloodHoundEnterprisePosture.json", - "subtitle": "", - "provider": "SpecterOps" -}, -{ - "workbookKey": "BitSightWorkbook", - "logoFileName": "BitSight.svg", - "description": "Gain insights into BitSight data.", - "dataTypesDependencies": ["Alerts_data_CL", "BitsightBreaches_data_CL", "BitsightCompany_details_CL", "BitsightCompany_rating_details_CL", "BitsightDiligence_historical_statistics_CL", "BitsightDiligence_statistics_CL", "BitsightFindings_summary_CL", "BitsightFindings_data_CL", "BitsightGraph_data_CL", "BitsightIndustrial_statistics_CL", "BitsightObservation_statistics_CL"], - "dataConnectorsDependencies": ["BitSightDatConnector"], - "previewImagesFileNames": ["BitSightWhite1.png","BitSightBlack1.png"], - "version": "1.0.0", - "title": "BitSight", - "templateRelativePath": "BitSightWorkbook.json", - "subtitle": "", - "provider": "BitSight" -}, -{ - "workbookKey": "VectraXDR", - "logoFileName": "", - "description": "This workbook provides visualization of Audit, Detections, Entity Scoring, Lockdown and Health data.", - "dataTypesDependencies": [ - "Audits_Data_CL", - "Detections_Data_CL", - "Entity_Scoring_Data_CL", - "Lockdown_Data_CL", - "Health_Data_CL" - ], - "dataConnectorsDependencies": [ - "VectraDataConnector" - ], - "previewImagesFileNames": [ - "VectraXDRWhite1.png", - "VectraXDRWhite2.png", - "VectraXDRWhite3.png", - "VectraXDRWhite4.png", - "VectraXDRWhite5.png", - "VectraXDRBlack1.png", - "VectraXDRBlack2.png", - "VectraXDRBlack3.png", - "VectraXDRBlack4.png", - "VectraXDRBlack5.png" - ], - "version": "2.0.0", - "title": "Vectra XDR", - "templateRelativePath": "VectraXDR.json", - "subtitle": "", - "provider": "Vectra" -}, - { - "workbookKey": "CloudflareWorkbook", - "logoFileName": "cloudflare.svg", - "description": "Gain insights into Cloudflare events. You will get visibility on your Cloudflare web traffic, security, reliability.", - "dataTypesDependencies": [ "Cloudflare_CL" ], - "dataConnectorsDependencies": [ "CloudflareDataConnector" ], - "previewImagesFileNames": ["CloudflareOverviewWhite01.png", "CloudflareOverviewWhite02.png", "CloudflareOverviewBlack01.png", "CloudflareOverviewBlack02.png"], - "version": "1.0", - "title": "Cloudflare", - "templateRelativePath": "Cloudflare.json", - "subtitle": "", - "provider": "Cloudflare" -}, -{ - "workbookKey": "CofenseIntelligenceWorkbook", - "logoFileName": "CofenseTriage.svg", - "description": "This workbook provides visualization of Cofense Intelligence threat indicators which are ingested in the Microsoft Sentinel Threat intelligence.", - "dataTypesDependencies": [ - "ThreatIntelligenceIndicator", - "Malware_Data" - ], - "dataConnectorsDependencies": [ - "CofenseIntelligenceDataConnector" - ], - "previewImagesFileNames": [ - "CofenseIntelligenceWhite1.png", - "CofenseIntelligenceBlack1.png" - ], - "version": "1.0", - "title": "CofenseIntelligenceThreatIndicators", - "templateRelativePath": "CofenseIntelligenceThreatIndicators.json", - "subtitle": "", - "provider": "Cofense" -}, -{ - "workbookKey": "EgressDefendMetricWorkbook", - "logoFileName": "Egress-logo.svg", - "description": "A workbook providing insights into Egress Defend.", - "dataTypesDependencies": ["EgressDefend_CL"], - "previewImagesFileNames": [ "EgressDefendMetricWorkbookBlack01.png", "EgressDefendMetricWorkbookWhite01.png" ], - "version": "1.0.0", - "title": "Egress Defend Insights", - "templateRelativePath": "DefendMetrics.json", - "subtitle": "Defend Metrics", - "provider": "Egress Software Technologies" - }, - { - "workbookKey": "UserWorkbook-alexdemichieli-github-update-1", - "logoFileName": "GitHub.svg", - "description": "Gain insights to GitHub activities that may be interesting for security.", - "dataTypesDependencies": [ - "GitHubAuditLogPolling_CL" - ], - "dataConnectorsDependencies": [ - "GitHubEcAuditLogPolling" - ], - "previewImagesFileNames": [""], - "version": "1.0.0", - "title": "GitHub Security", - "templateRelativePath": "GitHubAdvancedSecurity.json", - "subtitle": "", - "provider": "Microsoft" -}, -{ - "workbookKey": "SalemDashboard", - "logoFileName": "salem_logo.svg", - "description": "Monitor Salem Performance", - "dataTypesDependencies": [ "SalemAlerts_CL" ], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [""], - "version": "1.0.0", - "title": "Salem Alerts Workbook", - "templateRelativePath": "SalemDashboard.json", - "subtitle": "", - "provider": "SalemCyber" -}, -{ - "workbookKey": "MimecastAuditWorkbook", - "logoFileName": "Mimecast.svg", - "description": "A workbook providing insights into Mimecast Audit.", - "dataTypesDependencies": [ - "MimecastAudit_CL" - ], - "previewImagesFileNames": [ - "MimecastAuditBlack1.png", - "MimecastAuditBlack2.png", - "MimecastAuditWhite1.png", - "MimecastAuditWhite2.png" - ], - "version": "1.0.0", - "title": "MimecastAudit", - "templateRelativePath": "MimecastAudit.json", - "subtitle": "Mimecast Audit", - "provider": "Mimecast" -}, -{ - "workbookKey": "MailGuard365Workbook", - "logoFileName": "MailGuard365_logo.svg", - "description": "MailGuard 365 Workbook", - "dataTypesDependencies": [ - "MailGuard365_Threats_CL" - ], - "dataConnectorsDependencies": [ - "MailGuard365" - ], - "previewImagesFileNames": ["MailGuard365WorkbookWhite1.png", - "MailGuard365WorkbookWhite2.png", - "MailGuard365WorkbookBlack1.png", - "MailGuard365WorkbookBlack2.png" -], - "version": "1.0.0", - "title": "MailGuard365", - "templateRelativePath": "MailGuard365Dashboard.json", - "subtitle": "", - "provider": "MailGuard 365" -}, -{ - "workbookKey": "MimecastTIRegionalWorkbook", - "logoFileName": "Mimecast.svg", - "description": "A workbook providing insights into Mimecast Regional Threat indicator.", - "dataTypesDependencies": ["ThreatIntelligenceIndicator"], - "dataConnectorsDependencies": [ - "MimecastTIRegionalConnectorAzureFunctions" - ], - "previewImagesFileNames": [ - "MimecastTIReginalWhite.png", - "MimecastTIRegionalBlack.png" - ], - "version": "1.0.0", - "title": "MimecastTIRegional", - "templateRelativePath": "MimecastTIRegional.json", - "subtitle": "Mimecast TI Regional", - "provider": "Mimecast" -}, -{ - "workbookKey": "DataminrPulseAlerts", - "logoFileName": "DataminrPulse.svg", - "description": "This Workbook provides insight into the data coming from DataminrPulse.", - "dataTypesDependencies": ["DataminrPulse_Alerts_CL"], - "dataConnectorsDependencies": ["DataminrPulseAlerts"], - "previewImagesFileNames": [ "DataminrPulseAlertsBlack1.png", - "DataminrPulseAlertsBlack2.png", - "DataminrPulseAlertsBlack3.png", - "DataminrPulseAlertsBlack4.png", - "DataminrPulseAlertsBlack5.png", - "DataminrPulseAlertsWhite1.png", - "DataminrPulseAlertsWhite2.png", - "DataminrPulseAlertsWhite3.png", - "DataminrPulseAlertsWhite4.png", - "DataminrPulseAlertsWhite5.png" - ], - "version": "1.0.0", - "title": "Dataminr Pulse Alerts", - "templateRelativePath": "DataminrPulseAlerts.json", - "provider": "Dataminr" -}, -{ - "workbookKey": "DoDZeroTrustWorkbook", - "logoFileName": "", - "description": "This workbook solution provides an intuitive, customizable, framework intended to help track/report Zero Trust implementation in accordance with the latest DoD Zero Trust Strategy.", - "dataTypesDependencies": [], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "DoDZeroTrustWorkbook1Black.png", - "DoDZeroTrustWorkbook2Black.png", - "DoDZeroTrustWorkbook3Black.png", - "DoDZeroTrustWorkbook1White.png", - "DoDZeroTrustWorkbook2White.png", - "DoDZeroTrustWorkbook3White.png" - ], - "version": "1.1.0", - "title": "DoD Zero Trust Strategy Workbook", - "templateRelativePath": "DoDZeroTrustWorkbook.json", - "subtitle": "", - "provider": "Microsoft", - "support": { - "tier": "Microsoft" - }, - "author": { - "name": "Lili Davoudian, Chhorn Lim, Jay Pelletier, Michael Crane" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ - "IT Operations" - ] - } -}, -{ - "workbookKey": "GreyNoiseIntellegenceOverviewWorkbook", - "logoFileName": "greynoise_logomark_black.svg", - "description": "This