From 0d9a5e9738a22b1f853a4f2f0030ddc44b3ec1ab Mon Sep 17 00:00:00 2001
From: kalinga <ksomana@metronlabs.com>
Date: Mon, 21 Aug 2023 17:39:34 +0530
Subject: [PATCH 1/2] limit dynamic names to three in analytic rules, update to
 v 3.0.0.

---
 .../VotiroFileBlockedFromConnector.yaml       |   4 +-
 .../VotiroFileBlockedInEmail.yaml             |   4 +-
 .../Votiro/Data Connectors/VotiroEvents.json  |   2 +-
 Solutions/Votiro/Data/Solution_Votiro.json    |   2 +-
 Solutions/Votiro/Package/3.0.0.zip            | Bin 0 -> 16692 bytes
 Solutions/Votiro/Package/mainTemplate.json    | 194 +++++++++---------
 .../Votiro Monitoring Dashboard.json          |   4 +-
 7 files changed, 105 insertions(+), 105 deletions(-)
 create mode 100644 Solutions/Votiro/Package/3.0.0.zip

diff --git a/Solutions/Votiro/Analytic Rules/VotiroFileBlockedFromConnector.yaml b/Solutions/Votiro/Analytic Rules/VotiroFileBlockedFromConnector.yaml
index 3ecc3720775..9fb29d78e58 100644
--- a/Solutions/Votiro/Analytic Rules/VotiroFileBlockedFromConnector.yaml	
+++ b/Solutions/Votiro/Analytic Rules/VotiroFileBlockedFromConnector.yaml	
@@ -41,8 +41,8 @@ incidentConfiguration:
 eventGroupingSettings:
   aggregationKind: AlertPerResult
 alertDetailsOverride: 
-   alertDisplayNameFormat: File {{fileName}} with hash {{SrcFileSHA256}} was blocked
-   alertDescriptionFormat: The {{FileWithConnectorDetails}} was blocked by Votiro due to Policy {{policyName}}, see more detail in the following link {{incidentURL}}
+   alertDisplayNameFormat: File with hash {{SrcFileSHA256}} was blocked
+   alertDescriptionFormat: The {{FileWithConnectorDetails}} was blocked by Votiro due to Policy rules, see more detail in the following link {{incidentURL}}
    alertTacticsColumnName: sanitizationResult
    alertSeverityColumnName: LogSeverity
 version: 1.0.0
diff --git a/Solutions/Votiro/Analytic Rules/VotiroFileBlockedInEmail.yaml b/Solutions/Votiro/Analytic Rules/VotiroFileBlockedInEmail.yaml
index ede08b15c5c..3098f8d9241 100644
--- a/Solutions/Votiro/Analytic Rules/VotiroFileBlockedInEmail.yaml	
+++ b/Solutions/Votiro/Analytic Rules/VotiroFileBlockedInEmail.yaml	
@@ -40,8 +40,8 @@ incidentConfiguration:
 eventGroupingSettings:
   aggregationKind: AlertPerResult
 alertDetailsOverride: 
-   alertDisplayNameFormat: File {{fileName}} with hash {{SrcFileSHA256}} was blocked
-   alertDescriptionFormat: Attachment {{FileWithEmailDetails}} by Votiro due to Policy {{policyName}}, see more detail in the following link {{incidentURL}}
+   alertDisplayNameFormat: File with hash {{SrcFileSHA256}} was blocked
+   alertDescriptionFormat: Attachment {{FileWithEmailDetails}} by Votiro due to Policy rules, see more detail in the following link {{incidentURL}}
    alertTacticsColumnName: sanitizationResult
    alertSeverityColumnName: LogSeverity
 version: 1.0.0
diff --git a/Solutions/Votiro/Data Connectors/VotiroEvents.json b/Solutions/Votiro/Data Connectors/VotiroEvents.json
index 7b537cfd46b..73fadc81a49 100644
--- a/Solutions/Votiro/Data Connectors/VotiroEvents.json	
+++ b/Solutions/Votiro/Data Connectors/VotiroEvents.json	
@@ -26,7 +26,7 @@
         {
             "type": "IsConnectedQuery",
             "value": [
-                "CommonSecurityLog\n| where DeviceVendor == \"Votiro\" and DeviceProduct == \"Votiro cloud\"\n| summarize LastLogReceived = max(TimeGenerated)\n| project IsConnected = LastLogReceived > ago(30d)"
+                "CommonSecurityLog\n| where DeviceVendor == \"Votiro\" and DeviceProduct == \"Votiro cloud\"\n| summarize LastLogReceived = max(TimeGenerated)\n| project IsConnected = LastLogReceived > ago(3d)"
             ]
         }
     ],
diff --git a/Solutions/Votiro/Data/Solution_Votiro.json b/Solutions/Votiro/Data/Solution_Votiro.json
index 24f91952ce1..36373b3af60 100644
--- a/Solutions/Votiro/Data/Solution_Votiro.json
+++ b/Solutions/Votiro/Data/Solution_Votiro.json
@@ -17,7 +17,7 @@
       "Analytic Rules/VotiroFileBlockedInEmail.yaml"
     ],
     "BasePath": "C:\\Github\\Azure-Sentinel\\Solutions\\Votiro",
-    "Version": "2.0.0",
+    "Version": "3.0.0",
     "Metadata": "SolutionMetadata.json",
     "TemplateSpec": true,
     "Is1Pconnector": false
diff --git a/Solutions/Votiro/Package/3.0.0.zip b/Solutions/Votiro/Package/3.0.0.zip
new file mode 100644
index 0000000000000000000000000000000000000000..7bb930420108bbdffe6121d1e83a4be2bc8a9302
GIT binary patch
literal 16692
zcmV)5K*_&QO9KQH000080E$!<SLP?h0x}-}0B;`v00{s905UExE-)^7X>fIUWl$Ud
zvm~w|xCV#C-Q696y96gJu(-Pg*JbhGuEE^`!C`Ti1b278?_Jf^)xEkm^J8jys^;hP
zRJXb^JOUmJ3=9g)Kb1ROqogEUXJi<dBoY`H!vCO_uGZ%6);d5LYa5^=&>iUH$Y$r}
z<hWq~a$4iVde1eLw1u}o2LHq(;=?<MsAg<|JJMw_h^6`rXIRL}hF6gcnQOWU`b)+*
z3Sli%G;J}@BS{(V-02p1hze+xSGX-1Mbn)<<cvnMXTI^~x?%<@0!-?_irKTR%{IW&
zF`Frs&vQk$8k)eC-BX)uZEm|2rzy4NpURHy;G<YW{r5_h4-Tb3>_OYgd@e$jq6$Kh
zxv}#0uZcOw5+Ug(Tp$UIv3r%LjTk#aE_5!+%g?%ItXi&6!VM?=t$p4gWslGHZcLwI
z*W!tJMYuy4s`n<Wvh-RwpIO-n{~Vr<HldG)t`+9CGX#Tbtf&tsRMru}+$gx|Dk_u$
z|CV-B8;q+w?^L2mc(X?<3>ml$IyUB62<M{KFV_jo4o-em@?SQZ`D-knKX_>grXnMY
zGmn!~kS0~#gaYN1e3fnDjE$8&Xi)h}ZT4N~eU*Mu`Po>IoRl`77k6J~XsZ~Zt$@)j
z@aqxzi#@pMQqAT$3Rivtdnc7R1oX_Zl`Si<oH@Fs4xs2N<RfSb=AYLnbu{PU^>E?d
zWYk8CtH6(KN!&5k*Ne)cDd^6)lkV1%t0RL5DivRDxvJuI0K24s?-NoPil~MJW@%Qf
z+>eSiB`Y2(uCmMiP_FUx{G}JY`EnP@d=%7_tnadJBX!k_>zknflxW3(KDF|a-3l;H
z69b6jUY=7>z+17|{P)F@lIawr<DS|3ejB2}su*2g$gQ&$Vh`FI^U%+(<9v#Bus@19
