diff --git a/Solutions/Workday/Data Connectors/Workday_ccp/Workday_DataConnectorDefinition.json b/Solutions/Workday/Data Connectors/Workday_ccp/Workday_DataConnectorDefinition.json index 5e2ba5dddec..0342a19deda 100644 --- a/Solutions/Workday/Data Connectors/Workday_ccp/Workday_DataConnectorDefinition.json +++ b/Solutions/Workday/Data Connectors/Workday_ccp/Workday_DataConnectorDefinition.json @@ -63,6 +63,22 @@ { "description": "1) In Workday, access the \"Edit Tenant Setup - Security\" task, verify \"OAuth 2.0 Settings\" section, make sure that the \"OAuth 2.0 Clients Enabled\" check box is ticked. \n 2) In Workday, access the \"Edit Tenant Setup - System\" task, verify \"User Activity Logging\" section, make sure that the \"Enable User Activity Logging\" check box is ticked. \n 3) In Workday, access the \"Register API Client\" task.\n 4) Define the Client Name, select the \"Client Grant Type\": \"Authorization Code Grant\" and then select \"Access Token Type\": \"Bearer\"\n 5) Enter the \"Redirection URI\": https://portal.azure.com/TokenAuthorize/ExtensionName/Microsoft_Azure_Security_Insights \n 6) In section \"Scope (Functional Areas)\", select \"System\" and click OK at the bottom \n 7) Copy the Client ID and Client Secret before navigating away from the page, and store it securely. \n 8) In Sentinel, in the connector page - provide required Token, Authorization and User Activity Logs Endpoints, along with Client ID and Client Secret from previous step. Then click \"Connect\". \n 9) A Workday pop up will appear to complete the OAuth2 authentication and authorization of the API client. Here you need to provide credentials for Workday account with \"System Auditing\" permissions in Workday (can be either Workday account or Integration System User). \n 10) Once that's complete, the message will be displayed to authorize your API client \n", "instructions": [ + { + "type": "Dropdown", + "parameters": { + "label": "Query interval (in minutes)", + "placeholder": "Enter time in minutes (e.g., 10)", + "options": [ + { "key": "5", "text": "5" }, + { "key": "10", "text": "10" }, + { "key": "15", "text": "15" }, + { "key": "20", "text": "20" }, + { "key": "30", "text": "30" } + ], + "name": "queryWindow", + "required": true + } + }, { "type": "Textbox", "parameters": { diff --git a/Solutions/Workday/Data Connectors/Workday_ccp/Workday_PollingConfig.json b/Solutions/Workday/Data Connectors/Workday_ccp/Workday_PollingConfig.json index 4f20e39dbca..f83ab872131 100644 --- a/Solutions/Workday/Data Connectors/Workday_ccp/Workday_PollingConfig.json +++ b/Solutions/Workday/Data Connectors/Workday_ccp/Workday_PollingConfig.json @@ -21,7 +21,7 @@ }, "paging": { "pagingType": "Offset", - "pageSize": 1000, + "pageSize": 100, "PageSizeParaName": "limit", "OffsetParaName": "offset" }, @@ -45,7 +45,7 @@ "request": { "apiEndpoint": "{{apiEndpoint}}", "rateLimitQPS": 10, - "queryWindowInMin": 5, + "queryWindowInMin": "[[int(parameters('queryWindow')[0])]", "httpMethod": "GET", "retryCount": 3, "timeoutInSeconds": 60, diff --git a/Solutions/Workday/Data/Solution_Workday.json b/Solutions/Workday/Data/Solution_Workday.json index 7e4b4392750..419d4ee6c09 100644 --- a/Solutions/Workday/Data/Solution_Workday.json +++ b/Solutions/Workday/Data/Solution_Workday.json @@ -7,7 +7,7 @@ "Data Connectors/Workday_ccp/Workday_DataConnectorDefinition.json" ], "BasePath": "C:\\GitHub\\Azure-Sentinel\\Solutions\\Workday\\", - "Version": "3.0.0", + "Version": "3.0.3", "Metadata": "SolutionMetadata.json", "TemplateSpec": true, "Is1PConnector": false diff --git a/Solutions/Workday/Package/3.0.3.zip b/Solutions/Workday/Package/3.0.3.zip new file mode 100644 index 00000000000..47f0aa994cb Binary files /dev/null and b/Solutions/Workday/Package/3.0.3.zip differ diff --git a/Solutions/Workday/Package/createUiDefinition.json b/Solutions/Workday/Package/createUiDefinition.json index 90fa8ed9b7e..35d61bf0cc9 100644 --- a/Solutions/Workday/Package/createUiDefinition.json +++ b/Solutions/Workday/Package/createUiDefinition.json @@ -60,7 +60,7 @@ "name": "dataconnectors1-text", "type": "Microsoft.Common.TextBlock", "options": { - "text": "This Solution installs the data connector for Workday. You can get