🧹Cleanup and rename analytic keys

Detections/Anomalies/UnusualAnomaly.yaml

@@ -9,7 +9,7 @@ queryPeriod: 4d
 triggerOperator: gt
 triggerThreshold: 0
 tactics: []
-techniques: []
+relevantTechniques: []
 query: |
   // You can leave out Anomalies that are already monitored through other Analytics Rules
   //let _MonitoredRules = dynamic(["TestAlertName"]);
@@ -41,5 +41,5 @@ alertDetailsOverride:
   alertDynamicProperties:
     - alertProperty: Techniques
       value: Techniques
-version: 1.0.3
+version: 1.0.4
 kind: Scheduled

Solutions/ARGOSCloudSecurity/Analytic Rules/ExploitableSecurityIssues.yaml

@@ -20,7 +20,6 @@ tactics:
   - InitialAccess
 relevantTechniques:
   - T1190
-alertRuleTemplateName:
 incidentConfiguration:
   createIncident: true
   groupingConfiguration:
@@ -42,4 +41,4 @@ entityMappings:
   fieldMappings:
   - identifier: Url
     columnName: url_s
-version: 1.0.3
+version: 1.0.4

Solutions/ARGOSCloudSecurity/Data/Solution_ArgosCloudSecurity.json

@@ -13,7 +13,7 @@
 		"Analytic Rules/ExploitableSecurityIssues.yaml"
 	],
 	"BasePath": "C:\\GitHub\\Azure-Sentinel\\Solutions\\ARGOSCloudSecurity",
-	"Version": "2.0.0",
+	"Version": "3.0.0",
 	"Metadata": "SolutionMetadata.json",
 	"TemplateSpec": true,
 	"Is1PConnector": false

Solutions/ARGOSCloudSecurity/Package/createUiDefinition.json

@@ -6,7 +6,7 @@
     "config": {
       "isWizard": false,
       "basics": {
-        "description": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Solutions/ARGOSCloudSecurity/Workbooks/images/logos/argos-logo.svg\" width=\"75px\" height=\"75px\">\n\n**Important:**_This Microsoft Sentinel Solution is currently in public preview. This feature is provided without a service level agreement, and it's not recommended for production workloads. Certain features might not be supported or might have constrained capabilities. For more information, see [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/)._\n\n\n\n**Note:** _There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing._\n\nThe ARGOS Cloud Security integration for Microsoft Sentinel allows you to have all your important cloud security events in one place. This enables you to easily create dashboards, alerts, and correlate events across multiple systems. Overall this will improve your organization's security posture and security incident response.\n\nMicrosoft Sentinel Solutions provide a consolidated way to acquire Microsoft Sentinel content like data connectors, workbooks, analytics, and automations in your workspace with a single deployment step.\n\n**Data Connectors:** 1, **Workbooks:** 1, **Analytic Rules:** 1\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)",
+        "description": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Solutions/ARGOSCloudSecurity/Workbooks/images/logos/argos-logo.svg\" width=\"75px\" height=\"75px\">\n\n**Important:**_This Microsoft Sentinel Solution is currently in public preview. This feature is provided without a service level agreement, and it's not recommended for production workloads. Certain features might not be supported or might have constrained capabilities. For more information, see [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/)._\n\n\n\n**Note:** Please refer to the following before installing the solution: \n\n• Review the solution [Release Notes](https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/ARGOSCloudSecurity/ReleaseNotes.md)\n\n • There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing.\n\nThe ARGOS Cloud Security integration for Microsoft Sentinel allows you to have all your important cloud security events in one place. This enables you to easily create dashboards, alerts, and correlate events across multiple systems. Overall this will improve your organization's security posture and security incident response.\n\nMicrosoft Sentinel Solutions provide a consolidated way to acquire Microsoft Sentinel content like data connectors, workbooks, analytics, and automations in your workspace with a single deployment step.\n\n**Data Connectors:** 1, **Workbooks:** 1, **Analytic Rules:** 1\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)",
         "subscription": {
           "resourceProviders": [
             "Microsoft.OperationsManagement/solutions",
@@ -60,7 +60,7 @@
             "name": "dataconnectors1-text",
             "type": "Microsoft.Common.TextBlock",
             "options": {
-              "text": "This Solution installs the data connector for ARGOSCloudSecurity. You can get ARGOSCloudSecurity custom log data in your Microsoft Sentinel workspace. Configure and enable this data connector in the Data Connector gallery after this Solution deploys. This data connector creates custom log table(s) ARGOS_CL in your Microsoft Sentinel / Azure Log Analytics workspace."
+              "text": "This Solution installs the data connector for ARGOSCloudSecurity. You can get ARGOSCloudSecurity custom log data in your Microsoft Sentinel workspace. After installing the solution, configure and enable this data connector by following guidance in Manage solution view."
             }
           },
           {
@@ -88,7 +88,7 @@
             "name": "workbooks-text",
             "type": "Microsoft.Common.TextBlock",
             "options": {
-              "text": "This Microsoft Sentinel Solution installs workbooks. Workbooks provide a flexible canvas for data monitoring, analysis, and the creation of rich visual reports within the Azure portal. They allow you to tap into one or many data sources from Microsoft Sentinel and combine them into unified interactive experiences."
+              "text": "This solution installs workbook(s) to help you gain insights into the telemetry collected in Microsoft Sentinel. After installing the solution, start using the workbook in Manage solution view."
             }
           },
           {
@@ -100,6 +100,20 @@
                 "uri": "https://docs.microsoft.com/azure/sentinel/tutorial-monitor-your-data"
               }
             }
+          },
+          {
+            "name": "workbook1",
+            "type": "Microsoft.Common.Section",
+            "label": "ARGOS Cloud Security",
+            "elements": [
+              {
+                "name": "workbook1-text",
+                "type": "Microsoft.Common.TextBlock",
+                "options": {
+                  "text": "The ARGOS Cloud Security integration for Microsoft Sentinel allows you to have all your important cloud security events in one place."
+                }
+              }
+            ]
           }
         ]
       },