zJRdM=aZ8Oa@;2Ej&HVxBsSQ{T+o@b6_N!O`AN2fUgM-CsIb~NDVsqP<MaE8nI+(dG
z2{Pp>hv_)d@neZ;&BSFYF0AIZ$-Ek(dqy_oBBcj!G)%jTxP`iv18@;t(>MNBQEE$B
zyECXvKk!8MFYC)Y?D#-QU0?sWu{7$+syGrEa437v!A>jHMSCa=)*zBnn|zWQ*4+XX
z0{H#u^kc2UR9gjKHL5yRZ`VC$8u{1FF#AduJo2sCUt4F|<wjeu;F=&Xz1{|G%STry
z(2u?^en$0TvtD=E<R{l{+tbFug@s-Uj4sfbr$bU$AQUlFBy*!S4B^aFLYTV?Jvcu0
z;Me3rbf>U;Q*f=dPdUkuG}OqwSHI1tNIrD*2diB7bo>zGHz!hx1oonD{vQbcn&5dg
z7=CijBu+v7cu_3J2%w}yk#<Bs$WU~>$uE#~g8s@q<?4z6_jgj{BNIQT3^;)YiUKY@
zg^RAv*EiPLL25b%{UYKsl|ms`*k}W<mT)D=%=tKV>I}&*$wB*IDF)(}&g3W3i9La}
zbrkFjdw{Guk|cgcWNJt~$$l<x7;FEvp0-4m$*PiJygzD!KX=^y3u3RhYB~dXikzcL
zuD^UAlBzCu!!aJuu?^<6Xo6xVpT4Ul7Lm)iQdwEQ2DhEv_m7SFVLuYlT)7ucNlq^&
zx|cbITsdgU*2aQZdCw^!eH!-?%U`%KN<;f)R2hGe2_FNjLzyq80;Pq`1}zy&emwBY
z*aX7lieM`=z7v6JO(2?2ehEn(Q`iHde?R1?nv^r?{JCEorr*>lS3NZ^B>M(7wIHOW
z%ZSBc6ykChE0zppgcGUUQf7QIS)eVN{R)nd_A!N$+{1B0^CG{s{TL&mBs<wx9K9kv
zn#&p!d@0=t%2in!5hXP#R7cFEaePD>5z%9nHkubH<C2b15aB)4#-Y6c&ZCbpJuZCl
zdQdXhUX}hxiME9IDeC#!JWLZz08ILL4wq6lvw&fA<l<IviI(YMc{ED8nHL1u+S|8}
zh5<*NN}Fgl4imFde!}l9j5J+653v>)3=1u0J5E|ATF$o1fhVkT^;7%A5!&edclt`r
zn-JWP%m{H-XRM-VA`$vFw$rrXH%C5|X8ein3TLKaly9x`g*jqEVV##kBAhlB?AlBi
zD69F*aC{=4*UUEE-{*^BZ$#STf|U)J7>Lj*LkJ}cgurL>16Q8nO$!q4y-a;l<h(*-
zQgp8(HW$vZyn<RGj{)oEDeezPeT!^Kd2@34{GM9_<Z^5<^2*R$&*d;y9+itCCE_)4
z&q6DSd_7_Mk$gAIY_c4+kIQ)uqr*90u24+h!@baGw3$4X;GlfSP6D|%N5<mD+_4dZ
z%+}~k!Z-iF!NJxbMbK)_V)7Ki+euVs?aNft9X-(4h~}qeGS5iXzgJJtYw&%51XkiX
zSugh=CIJ6lr-V0MLwk2oW{c>Td&lyMb5A$Dtc{9|ihHGOBzpy&*w4GP-k9q`tsUI#
z>3-6}4<QTZU(K*|6C*vvv2-I@0`RIo3q5e?pZPy8nd8$ml{VLy$}Ek98W?OTm-&cC
zdnSIO3OfgK<)Jb!nZJr#T0>dDWFKwzI3EJ9ZznfR6Sdy&yCt(pkmAn0RKL<*w2!<k
z%W{niT%srworg`_MJHy(O9+w4L_447ZO9awx_nWhw_((lUmn_AuCo(-%~N*sUOYd_
zL&EeXmA`b9FQI)<oK*CkG-k}FWjpd}j;yNgh0VX}{|`y4JTi>H{)e55Ghtw`|AT_e
zfsWeNAZLgFQ1$<&=QB}zx3!jrzc0)j$C;Kd2>|7U8`q(nouRKMz}d$kN1^W)YG}!I
z;g&JlPjyB6kMH-LvB;=k7{yV~tYS~$n($$ZdUh59^urzg@Z0xfZ!Nx}Zj;&U(j$?T
zja4upj2Po6d{RH-^I@LB1kyJiEsxQ~d*|CG@%1B2c_XoG<QcfNoVpc}e8w-Y^wIrJ
ze%UC0WBc(cHyZ@DG@=ILkfdMbb*J=|0<yLrDYk?m(=0i1oP7RYN<<PA@@QB5$p?>m
z*<@k2sf5rExk&|n?+<Gvm2e;_;*;!(#6%;^hV3s|^a;i@enLCMlSWFG*NV<z32AWW
z{Eot_Xi2U*?;XW~Y1-fnRxNOaq(7hjw2^#HL&`k7W3y3&43fWaCNw-f4@qFU*ho~W
znn)^jWlZ4<b(<DKtWa<GM+KA>M>3}T!E#orDdE%Ji)wS|8O~tvU(-se=ixa9^j9(W
zv!JPG@tNfZ>cjh&;H1AqTjpS{V;XI+D)G}BQw%#;@J`>9=1I6c%hgHATgso{Mw#eZ
zB*CWeX*>Yzb;#KCYw+V2zS{9+$8@vOZ@|&*=iN_8My7rPbW%vv)O%oBLlz!ooLS^#
z3kDPh8UfCD20Y}60X6&VANke4j-H$2;~Ucyv)w$VMj1^^_MfxKW5a_BlCINd!cQZ4
z^o!S(gZ)@+cJUv!8KR+DuAi9tr3omdano$v9!Q5Y+&PbF)^##UAvLlF9jHCIBxpH9
z)uCRs^XWYM?xY;jWxQ*c0pWD4k*!4V!kL7{?}sxxTZdQBxg7a{vz(CXz(j>^WJxqh
zq&@`3hA#Fn-*n8D9^LtBknQAoNWgALe%hQv_taX(v`hgkLwW_jk}E!(%ezMas5Dc=
zTl9N9mL>^l1ZtkjoE39A#0r#>0hbd-fKxLx{&>S6a*!e&q-|+)5m2%yvtG_MEpI2b
z^v9nq9ai`-B5j`|!KRjq7vUb3WP4jH$z_9ft4a>%n+Mev9cMl%H+!s4$A~1PPKsmb
zr?DIV)AgnhE1@|FL*dfFj^K@YuUzS#`vl0X=ECo-d6H!}$V!DI_|6g6*{r}gMB^O&
zP&Zhzf3*@6dOHAkhIylzp)AX)=~isE>z3p-NKF|bErIJ1CT?Bivk!~iq^q*7m-EDD
z+)!euUK)-Y`d7g_;-H8|w%o;Dq;+COvl_$2mzZr;4XuoC$ow<-n^B-6<g0t&9J6u>
zh#OtWeRv<grZ%z7M$%hW(<DAy!J2H<tRjc#!Z1mkne=cyJ~Z$GVLB^Y9ZM;D-HMr)
zE*p;=F2~K%zD{&~^Bi;Quf~kj6SZTQ9*reciuK=~2dL6~;MNB5o2C$B7pex=Ue8p2
zVByaSe^5;)V%m?jaFfUqg@D3CFEds42Orn@eHR2e%Dw7Pv%xUUHTq)w(Hs)j!8u@$
zG?&J;51e(ZDPFtIMOVqBrE%_+Q95{~N-<b79)M6_=UIcET##*A*4L*R^&{|FXhKI9
zPdF|+%)=UeN$$}i&)pN*RT)B*3>tu<>;IFAB*~d&@S->#8Lo&F`Pov1^}CTP&NXAZ
zLtAh43{rJGWbhHd63}Ryy5<6O1}Tp%{7&Z``gQac_I^o)MQjY~Il7|LEx$3=)Fwsg
zoW33@$;9SOb{nIV_t5*VK>e7)V8r75%~#)PJ1J1hj@Gxgas$##%(KgTbG6w4Tcw#;
z76M#J1deFEm&N(LVyX63n-LYLl12ycefH+EmNSEHPOI<h@$_64F-y+lE)TBZXCq0v
zrzXil%%>w}!jaKU;!A|W<-<R|!bxb5g!%eg;!@?G_7RP`lg=!w@kJAI^ALYaE1vlj
z0Z%8vh!N2Loq>u7rxQUhMh$@#Df~4nSg#}!@mQalQBMRV3d|nz!V)9v@D+v1A4Y}4
zH912Y>1+b7JRUkKhz!LzrTzKGUF_}eCxp?$;pZtjl0tq3Hii6eLu!Q(B=9ch4bjkb
zby!R-Y&HkuFa{|B>oAXb)E3;Ayojly6&AE+4;V%vjE|~9b>#dBazAwEkR?CAUG3ju
zXQ%`t$3+6y+-9vBYF(6LuUashjnpn6M$twvcY#^u%GhmnwdzZsmlh>1SjJ_{pX*x^
zu9&4v1`JjklF-LhG=moj_yg^h#}(0$znBpXPl$qfTI-i^b7qQ1^oLwn@GPyY=|Mcs
zo-x7&Bu-+$fe+s8g+7I4lZN}*yjx~E-a;Zb99xL#NQ!5rjj<+`bvK=(@qj}#$+81(
z<L=leqx^?@%9P@nGX7#SCT*5KS4S@b6yAH%n;yN7_5+#lvt`<J%j%1;6#dL|Siyza
z=eq3(m7;VAvik%)WvnHY{2XMKM|t9(cL}Uo0))Rw8466|P;Rt;37y;~R@?nHF4*Hq
zm<TDF?{i2uR-BT1I6uu6EUArq4q1of)?qSAC0_kQD>*>B3ns!qMNE!ep&(AobTZXr
zUM7b;bUvL|S2%6U-kjI)3dxh{CwmpNy_dQStp{_4hu>VxPJf3THxl}?x@!pOH2d4Y
z;{ee5m-oSKv@XM;;sW!a+)qmg)8w8+n+R39mf9ra_8~cz{}%Bgd{hSu37!#vY?6`5
z8`uR)jC?=wWkwZEk#r#q6IQ5ChkTrcW$ykvcigJQt_xARY@U6`cOdP1d*dT1t8+Ue
zT*Ekjkeq(u7#d>QUY8paPPaN{Oa$`&ZcJN?YuI?+qVoEQikG0p*W12^EQOxnP8pX-
ze{a~Q?L!G2IEBYvm+`qOq#W^LbM?^{PABa1$O7LTh<7bh4#y&Ra#;<55jyDL*rEpU
z9SpFJKS?gMlEL2|_0aV8NgZt+!l<IKc06oTe$j{<MD?a_Ww2Zh4PFi*zf^Zr_=C#t
z-)m<rqK=)mX!FcFquw{tnp5-}WuM9xeyp6&T07ZEuA5P%P7>*a1qe@fw6of2{tW*W
zK~ds|7)!9`5x!-Cm2sg+7PTJ?u~kT_st*|Ra0UyNoRLx^sy>d`d<*c%OO=)SwIOj4
zCON_EP+v&64%^*6Dx22isOM|b?Y4vDYf}<6K>^jDD(Bw_CesJ0O`dJ>n}k^fK+S!1
zlWf<`ki9)cv{!YaQ1-|U9Cno4iu7B69`zwDQvH>&@=Nf~`KWv`K%qb+5`1g{d4lK2
z=nYMYUlFX2EW1P^?U1&uQ0A<%Tmr!n586$|afKCiR<N5uBFAFLUk)eK(mLh+1~pSe
zo(0M^_-m&)Mk_@o$*^+M!bBs(oyC-iM83)$-Wmey@#X3T5Ds0wK|=+}T3*=k+mNi7
z!p%r!H!-(UmhR>j!+xEme&6+hF5}zxyLINvzR2&?8arPJR(+y0hvOGQpa;JTYk{3)
zms4KGqPr~ZS#^+GQ{2RyUOk#RZw^zeGuJ=2b{w#FHkNfZ^=QKAQ_}jxPk(zBLu!am
zL-o6Kgjf_>V8&~XQ9fSFBqUJ3gI*H{?5|ziH{`aE=1TUf9*U=mp5QDq*%6z+__d25
zy*4_nX88)r_BG{=*;W9IYHwHVM$7B}bGaio7Ip-X_D>|V4yR}m>gn9=&E-wpD9l{s
zfx_u*5iz1YN%zV4rN22$m^PX6%`LI@2LDJ6>;l(};G5Et256)LDEN{R7;G}5%%<^@