workbook provides visualization of GreyNoise Intelligence threat indicators which are ingested in the Microsoft Sentinel Threat intelligence.", - "dataTypesDependencies": [ - "ThreatIntelligenceIndicator" - ], - "dataConnectorsDependencies": [ - "GreyNoise2SentinelAPI" - ], - "previewImagesFileNames": [ - "GreyNoiseOverviewWhite.png", - "GreyNoiseOverviewBlack.png" - ], - "version": "1.0", - "title": "GreyNoise Intelligence Threat Indicators", - "templateRelativePath": "GreyNoiseOverview.json", - "subtitle": "", - "provider": "GreyNoise Intelligence, Inc." -}, -{ - "workbookKey": "WizFindingsWorkbook", - "logoFileName": "Wiz_logo.svg", - "description": "A visualized overview of Wiz Findings.\nExplore, analize and learn about your security posture using Wiz Findings Overview", - "dataTypesDependencies": [ - "WizIssues_CL", - "WizVulnerabilities_CL", - "WizAuditLogs_CL", - "WizIssuesV2_CL", - "WizVulnerabilitiesV2_CL", - "WizAuditLogs_CL" - ], - "dataConnectorsDependencies": [ - "Wiz" - ], - "previewImagesFileNames": [ - "WizFindingsBlack1.png", - "WizFindingsBlack2.png", - "WizFindingsBlack3.png", - "WizFindingsWhite1.png", - "WizFindingsWhite2.png", - "WizFindingsWhite3.png" - ], - "version": "2.0.0", - "title": "Wiz Findings overview", - "templateRelativePath": "WizFindings.json", - "subtitle": "", - "provider": "Wiz" -}, -{ - "workbookKey": "ThreatConnectOverviewWorkbook", - "logoFileName": "ThreatConnect.svg", - "description": "This workbook provides visualization of ThreatConnect threat indicators which are ingested in the Microsoft Sentinel Threat intelligence.", - "dataTypesDependencies": [ - "ThreatIntelligenceIndicator" - ], - "dataConnectorsDependencies": [ - "ThreatIntelligence" - ], - "previewImagesFileNames": [ - "ThreatConnectOverviewBlack.png", - "ThreatConnectOverviewWhite.png" - ], - "version": "1.0.0", - "title": "ThreatConnect Overview Workbook", - "templateRelativePath": "ThreatConnectOverview.json", - "subtitle": "", - "provider": "ThreatConnect, Inc." -}, -{ - "workbookKey": "Sentinel_Central", - "logoFileName": "Azure_Sentinel.svg", - "description": "Use this report to view Incident (and Alert data) across many workspaces, this works with Azure Lighthouse and across any subscription you have access to.", - "dataTypesDependencies": ["SecurityEvent"], - "dataConnectorsDependencies": ["IdentityAndAccessWhite.png", "IdentityAndAccessBlack.png"], - "previewImagesFileNames": [ "SentinelCentralBlack.png", "SentinelCentralWhite.png"], - "version": "2.1.2", - "title": "Sentinel Central", - "templateRelativePath": "Sentinel_Central.json", - "subtitle": "", - "provider": "Microsoft Sentinel community", - "support": { - "tier": "Community" - }, - "author": { - "name": "Clive Watson" - }, - "source": { - "kind": "Community" - }, - "categories": { - "domains": [ - "Security" - ] - } -}, -{ - "workbookKey": "AuthomizeWorkbook", - "logoFileName": "Authomize.svg", - "description": "Manage your Authorization Security Lifecycle across all XaaS environments and Private Clouds. Using Authomize AI-based engine continuously monitor the relationships between identities and assets and gain insight into security risks and events.", - "dataTypesDependencies": [ "Authomize_v2_CL" ], - "dataConnectorsDependencies": [ "Authomize" ], - "previewImagesFileNames": [ "AuthomizeITDREventMonitoring-Black.png", "AuthomizeITDREventMonitoring-White.png" ], - "version": "1.0.0", - "title": "Authomize ITDR Event Monitoring for Identities", - "templateRelativePath": "Authomize.json", - "subtitle": "", - "provider": "Authomize" - }, -{ - "workbookKey": "GigamonConnector", - "logoFileName": "gigamon.svg", - "description": "A visualized overview of Gigamon AMX Data Connector .