Samsung Solution: Fix Analytics Rules Validation

Samsung Knox Asset Intelligence Sentinel Solution Analytics Rules changes to fix issues reported during validation. Add missing fields for Analytics Rules that did not have tactics or techniques.

Solutions/Samsung Knox Asset Intelligence/Analytic Rules/SamsungKnoxPeripheralAccessDetectionWithCamera.yaml

@@ -9,6 +9,8 @@ requiredDataConnectors:
   - connectorId: SamsungDCDefinition
     dataTypes:
       - Samsung_Knox_Audit_CL
+tactics: []
+techniques: []
 query: |
   Samsung_Knox_System_CL| where Name == "PERIPHERAL_ACCESS_THROUGH_POLICY_DETECTED_CAMERA" and MitreTtp has "KNOX.2"
 suppressionEnabled: false

Solutions/Samsung Knox Asset Intelligence/Analytic Rules/SamsungKnoxPeripheralAccessDetectionWithMic.yaml

@@ -9,6 +9,8 @@ requiredDataConnectors:
   - connectorId: SamsungDCDefinition
     dataTypes:
       - Samsung_Knox_Audit_CL
+tactics: []
+techniques: []
 query: |
   Samsung_Knox_System_CL | where Name == "PERIPHERAL_ACCESS_THROUGH_POLICY_DETECTED_MIC" and MitreTtp has "KNOX.2"
 alertDetailsOverride:

Solutions/Samsung Knox Asset Intelligence/Analytic Rules/SamsungKnoxSecurityLogFull.yaml

@@ -9,6 +9,8 @@ requiredDataConnectors:
   - connectorId: SamsungDCDefinition
     dataTypes:
       - Samsung_Knox_Audit_CL
+tactics: []
+techniques: []
 query: Samsung_Knox_Audit_CL| where Name == "LOG_IS_FULL" and MitreTtp has "KNOX.1"
 suppressionEnabled: false
 suppressionDuration: 5h