zkn$9Y%y6Dn6<(wc>oT%{pJi_|kk;kDOJ!(t-!{aS61Q-g16Do<^f2DAp@_4iFnSR(
zt*W!Y+-0N-1>@L!a3DU19!Zdob`RYrO-S5p{&PlBV$m~*$17zn{r5D1a|Cm|@Js&~
z>)0HzibKh5f=|(*-fj@W%lk(?G`KU*0vpeA-3ry=+E%zWFurF2r)ran`5Um=-eIl5
z)x)@%#H!o6zJXQSw?t`&VZgEih*#p(qOXHg@k>vK#d*@M5V&L5d@AG-wy^&@xNE_I
z5${d4I=|p|@&>x8a!fqdT^Gas4;*G;+(BHD$|BarJrT6FRsnpw*K=!Zv8URo)M<2~
z41iHT7FW|7Sz1yKZ1UN7#9rx)hdq~T#Samufa`g`rZ-5#yVk{M*gF(zxkw?ta`l2q
z(Qq|zc5|~ulP6>|(^+jC=-fP4Hc~QYr)Npr4&smy6wrQR`6JPkGG@+r@}1Fzna!bz
z{HYqw1fanmqShYA_k0RQ^d8yt$%T5J39hH9!eX*3jRG1j@(()~Obkz~7r@sKXm55$
z<opV`BRabTt^$sXCo+HU8CWsjn!kq9ho6j!{HqXFG_X=MvsoUB;N>o1)q-~>h-U5n
zMb+8G!>!g@Zk^GzznT8ecHC{+Vnk)U%{>7EH)D(JrgFQ-;Ws3U+&Il_@|#0Zs|P_-
z&j=kFPuGacw}?)Aar1>Xr_PqIrrkia(1k=O?%1`>lc%(bc$VPC)}Of_p`*!O_vDza
zv9sd!=htHHlqTXN0HON=i;>>vBfak_PIj?Ipi2ygUmN>;YpZn1^-Un&>dcKazJ$dE
z&#a<lkabb~X@qp_S7Rsv-&$iY!;Tl~oYxC+5AzoiFS%cHNX^!lwP~SiS-yUGuAQ!9
zAh${o2(#JW4&<kFW}2a7bR9j0v!`<5{*6YTI_Jh-VaI*0)~KV@Eod_<cO@z9>8`{w
z*MrvAEx{{(xix+6ZDr536F8p%K30(hsYtS#irFa%o`LP`(3{s)?T$8zA+=zoRn{xV
z=<v=K$jqYlOd8(IYD)*&PFmaIPdMMaXCReRD`aXdy={LUx-T%1Ip^C{>d<0v)vFa_
zV`NuKlkYXBJ<+R&Rtm6Lm0L1WZ0=I4f2G!9=>((;sBsF@rMiD*IQl8H!f4$<wY57}
ztPlvONQUyHSZk_Ok7CrEILH6sS8#C<c6j&IBz6-0;i5RZQO5K>sfoX)hh2p^Ykqgw
z;M!D1DWn@JtStEItBG;OzaX^w2B`K)$Lj~wOn=W|YO{*T7nWFjuTvThYf-!ZoV7FB
z&HfI{a|bS>b3GZ&zC&chACqmS!}$kJ%rk)T-=8WF-246hy1R4(lcj8S{%?<)KHlkd
z*C4wuaP(KM4&wPQzw_$%TH8sR{T$;=^wvv0gQLvFwV<SG*2vTxbrrS4w?tNgbu)|_
zgCa`o6ouSSve+;I`^Fm<yxfsMN=zA}Ek5#^!B+1!Ix|#*LsMgLz~2L~llY-X1HumE
zB%j=k1g+r|=jryC&Rg1L0*)yK;z>^&S%Zcg|ASp7aG)#9m4ZcZKS&C7*qgRz57Xfe
zc2FB3&}&p6CiH8=$9=qlDT8mRR$QZ4qFHQ-P@?1~whSkNQ8`7QF1_Tbsdh+4;m|~C
zd4l!gR!C83Zdr2v8ShbkOx5lvF05B{FAVGMX6g0I80!jh;v_zCY?{ce!1CMe5<h#q
zCO!*8vq}ReIq#Rogd&403_h?wRAb(KC8DYJ#BFTnK@9!z6XwZ-s^65VU-s^HgErEK
zBZFYF{OVgqf#Pp2yv3bmzYya$V9?7}k?89q?$^>i@>{f)3BDscXk1GdM)8v28XvU&
zY3_c?*k{$#7=YM(W@~4?z%l<u_T!GX9l~$5Ns<WUUstN@<nr;D>sajYGCm#}Fnwk6
zLFM!USHE~X;K1bU>-h@z%=ahLt({Jn_e^@>cI-mEI(wai__v1I0?)i~Pv31iBRe5G
z{wKgUKK|w+zt!zDPfz)ajcGsrTc?AFtn-7j)q=Hln&!%!r)uL))z%87-lkc>p4)ao
z2WDYAM`RHG@ag+DnC-ogjV++z2Je9V#{Y_*>FI)WL27sWjVUss@$_QEb}aCmo&f_#
zT~xZ_{d_(>C}x`gEG!@o%)gxs5*boR5Sf0MJuQ3zP*lzXE>kF~=JA`~*K9GcTNd-k
zI`6`;yBEiq;rIowf&PN!lm6sH3k(1HX1Cg7Mr)Ew9yRpzexk8gAlBjEV(y0fQm8ct
zd91F94(3tWpjg}U5cRk0Hbwf4BUElmN<&~D1wt(Vzb-MxG;(DxoO%KD8O1qM<YGIC
zB$k0FgQrd5(Uay+$2Q4a?9r`hSf!1~$YtI3q^iaoZ}Bfj+MjN<sp&ms9!0GwG-v5C
zWr1Kev+sX2>-<w>ECh-u#&UlB;*UiYtx+8*9+?V4kk6Wkl!*Jug?NSU)5b0&LM(pu
zIwQSE@gm*ZyAz*x&nO%;Pa$SgG-KIvmLpyaCsC$x&A6TRh=D<`g2z1Jl_Wj-#iIls
z?ayAG7V%2D+m(*R0kh1_jPt=L)<-RV99QP<4}^KGE9G8a3jh|T_J`e*mi*IUbkX*2
z8ok6EGWkhp7)X9HMZQ+7Xn2k7QwxQd$8T;F9r!j;|6{2Dzwf&UnTdQ|V(`bYohws6
zjG22-b79hdn7<|&F6&KPYwvHNj;g0~e}ct^N8!c7I27oBSkOor(`$N0T$-@MRHEPk
z_%Af-LA!ULA`@15{7hDD1c+N%ifcmU*i*i&pz<p9KE2%p<zFCnC$mX8ErnZ_NnYAT
zcg!Qf3Jv*tPyqaeMH-w2(uk(u%8R(GukY$Wl!`_eVEa0*<_NQGhN(3b0w*&6D!ZMX
zv1pFsh~z6w&nYT?u-TzNEl8lU-UcElqS{i7K##Dc`^vgmo6Z-dC&+l|@5nVCc6P<$
zFRP{2(5fO6PJPoWDW~2XZq|6ygdOqkYxjlcw@X8oR<trf3>f(m6ax~)QH;iwj6tpv
zqn3floACDF)e!{s!{jLuv7!(nlJK;th851daB3)VDYAdRR>9%Yl7I|Xd~Hu62cpSI
z>sM<}CMKF?<kjoG5>~#tydN#6#2uQ6HzevOsosQUWQZSr#3n<D*;0b@<HR=Da$J4U
zsMi`wXY7yuZ0LMu3a!*+@Z(Y$cuaN;fz;B=rlCj%3NH_uG`kA!cR12}0@Kr#x{0KA
z%^N^$&2DiD9b8P4f-mvx$)}maT-gXF5ws<Zg4&S$4AFoN?|{$Q*2`EI70mpPrI-WI
zy#vx>@~8L3Dm}wk6`e@66F7{514R89mFY@jRom_84x;HkrB6IzNZDC}EWpxPS=T;X
zlBtYe5G~eGd6=DGwsR>h#BbIWk98j*^qRJ@nHFn`q}FamKe{MhNZ5bAm#@Y}NCQ;Z
z2WdEekg_vzjc9mBXrA{r;KQCdoD1x^Qv1Xh*=n#sdq-0Cb^%_|-*!FkpnHWwDplBU
zLu)nDwy3&=%!%2SWTHZlP8G71lat2pwxyvuh2P|>cJGL=e~wA>8@=54<U?&<gyQCw
zvhS_zNo6bp4CF#5EJfhkmwLsT0p;48;-2(l)mSqVR2gM&St!jTV*z}tSvF-a)0#K8
zrBl1Q)Mg*g<**+U1b&(#yj)Y4v!=IF)(oejG;)8tBc@ll!M)lZl+^Pqw=j9#JBTPp
z4wr_cgT2BjlQEqplOTNh&)>btbat$OWyQW~B1dm=DC0#*0cnxxf1`@yls#qUj=o7d
z8!}9DPmm`$=N_d)Ef!9Er+>B^h+TWsyN%LzIC2`$RA%K-x~mo2qgzyMK1{uCmd&=?
z9DaE|%_=pXM&$Q>=_Os}{Le!PN|-;6So)$QH1Aq3>A^{1i%;*o7%~1n5{8)U$bjec
zXZ5NM(jqQ&IVjfezZM-AaaBde!$-tE3ANmE>;}PX^KDxXSi8H_5S^1h9C43-noFaa
z%Lr>UevZow+Tx3dmzxH?+U2^m9=tgnEFq)?mijVM^a9>KA|B8?%F1iPo90$J>g8MG
zek~66XUoZFAH-xV1d{Gg@Ho1<eNVO(@8^m4EtFDo3NbUPfs>8o*rEJaC;XsfUt<mE
zIP=%oZUAKk3N&OmvyaXCq>UBFIo0+)1*t2;!r{UH&$jmeiDFoo|JmgJ?@Ru>?EZh3
zlpz0qM0j;&M5O;3!~G}2|5F#p|Ev37P)h>@6aWAK2mld>6<1r3kP~nR00590000*N
z003ihWnpw>RcS<JW@&C|bZKvHE^2dcZrxdJZ`(Ey{+?e!XaiyglAIJ6HWcfItSPnv
z=~gURiy;mITB0p36seJv)3oz{-yJE*lr5)8U$$YN8k5Jn<Gnohh<&$5Nc5%23RcqS
zF^LLmEAx0V@hfRbC0($RNt@EQwPtCi%4W|@4%4IbQBrBP<m_hhR5NPXZ_iKIoJ(%G
zlIe?DSpKR^|1e5^5yfb#pfVRsqp24>)5@s1O^==GK!KNCGHpN&%Jxk8-HK{jG7B;w
z@D5gBEmLyN7u|1I;pR1eOLY!wb1Dpr+l?7DJTrkPtmVvPnpd_l`YkUP#OUnFv<u6E
z+oGPiD1dFPWFqLyOxy*MGYAuxOiUm+;Me4pvRtcn^-PHxHJiz)S|~GFy4}<)7t@H`
z@Z1()=j*SkH}JDyd{Nl$_jgk{l?MkuE6W}q9FVK?f@wxddP`=ETwF_aBMCRAX6AC#
zdP=V$duC!9>!!8tq`mN%R7_h6*^&!l6|n_3q;)eUm0;8`qS>5jzs*W8I9FhsOJk`J
za4@|>=gtdE9>@wvVGi3MRZ`RgR}%vLL{G?EtCIM*kTZ&9^43c|lM8SY&2(i!+Q`KO
zOsO06GOLYMCFC3>XUsyFNeNmOV3uUJGx$lZrP*~%az)sD&N9oFpx66X)TnVmpa=<*
znrB6G$gr%|+}?sE2#HC3z)z^9<f)Ppv?y&b_D3-}ICx35VZra$N?*^Ey7nu0_TrRL
zElG*7qBB+7fopB$%5_+qurc|IY-{O?=<dT^wsVz@qj+86rk;f*zOH@PgX5~!8GEVK
zlIOm!E&>4(w(KuZIxchOMF$a+&TL?E*EuSlOM_KzCN~g1Q_+l>N!8k(xJ3L~3wDRH
zo(7kI-LlYhJad9`s3j8xa+lrTs~}WDWppS^(DyWl!q`|xY~y*(9CG}`b1bt~MNDoO
zSujg@(*e**u!(g@#jOP#B3%qZ$5!EOq9r$cCRmGPgHE?O{86jA+VtFY(X%()U=P5i
z)pej{FZ{RBxkkyh5CXK60Ka%yxY+6O>(2kc8+%)^KGJvfn;z@(xZ==UfTE&zNGWm7
z(fQ~c0cp+!f;^esu7d>aUqCxEybFMhi|4P+)rq@1bhLo3WqGI?#zW3qbiY`*d80>y
z$%QROz0i%uDPC_JAC51hUVQ%q;IsoZQ7D`-(T~s0do>7S$`;NX7>8;Yg&hc1cpmQu
