Skip to content

Add Miro solution v3.0.0 for Microsoft Sentinel #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
ilia-sretenskii wants to merge 5 commits into
base: master
Choose a base branch
from
Open

Add Miro solution v3.0.0 for Microsoft Sentinel #1

ilia-sretenskii wants to merge 5 commits into from

Conversation

@ilia-sretenskii
Copy link

@ilia-sretenskii ilia-sretenskii commented Dec 4, 2025
edited by atlassian bot
Loading

Internal PR to Fork

Jira Task: CC-3685

This PR adds the Miro solution v3.0.0 to our fork (miroapp-dev/Azure-Sentinel) in preparation for submitting to the official Azure/Azure-Sentinel repository.

Change(s):

  • Added Miro solution v3.0.0 with two CCF data connectors
  • Miro Audit Logs connector (Enterprise Plan)
  • Miro Content Logs connector (Enterprise Plan + Enterprise Guard)
  • Solution metadata with 7 domain categories
  • Data collection rules and custom tables
  • ARM deployment templates

Reason for Change(s):

  • New Microsoft Sentinel solution to enable organizations to ingest Miro audit logs and content activity logs
  • Provides visibility into user activities, content operations, authentication events, and administrative actions
  • Enables security monitoring and compliance tracking for Miro Enterprise customers

Version Updated:

  • N/A (new solution)

Testing Completed:

  • Yes
  • Successfully deployed to miro-sentinel-nonprod workspace
  • Verified data connector definitions are properly configured
  • Confirmed ARM template validation passes
  • Tested in Azure Sentinel environment

Validations:

  • Yes
  • ARM-TTK validation completed
  • Solution package builds successfully
  • All required metadata present

Next Steps:

After merging to our fork, we will create a PR from miroapp-dev/Azure-Sentinel to the official Azure/Azure-Sentinel repository (without internal Jira references).

@ilia-sretenskii ilia-sretenskii requested a review from a team December 4, 2025 11:05
@ilia-sretenskii ilia-sretenskii self-assigned this Dec 4, 2025
@ilia-sretenskii ilia-sretenskii force-pushed the miro-solution-v3.0.0 branch 4 times, most recently from 26e4450 to 345279f Compare December 5, 2025 07:51
@ilia-sretenskii
Add Miro solution v3.0.0 for Microsoft Sentinel
481af13 
Adds Miro solution with two CCF data connectors for ingesting Miro audit logs and content activity logs into Microsoft Sentinel.

Components:
- Miro Audit Logs connector (Enterprise Plan)
- Miro Content Logs connector (Enterprise Plan + Enterprise Guard)
- Solution metadata with 7 domain categories
- Data collection rules and custom tables
- ARM templates for deployment
- README.md with installation and configuration guide
- ReleaseNotes.md for version 3.0.0
@ilia-sretenskii
Update Miro solution README with editorial improvements
86f6e59 
Improve README formatting and consistency:
- Standardize section header capitalization
- Improve punctuation and grammar consistency
- Update OAuth documentation link to non-expiring tokens
- Change "Method" to "Option" for better clarity
- Remove redundant CCF dependency section
@ilia-sretenskii
Update Miro Publisher ID and rebuild solution package v3.0.0
a28c57a 
- Update publisherId to realtimeboardincdbamiro1645117589045
- Update README with improved overview description
- Rebuild package with V3 tool
@github-actions
Copy link

github-actions bot commented Dec 18, 2025

🔒 Security Approval Required

This fork PR requires manual approval before automated testing can run.

For security, a maintainer must:

  1. 📝 Review the code changes carefully
  2. Verify file types - This PR should only contain .yml, .yaml, or .json files. Check for any executable scripts (.ps1, .py, .sh, .exe, etc.) which are not allowed in this context.
  3. 🏷️ Add the SafeToRun label if the changes are safe to execute

Note: If new commits are added later, simply remove and re-add the SafeToRun label.

🤖 Automated security check • Created: 2025-12-18T07:54:01.122Z
Learn more: GitHub Security Lab - Preventing PWN Requests

@ilia-sretenskii
Move Miro logo to centralized Logos directory
25d85bc 
- Move logo from Solutions/Miro/Logo/Miro.svg to Logos/Miro.svg to follow repository convention
- Update Solution_Miro.json to reference centralized logo: https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/Miro.svg
- Delete the now-empty Solutions/Miro/Logo directory
- Rebuild solution package with V3 tool to reflect logo URL change

This ensures the logo file exists on master branch when referenced, fixing logo-validation workflow failure.
@ilia-sretenskii
Delete old solution-specific Miro logo location
1b5e69f 
The logo has been moved to the centralized Logos directory.
Removing the now-unused Solutions/Miro/Logo/Miro.svg file.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@aleks-t-miro aleks-t-miro aleks-t-miro approved these changes

@makarovArt makarovArt makarovArt approved these changes

Assignees

@ilia-sretenskii ilia-sretenskii

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@ilia-sretenskii @aleks-t-miro @makarovArt