search

Azure / Azure-Sentinel

Cloud-native SIEM for intelligent security analytics for your entire enterprise.
https://azure.microsoft.com/en-us/services/azure-sentinel/
MIT License
4.59k stars 3.01k forks source link

Issue with Tenable IO Solution Parser - TenableIOVulnerabilities.txt #6844

Closed NomadicSquirrel closed 1 year ago

NomadicSquirrel commented 1 year ago

Describe the bug

Repeatedly getting an error that there are multiple functions - "Detected multiple functions with the same name: 'TenableIOVulnerabilities'. Resolve the conflict to allow these functions to be used in a query. If the issue persists, please open a support ticket."

This was resolved by renaming the function in the KQL comment.

Solution file here: https://github.com/Azure/Azure-Sentinel/blob/74645a0f96ccfc8a89d6241d5bd7874078a378c2/Solutions/TenableIO/Parsers/TenableIOVulnerabilities.txt

To Reproduce Steps to reproduce the behavior:

  1. Deploy the Tenable App from the Content Hub
  2. Deploy the connector and the function parsers
  3. Go to "Logs"
  4. Attempt to call the function: TenableIOVulnerabilities

Expected behavior The function should be called appropriately without errors after a clean solution deployment.

Screenshots

CleanShot 2022-12-07 at 15 36 36@2x

CleanShot 2022-12-07 at 15 40 38@2x

Desktop (please complete the following information):

Smartphone (please complete the following information): N/A

Additional context N/A

github-actions[bot] commented 1 year ago

Thank you for submitting an Issue to the Azure Sentinel GitHub repo! You should expect an initial response to your Issue from the team within 5 business days. Note that this response may be delayed during holiday periods. For urgent, production-affecting issues please raise a support ticket via the Azure Portal.

github-actions[bot] commented 1 year ago

Thank you for submitting an Issue to the Azure Sentinel GitHub repo! You should expect an initial response to your Issue from the team within 5 business days. Note that this response may be delayed during holiday periods. For urgent, production-affecting issues please raise a support ticket via the Azure Portal.

github-actions[bot] commented 1 year ago

Thank you for submitting an Issue to the Azure Sentinel GitHub repo! You should expect an initial response to your Issue from the team within 5 business days. Note that this response may be delayed during holiday periods. For urgent, production-affecting issues please raise a support ticket via the Azure Portal.

github-actions[bot] commented 1 year ago

Thank you for submitting an Issue to the Azure Sentinel GitHub repo! You should expect an initial response to your Issue from the team within 5 business days. Note that this response may be delayed during holiday periods. For urgent, production-affecting issues please raise a support ticket via the Azure Portal.

github-actions[bot] commented 1 year ago

Thank you for submitting an Issue to the Azure Sentinel GitHub repo! You should expect an initial response to your Issue from the team within 5 business days. Note that this response may be delayed during holiday periods. For urgent, production-affecting issues please raise a support ticket via the Azure Portal.

v-laanjana commented 1 year ago

@NoMad-Actual Please delete function "TenableIOVulnerabilities" from logs>functions>Workspace functions> search and delete.

NomadicSquirrel commented 1 year ago

@NoMad-Actual Please delete function "TenableIOVulnerabilities" from logs>functions>Workspace functions> search and delete.

@v-laanjana - thank you for the reply. What are the steps after deleting the function?

v-laanjana commented 1 year ago

please install from content hub steps sentinel>content hub> search solution >reinstall

v-laanjana commented 1 year ago

@NoMad-Actual could you please acknowledge if your issue fixed?

NomadicSquirrel commented 1 year ago

Hello, I'm working with a client to get this tested.

Thank you!

v-laanjana commented 1 year ago

NoMad-Actual please updates us .

NomadicSquirrel commented 1 year ago

This solved the issue. Thank you for your support!

From: v-laanjana @.> Date: Monday, December 19, 2022 at 05:40 To: Azure/Azure-Sentinel @.> Cc: Ken Perkins @.>, Mention @.> Subject: Re: [Azure/Azure-Sentinel] Issue with Tenable IO Solution Parser - TenableIOVulnerabilities.txt (Issue #6844)

NoMad-Actual please updates us .

— Reply to this email directly, view it on GitHubhttps://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FAzure%2FAzure-Sentinel%2Fissues%2F6844%23issuecomment-1357441965&data=05%7C01%7Cken.perkins%40nomad-cyber.com%7C3209c56413b348d865da08dae1ad6c0c%7C35d3d56c584345c2ad3b810c4d9e9e1d%7C0%7C0%7C638070432233894472%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=7CVIpfwViJMi0PgxNNU7uhyMaZpMiy6TjGxxmveH5%2Fs%3D&reserved=0, or unsubscribehttps://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FA24PXYYDFGAMAYTYB6H3HT3WOA3RFANCNFSM6AAAAAASXKXU24&data=05%7C01%7Cken.perkins%40nomad-cyber.com%7C3209c56413b348d865da08dae1ad6c0c%7C35d3d56c584345c2ad3b810c4d9e9e1d%7C0%7C0%7C638070432233894472%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=9nfKj%2FDZvq5OLznSePNp5bZmBV2neKuyPvInM71I7e4%3D&reserved=0. You are receiving this because you were mentioned.Message ID: @.***>

v-dvedak commented 1 year ago

Closing the issue as it is resolved.

github-actions[bot] commented 1 year ago

Thank you for submitting an Issue to the Azure Sentinel GitHub repo! You should expect an initial response to your Issue from the team within 5 business days. Note that this response may be delayed during holiday periods. For urgent, production-affecting issues please raise a support ticket via the Azure Portal.