zRe#?``JPrhY3AdTM~9CNlf!S4!=ruhb~~f-?%dtnFKtg%S;9O&(W*Lu@evBc{9^*8
z2P>cwuuv$G`;mX<l0qmMw!4w}9L(i7+uR5dm}@0PPzFI2n1_{tu^Q%{HG?g}@>f(q
znqAsTT8(@Oj(jtW_WK3DKTek@9+O6HOrCs4zy?lMGqUOwH0ov#@;#18yEa&IV-Of|
z%SxxG!cjA7YG?o5)W>@oJ)TDUF+nkRDkl5WD4s^nli}UfKB&Iz7bli8*DT)xgCJUK
z*a<{@ZCy4f0c@vw4@e+lX5AzmETD~P8_LWC&DlA(&W*bSA=@~KHb>V6P!BtGlvwu0
zZcdP$&2SFFKLEmCZ=O(<pMjh60hOVFw!B*`Y{`^y^@~1{&M5*ss^Lp1`CZi{qtZ>1
zhC_K@&KmXtGtQrfUbuzI8Xz6(=1Ix%9O=`V$~pU{<A0t^*T_8_U7}D0o+EDf2*^BF
zEkj$>Jf|{4iby;)=u{FU?`hNv$}0HP8+Z3gS>oD5|C5Ph19_vqO|{1(fEH<x|N4YN
zP+(#JDQ+?|NO6fozAX4#kn_|zC1`7FxygfR$#15#Bi-nanv<LZ<<-cv@%qLsp;^Z|
z)|+n4V~=Cfxki%AWS&@+z&`}ICVb<-reU-Ma|U1+657#Zh$Dvtz}@1OR0H0~45paG
ziM)g>BPmC>uzCRLDhMsqLIxMmTsgenj>D&|4k+sDN1wGW(89oa2y0s$zHtznCCtNy
zRi^}k9e$Jpn>T6M`Hf$pj`nw7d6PzWf{K$?@rK^j?hto>x0LvO++mY+_vygaE|8zo
zMxZx#;lmzAE&xYM&YpJIgDo^n@1sf?+dp=qWI&)-J15AXa}S#xolpPp)G%A<(|R(3
z4|?e3f{6;zpDciXpp@f|9(XXA*4@+UTPQ@~$<dBpeBXe8Wo=1q+MU*s&jkJJh`X-)
z&$RU?X<S<)oKlfA$eQ5%c5VEC_I*GQkM146GsG$-H|4uPcqX#By`!17Jsb9JsHyID
zb61+(sokmeN}C32NL7mt<Ro|x+&Z_qGcT8WLp%3@)$UDT5LS<ec0UkShb(;*tPVQ&
zFj(z;`qyC<BebTqtzSgf$bwl};Y+7^KZ$ma3?YN=X)>P)E7xKCKVxOiERr4nxN8#s
zIQ;$V^R&#ac>d(2(vXy-yXBR8roRgRpW$PuQSTENh+S3p-V@euD@pK_7+uV{Hg@!Z
z&k9gSqmOu6h~aym3e%o&Zv(CQo3-VQHwgER(B2_@Lx_48Yk!PFiS<JdiVWCl9;`5$
ztG(6U-%v{f1QY-O00;mPhZR?quQ**c82|v3qW}OA0001OVQFquWo>Y5VRU6KYIARH
z?LBLA+qSab`zvtOJID4NJss!e#F>-EP3vjW_{MHBcVbTpk&wh=ic|^Gj+*+v-(5WT
z1V~C&9!>3bT8RV}i^aaNfIfalNaw$~Gh=hw*(aS@9549(U?89L=QN;GHfKTHr++39
z>pS6Gz2k%3;pky+xYrww1}<Cp;S$@OviZWNG3)<_hr#!qF2Z-hAcj|OSj4?Bz+p!H
zA^sy@&sj`e8sqpM;X6E`NjwW9Z1^UOy(lC-!jr`!jN*S^iU){?=q#YmabS+kPeMP5
zVGI&0G{_{3hy>Ds=GS7t1&t^S3g~1*`k_N(iJg1`&*J5RAyghmUNBYTA;Mnpf(6rf
z1}{hHQ<qI>;>T~OpNL-XBF4ica@bE%m@Kw;`g(}-9HjEp6(sIN-a?_%`8AA5!kOD8
z<0K{lV=i+^9Fhg)oX}|Ai{lHJFptUaFVqmdlUbPfZV$Tleqg<yY2-Q~bo;$e$XiCd
zfX9rw2$jS$Mt;8vqYJ*E4(n+oe<xQn&zTXA6PHEaB@8)<!ntVv;wecxbQIdx;{Vrb
zO{(zP(6vm#73uU2_zVWy-g?cZf(Jq(`I2zW7J5lI=>bbIWCY|9oR~%w9{bF}Pg~uL
zQMR}A`>maw^M*<1=W3smmAl%^^{pO@1c0I7@)zNhJPoM7j6H|L>amECm!1=aJe<Vj
z1VqFOn2!s}S)45Fa~Ox=#i)mH*I6_rYz@NFj`8)>km)pLCA?FizNC>y$3Dx+G-xT$
z7dTs$$NRL+yA;6omUy_ebDp-+4D_ocN^z3e>zszWlj=8Upx+<4_)22oEXUBAIezSp
z?%f}b?(aR^yEok3>&w^gkvi{zqXS?@(1qopB&a;n*_#~ZiT5lFCf@YO9U1U0z0E_*
zy~=?@q@HP<o=LTC23^xKKa8cBZAcA)eSn5Y>eou3kKFAj`?!_zegD;hMM7?=e*`_I
zvzQN3LFHRrl9%!H1qgYU<e;1|CyBgxnSv-_g<x`Xvdvv+4kLY<2vb85ZEsH&%t7uP
z<u##YZr!ax&D6HKO}%@r)7$DMf%iwkq&nDcH~k&UB$V8YQrEytCgn#QN1>ZIDK{x>
zV|u{~XyoOgdv}O<Z*{j^XG?q_68#g2zJg)xF1jA(agk73O<Rs<TU$N%B6)!JoJHw^
zO5ytPQusNVHl;Sri(bGt*L$lnu%_)gGBw~7yoD1+Bk&VzB&<LZ3pVeI=u|os1w%gj
zA`-EP>LfxUW)lVZ)+z(#&Sie+9g7AflG#;m6`3-*Hz8+>Xl*%@^Qj7074eE>6-ikn
zvvwe?gw_pAq<*Wtk5b!uK`BTFHZNI<>WEtggue(wUybV++K6~wZq2lO*D&|O)CDe?
zeXo#tUaODZwz2V5d^f@RSL3x=U$a@2`Ay`iuz#7wON*k%D^GHbIdXsPIqDd_I>$;|
zVtT74r{<RW|7mCkvw0^bTnSxTTd+kGUV0Gr@_{0i7D1lHHFV+S-2L6*?j4y60aL&(
zJ$99~RFRb3y{ia#CJDvNMCYB6lY3cgn(GI#FAH4$Do6<;9)Ee?S+gH?F6fk%o##9g
zWRdoHIxScmKr8lgfu1RLREZ;`GfAT;a^=OdEH`v1*N^05H5r{!FVKrp80FI^%hGYG
zNi!?|Wa55agi%a%T^HUJ;^pG2swnBdkA-h}-oBYRS}l6YjbD+%QEzz1B!y{@8z_Tf
z&{qY$rlh9*FT6nL;-6T+BG38lsM^HB{dumD=>4YRcVjbX=vDFu?~NgUnR;IA=Q1GV
zga%&h{V6kNKL%4TV3>%i5=Ua6jD3&KST40|ZkQA1mo&O?!z)45(-|XX!KS_+UU9Mv
z6HNOt$~}LnU*l7q1SY~~CO)7jl|eN_)<p=&J1_>HjYAr_yi1&jp~`R)9*1)n4i*8P
z(!eF&961D&s+Zs@c~e1)J|VwxFo}9tppGFIcjfs$QT!!vpNEmi&I%@k4}b~gzIdL>
zAf1U1Z^H?hc(8JPGYO{=UCjPB0Y);&vHml$hUg8P3mmA^U8iA8eM$0&ISjMG#z93_
zpG}$M<C+x~Eyt8I#Bhm?&w^*+d>#f`I{+7*1%IhL<{=2P!`=W~SnGoWa;9LPb;J_L
z*UF#CzbB3#Chi#k?--G|HatByl9N+V)og8gmaNlLSob_ba>BzXW-b{o$*DJIM5q8@
zxEebD@tG)h7LdOLdK$S5w;R$F8R`_&@f!5hcBe9PvMur7sbNscW6b5eR;-+|;3p*`
z&@h?LLEZkz<Psl{IsLF*Am~mupvQv{9hG<~n(W+^)=C$8moT$uFg@U7x(3~~^*rLr
z5Nh&SseP$72FwGACZCP&FJR>Xyk2<g5`aqn4;qf#ETL_=_Y*>=;r1QZvNo_1H(WD%
zNj;yAJs+rIvE!(jVj3qrzq?Xu;PGSS4DFK%^*J*%yEfZv7R^15-j&(i5RJ6Ac&z-S
znzgpEm2_-$@7AuFmFbG8A9@_T?Byv0J_tR+olj(*D-;8gYe*<?T*UrJyokAGvs%Jd
zf!201O*+)|<xaS0-&&({++r!xE)>mg93{*S7?UhG|27R>=Cib=wV{cx#d90%4RgbQ
z&tU!BU)b^{jFD#t@V+EWasfaKJCSnlwZJdr-3gQ1>2ByG7~V;L4WRgpMuBwh=r~N`
z90-JbzO5rk=*jz8VhaOE5lYJc_CQN|;O!1DXasEFCAeB~?+W4u@P5A!$1w!1y)4@B
z+#WD`560M8hn<^9`N=t%I?7>MkMWGpO-k9U{jf?RN(2fgF<ac+>jS0*KiU_{#}T0x
zEUK)i@Pgz65vz&(;)K4R1}@S%s=(zrtU8U!_Ol<K?~s!vhd_qR8RwWt5paPmt{`GT
zsB;8WjXL`1(mf%+f}M15bO0xq7QK5>34tg^qJ)CW2xSZr2(TT<ffvYlM3hLt_p8Q*
z2P%SPt*2id4F!xe>Kye)Fb_c+5JnY~QANHvb!ITZ8Xl}JNfR(hA6w{#^)r+Ul7I+(
zSOTTuE5-u3a9lYwS@{VrkO5Xa^LRR-LjxpusDOk4rZVP)1()E~1gKWJ<SA+cL^_0_
zBkAiv9B7viJ4xEoeV1tN#n}S;X(mN1f*cdCvkH088GT+#ZHH0xQz03eCdC!1N>jRa
zpm{wW!+IzT!IeW<iIxP*K??Gc3K4V?gP7J_b9<khR*0ZJaq&2X1_O(s?vD1z>9b=c
zd!s&iNiRT-B*s)oI+@W+Mvj;9EDX}A>Zv3mnSgVcgqZ5UZ&>&SQ`jd9*{7%SnQD;T
zKKVaPDI`3Wpn=sd(Zwy;xNV-e;ZAwHI%`qXjP+98#9;!Op&YNa{RBksttSeK>PJ@X
zQ|okOkERP9jw25Oh9#IkyGZFjqvu|N2R=L#HAb(Kz`TaYbzaUo(8a=ERwZq}1^#Kk
z)xnh|S5p>~-Yep;$$K>di~5Tt(Jn_suliG<W-?B)tzY4J2rVQ3+tV^Im_rc6qCue+
zf)4=8L3xCK{YxOAn6one$Kf^kIJ$14aE<Cx^VK2gvv9G*ROSmo?b=>8j{*P8L0erf
zD+}cHr&3zVWJ^o0wU$g8n}bC&?6w}q2`s+OGX?G<^f1+gZY>1V754#*J967Zx)>_;
z_+08omZ^rE>Qd=e0Sz0Av?^An=2V{6y%j)PoE#k!>bej>T9TMWB7#CwKx%v<jY6K#
zpM<o}g$#?S<<+4`9#h|Q(U}k`HJ^FeN7W2rOi-%UM4xZQoD1SjGD6DeLM0nA15izQ
zsr@IR_K#wqFQ^V&BN=P#4#^yNFNPIPK!~N4)ktBzYYd*xoJ$8#TffZIA=IN1RzVo2
zm~}~H&}!L~H8sRgf`I#<!w8BoZejxKJldAluhzF(!RoDI@e0<iwrzvuYH77<c)h_`
znGBV-RB;q0xGOaa!}yaKtI{A<dsW5)ZB`vkYi-r4cIpP!=1!ly(aVwv`X|wXISCHU
zUicQz0wL-+VdM%SR(d9krZiAHTltoY(D$6>nGoZ5FS7K>lPp(4FKB<x2SO1t)cq|?