Workday data in your Microsoft Sentinel workspace. After installing the solution, configure and enable this data connector by following guidance in Manage solution view." + "text": "This Solution installs the data connector for Workday User Activity. You can get Workday User Activity data in your Microsoft Sentinel workspace. After installing the solution, configure and enable this data connector by following guidance in Manage solution view." } }, { diff --git a/Solutions/Workday/Package/mainTemplate.json b/Solutions/Workday/Package/mainTemplate.json index 6f563e0150c..9f413115197 100644 --- a/Solutions/Workday/Package/mainTemplate.json +++ b/Solutions/Workday/Package/mainTemplate.json @@ -47,7 +47,7 @@ "email": "support@microsoft.com", "_email": "[variables('email')]", "_solutionName": "Workday", - "_solutionVersion": "3.0.2", + "_solutionVersion": "3.0.3", "solutionId": "azuresentinel.azure-sentinel-solution-workday", "_solutionId": "[variables('solutionId')]", "workspaceResourceId": "[resourceId('microsoft.OperationalInsights/Workspaces', parameters('workspace'))]", @@ -145,6 +145,37 @@ { "description": "1) In Workday, access the \"Edit Tenant Setup - Security\" task, verify \"OAuth 2.0 Settings\" section, make sure that the \"OAuth 2.0 Clients Enabled\" check box is ticked. \n 2) In Workday, access the \"Edit Tenant Setup - System\" task, verify \"User Activity Logging\" section, make sure that the \"Enable User Activity Logging\" check box is ticked. \n 3) In Workday, access the \"Register API Client\" task.\n 4) Define the Client Name, select the \"Client Grant Type\": \"Authorization Code Grant\" and then select \"Access Token Type\": \"Bearer\"\n 5) Enter the \"Redirection URI\": https://portal.azure.com/TokenAuthorize/ExtensionName/Microsoft_Azure_Security_Insights \n 6) In section \"Scope (Functional Areas)\", select \"System\" and click OK at the bottom \n 7) Copy the Client ID and Client Secret before navigating away from the page, and store it securely. \n 8) In Sentinel, in the connector page - provide required Token, Authorization and User Activity Logs Endpoints, along with Client ID and Client Secret from previous step. Then click \"Connect\". \n 9) A Workday pop up will appear to complete the OAuth2 authentication and authorization of the API client. Here you need to provide credentials for Workday account with \"System Auditing\" permissions in Workday (can be either Workday account or Integration System User). \n 10) Once that's complete, the message will be displayed to authorize your API client \n", "instructions": [ + { + "type": "Dropdown", + "parameters": { + "label": "Query interval (in minutes)", + "placeholder": "Enter time in minutes (e.g., 10)", + "options": [ + { + "key": "5", + "text": "5" + }, + { + "key": "10", + "text": "10" + }, + { + "key": "15", + "text": "15" + }, + { + "key": "20", + "text": "20" + }, + { + "key": "30", + "text": "30" + } + ], + "name": "queryWindow", + "required": true + } + }, { "type": "Textbox", "parameters": { @@ -376,6 +407,37 @@ { "description": "1) In Workday, access the \"Edit Tenant Setup - Security\" task, verify \"OAuth 2.0 Settings\" section, make sure that the \"OAuth 2.0 Clients Enabled\" check box is ticked. \n 2) In Workday, access the \"Edit Tenant Setup - System\" task, verify \"User Activity Logging\" section, make sure that the \"Enable User Activity Logging\" check box is ticked. \n 3) In Workday, access the \"Register API Client\" task.\n 4) Define the Client Name, select the \"Client Grant Type\": \"Authorization Code Grant\" and then select \"Access Token Type\": \"Bearer\"\n 5) Enter the \"Redirection URI\": https://portal.azure.com/TokenAuthorize/ExtensionName/Microsoft_Azure_Security_Insights \n 6) In section \"Scope (Functional Areas)\", select \"System\" and click OK at the bottom \n 7) Copy the Client ID and Client Secret before navigating away from the page, and store it securely. \n 8) In Sentinel, in the connector page - provide required Token, Authorization and User Activity Logs Endpoints, along with Client ID and Client Secret from previous step. Then click \"Connect\". \n 9) A Workday pop up will appear to complete the OAuth2 authentication and authorization