Bug Report: Issue with Taxii Data Connectors

[Jd0dd]

Environment

Windows build number: [run "ver" at a command prompt]
PowerShell version (if applicable):

Any other software?

Steps to reproduce

Import-AzSentinelDataConnector -verbose

Expected behavior

Using the Import-AzSentinelDataConnector, list all of our data connectors in our subscription.

Actual behavior

I ran the Import-AzSentinelDataConnector -verbose and noticed we were getting no data from any of our GET requests from the api. We tried this against the 2020-01-01 api separately and there doesn't appear to be any data coming back.

I then tried this against the 2021-03-01-preview and we were able to retrieve our data for the data connectors.

Looks like the 2020-01-01 api is no longer suitable and should be updated in your Import-AzSentinelDataConnector.ps1

[callumCD]

I can confirm that I have seen this too. Microsoft appear not to no longer support Threat Intelligence Taxii's (list, create, update) in the 2020-01-01 API since early June 2021. However, they still support taxii's in the 2021-03-01-preview API.

The hard coding of the API version on line 354 of https://github.com/wortell/AZSentinel/blob/master/AzSentinel/Public/Import-AzSentinelDataConnector.ps1 is therefore not working anymore.