z$X=hw_C>{V)8x9bn!V6MZnr*o=-k_VNLlZp^WaWzZ|^?qjUVi}y}NhW`0nmxGQ8(f
z%PcyVrPDLEc6t-Juvu+uEHk$?3Md7KBA*19h_+HWC>F=B!fx4#pT-@Zb)c*I|2puo
zC$o(%yJSA@vA3S5wO#Y^14Ad@3oZ(^C9-cn>pN)At<`7cC&lk2`c<kuZcsasib!(_
zhpmt*?XjVv6MbB$U>>mQ3^xe3`NH>NdtJLKz#9}w>~c6Z6>0#^qORqeIL=U*nWI}&
z3QQUgdlcYk&2!kG$nu(T<q|0cqE-*4nCQwybHPOmwa_UPv)ZcO&Z`1$P;B)ovlTYR
zvrq5S!%wZSs8_A2T0N#w99Wd<YPhykrt2xv2KAWxmZb@DQ~{|LHI2X68Adm;)b&-X
zT+a=ie>GH;7S5=dyEXD%u8Wf56A@Zk&b8$mt}E`k|1S;F-f@e2Q|;@|^a#arXDgzW
z3h)xXhQhg(`md_3zRUBT;<ZgwHdhStIu*@dp8>X(J=X&=6dJEvcWo<B{^l(HjYYr7
z!r#EMn=N|1C9ktXD_icoRWMrW+R@rt=KLsTOI&M#+u_h)aaXgn*R}fW3zd_%FC+g1
z<>PBB8hg38RR=Ydhp$)P-B{OsThG0AJ$HQ_cO^n!y>7d?Ui%ByX%{^1B1c(khplH+
zR;U&J7HWj;v};!jY|Z{O*8bMi{C;z_zUM7zUVna|LhH?)7x?PV3D{{=TkmYGbFQs#
zE*@;Ft7mRg$85^uZKiJd)6^@kQ>Wans&j>E&Zc_g#yaGN`r}H@rVL|4t5#oMd|Ov+
zAaA>R;>~khecf<<lJDHAJsRtQo3!{pss6XA?$?qnzG<EBKdZjikdSYp>qhE$Z|ise
zmi4>sDwnKV<Si?f+Ey#IuFGvzk6TmC^m*!Uzmd9IYYo#X^-IRenMONYS;8CC&o)&u
zd^>fr8?TRDk#x6pu>Y_+*k&tY^g&u!k2aR0xxUq62|igp>$g+KYCZ<pQtz*z&D+$c
zuBe5+>N?aF>rd?ovgS*BTJE!bg*T#EF7Ld(3T;DIp{cwv>JTDt*!*^GLn~kV`Q@%b
ztKL^y;o`JYMP7D$qal!F19z4cuHfDLMP*IJt?ZQI&T{8}OnE$GAy?sQ<3e*lgH1!Z
zgK;7@QH;$dNg%AqQ(x|7HNvgk7Kt{vF(P0IUg%w1lBcfg$#wftD<6(Irfm?91q}pQ
z_KCc5wF{OkikMHO64;+69=MqvNGyCI@*8d$7yICo6Yo!W;$bcce<cEz)ddt|k+j<<
z<1qBQ<msE&V&^&Q8P70B_ACVVSalu)8(c6q|426C#qnN-t~c={$7FBv+uY@`^6zl7
zNI_340B~<NPY3n5OrErcYoEAFkV4PtDw|zw$v!x2p~#rE^a2NrS`h#C`bF-k3iJvs
zc{0Xb!rZK*aGrgGAi!IA$ZGo8j?}K(3+hGhUFLgp+-E&F>pVK^bjihK;Tin9qxeMb
zM)o3xDg~b*vz|oGb6nM*pYGnhcYq&%rhHcHL9Za(F>zO&v>fL(W5?7oE5R~cFVu<Y
z)RsuHxcFLA=517yUtJJoliyl-R!%m2jmI2z(KY&v#~h^5uPLw0U8!Dku)*w0rLXHO
zU}J=^(xHhjd^ddoF?%JX{kHW20A0&fxXZoJ!cq%a@A{~|^~W39l;5{I0&#o1;l{Y$
z9&h-&9B-(X?DDyWieR_&gPTt;Sbnpi`Pf3cj;;01W)lwP2&Oq^S}7FUc#Xd)@M*o!
zwSi9S0OvNaxeaXoae+;9Kw}PMOaV-(EU-CXX%18}%X+?9ExFQhE?dB{wif)V0+dz<
zzY4z^)jFU0wS^t)J0;dIW1aBg_KcN&{I@z|^%d^@Sbyp2cK2sfKZKJj#yix<p!Baz
zk@Ukivm;dfC9KcBCsdWQ>d(Q|B>h_cR9dd<rha}#)~2_}V1hUCz_?#kdmoa8K~o+)
z%)Kt>D^|`JmSV38S+d_cwx!PSaFh>GhkGa|)cJU(jpbQq{|tYfn<13Js6PY`_^g9r
z42M_mpds=Ad>p}J#jo%Uo+Cet-rs*uPO&;TojrWU-}=VF1d3%*oQXK3cw{iE)t1ED
z;)Ln4wf<S>8ix}H8{c|vJQD*wl*kF^8^6b({Ya186;FA*1Sg!uF{lSFF`Uy6#m?8)
z-E2Y+%M;2|<d;AE)D1rZVx*MGh_A@wxuU~^@dL*l-DSP8J9K+{&iG-EvdO*P@ID)j
z?z3HIa+eAKtwu?wh|$+;8cdmZtT5lh72>beSps+<PMw@dA70MIRTYIV5zTwUy$3`5
zyH+rYWRjKeD5v5Fu=T_WAnvIC<>wDA&qog|FYes4_1N39yxF_6YkBkFo~_U5{;my!
z-MbHM@N$Hz0Nfouw4uJcH?o3EM;l(B1NFt3;Aeub)w+o_fmIfY@k4A_zHF9fvH(nQ
zhB_6HV-PWb5ChSGj>AjIHX@sHDtTuJ-?afyk3djT^&Vzkf>-qt%wjnz@oXj{Ae?)x
zgmY9D&N~glS&$YnKk+6Xyq;xgqQXf&@-d~^b*{~`d~!qNiq6hD7|myi419to8jMYU
zL^rtD_DmipOpkMlObt1JM)3db9Xw-L00r$OwV<)0fvCC?Q#%U4)j-$hG@_G<=WL5A
zm=m#(JDXl+R3;uz&}fKeQr+UoZmEa7@@fh^pXC?K0oQLHyri)sm$;BT5>RCEG4KhB
zmtbx-iECj90#^I(rVm~TldEuAP#<tq!jQzF<lZ2ek69$^iDf&y5>TiNcpK&cWU}Nk
z$D31M3=NFy&6D|wHw{EuEr<`jsTT`jzrMyH_$<8oA;kJ;E#oG!*(-^SSU!-LJ2r_i
zf&G#ab5hA5lK+yjpqRg=p%;*CZ1sc8VdBTG=&IW0A7Mla{)@lV4n(2-g|}G92RlZ2
zJIF~}6_HwzJAuUwVEU*9`1YyHt^OTkt(x2YhY1|6NO<)EbGSIr&?tcSECRUO%4DhD
zUyo3VQ~)~Ncwfdre!rkg(81s_oiE@;0ZP87OP8-E5Mx95e4tK-;LS4(I~Ok<kfP_h
zgO@M0;N|5GK5Yv$gwSPRMKeLG;&Vc|Bi==T2EN1`BM5z7GKU4pRI*48Jx-%JbCqx^
z3wsPO4(ak!NUFfA$Q2)+e(<<t+H9uSb{d7r!t_EO<9vnZB7ahCM#G_ErWfKWlZ=m-
zB_8yUd4`hj|Bkk!Mm?jRRen&8Pvn|nz%8DOjT!P_HGWB*r{}3&{p5U6Sxlo6f`vD0
zq0tIUiH<*p(mL04Bx6#p&R+ENrYJO1sV(td=eFc24w1@A6Fq~ci-oT?4SPE2)6*e7
zAB_EQtj}~vkZDG!FEazzXQm39(jCzDN}p;9JtcXT>$D_1^4rjw2$ej{Z8_bRUQYXd
zm0r`EUKL!*m;L*r2K)<K9!U1o$UMTcY2kCVb$;-O<oX`eB-$R4^gg9Sku7I|1Na=A
zEP+Yq{a0d-_}#f|mK{N=Z>v_~XpYHkjgz6B;_3r&t@$G&G><~|QJRc?Evf}B*)ff0
z2Q@iuAwZ9CTU)|;r0?U3RIlrPed%d&x6ihmD^>xv%i!j6uzHbJs03_Ed8^*HR~_Hh
z0@`Ni=H%HnO=-}@YIL6ddT7STQMZa&YQt+T87Rn5!x;|MC4Y@5s<6%c(1ih!b|_>w
znVRu1JZ(N3e_N?}gG$XN?OU$ZG$`M-H<Fs`H+AndDmdGAUBO~};?e=V*S${Vz^02e
zFKd{o#tydUNMqq=K^*kGsfSH1b3V(@@myGk$BQSAc^rko^a<`k?mr%=Z{#tXKRFfQ
zBwm3qX5=v?5aUk{vam%RTGkG}mOg$Fgja#bx!B5jBEAv%_3?l{!RrF>Dlm0&THI@-
zDbytkpHYriHB2C`l-FX+Vf2Z*0~N0zfsXyh13>TbVDaQEfGMctgD3_S7fi|I3GQ;H
zcTeFZ7P;L{<E6C5tFF589$9h3U&M~MuL3Q{m}-j%1jBf}D<jTw3}0y+19x_b8xl5|
zh-3durGm%|uZ#dNSQ*QL$a7|@Q+B3YTp`;}C#Kg%Y&B#qb8eYNU7{PwdMwM!G;qwn
z&c?B=t*Eik3k-|-qI_9gm0n_v|FW}70c6TEZs?f6YsL_qBhjtVxix}jSDhM#a>HiL
z*|w)6Mf<TgpAsH92gbl3FWrSm-=|}4xw%0yu6~+QX7B={H9k;&8o!*Lb%5(#h;Yt2
z_wOz~z}Fc=rJ8<!($3;pt*I@zvG=$w@>^w?raHdbO2O5N{0i2=>bKYW>vliAlEi8E
zYdo9z@t<{nBcno?+L>66+THLh-^%A@RzupF7r1fqVGSoyq23&fXfLqDW|iM^JI^aO
znTIrRv>RgmVYLFUquX4%#C=M1A&W8F`ed#}fgIe$6<O`&mqXw7Zk=PXX+{D2nx{&g
zsaqeGU%&s?KERuiNrV~qAp^jf7BE=C2%_Le4j^m8wuAzriGg7WV<hmj0vrn}&<#PK
c;z1blPYuh2Pk=Wo8%PN=5bg%j$qpbM0M{B@2><{9

literal 0
HcmV?d00001

diff --git a/Solutions/Votiro/Package/mainTemplate.json b/Solutions/Votiro/Package/mainTemplate.json
index 7878d1be2e9..1fd59e23e1b 100644
--- a/Solutions/Votiro/Package/mainTemplate.json
+++ b/Solutions/Votiro/Package/mainTemplate.json
@@ -38,62 +38,50 @@
     }
   },
   "variables": {
-    "solutionId": "votirocybersecltd1670174946024.votiro_data_connector",
-    "_solutionId": "[variables('solutionId')]",
     "email": "support@votiro.com",
     "_email": "[variables('email')]",
-    "workspaceResourceId": "[resourceId('microsoft.OperationalInsights/Workspaces', parameters('workspace'))]",
+    "_solutionName": "Votiro",
+    "_solutionVersion": "3.0.0",
+    "solutionId": "votirocybersecltd1670174946024.votiro_data_connector",
+    "_solutionId": "[variables('solutionId')]",
     "uiConfigId1": "Votiro",
     "_uiConfigId1": "[variables('uiConfigId1')]",
     "dataConnectorContentId1": "Votiro",
     "_dataConnectorContentId1": "[variables('dataConnectorContentId1')]",
     "dataConnectorId1": "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/dataConnectors', variables('_dataConnectorContentId1'))]",
     "_dataConnectorId1": "[variables('dataConnectorId1')]",
-    "dataConnectorTemplateSpecName1": "[concat(parameters('workspace'),'-dc-',uniquestring(variables('_dataConnectorContentId1')))]",
+    "dataConnectorTemplateSpecName1": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-dc-',uniquestring(variables('_dataConnectorContentId1'))))]",
     "dataConnectorVersion1": "1.0.0",
-    "parserVersion1": "1.0.0",
-    "parserContentId1": "VotiroEvents-Parser",
-    "_parserContentId1": "[variables('parserContentId1')]",
+    "_dataConnectorcontentProductId1": "[concat(take(variables('_solutionId'),50),'-','dc','-', uniqueString(concat(variables('_solutionId'),'-','DataConnector','-',variables('_dataConnectorContentId1'),'-', variables('dataConnectorVersion1'))))]",
     "parserName1": "VotiroEvents",
     "_parserName1": "[concat(parameters('workspace'),'/',variables('parserName1'))]",
     "parserId1": "[resourceId('Microsoft.OperationalInsights/workspaces/savedSearches', parameters('workspace'), variables('parserName1'))]",
     "_parserId1": "[variables('parserId1')]",
-    "parserTemplateSpecName1": "[concat(parameters('workspace'),'-pr-',uniquestring(variables('_parserContentId1')))]",
+    "parserTemplateSpecName1": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-pr-',uniquestring(variables('_parserContentId1'))))]",
+    "parserVersion1": "1.0.0",
+    "parserContentId1": "VotiroEvents-Parser",
+    "_parserContentId1": "[variables('parserContentId1')]",
+    "_parsercontentProductId1": "[concat(take(variables('_solutionId'),50),'-','pr','-', uniqueString(concat(variables('_solutionId'),'-','Parser','-',variables('_parserContentId1'),'-', variables('parserVersion1'))))]",
     "workbookVersion1": "1.0.0",
     "workbookContentId1": "VotiroWorkbook",
     "workbookId1": "[resourceId('Microsoft.Insights/workbooks', variables('workbookContentId1'))]",
-    "workbookTemplateSpecName1": "[concat(parameters('workspace'),'-wb-',uniquestring(variables('_workbookContentId1')))]",
-    "_workbookContentId1": "[variables('workbookContentId1')]"
+    "workbookTemplateSpecName1": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-wb-',uniquestring(variables('_workbookContentId1'))))]",
+    "_workbookContentId1": "[variables('workbookContentId1')]",
+    "workspaceResourceId": "[resourceId('microsoft.OperationalInsights/Workspaces', parameters('workspace'))]",
+    "_workbookcontentProductId1": "[concat(take(variables('_solutionId'),50),'-','wb','-', uniqueString(concat(variables('_solutionId'),'-','Workbook','-',variables('_workbookContentId1'),'-', variables('workbookVersion1'))))]",
+    "_solutioncontentProductId": "[concat(take(variables('_solutionId'),50),'-','sl','-', uniqueString(concat(variables('_solutionId'),'-','Solution','-',variables('_solutionId'),'-', variables('_solutionVersion'))))]"
   },
   "resources": [
     {
-      "type": "Microsoft.Resources/templateSpecs",
-      "apiVersion": "2022-02-01",
+      "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates",
+      "apiVersion": "2023-04-01-preview",
       "name": "[variables('dataConnectorTemplateSpecName1')]",
       "location": "[parameters('workspace-location')]",
-      "tags": {
-        "hidden-sentinelWorkspaceId": "[variables('workspaceResourceId')]",
-        "hidden-sentinelContentType": "DataConnector"
-      },
-      "properties": {
-        "description": "Votiro data connector with template",
