Add Rubrik Security Cloud Protection Status CCP Data Connector#13508
Add Rubrik Security Cloud Protection Status CCP Data Connector#13508marcusfaust wants to merge 23 commits intoAzure:masterfrom
Conversation
v-shukore
added
the
New Solution
|
@microsoft-github-policy-service agree company="Rubrik" |
|
Hi @marcusfaust Kindly refer to the below-mentioned solution for the correct folder structure and update the necessary changes. https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/Cloudflare%20CCF Thanks! |
|
Hi @marcusfaust Kindly review the above comments. Thanks! |
|
@v-maheshbh - Thank you for the review so far. We went ahead and updated the Solution Medatadata file as well as the release notes and have updated the PR. |
|
Hi @marcusfaust For the CCF connector, please ensure that all file names follow the required naming convention: SolutionName_PollerConfig Additionally, the solution must contain the package folder with the zip file included and add release notes with version , date and description. Kindly repackage the solution using the V3 tool: https://github.com/Azure/Azure-Sentinel/blob/master/Tools/Create-Azure-Sentinel-Solution/V3/README.md and Kindly attach the testing screenshot of the ccf connector in a Connected state. Thanks! |
… naming convention
…ition.json per naming convention
…ctorDefinition.json)
…le.json per naming convention
…Cloud_Table.json)
- Add RubrikSecurityCloud_CCF connector with DCE, DCR, PollerConfig, Table schema - Fix ARM template: DCE resource, [[parameter escaping, dcrConfig pattern - Update connector title, logo, publisher branding - Rename from CCP to CCF (Codeless Connector Framework) - Add 3.5.2.zip solution package
|
Thank you @v-maheshbh - Please review the updates. We went ahead and renamed the resource files in accordance with your specifications. We also had to make some updates to fix deployment in our test environment. We also used the utility that you mentioned in order to package it up and include the package into the PR. Also here is a recent screenshot of the deployed data connector in our test environment: 
Please let us know if we have to adjust or fix anything and happy to oblige. Thank you again! |
- Add _resourceGroupName and _subscription variables to reference
the declared parameters, fixing "Parameters Must Be Referenced"
- Remove empty "variables":{} from queryParametersTemplate in
PollerConfig, fixing "Template Should Not Contain Blanks"
- Repackage 3.5.2.zip with V3 tool
|
Hi @marcusfaust The connector logo must be provided in .svg format. Please update the logo reference in the connectorDefinition file accordingly and Modify the BasePath to the following structure: After completing the required changes, we will repackage the solution and try to resolve the ARM TTK validation issues. |
|
Hi @v-maheshbh — Thank you for the feedback. Here are the updates: BasePath — Fixed. Updated from my local development path to the standard Logo — The connector logo in Ready for repackaging whenever you are. Please let us know if anything else needs adjustment. Thank you! |
kindly refer below solution for logo: Thanks! |
3 participants
Change(s):
Solutions/RubrikSecurityCloud/Data Connectors/RubrikSecurityCloud_CCP/:connectorDefinition.json- UI definitionDCR.json- Data Collection Rule and EndpointPollerConfig.json- REST API Poller configurationtable - RubrikProtectionStatus.json- Custom table schema (49 columns)README.md- Comprehensive documentation with sample queriesReason for Change(s):
Version Updated:
Testing Completed:
RubrikProtectionStatus_CLChecked that the validations are passing and have addressed any issues that are present:
Summary
This PR adds a new Codeless Connector Platform (CCP) data connector for Rubrik Security Cloud that ingests comprehensive backup and protection status data for Azure VMs into Microsoft Sentinel.
Connector Details
Data Collected
The connector ingests 49 backup attributes per Azure VM including:
Use Cases
The README includes sample KQL queries demonstrating how to correlate security alerts with backup data.
Related
This connector complements the existing RubrikWebhookEvents connector in the same solution.