test

Solutions/NetApp Ransomware Resilience/Data/Solution_NetAppRansomwareResilience.json

@@ -0,0 +1,20 @@
+{
+    "Name": "NetApp Ransomware Resilience",
+    "Author": "NetApp - support@netapp.com",
+    "Title": "NetApp Ransomware Resilience",
+    "Logo": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/NetApp.svg\" alt=\"NetApp Logo\" width=\"75\" height=\"75\">",
+    "Description": "NetApp Ransomware Resilience - Comprehensive security solution for detecting and responding to ransomware threats across NetApp storage environments.",
+    "Playbooks": [
+        "Playbooks/NetApp-RansomwareResilience-Auth-Playbook/azuredeploy.json",
+        "Playbooks/NetApp-RansomwareResilience_Volume_Offline_Playbook/azuredeploy.json",
+        "Playbooks/NetApp-RansomwareResilience_Async_Poll_Playbook/azuredeploy.json",
+        "Playbooks/NetApp-RansomwareResilience_Volume_Snapshot_Playbook/azuredeploy.json",
+        "Playbooks/NetApp-RansomwareResilience_Enrich_StorageVM_Playbook/azuredeploy.json",
+        "Playbooks/NetApp-RansomwareResilience_Enrich_IP_Playbook/azuredeploy.json"
+    ],
+    "Version": "3.0.0",
+    "BasePath": "C:\\GitHub\\Azure-Sentinel\\solutions\\NetApp Ransomware Resilience",
+    "Metadata": "SolutionMetadata.json",
+    "TemplateSpec": true,
+    "StaticDataConnectorIds": []
+}

Solutions/NetApp Ransomware Resilience/Package/createUiDefinition.json

@@ -0,0 +1,89 @@
+{
+  "$schema": "https://schema.management.azure.com/schemas/0.1.2-preview/CreateUIDefinition.MultiVm.json#",
+  "handler": "Microsoft.Azure.CreateUIDef",
+  "version": "0.1.2-preview",
+  "parameters": {
+    "config": {
+      "isWizard": false,
+      "basics": {
+        "description": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/NetApp.svg\" alt=\"NetApp Logo\" width=\"75\" height=\"75\">\n\n**Note:** Please refer to the following before installing the solution: \n\n• Review the solution [Release Notes](https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/NetApp%20Ransomware%20Resilience/ReleaseNotes.md)\n\n • There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing.\n\nNetApp Ransomware Resilience - Comprehensive security solution for detecting and responding to ransomware threats across NetApp storage environments.\n\n**Playbooks:** 6\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)",
+        "subscription": {
+          "resourceProviders": [
+            "Microsoft.OperationsManagement/solutions",
+            "Microsoft.OperationalInsights/workspaces/providers/alertRules",
+            "Microsoft.Insights/workbooks",
+            "Microsoft.Logic/workflows"
+          ]
+        },
+        "location": {
+          "metadata": {
+            "hidden": "Hiding location, we get it from the log analytics workspace"
+          },
+          "visible": false
+        },
+        "resourceGroup": {
+          "allowExisting": true
+        }
+      }
+    },
+    "basics": [
+      {
+        "name": "getLAWorkspace",
+        "type": "Microsoft.Solutions.ArmApiControl",
+        "toolTip": "This filters by workspaces that exist in the Resource Group selected",
+        "condition": "[greater(length(resourceGroup().name),0)]",
+        "request": {
+          "method": "GET",
+          "path": "[concat(subscription().id,'/providers/Microsoft.OperationalInsights/workspaces?api-version=2020-08-01')]"
+        }
+      },
+      {
+        "name": "workspace",
+        "type": "Microsoft.Common.DropDown",
+        "label": "Workspace",
+        "placeholder": "Select a workspace",
+        "toolTip": "This dropdown will list only workspace that exists in the Resource Group selected",
+        "constraints": {
+          "allowedValues": "[map(filter(basics('getLAWorkspace').value, (filter) => contains(toLower(filter.id), toLower(resourceGroup().name))), (item) => parse(concat('{\"label\":\"', item.name, '\",\"value\":\"', item.name, '\"}')))]",
+          "required": true
+        },
+        "visible": true
+      }
+    ],
+    "steps": [
+      {
+        "name": "playbooks",
+        "label": "Playbooks",
+        "subLabel": {
+          "preValidation": "Configure the playbooks",
+          "postValidation": "Done"
+        },
+        "bladeTitle": "Playbooks",
+        "elements": [
+          {
+            "name": "playbooks-text",
+            "type": "Microsoft.Common.TextBlock",
+            "options": {
+              "text": "This solution installs the Playbook templates to help implement your Security Orchestration, Automation and Response (SOAR) operations. After installing the solution, these will be deployed under Playbook Templates in the Automation blade in Microsoft Sentinel. They can be configured and managed from the Manage solution view in Content Hub."
+            }
+          },
+          {
+            "name": "playbooks-link",
+            "type": "Microsoft.Common.TextBlock",
+            "options": {
+              "link": {
+                "label": "Learn more",
+                "uri": "https://docs.microsoft.com/azure/sentinel/tutorial-respond-threats-playbook?WT.mc_id=Portal-Microsoft_Azure_CreateUIDef"
+              }
+            }
+          }
+        ]
+      }
+    ],
+    "outputs": {
+      "workspace-location": "[first(map(filter(basics('getLAWorkspace').value, (filter) => and(contains(toLower(filter.id), toLower(resourceGroup().name)),equals(filter.name,basics('workspace')))), (item) => item.location))]",
+      "location": "[location()]",
+      "workspace": "[basics('workspace')]"
+    }
+  }
+}