-        "displayName": "Votiro template"
-      }
-    },
-    {
-      "type": "Microsoft.Resources/templateSpecs/versions",
-      "apiVersion": "2022-02-01",
-      "name": "[concat(variables('dataConnectorTemplateSpecName1'),'/',variables('dataConnectorVersion1'))]",
-      "location": "[parameters('workspace-location')]",
-      "tags": {
-        "hidden-sentinelWorkspaceId": "[variables('workspaceResourceId')]",
-        "hidden-sentinelContentType": "DataConnector"
-      },
       "dependsOn": [
-        "[resourceId('Microsoft.Resources/templateSpecs', variables('dataConnectorTemplateSpecName1'))]"
+        "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
       ],
       "properties": {
-        "description": "Votiro data connector with template version 2.0.0",
+        "description": "Votiro data connector with template version 3.0.0",
         "mainTemplate": {
           "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
           "contentVersion": "[variables('dataConnectorVersion1')]",
@@ -102,7 +90,7 @@
           "resources": [
             {
               "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',variables('_dataConnectorContentId1'))]",
-              "apiVersion": "2023-05-01-preview",
+              "apiVersion": "2021-03-01-preview",
               "type": "Microsoft.OperationalInsights/workspaces/providers/dataConnectors",
               "location": "[parameters('workspace-location')]",
               "kind": "GenericUI",
@@ -135,7 +123,7 @@
                     {
                       "type": "IsConnectedQuery",
                       "value": [
-                        "CommonSecurityLog\n| where DeviceVendor == \"Votiro\" and DeviceProduct == \"Votiro cloud\"\n| summarize LastLogReceived = max(TimeGenerated)\n| project IsConnected = LastLogReceived > ago(30d)"
+                        "CommonSecurityLog\n| where DeviceVendor == \"Votiro\" and DeviceProduct == \"Votiro cloud\"\n| summarize LastLogReceived = max(TimeGenerated)\n| project IsConnected = LastLogReceived > ago(3d)"
                       ]
                     }
                   ],
@@ -243,7 +231,7 @@
             },
             {
               "type": "Microsoft.OperationalInsights/workspaces/providers/metadata",
-              "apiVersion": "2023-05-01-preview",
+              "apiVersion": "2023-04-01-preview",
               "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('DataConnector-', last(split(variables('_dataConnectorId1'),'/'))))]",
               "properties": {
                 "parentId": "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/dataConnectors', variables('_dataConnectorContentId1'))]",
@@ -268,12 +256,23 @@
               }
             }
           ]
-        }
+        },
+        "packageKind": "Solution",
+        "packageVersion": "[variables('_solutionVersion')]",
+        "packageName": "[variables('_solutionName')]",
+        "packageId": "[variables('_solutionId')]",
+        "contentSchemaVersion": "3.0.0",
+        "contentId": "[variables('_dataConnectorContentId1')]",
+        "contentKind": "DataConnector",
+        "displayName": "Votiro Sanitization Engine Logs",
+        "contentProductId": "[variables('_dataConnectorcontentProductId1')]",
+        "id": "[variables('_dataConnectorcontentProductId1')]",
+        "version": "[variables('dataConnectorVersion1')]"
       }
     },
     {
       "type": "Microsoft.OperationalInsights/workspaces/providers/metadata",
-      "apiVersion": "2023-05-01-preview",
+      "apiVersion": "2023-04-01-preview",
       "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('DataConnector-', last(split(variables('_dataConnectorId1'),'/'))))]",
       "dependsOn": [
         "[variables('_dataConnectorId1')]"
@@ -303,7 +302,7 @@
     },
     {
       "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',variables('_dataConnectorContentId1'))]",
-      "apiVersion": "2023-05-01-preview",
+      "apiVersion": "2021-03-01-preview",
       "type": "Microsoft.OperationalInsights/workspaces/providers/dataConnectors",
       "location": "[parameters('workspace-location')]",
       "kind": "GenericUI",
@@ -329,7 +328,7 @@
             {
               "type": "IsConnectedQuery",
               "value": [
-                "CommonSecurityLog\n| where DeviceVendor == \"Votiro\" and DeviceProduct == \"Votiro cloud\"\n| summarize LastLogReceived = max(TimeGenerated)\n| project IsConnected = LastLogReceived > ago(30d)"
+                "CommonSecurityLog\n| where DeviceVendor == \"Votiro\" and DeviceProduct == \"Votiro cloud\"\n| summarize LastLogReceived = max(TimeGenerated)\n| project IsConnected = LastLogReceived > ago(3d)"
               ]
             }
           ],
@@ -425,33 +424,15 @@
       }
     },
     {
-      "type": "Microsoft.Resources/templateSpecs",
-      "apiVersion": "2022-02-01",
+      "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates",
+      "apiVersion": "2023-04-01-preview",
       "name": "[variables('parserTemplateSpecName1')]",
       "location": "[parameters('workspace-location')]",
-      "tags": {
-        "hidden-sentinelWorkspaceId": "[variables('workspaceResourceId')]",
-        "hidden-sentinelContentType": "Parser"
-      },
-      "properties": {
-        "description": "VotiroEvents Data Parser with template",
-        "displayName": "VotiroEvents Data Parser template"
-      }
-    },
-    {
-      "type": "Microsoft.Resources/templateSpecs/versions",
-      "apiVersion": "2022-02-01",
-      "name": "[concat(variables('parserTemplateSpecName1'),'/',variables('parserVersion1'))]",
-      "location": "[parameters('workspace-location')]",
-      "tags": {
-        "hidden-sentinelWorkspaceId": "[variables('workspaceResourceId')]",
-        "hidden-sentinelContentType": "Parser"
-      },
       "dependsOn": [
-        "[resourceId('Microsoft.Resources/templateSpecs', variables('parserTemplateSpecName1'))]"
+        "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
       ],
       "properties": {
-        "description": "VotiroEvents Data Parser with template version 2.0.0",
+        "description": "VotiroEvents Data Parser with template version 3.0.0",
         "mainTemplate": {
           "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
           "contentVersion": "[variables('parserVersion1')]",
@@ -460,7 +441,7 @@
           "resources": [
             {
               "name": "[variables('_parserName1')]",
-              "apiVersion": "2023-05-01",
+              "apiVersion": "2022-10-01",
               "type": "Microsoft.OperationalInsights/workspaces/savedSearches",
               "location": "[parameters('workspace-location')]",
               "properties": {
@@ -469,6 +450,7 @@
                 "category": "Samples",
                 "functionAlias": "VotiroEvents",
                 "query": "\nCommonSecurityLog\r\n| where DeviceVendor == \"Votiro\" and DeviceProduct == \"Votiro cloud\"\r\n| parse-kv AdditionalExtensions as (companyName: string, correlationId:guid, itemId: guid, fileName: string, fileSize: int, passwordProtected: bool, AVResult: string, threatCount: int, blockedCount: int, threats: string, fileModification: string, sanitizationResult: string, sanitizationTime: int, connectorType: string, connectorName: string, connectorId: dynamic, policyName: string, exceptionId: dynamic, incidentURL: dynamic, messageId: dynamic, subject: string, from: string, recipients: string) with (pair_delimiter=\";\", kv_delimiter=\"=\")\r\n| project-rename\r\n    SrcFileSHA256=FileHash\r\n| project-away AdditionalExtensions",
+                "functionParameters": "",
                 "version": 1,
                 "tags": [
                   {
@@ -480,7 +462,7 @@
             },
             {
               "type": "Microsoft.OperationalInsights/workspaces/providers/metadata",
-              "apiVersion": "2023-05-01-preview",
+              "apiVersion": "2022-01-01-preview",
               "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('Parser-', last(split(variables('_parserId1'),'/'))))]",
               "dependsOn": [
                 "[variables('_parserName1')]"
@@ -508,12 +490,23 @@
               }
             }
           ]
-        }
+        },
+        "packageKind": "Solution",
+        "packageVersion": "[variables('_solutionVersion')]",
+        "packageName": "[variables('_solutionName')]",
+        "packageId": "[variables('_solutionId')]",
+        "contentSchemaVersion": "3.0.0",
+        "contentId": "[variables('_parserContentId1')]",
+        "contentKind": "Parser",
+        "displayName": "VotiroEvents",
+        "contentProductId": "[variables('_parsercontentProductId1')]",
+        "id": "[variables('_parsercontentProductId1')]",
+        "version": "[variables('parserVersion1')]"
       }
     },
     {
       "type": "Microsoft.OperationalInsights/workspaces/savedSearches",
-      "apiVersion": "2023-05-01",
+      "apiVersion": "2022-10-01",
       "name": "[variables('_parserName1')]",
