Closed cgiamp closed 1 year ago
github-actions[bot]
commented
1 year ago Thank you for submitting an Issue to the Azure Sentinel GitHub repo! You should expect an initial response to your Issue from the team within 5 business days. Note that this response may be delayed during holiday periods. For urgent, production-affecting issues please raise a support ticket via the Azure Portal.
github-actions[bot]
commented
1 year ago Thank you for submitting an Issue to the Azure Sentinel GitHub repo! You should expect an initial response to your Issue from the team within 5 business days. Note that this response may be delayed during holiday periods. For urgent, production-affecting issues please raise a support ticket via the Azure Portal.
github-actions[bot]
commented
1 year ago Thank you for submitting an Issue to the Azure Sentinel GitHub repo! You should expect an initial response to your Issue from the team within 5 business days. Note that this response may be delayed during holiday periods. For urgent, production-affecting issues please raise a support ticket via the Azure Portal.
github-actions[bot]
commented
1 year ago Thank you for submitting an Issue to the Azure Sentinel GitHub repo! You should expect an initial response to your Issue from the team within 5 business days. Note that this response may be delayed during holiday periods. For urgent, production-affecting issues please raise a support ticket via the Azure Portal.
github-actions[bot]
commented
1 year ago Thank you for submitting an Issue to the Azure Sentinel GitHub repo! You should expect an initial response to your Issue from the team within 5 business days. Note that this response may be delayed during holiday periods. For urgent, production-affecting issues please raise a support ticket via the Azure Portal.
github-actions[bot]
commented
1 year ago Thank you for submitting an Issue to the Azure Sentinel GitHub repo! You should expect an initial response to your Issue from the team within 5 business days. Note that this response may be delayed during holiday periods. For urgent, production-affecting issues please raise a support ticket via the Azure Portal.
oshezaf
commented
1 year ago @v-amolpatil : ASIM tickets and issues should be assigned to Devika going forward.
github-actions[bot]
commented
1 year ago Thank you for submitting an Issue to the Azure Sentinel GitHub repo! You should expect an initial response to your Issue from the team within 5 business days. Note that this response may be delayed during holiday periods. For urgent, production-affecting issues please raise a support ticket via the Azure Portal.
devikamehra
commented
1 year ago @cgiamp Thank you so much for raising this issue. EventVendor is set to "Checkpoint" and EventProduct is set to "Firewall". This unique pair will identify the logs perfectly.
Please let me know if you have any more concerns.
github-actions[bot]
commented
1 year ago Thank you for submitting an Issue to the Azure Sentinel GitHub repo! You should expect an initial response to your Issue from the team within 5 business days. Note that this response may be delayed during holiday periods. For urgent, production-affecting issues please raise a support ticket via the Azure Portal.
Hi all,
How about adding something more descriptive into product on Checkpoint parser: https://github.com/Azure/Azure-Sentinel/blob/81cc5c26df0cf317b876d11fb2ea74c4f24a7ba5/Parsers/ASimNetworkSession/Parsers/ASimNetworkSessionCheckPointFirewall.yaml#L201 maybe something like "VPN-1 & FireWall-1" or "Checkpoint Firewall" just to avoid any misconceptions.