\nExplore, analize and learn about your security posture using Gigamon AMX data connector Overview.", - "dataTypesDependencies": [ - "Gigamon_CL" - ], - "dataConnectorsDependencies": [ - "GigamonDataConnector" - ], - "previewImagesFileNames": [ - "GigamonWorkbookBlack.png", - "GigamonWorkbookWhite.png" - ], - "version": "1.0.0", - "title": "Gigamon Workbook", - "templateRelativePath": "Gigamon.json", - "subtitle": "", - "provider": "Gigamon" -}, -{ - "workbookKey": "PrancerSentinelAnalyticsWorkbook", - "description": "Monitor and analyze Prancer PAC and CSPM scan results.", - "logoFileName": "Prancer.svg", - "dataTypesDependencies": [ - "prancer_CL" - ], - "dataConnectorsDependencies": [ - "PrancerLogData" - ], - "previewImagesFileNames": [ - "PrancerBlack.png", - "PrancerWhite.png" - ], - "version": "1.0.0", - "title": "Prancer Microsoft Sentinel Analytics Workbook", - "templateRelativePath": "PrancerSentinelAnalytics.json", - "subtitle": "", - "provider": "Prancer" -}, -{ -"workbookKey": "ValenceSecurityAlertsWorkbook", -"logoFileName": "ValenceSecurityLogo.svg", -"description": "SaaS security alerts from Valence Security.", -"dataTypesDependencies": [ - "ValenceAlert_CL" -], -"dataConnectorsDependencies": [ - "ValenceSecurity" -], -"previewImagesFileNames": [ - "ValenceAlertsBlack.png", - "ValenceAlertsWhite.png" -], -"version": "1.0.0", -"title": "Valence Security Alerts Workbook", -"templateRelativePath": "ValenceAlertsWorkbook.json", -"subtitle": "", -"provider": "Valence Security" -}, -{ -"workbookKey": "MalwareProtectionEssentialsWorkbook", -"logoFileName": "Azure_Sentinel.svg", -"description": "This workbook provides details about Suspicious Malware Activities from File, Process and Registry events generated by EDR (Endpoint Detection and Response) solutions.", -"dataTypesDependencies": ["_ASim_FileEvent", "_ASim_ProcessEvent"], -"previewImagesFileNames": [ - "MalwareProtectionEssentialsWhite.png", - "MalwareProtectionEssentialsBlack.png" -], -"version": "1.0.0", -"title": "Malware Protection Essentials", -"templateRelativePath": "MalwareProtectionEssentialsWorkbook.json", -"subtitle": "", -"provider": "Microsoft Sentinel community" -}, -{ - "workbookKey": "VaronisSaaSWorkbook", - "logoFileName": "VaronisLogo.svg", - "description": "Security alerts from Varonis SaaS", - "dataTypesDependencies": [ - "VaronisAlerts_CL" - ], - "dataConnectorsDependencies": [ - "VaronisSaaS" - ], - "previewImagesFileNames": [ - "VaronisSaaSAssetsBlack.png", - "VaronisSaaSAssetsWhite.png", - "VaronisSaaSDevicesBlack.png", - "VaronisSaaSDevicesWhite.png", - "VaronisSaaSMainBlack.png", - "VaronisSaaSMainWhite.png", - "VaronisSaaSThreatsBlack.png", - "VaronisSaaSThreatsWhite.png", - "VaronisSaaSUsersBlack.png", - "VaronisSaaSUsersWhite.png" - ], - "version": "1.0.0", - "title": "Varonis SaaS Workbook", - "templateRelativePath": "VaronisSaaS.json", - "subtitle": "", - "provider": "Varonis" - }, - { - "workbookKey": "FortinetFortiNdrCloudWorkbook", - "logoFileName": "fortinet_logo.svg", - "description": "Gain insights into Fortinet FortiNDR CLoud events, including the Suricata, Observation and Detections data.", - "dataTypesDependencies": [ - "FncEventsSuricata_CL", - "FncEventsObservation_CL", - "FncEventsDetections_CL" - ], - "dataConnectorsDependencies": [ - "FortinetFortiNdrCloudDataConnector" - ], - "previewImagesFileNames": [ - "FncDetectionDashboardBlack.png", - "FncDetectionDashboardWhite.png", - "FncObservationDashboardBlack.png", - "FncObservationDashboardWhite.png", - "FncSuricataDashboardBlack.png", - "FncSuricataDashboardWhite.png", - "FncMainDashboardBlack.png", - "FncMainDashboardWhite.png" - ], - "version": "1.0.0", - "title": "FortiNDR Cloud", - "templateRelativePath": "FortinetFortiNdrCloudWorkbook.json", - "subtitle": "", - "provider": "Fortinet" -}, - { - "workbookKey": "WithSecureTopComputersByInfection", - "logoFileName": "WithSecure.svg", - "description": "Top 3 computers by amount of infections.", - "dataTypesDependencies": [ "WsSecurityEvents_CL" ], - "dataConnectorsDependencies": ["WithSecureElementsViaFunction"], - "previewImagesFileNames": ["WithSecureTopComputersByInfectionsBlack.png", "WithSecureTopComputersByInfectionsWhite.png"], - "version": "1.0", - "title": "WithSecure - Top computers by infections", - "templateRelativePath": "WithSecureTopComputersByInfections.json", - "subtitle": "", - "provider": "WithSecure" - }, - { - "workbookKey": "AzureOpenAIMonitoring", - "logoFileName": "", - "description": "Welcome to this Azure OpenAI Monitoring Workbook\n#### This workbook will help to monitor your Azure Open AI Instances\n\n** Please enable diagnostics settings for the Open AI instance to view the workbook.", - "dataTypesDependencies": [], - "dataConnectorsDependencies": [], - "previewImagesFileNames": ["AzureOpenAIMonitoringWhite.PNG", "AzureOpenAIMonitoringBlack.PNG"], - "version": "1.0", - "title": "Azure OpenAI Monitoring Workbook", - "templateRelativePath": "AzureOpenAIMonitoring.json", - "subtitle": "", - "provider": "Microsoft Sentinel Community" - }, - { - "workbookKey": "SonicWallWorkbook", - "logoFileName": "sonicwall_logo.svg", - "description": "A collection of queries to provide visibility into the events reported by your SonicWall firewalls.", - "dataTypesDependencies": [ - "CommonSecurityLog", - "ASimNetworkSessionSonicWallFirewall" - ], - "dataConnectorsDependencies": [ - "SonicWallFirewall", - "CefAma" - ], - "previewImagesFileNames": [ - "SonicWallWorkbookWhite.png", - "SonicWallWorkbookBlack.png" - ], - "version": "1.0.0", - "title": "SonicWall Workbook", - "templateRelativePath": "SonicWallFirewall.json", - "subtitle": "", - "provider": "SonicWall" - }, - { - "workbookKey": "AzureServiceHealthWorkbook", - "logoFileName": "", - "description": "A collection of queries to provide visibility into Azure Service Health across the subscriptions.", - "dataTypesDependencies": [ - "AzureActivity" - ], - "dataConnectorsDependencies": [ - "AzureActivity" - ], - "previewImagesFileNames": [ - "AzureServiceHealthWhite.png", - "AzureServiceHealthBlack.png" - ], - "version": "1.0.0", - "title": "Azure Service Health Workbook", - "templateRelativePath": "AzureServiceHealthWorkbook.json", - "subtitle": "", - "provider": "Microsoft Sentinel Community" - }, - { - "workbookKey": "EgressPreventMetricWorkbook", - "logoFileName": "Egress-logo.svg", - "description": "A workbook providing insights into Egress Defend.", - "dataTypesDependencies": ["EgressEvents_CL"], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "EgressPreventWorkbookBlack01.png", - "EgressPreventWorkbookWhite01.png" - ], - "version": "1.0.0", - "title": "Egress Defend Insights", - "templateRelativePath": "PreventWorkbook.json", - "subtitle": "Iris Prevent Metrics", - "provider": "Egress Software Technologies" - - }, - { - "workbookKey": "NetskopeDashboard", - "logoFileName": "Netskope.svg", - "description": "A workbook providing insights into Netskope Alerts, Events and WebTransactions.", - "dataConnectorsDependencies": ["NetskopeDataConnector"], - "dataTypesDependencies": [ - "eventsapplicationdata_CL", - "alertscompromisedcredentialdata_CL", - "alertsctepdata_CL", - "alertsdlpdata_CL", - "alertsmalsitedata_CL", - "alertsmalwaredata_CL", - "alertspolicydata_CL", - "alertsquarantinedata_CL", - "alertsremediationdata_CL", - "alertssecurityassessmentdata_CL", - "alertsubadata_CL", - "NetskopeWebtxData_CL" - ], - "previewImagesFileNames": [ - "NetskopeDashboardBlack1.png", - "NetskopeDashboardBlack2.png", - "NetskopeDashboardBlack3.png", - "NetskopeDashboardWhite1.png", - "NetskopeDashboardWhite2.png", - "NetskopeDashboardWhite3.png" - ], - "version": "1.0.0", - "title": "NetskopeDashboard", - "templateRelativePath": "NetskopeDashboard.json", - "subtitle": "Netskope Dashboard for Alerts, Events and WebTransactions", - "provider": "Netskope" - }, - { - "workbookKey": "BitwardenEventLogsOrganization", - "logoFileName": "Bitwarden.svg", - "description": "This workbook provides insights on Bitwarden Organizations Event Logs.", - "dataConnectorsDependencies": [ - "BitwardenEventLogs" - ], - "dataTypesDependencies": [ - "BitwardenEventLogs_CL", - "BitwardenGroups_CL", - "BitwardenMembers_CL" - ], - "previewImagesFileNames": [ - "BitwardenEventLogsOrganizationWhite1.png", - "BitwardenEventLogsOrganizationWhite2.png", - "BitwardenEventLogsOrganizationBlack1.png", - "BitwardenEventLogsOrganizationBlack2.png" - ], - "version": "1.0.0", - "title": "Bitwarden Organization Events", - "templateRelativePath": "BitwardenEventLogsOrganization.json", - "subtitle": "", - "provider": "Bitwarden" - }, - { - "workbookKey": "BitwardenEventLogsAuthentication", - "logoFileName": "Bitwarden.svg", - "description": "This workbook provides insights on Bitwarden Authentication Event Logs.", - "dataConnectorsDependencies": [ - "BitwardenEventLogs" - ], - "dataTypesDependencies": [ - "BitwardenEventLogs_CL", - "BitwardenGroups_CL", - "BitwardenMembers_CL" - ], - "previewImagesFileNames": [ - "BitwardenEventLogsAuthenticationWhite1.png", - "BitwardenEventLogsAuthenticationWhite2.png", - "BitwardenEventLogsAuthenticationBlack1.png", - "BitwardenEventLogsAuthenticationBlack2.png" - ], - "version": "1.0.0", - "title": "Bitwarden Authentication Events", - "templateRelativePath": "BitwardenEventLogsAuthentication.json", - "subtitle": "", - "provider": "Bitwarden" - }, - { - "workbookKey": "BitwardenEventLogsVaultItems", - "logoFileName": "Bitwarden.svg", - "description": "This workbook provides insights on Bitwarden Vault Items Event Logs.", - "dataConnectorsDependencies": [ - "BitwardenEventLogs" - ], - "dataTypesDependencies": [ - "BitwardenEventLogs_CL", - "BitwardenGroups_CL", - "BitwardenMembers_CL" - ], - "previewImagesFileNames": [ - "BitwardenEventLogsVaultItemsWhite1.png", - "BitwardenEventLogsVaultItemsWhite2.png", - "BitwardenEventLogsVaultItemsBlack1.png", - "BitwardenEventLogsVaultItemsBlack2.png" - ], - "version": "1.0.0", - "title": "Bitwarden Vault Items Events", - "templateRelativePath": "BitwardenEventLogsVaultItems.json", - "subtitle": "", - "provider": "Bitwarden" - }, - { - "workbookKey": "CodelessConnectorBuilder", - "logoFileName": "Azure_Sentinel.svg", - "description": "Create custom codeless connectors on demand with this UI-like workbook. Templates can be generated by going step by step in this workbook while filling out the different values.", - "dataTypesDependencies": [], - "previewImagesFileNames": [ - "CodelessConnectorBuilderBlack.png", - "CodelessConnectorBuilderWhite.png" - ], - "version": "1.0.0", - "title": "Codeless Connector Builder", - "templateRelativePath": "CodelessConnectorBuilder.json", - "subtitle": "", - "provider": "Microsoft Sentinel Community" - }, - { - "workbookKey": "IllumioAuditableEventsWorkbook", - "logoFileName": "IllumioLogo.svg", - "description": "A collection of queries to provide visibility into auditable events reported by Illumio.", - "dataTypesDependencies": [ - "Illumio_Auditable_Events_CL" - ], - "dataConnectorsDependencies": [ - "IllumioSaaSDataConnector" - ], - "previewImagesFileNames": [ - "IllumioAuditableEventsBlack.png", - "IllumioAuditableEventsWhite.png" - ], - "version": "1.0.0", - "title": "Illumio Auditable Events Workbook", - "templateRelativePath": "IllumioAuditableEvents.json", - "subtitle": "", - "provider": "Illumio" - }, - { - "workbookKey": "IllumioFlowEventsWorkbook", - "logoFileName": "IllumioLogo.svg", - "description": "A collection of queries to provide visibility into the flow events reported by Illumio.", - "dataTypesDependencies": [ - "Illumio_Flows_Events_CL" - ], - "dataConnectorsDependencies": [ - "IllumioSaaSDataConnector" - ], - "previewImagesFileNames": [ - "IllumioFlowEventsBlack.png", - "IllumioFlowEventsWhite.png" - ], - "version": "1.0.0", - "title": "Illumio Flow Data Workbook", - "templateRelativePath": "IllumioFlowData.json", - "subtitle": "", - "provider": "Illumio" - }, - { - "workbookKey": "IllumioWorkloadsStatsWorkbook", - "logoFileName": "IllumioLogo.svg", - "description": "This workbook leverages workloads api of Illumio and presents insights", - "dataTypesDependencies": [ - "Illumio_Workloads_Summarized_API_CL" - ], - "dataConnectorsDependencies": [ - "IllumioSaaSDataConnector" - ], - "previewImagesFileNames": [ - "IllumioWorkloadsSummarizedBlack.png", - "IllumioWorkloadsSummarizedWhite.png" - ], - "version": "1.1.0", - "title": "Illumio Workload Stats Workbook", - "templateRelativePath": "IllumioWorkloadsStats.json", - "subtitle": "", - "provider": "Illumio" - }, - { - "workbookKey": "CEFOverview", - "logoFileName": "Azure_Sentinel.svg", - "description": "This Workbook gives an overview of ingestion of logs in the CommonSecurityLog table.", - "dataTypesDependencies": ["CommonSecurityLog"], - "dataConnectorsDependencies": [], - "previewImagesFileNames": [ - "CEFOverviewWhite.png", - "CEFOverviewBlack.png" - ], - "version": "1.0.0", - "title": "Common Event Format Logs Overview", - "templateRelativePath": "CEFOverviewWorkbook.json", - "provider": "", - "support": { - "tier": "Microsoft" - }, - "author": { - "name": "Microsoft" - }, - "categories": { - "domains": ["IT Operations"] - } - }, - { - "workbookKey": "TenableIEIoA", - "logoFileName": "Tenable.svg", - "description": "This workbook providing insights into Tenable Indicators of Attack", - "dataTypesDependencies": [ - "Tenable_IE_CL" - ], - "dataConnectorsDependencies": [ - "TenableIE" - ], - "previewImagesFileNames": [ - "TenableIEIoABlack1.png", - "TenableIEIoABlack2.png", - "TenableIEIoABlack3.png", - "TenableIEIoAWhite1.png", - "TenableIEIoAWhite2.png", - "TenableIEIoAWhite3.png" - ], - "version": "1.0.0", - "title": "TIE IOA workbook", - "templateRelativePath": "TenableIEIoA.json", - "subtitle": "", - "provider": "Tenable" - }, - { - "workbookKey": "TenableIEIoE", - "logoFileName": "Tenable.svg", - "description": "This workbook providing insights into Tenable Indicators of Exposure", - "dataTypesDependencies": [ - "Tenable_IE_CL" - ], - "dataConnectorsDependencies": [ - "TenableIE" - ], - "previewImagesFileNames": [ - "TenableIEIoEBlack1.png", - "TenableIEIoEBlack2.png", - "TenableIEIoEBlack3.png", - "TenableIEIoEWhite1.png", - "TenableIEIoEWhite2.png", - "TenableIEIoEWhite3.png" - ], - "version": "1.0.0", - "title": "TIE IOE workbook", - "templateRelativePath": "TenableIEIoE.json", - "subtitle": "", - "provider": "Tenable" - }, - { - "workbookKey": "SyslogConnectorsOverviewWorkbook", - "logoFileName": "Azure_Sentinel.svg", - "description": "This Workbook gives an overview of ingestion of logs into Syslog table via Syslog based dataconnectors such as AMA agent", - "dataTypesDependencies": [ - "Syslog" - ], - "dataConnectorsDependencies": [ - "Syslog", - "SyslogAma" - ], - "previewImagesFileNames": [""], - "version": "1.0.0", - "title": "Syslog Connectors Overview Workbook", - "templateRelativePath": "SyslogConnectorsOverviewWorkbook.json", - "subtitle": "", - "provider": "-------" - }, - { - "workbookKey": "PhishingAnalysis", - "logoFileName": "Azure_Sentinel.svg", - "description": "This Workbook fetches data from MDO tables and provides a comphrehensive overview for Phishing Analysis", - "dataTypesDependencies": [ - - ], - "dataConnectorsDependencies": [ - - ], - "previewImagesFileNames": ["PhishingAnalysisWhite.png","PhishingAnalysisBlack.png"], - "version": "1.0.0", - "title": "Phishing Analysis", - "templateRelativePath": "PhishingAnalysis.json", - "subtitle": "", - "provider": "DSR" - }, - { - "workbookKey": "GSANetworkTraffic", - "logoFileName": "gsa.svg", - "description": "Microsoft Global Secure Access Traffic Logs", - "dataTypesDependencies": [], - "dataConnectorsDependencies": [ - "AzureActiveDirectory" - ], - "previewImagesFileNames": [ - "GSATrafficLogsWhite.png", - "GSATrafficLogsBlack.png" - ], - "version": "1.0.0", - "title": "Microsoft Global Secure Access Traffic Logs", - "templateRelativePath": "GSANetworkTraffic.json", - "provider": "Microsoft", - "author": { - "name": "Microsoft" - }, - "workbookKey": "GSAM365EnrichedEvents", - "logoFileName": "gsa.svg", - "description": "This Workbook gives an overview of ingestion of logs in the CommonSecurityLog table.", - "dataTypesDependencies": [], - "dataConnectorsDependencies": [ - "AzureActiveDirectory" - ], - "previewImagesFileNames": [ - "GSAEnrichedLogsWhite.png", - "GSAEnrichedLogsBlack.png" - ], - "version": "1.0.0", - "title": "Microsoft Global Secure Access Enriched M365 Logs", - "templateRelativePath": "GSAM365EnrichedEvents.json", - "provider": "Microsoft", - "author": { - "name": "Microsoft" - } - } + ] + } + }, + { + "workbookKey": "TenableIEIoA", + "logoFileName": "Tenable.svg", + "description": "This workbook providing insights into Tenable Indicators of Attack", + "dataTypesDependencies": [ + "Tenable_IE_CL" + ], + "dataConnectorsDependencies": [ + "TenableIE" + ], + "previewImagesFileNames": [ + "TenableIEIoABlack1.png", + "TenableIEIoABlack2.png", + "TenableIEIoABlack3.png", + "TenableIEIoAWhite1.png", + "TenableIEIoAWhite2.png", + "TenableIEIoAWhite3.png" + ], + "version": "1.0.0", + "title": "TIE IOA workbook", + "templateRelativePath": "TenableIEIoA.json", + "subtitle": "", + "provider": "Tenable" + }, + { + "workbookKey": "TenableIEIoE", + "logoFileName": "Tenable.svg", + "description": "This workbook providing insights into Tenable Indicators of Exposure", + "dataTypesDependencies": [ + "Tenable_IE_CL" + ], + "dataConnectorsDependencies": [ + "TenableIE" + ], + "previewImagesFileNames": [ + "TenableIEIoEBlack1.png", + "TenableIEIoEBlack2.png", + "TenableIEIoEBlack3.png", + "TenableIEIoEWhite1.png", + "TenableIEIoEWhite2.png", + "TenableIEIoEWhite3.png" + ], + "version": "1.0.0", + "title": "TIE IOE workbook", + "templateRelativePath": "TenableIEIoE.json", + "subtitle": "", + "provider": "Tenable" + }, + { + "workbookKey": "SyslogConnectorsOverviewWorkbook", + "logoFileName": "Azure_Sentinel.svg", + "description": "This Workbook gives an overview of ingestion of logs into Syslog table via Syslog based dataconnectors such as AMA agent", + "dataTypesDependencies": [ + "Syslog" + ], + "dataConnectorsDependencies": [ + "Syslog", + "SyslogAma" + ], + "previewImagesFileNames": [ + "" + ], + "version": "1.0.0", + "title": "Syslog Connectors Overview Workbook", + "templateRelativePath": "SyslogConnectorsOverviewWorkbook.json", + "subtitle": "", + "provider": "-------" + }, + { + "workbookKey": "PhishingAnalysis", + "logoFileName": "Azure_Sentinel.svg", + "description": "This Workbook fetches data from MDO tables and provides a comphrehensive overview for Phishing Analysis", + "dataTypesDependencies": [], + "dataConnectorsDependencies": [], + "previewImagesFileNames": [ + "PhishingAnalysisWhite.png", + "PhishingAnalysisBlack.png" + ], + "version": "1.0.0", + "title": "Phishing Analysis", + "templateRelativePath": "PhishingAnalysis.json", + "subtitle": "", + "provider": "DSR" + }, + { + "workbookKey": "GSANetworkTraffic", + "logoFileName": "gsa.svg", + "description": "This workbook provides an overview of all traffic logs within your network, offering insights into data transfer, anomalies, and potential threats.", + "dataTypesDependencies": [], + "dataConnectorsDependencies": [ + "AzureActiveDirectory" + ], + "previewImagesFileNames": [ + "GSATrafficLogsWhite.png", + "GSATrafficLogsBlack.png" + ], + "version": "1.0.0", + "title": "Microsoft Global Secure Access Traffic Logs", + "templateRelativePath": "GSANetworkTraffic.json", + "subtitle": "", + "provider": "Microsoft" + }, + { + "workbookKey": "GSAM365EnrichedEvents", + "logoFileName": "gsa.svg", + "description": "This Workbook provides a detailed view of Microsoft 365 log data, enriched with contextual information to enhance visibility into user activities and potential security threats.", + "dataTypesDependencies": [], + "dataConnectorsDependencies": [ + "AzureActiveDirectory" + ], + "previewImagesFileNames": [ + "GSAEnrichedLogsWhite.png", + "GSAEnrichedLogsBlack.png" + ], + "version": "1.0.0", + "title": "Microsoft Global Secure Access Enriched M365 Logs", + "templateRelativePath": "GSAM365EnrichedEvents.json", + "provider": "Microsoft" + } ] \ No newline at end of file

    • Review the solution Release Notes