Unable to download deployment content from vimFileEventMicrosoftSysmonCreated

[jeffrywu28]

You must update your templates because vimFileEventMicrosoftSysmonCreated and vimFileEventMicrosoftSysmonDeleted no longer available but now updated to vimFileEventMicrosoftSysmon. { "code": "MultipleErrorsOccurred", "details": [ { "code": "InvalidContentLink", "message": "Unable to download deployment content from 'https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Parsers/ASimFileEvent/ARM/vimFileEventMicrosoftSysmonCreated/vimFileEventMicrosoftSysmonCreated.json'. The tracking Id is 'fa2e7104-634a-4526-b186-f9e7b0dc7930'. Please see https://aka.ms/arm-deploy-resources for usage details." }, { "code": "InvalidContentLink", "message": "Unable to download deployment content from 'https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Parsers/ASimFileEvent/ARM/vimFileEventMicrosoftSysmonDeleted/vimFileEventMicrosoftSysmonDeleted.json'. The tracking Id is 'fa2e7104-634a-4526-b186-f9e7b0dc7930'. Please see https://aka.ms/arm-deploy-resources for usage details." } ], "message": "Multiple error occurred: BadRequest,BadRequest. Please see details." }

[ferhnrique]

Same issue here. Just tried to deploy the Sentinel+Win10+AD template, and got this error.

[hjorrip]

Same issue here. Used the "Microsoft Sentinel + Win10 + AD + WEC" template. Got this error:

{"code":"DeploymentFailed","message":"At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/arm-deployment-operations for usage details.","details":[{"code":"Conflict","message":"{\r\n \"status\": \"Failed\",\r\n \"error\": {\r\n \"code\": \"ResourceDeploymentFailure\",\r\n \"message\": \"The resource write operation failed to complete successfully, because it reached terminal provisioning state 'Failed'.\",\r\n \"details\": [\r\n {\r\n \"code\": \"DeploymentFailed\",\r\n \"message\": \"At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/arm-deployment-operations for usage details.\",\r\n \"details\": [\r\n {\r\n \"code\": \"Conflict\",\r\n \"message\": \"{\r\n \\"status\\": \\"Failed\\",\r\n \\"error\\": {\r\n \\"code\\": \\"ResourceDeploymentFailure\\",\r\n \\"message\\": \\"The resource write operation failed to complete successfully, because it reached terminal provisioning state 'Failed'.\\",\r\n \\"details\\": [\r\n {\r\n \\"code\\": \\"VMExtensionProvisioningError\\",\r\n \\"message\\": \\"VM has reported a failure when processing extension 'PowerShellDSC' (publisher 'Microsoft.Powershell' and type 'DSC'). Error message: \\\\"DSC Configuration 'Install-Sysmon' completed with error(s). Following are the first few: PowerShell DSC resource DSC_xScriptResource failed to execute Set-TargetResource functionality with error message: System.InvalidOperationException: The set script threw an error. ---> Microsoft.PowerShell.Commands.ServiceCommandException: Service 'Sysmon (sysmon)' cannot be stopped due to the following error: Cannot stop sysmon service on computer '.'. ---> System.InvalidOperationException: Cannot stop sysmon service on computer '.'. ---> System.ComponentModel.Win32Exception: Access is denied\\r\\n --- End of inner exception stack trace ---\\r\\n at System.ServiceProcess.ServiceController.Stop()\\r\\n at Microsoft.PowerShell.Commands.ServiceOperationBaseCommand.DoStopService(ServiceController serviceController, Boolean force, Boolean waitForServiceToStop)\\r\\n --- End of inner exception stack trace ---\\r\\n --- End of inner exception stack trace --- The SendConfigurationApply function did not succeed.\\\\". More information on troubleshooting is available at https://aka.ms/VMExtensionDSCWindowsTroubleshoot. \\"\r\n }\r\n ]\r\n }\r\n}\"\r\n }\r\n ]\r\n }\r\n ]\r\n }\r\n}"},{"code":"Conflict","message":"{\r\n \"status\": \"Failed\",\r\n \"error\": {\r\n \"code\": \"ResourceDeploymentFailure\",\r\n \"message\": \"The resource write operation failed to complete successfully, because it reached terminal provisioning state 'Failed'.\",\r\n \"details\": [\r\n {\r\n \"code\": \"DeploymentFailed\",\r\n \"message\": \"At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/arm-deployment-operations for usage details.\",\r\n \"details\": [\r\n {\r\n \"code\": \"Conflict\",\r\n \"message\": \"{\r\n \\"status\\": \\"Failed\\",\r\n \\"error\\": {\r\n \\"code\\": \\"ResourceDeploymentFailure\\",\r\n \\"message\\": \\"The resource write operation failed to complete successfully, because it reached terminal provisioning state 'Failed'.\\",\r\n \\"details\\": [\r\n {\r\n \\"code\\": \\"DeploymentFailed\\",\r\n \\"message\\": \\"At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/arm-deployment-operations for usage details.\\",\r\n \\"details\\": [\r\n {\r\n \\"code\\": \\"Conflict\\",\r\n \\"message\\": \\"{\\r\\n \\\\"status\\\\": \\\\"Failed\\\\",\\r\\n \\\\"error\\\\": {\\r\\n \\\\"code\\\\": \\\\"ResourceDeploymentFailure\\\\",\\r\\n \\\\"message\\\\": \\\\"The resource write operation failed to complete successfully, because it reached terminal provisioning state 'Failed'.\\\\",\\r\\n \\\\"details\\\\": [\\r\\n {\\r\\n \\\\"code\\\\": \\\\"VMExtensionProvisioningError\\\\",\\r\\n \\\\"message\\\\": \\\\"VM has reported a failure when processing extension 'PowerShellDSC' (publisher 'Microsoft.Powershell' and type 'DSC'). Error message: \\\\\\\\"DSC Configuration 'Install-Sysmon' completed with error(s). Following are the first few: PowerShell DSC resource DSC_xScriptResource failed to execute Set-TargetResource functionality with error message: System.InvalidOperationException: The set script threw an error. ---> Microsoft.PowerShell.Commands.ServiceCommandException: Service 'Sysmon (sysmon)' cannot be stopped due to the following error: Cannot stop sysmon service on computer '.'. ---> System.InvalidOperationException: Cannot stop sysmon service on computer '.'. ---> System.ComponentModel.Win32Exception: Access is denied\\\\r\\\\n --- End of inner exception stack trace ---\\\\r\\\\n at System.ServiceProcess.ServiceController.Stop()\\\\r\\\\n at Microsoft.PowerShell.Commands.ServiceOperationBaseCommand.DoStopService(ServiceController serviceController, Boolean force, Boolean waitForServiceToStop)\\\\r\\\\n --- End of inner exception stack trace ---\\\\r\\\\n --- End of inner exception stack trace --- The SendConfigurationApply function did not succeed.\\\\\\\\". More information on troubleshooting is available at https://aka.ms/VMExtensionDSCWindowsTroubleshoot. \\\\"\\r\\n }\\r\\n ]\\r\\n }\\r\\n}\\"\r\n }\r\n ]\r\n }\r\n ]\r\n }\r\n}\"\r\n }\r\n ]\r\n }\r\n ]\r\n }\r\n}"}]}