       "location": "[parameters('workspace-location')]",
       "properties": {
@@ -522,12 +515,19 @@
         "category": "Samples",
         "functionAlias": "VotiroEvents",
         "query": "\nCommonSecurityLog\r\n| where DeviceVendor == \"Votiro\" and DeviceProduct == \"Votiro cloud\"\r\n| parse-kv AdditionalExtensions as (companyName: string, correlationId:guid, itemId: guid, fileName: string, fileSize: int, passwordProtected: bool, AVResult: string, threatCount: int, blockedCount: int, threats: string, fileModification: string, sanitizationResult: string, sanitizationTime: int, connectorType: string, connectorName: string, connectorId: dynamic, policyName: string, exceptionId: dynamic, incidentURL: dynamic, messageId: dynamic, subject: string, from: string, recipients: string) with (pair_delimiter=\";\", kv_delimiter=\"=\")\r\n| project-rename\r\n    SrcFileSHA256=FileHash\r\n| project-away AdditionalExtensions",
-        "version": 1
+        "functionParameters": "",
+        "version": 1,
+        "tags": [
+          {
+            "name": "description",
+            "value": "VotiroEvents"
+          }
+        ]
       }
     },
     {
       "type": "Microsoft.OperationalInsights/workspaces/providers/metadata",
-      "apiVersion": "2023-05-01-preview",
+      "apiVersion": "2022-01-01-preview",
       "location": "[parameters('workspace-location')]",
       "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('Parser-', last(split(variables('_parserId1'),'/'))))]",
       "dependsOn": [
@@ -556,33 +556,15 @@
       }
     },
     {
-      "type": "Microsoft.Resources/templateSpecs",
-      "apiVersion": "2022-02-01",
+      "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates",
+      "apiVersion": "2023-04-01-preview",
       "name": "[variables('workbookTemplateSpecName1')]",
       "location": "[parameters('workspace-location')]",
-      "tags": {
-        "hidden-sentinelWorkspaceId": "[variables('workspaceResourceId')]",
-        "hidden-sentinelContentType": "Workbook"
-      },
-      "properties": {
-        "description": "Votiro Workbook with template",
-        "displayName": "Votiro workbook template"
-      }
-    },
-    {
-      "type": "Microsoft.Resources/templateSpecs/versions",
-      "apiVersion": "2022-02-01",
-      "name": "[concat(variables('workbookTemplateSpecName1'),'/',variables('workbookVersion1'))]",
-      "location": "[parameters('workspace-location')]",
-      "tags": {
-        "hidden-sentinelWorkspaceId": "[variables('workspaceResourceId')]",
-        "hidden-sentinelContentType": "Workbook"
-      },
       "dependsOn": [
-        "[resourceId('Microsoft.Resources/templateSpecs', variables('workbookTemplateSpecName1'))]"
+        "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
       ],
       "properties": {
-        "description": "Votiro Monitoring DashboardWorkbook with template version 2.0.0",
+        "description": "Votiro Monitoring DashboardWorkbook Workbook with template version 3.0.0",
         "mainTemplate": {
           "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
           "contentVersion": "[variables('workbookVersion1')]",
@@ -594,13 +576,13 @@
               "name": "[variables('workbookContentId1')]",
               "location": "[parameters('workspace-location')]",
               "kind": "shared",
-              "apiVersion": "2023-05-01",
+              "apiVersion": "2021-08-01",
               "metadata": {
                 "description": "Votiro Workbook Description"
               },
               "properties": {
                 "displayName": "[parameters('workbook1-name')]",
-                "serializedData": "{\"version\":\"Notebook/1.0\",\"items\":[{\"type\":1,\"content\":{\"json\":\"## This Workbook is used to analyse file sanitization data from Votiro's endpoints.\"},\"customWidth\":\"90\",\"name\":\"text - 5\",\"styleSettings\":{\"maxWidth\":\"90\"}},{\"type\":9,\"content\":{\"version\":\"KqlParameterItem/1.0\",\"parameters\":[{\"id\":\"8b8cd15e-bd0d-4cb9-aef6-07e117e2cf5a\",\"version\":\"KqlParameterItem/1.0\",\"name\":\"TimeRange\",\"type\":4,\"isRequired\":true,\"value\":{\"durationMs\":604800000},\"typeSettings\":{\"selectableValues\":[{\"durationMs\":300000},{\"durationMs\":900000},{\"durationMs\":1800000},{\"durationMs\":3600000},{\"durationMs\":14400000},{\"durationMs\":43200000},{\"durationMs\":86400000},{\"durationMs\":172800000},{\"durationMs\":259200000},{\"durationMs\":604800000},{\"durationMs\":1209600000},{\"durationMs\":2419200000},{\"durationMs\":2592000000}],\"allowCustom\":true},\"timeContext\":{\"durationMs\":86400000},\"label\":\"Select TimeRange\"}],\"style\":\"above\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\"},\"customWidth\":\"10\",\"name\":\"parameters - 4\",\"styleSettings\":{\"maxWidth\":\"10\"}},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"VotiroEvents\\n| where TimeGenerated {TimeRange}\\n| summarize Count = count() by connectorType\\n| where connectorType =~ \\\"File connector\\\" or connectorType =~ \\\"Email connector\\\"\",\"size\":3,\"title\":\"Incoming Traffic(Data Source)\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"tiles\",\"tileSettings\":{\"titleContent\":{\"columnMatch\":\"connectorType\",\"formatter\":1},\"leftContent\":{\"columnMatch\":\"Count\",\"formatter\":12,\"formatOptions\":{\"palette\":\"auto\"},\"numberFormat\":{\"unit\":17,\"options\":{\"style\":\"decimal\",\"maximumSignificantDigits\":2}}},\"showBorder\":true}},\"customWidth\":\"40\",\"name\":\"query - 3\",\"styleSettings\":{\"showBorder\":true}},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"VotiroEvents\\n| where TimeGenerated {TimeRange}\\n| summarize Count=count() by sanitizationResult\\n| where sanitizationResult in (\\\"Blocked\\\", \\\"Sanitized\\\", \\\"Partially sanitized\\\", \\\"Skipped\\\")\\n\",\"size\":3,\"title\":\"Scanned Files(Threats)\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"tiles\",\"tileSettings\":{\"titleContent\":{\"columnMatch\":\"sanitizationResult\",\"formatter\":1},\"leftContent\":{\"columnMatch\":\"Count\",\"formatter\":12,\"formatOptions\":{\"palette\":\"auto\"},\"numberFormat\":{\"unit\":17,\"options\":{\"style\":\"decimal\",\"maximumSignificantDigits\":2}}},\"showBorder\":true,\"rowLimit\":10}},\"customWidth\":\"60\",\"name\":\"query - 2\",\"styleSettings\":{\"maxWidth\":\"60\",\"showBorder\":true}},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"VotiroEvents\\n| where TimeGenerated {TimeRange}\\n| extend total = threatCount, timestamp = TimeGenerated\\n| extend dayOfMonth = format_datetime(TimeGenerated, \\\"dd/MM\\\")\\n| summarize sum(total) by dayOfMonth\\n| order by dayOfMonth asc\\n| render barchart\",\"size\":0,\"title\":\"Threats Disarmed(Threat Count Per Day)\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"chartSettings\":{\"xAxis\":\"dayOfMonth\",\"group\":\"dayOfMonth\",\"createOtherGroup\":100,\"showLegend\":true,\"ySettings\":{\"min\":0}}},\"name\":\"query - 3\",\"styleSettings\":{\"showBorder\":true}},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"VotiroEvents\\n| where TimeGenerated {TimeRange}\\n| summarize Count=count() by FileType\\n| order by Count desc\\n| limit 8\\n| render barchart\",\"size\":0,\"title\":\"Incoming Files\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"chartSettings\":{\"showLegend\":true}},\"customWidth\":\"100\",\"name\":\"query - 1\",\"styleSettings\":{\"showBorder\":true}}],\"fromTemplateId\":\"sentinel-Votiro\",\"$schema\":\"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"}\n",
+                "serializedData": "{\"version\":\"Notebook/1.0\",\"items\":[{\"type\":1,\"content\":{\"json\":\"## This Workbook is used to analyse file sanitization data from Votiro's endpoints.