of the API client. Here you need to provide credentials for Workday account with \"System Auditing\" permissions in Workday (can be either Workday account or Integration System User). \n 10) Once that's complete, the message will be displayed to authorize your API client \n", "instructions": [ + { + "type": "Dropdown", + "parameters": { + "label": "Query interval (in minutes)", + "placeholder": "Enter time in minutes (e.g., 10)", + "options": [ + { + "key": "5", + "text": "5" + }, + { + "key": "10", + "text": "10" + }, + { + "key": "15", + "text": "15" + }, + { + "key": "20", + "text": "20" + }, + { + "key": "30", + "text": "30" + } + ], + "name": "queryWindow", + "required": true + } + }, { "type": "Textbox", "parameters": { @@ -472,57 +534,61 @@ "parameters": { "guidValue": { "defaultValue": "[[newGuid()]", - "type": "string" + "type": "securestring" }, "innerWorkspace": { "defaultValue": "[parameters('workspace')]", - "type": "string" + "type": "securestring" }, - "clientId": { - "defaultValue": "-NA-", + "connectorDefinitionName": { + "defaultValue": "Workday User Activity", "type": "securestring", - "minLength": 4 + "minLength": 1 }, - "clientSecret": { - "defaultValue": "-NA-", - "type": "securestring", - "minLength": 4 + "workspace": { + "defaultValue": "[parameters('workspace')]", + "type": "securestring" }, - "authorizationCode": { - "defaultValue": "-NA-", + "dcrConfig": { + "defaultValue": { + "dataCollectionEndpoint": "data collection Endpoint", + "dataCollectionRuleImmutableId": "data collection rule immutableId" + }, + "type": "object" + }, + "queryWindow": { + "defaultValue": "queryWindow", + "type": "array" + }, + "tokenEndpoint": { + "defaultValue": "tokenEndpoint", "type": "securestring", - "minLength": 4 + "minLength": 1 }, "authorizationEndpoint": { - "defaultValue": "-NA-", + "defaultValue": "authorizationEndpoint", "type": "securestring", - "minLength": 4 - }, - "tokenEndpoint": { - "defaultValue": "Enter tokenEndpoint value", - "type": "string", - "minLength": 4 + "minLength": 1 }, "apiEndpoint": { - "defaultValue": "Enter apiEndpoint value", - "type": "string", + "defaultValue": "apiEndpoint", + "type": "securestring", "minLength": 1 }, - "connectorDefinitionName": { - "defaultValue": "Workday User Activity", - "type": "string", + "ClientId": { + "defaultValue": "-NA-", + "type": "securestring", "minLength": 1 }, - "workspace": { - "defaultValue": "[parameters('workspace')]", - "type": "string" + "ClientSecret": { + "defaultValue": "-NA-", + "type": "securestring", + "minLength": 1 }, - "dcrConfig": { - "defaultValue": { - "dataCollectionEndpoint": "data collection Endpoint", - "dataCollectionRuleImmutableId": "data collection rule immutableId" - }, - "type": "object" + "AuthorizationCode": { + "defaultValue": "-NA-", + "type": "securestring", + "minLength": 1 } }, "variables": { @@ -577,7 +643,7 @@ }, "paging": { "pagingType": "Offset", - "pageSize": 1000, + "pageSize": 100, "PageSizeParaName": "limit", "OffsetParaName": "offset" }, @@ -601,7 +667,7 @@ "request": { "apiEndpoint": "[[parameters('apiEndpoint')]", "rateLimitQPS": 10, - "queryWindowInMin": 5, + "queryWindowInMin": "[[int(parameters('queryWindow')[0])]", "httpMethod": "GET", "retryCount": 3, "timeoutInSeconds": 60, @@ -636,7 +702,7 @@ "apiVersion": "2023-04-01-preview", "location": "[parameters('workspace-location')]", "properties": { - "version": "3.0.2", + "version": "3.0.3", "kind": "Solution", "contentSchemaVersion": "3.0.0", "displayName": "Workday", diff --git a/Solutions/Workday/ReleaseNotes.md b/Solutions/Workday/ReleaseNotes.md index 2b6c09c6c86..2357d16535d 100644 --- a/Solutions/Workday/ReleaseNotes.md +++ b/Solutions/Workday/ReleaseNotes.md @@ -1,5 +1,6 @@ | **Version** | **Date Modified (DD-MM-YYYY)** | **Change History** | |-------------|--------------------------------|--------------------------------------------------------------| +| 3.0.3 | 23-12-2025 | Updated page size for the Workday **Data connector** and configure the query window.| | 3.0.2 | 02-04-2025 | Updated **Data Connector** guidelines. | | 3.0.1 | 10-01-2025 | Transitioned the **CCP Connector** to General Availability (GA). | | 3.0.0 | 13-03-2024 | Initial Solution Release. |