\"},\"customWidth\":\"90\",\"name\":\"text - 5\",\"styleSettings\":{\"maxWidth\":\"90\"}},{\"type\":9,\"content\":{\"version\":\"KqlParameterItem/1.0\",\"parameters\":[{\"id\":\"8b8cd15e-bd0d-4cb9-aef6-07e117e2cf5a\",\"version\":\"KqlParameterItem/1.0\",\"name\":\"TimeRange\",\"type\":4,\"isRequired\":true,\"value\":{\"durationMs\":604800000},\"typeSettings\":{\"selectableValues\":[{\"durationMs\":300000},{\"durationMs\":900000},{\"durationMs\":1800000},{\"durationMs\":3600000},{\"durationMs\":14400000},{\"durationMs\":43200000},{\"durationMs\":86400000},{\"durationMs\":172800000},{\"durationMs\":259200000},{\"durationMs\":604800000},{\"durationMs\":1209600000},{\"durationMs\":2419200000},{\"durationMs\":2592000000}],\"allowCustom\":true},\"timeContext\":{\"durationMs\":86400000},\"label\":\"Select TimeRange\"}],\"style\":\"above\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\"},\"customWidth\":\"10\",\"name\":\"parameters - 4\",\"styleSettings\":{\"maxWidth\":\"10\"}},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"VotiroEvents\\n| where TimeGenerated {TimeRange}\\n| where ConnectorType == \\\"File connector\\\" or ConnectorType == \\\"Email connector\\\"\\n | summarize Count = count() by ConnectorType\\n\",\"size\":3,\"title\":\"Incoming Traffic(Data Source)\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"tiles\",\"tileSettings\":{\"titleContent\":{\"columnMatch\":\"connectorType\",\"formatter\":1},\"leftContent\":{\"columnMatch\":\"Count\",\"formatter\":12,\"formatOptions\":{\"palette\":\"auto\"},\"numberFormat\":{\"unit\":17,\"options\":{\"style\":\"decimal\",\"maximumSignificantDigits\":2}}},\"showBorder\":true}},\"customWidth\":\"40\",\"name\":\"query - 3\",\"styleSettings\":{\"showBorder\":true}},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"VotiroEvents\\n| where TimeGenerated {TimeRange}\\n| where SanitizationResult != \\\"\\\"\\n| where SanitizationResult in (\\\"Blocked\\\", \\\"Sanitized\\\", \\\"Partially sanitized\\\", \\\"Skipped\\\")\\n | summarize Count=count() by SanitizationResult\\n\",\"size\":3,\"title\":\"Scanned Files(Threats)\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"tiles\",\"tileSettings\":{\"titleContent\":{\"columnMatch\":\"sanitizationResult\",\"formatter\":1},\"leftContent\":{\"columnMatch\":\"Count\",\"formatter\":12,\"formatOptions\":{\"palette\":\"auto\"},\"numberFormat\":{\"unit\":17,\"options\":{\"style\":\"decimal\",\"maximumSignificantDigits\":2}}},\"showBorder\":true,\"rowLimit\":10}},\"customWidth\":\"60\",\"name\":\"query - 2\",\"styleSettings\":{\"maxWidth\":\"60\",\"showBorder\":true}},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"VotiroEvents\\n| where TimeGenerated {TimeRange}\\n| extend total = threatCount, timestamp = TimeGenerated\\n| extend dayOfMonth = format_datetime(TimeGenerated, \\\"dd/MM\\\")\\n| summarize sum(total) by dayOfMonth\\n| order by dayOfMonth asc\\n| render barchart\",\"size\":0,\"title\":\"Threats Disarmed(Threat Count Per Day)\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"chartSettings\":{\"xAxis\":\"dayOfMonth\",\"group\":\"dayOfMonth\",\"createOtherGroup\":100,\"showLegend\":true,\"ySettings\":{\"min\":0}}},\"name\":\"query - 3\",\"styleSettings\":{\"showBorder\":true}},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"VotiroEvents\\n| where TimeGenerated {TimeRange}\\n| summarize Count=count() by FileType\\n| order by Count desc\\n| limit 8\\n| render barchart\",\"size\":0,\"title\":\"Incoming Files\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"chartSettings\":{\"showLegend\":true}},\"customWidth\":\"100\",\"name\":\"query - 1\",\"styleSettings\":{\"showBorder\":true}}],\"fromTemplateId\":\"sentinel-Votiro\",\"$schema\":\"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"}\n",
                 "version": "1.0",
                 "sourceId": "[variables('workspaceResourceId')]",
                 "category": "sentinel"
@@ -608,7 +590,7 @@
             },
             {
               "type": "Microsoft.OperationalInsights/workspaces/providers/metadata",
-              "apiVersion": "2023-05-01-preview",
+              "apiVersion": "2022-01-01-preview",
               "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('Workbook-', last(split(variables('workbookId1'),'/'))))]",
               "properties": {
                 "description": "@{workbookKey=VotiroWorkbook; logoFileName=; description=Votiro Workbook Description; dataTypesDependencies=System.Object[]; dataConnectorsDependencies=System.Object[]; previewImagesFileNames=System.Object[]; version=1.0.0; title=Votiro; templateRelativePath=Votiro Monitoring Dashboard.json; subtitle=; provider=Votiro}.description",
@@ -647,17 +629,35 @@
               }
             }
           ]
-        }
+        },
+        "packageKind": "Solution",
+        "packageVersion": "[variables('_solutionVersion')]",
+        "packageName": "[variables('_solutionName')]",
+        "packageId": "[variables('_solutionId')]",
+        "contentSchemaVersion": "3.0.0",
+        "contentId": "[variables('_workbookContentId1')]",
+        "contentKind": "Workbook",
+        "displayName": "[parameters('workbook1-name')]",
+        "contentProductId": "[variables('_workbookcontentProductId1')]",
+        "id": "[variables('_workbookcontentProductId1')]",
+        "version": "[variables('workbookVersion1')]"
       }
     },
     {
-      "type": "Microsoft.OperationalInsights/workspaces/providers/metadata",
-      "apiVersion": "2023-05-01-preview",
+      "type": "Microsoft.OperationalInsights/workspaces/providers/contentPackages",
+      "apiVersion": "2023-04-01-preview",
       "location": "[parameters('workspace-location')]",
       "properties": {
-        "version": "2.0.0",
+        "version": "3.0.0",
         "kind": "Solution",
-        "contentSchemaVersion": "2.0.0",
+        "contentSchemaVersion": "3.0.0",
+        "displayName": "Votiro",
+        "publisherDisplayName": "Votiro",
+        "descriptionHtml": "<p><strong>Note:</strong> <em>There may be <a href=\"https://aka.ms/sentinelsolutionsknownissues\">known issues</a> pertaining to this Solution, please refer to them before installing.</em></p>\n<p>Threat related information will be sent from Votiro Sanitization Engine to Microsoft Sentinel, allowing customers to better mitigate cyber attack, do effective threat hunting and enrich cyber security alerts.</p>\n<p><strong>Data Connectors:</strong> 1, <strong>Parsers:</strong> 1, <strong>Workbooks:</strong> 1</p>\n<p><a href=\"https://aka.ms/azuresentinel\">Learn more about Microsoft Sentinel</a> | <a href=\"https://aka.ms/azuresentinelsolutionsdoc\">Learn more about Solutions</a></p>\n",
+        "contentKind": "Solution",
+        "contentProductId": "[variables('_solutioncontentProductId')]",
+        "id": "[variables('_solutioncontentProductId')]",
+        "icon": "<img src=\"https://github.com/metron-labs/Azure-Sentinel/master/VotiroSentinelSolutions/Logos/votiro.svg\" width=\"75px\" height=\"75px\">",
         "contentId": "[variables('_solutionId')]",
         "parentId": "[variables('_solutionId')]",
         "source": {
diff --git a/Solutions/Votiro/Workbooks/Votiro Monitoring Dashboard.json b/Solutions/Votiro/Workbooks/Votiro Monitoring Dashboard.json
index 06c3675a2c0..5a4a7de941a 100644
--- a/Solutions/Votiro/Workbooks/Votiro Monitoring Dashboard.json	
+++ b/Solutions/Votiro/Workbooks/Votiro Monitoring Dashboard.json	
@@ -90,7 +90,7 @@
       "type": 3,
       "content": {
         "version": "KqlItem/1.0",
-        "query": "VotiroEvents\n| where TimeGenerated {TimeRange}\n| summarize Count = count() by connectorType\n| where connectorType =~ \"File connector\" or connectorType =~ \"Email connector\"",
+        "query": "VotiroEvents\n| where TimeGenerated {TimeRange}\n| where ConnectorType == \"File connector\" or ConnectorType == \"Email connector\"\n | summarize Count = count() by ConnectorType\n",
         "size": 3,
         "title": "Incoming Traffic(Data Source)",
         "queryType": 0,
@@ -128,7 +128,7 @@
       "type": 3,
       "content": {
         "version": "KqlItem/1.0",
-        "query": "VotiroEvents\n| where TimeGenerated {TimeRange}\n| summarize Count=count() by sanitizationResult\n| where sanitizationResult in (\"Blocked\", \"Sanitized\", \"Partially sanitized\", \"Skipped\")\n",
+        "query": "VotiroEvents\n| where TimeGenerated {TimeRange}\n| where SanitizationResult != \"\"\n| where SanitizationResult in (\"Blocked\", \"Sanitized\", \"Partially sanitized\", \"Skipped\")\n | summarize Count=count() by SanitizationResult\n",
         "size": 3,
         "title": "Scanned Files(Threats)",
         "queryType": 0,

From 1fa919493c360b5b305d838438fbb59a093d2ad7 Mon Sep 17 00:00:00 2001
From: kalinga <ksomana@metronlabs.com>
Date: Mon, 21 Aug 2023 17:59:44 +0530
Subject: [PATCH 2/2] update version

---
 .../Votiro/Analytic Rules/VotiroFileBlockedFromConnector.yaml   | 2 +-
 Solutions/Votiro/Analytic Rules/VotiroFileBlockedInEmail.yaml   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/Solutions/Votiro/Analytic Rules/VotiroFileBlockedFromConnector.yaml b/Solutions/Votiro/Analytic Rules/VotiroFileBlockedFromConnector.yaml
index 9fb29d78e58..fa402001289 100644
--- a/Solutions/Votiro/Analytic Rules/VotiroFileBlockedFromConnector.yaml	
+++ b/Solutions/Votiro/Analytic Rules/VotiroFileBlockedFromConnector.yaml	
@@ -45,5 +45,5 @@ alertDetailsOverride:
    alertDescriptionFormat: The {{FileWithConnectorDetails}} was blocked by Votiro due to Policy rules, see more detail in the following link {{incidentURL}}
    alertTacticsColumnName: sanitizationResult
    alertSeverityColumnName: LogSeverity
-version: 1.0.0
+version: 1.1.0
 kind: Scheduled
diff --git a/Solutions/Votiro/Analytic Rules/VotiroFileBlockedInEmail.yaml b/Solutions/Votiro/Analytic Rules/VotiroFileBlockedInEmail.yaml
index 3098f8d9241..910d04b21a1 100644
--- a/Solutions/Votiro/Analytic Rules/VotiroFileBlockedInEmail.yaml	
+++ b/Solutions/Votiro/Analytic Rules/VotiroFileBlockedInEmail.yaml	
@@ -44,5 +44,5 @@ alertDetailsOverride:
    alertDescriptionFormat: Attachment {{FileWithEmailDetails}} by Votiro due to Policy rules, see more detail in the following link {{incidentURL}}
    alertTacticsColumnName: sanitizationResult
    alertSeverityColumnName: LogSeverity
-version: 1.0.0
+version: 1.1.0
 kind: Scheduled