azure / Azure-Sentinel

Longest Files (Top 50)

File	# lines	# units
CollectExchSecIns.ps1 in Solutions/Microsoft Exchange Security - Exchange Online/# - General Content/Solutions/ESICollector/OnlineDeployment	3543	-
CollectExchSecIns.ps1 in Solutions/Microsoft Exchange Security - Exchange On-Premises/# - General Content/Solutions/ESICollector/OnlineDeployment	3543	-
commonFunctions.ps1 in Tools/Create-Azure-Sentinel-Solution/common	3350	-
createSolutionV2.ps1 in Tools/Create-Azure-Sentinel-Solution/V2	2512	-
build_one_solution.ps1 in Solutions/CohesitySecurity	1315	-
createSolution.ps1 in Tools/Create-Azure-Sentinel-Solution	1314	-
CrowdStrikeReplicator_future.yaml in Solutions/CrowdStrike Falcon Endpoint Protection/Parsers	1123	-
SentinelAnalyticRulesManagementScript.ps1 in Tools/PowerShell	1107	-
collector.py in Solutions/Vectra XDR/Data Connectors/VectraDataConnector/SharedCode	1099	27
CrowdStrikeReplicator.yaml in Solutions/CrowdStrike Falcon Endpoint Protection/Parsers	1074	-
corelight_corelight_metrics_disk.yaml in Solutions/Corelight/Parsers	968	-
utils.py in Solutions/Infoblox/Data Connectors/InfobloxCloudDataConnector/SharedCode	948	17
createCCPConnector.ps1 in Tools/Create-Azure-Sentinel-Solution/common	921	-
utils.py in Solutions/Mimecast/Data Connectors/MimecastAT/SharedCode	751	13
sentinel.py in Solutions/CofenseTriage/Data Connectors/CofenseTriageDataConnector/IndicatorCreatorToDefender	751	13
JamfProtectTelemetry.yaml in Solutions/Jamf Protect/Parsers	740	-
utils.py in Solutions/Mimecast/Data Connectors/MimecastTTP/SharedCode	733	12
sentinel.py in Solutions/CofenseTriage/Data Connectors/CofenseTriageDataConnector/NonCofenseBasedIndicatorCreatorToCofense	727	12
sentinel.py in Solutions/CofenseIntelligence/Data Connectors/CofenseIntelligenceDataConnector/SentinelToDefender	711	12
netskope_to_azure_storage.py in Solutions/Netskopev2/Data Connectors/NetskopeDataConnector/NetskopeToAzureStorage	699	3
Sentinel_AMA_troubleshoot.py in DataConnectors/Syslog	673	49
cef_troubleshoot.py in DataConnectors/CEF	653	43
SentinelOne.yaml in Solutions/SentinelOne/Parsers	651	-
utils.py in Solutions/Mimecast/Data Connectors/MimecastCloudIntegrated/SharedCode	628	10
utils.py in Solutions/Mimecast/Data Connectors/MimecastSEG/SharedCode	625	10
Migrate-LA-to-ADX.ps1 in Tools/AzureDataExplorer	613	-
Migrate-LA-to-ADX-Pipeline.ps1 in Tools/AzureDataExplorer/Pipeline	611	-
main.go in Solutions/BloodHound Enterprise/Data Connectors/pkg/connector	597	18
vimNetworkSessionCiscoASA.yaml in Parsers/ASimNetworkSession/Parsers	590	-
OneLogin.yaml in Solutions/OneLoginIAM/Parsers	589	-
utils.py in Solutions/Mimecast/Data Connectors/MimecastAudit/SharedCode	565	9
mimecast_cg_to_sentinel.py in Solutions/Mimecast/Data Connectors/MimecastSEG/MimecastCG	555	2
cef_installer.py in DataConnectors/CEF	554	34
mimecast_ci_to_sentinel.py in Solutions/Mimecast/Data Connectors/MimecastCloudIntegrated/MimecastCI	553	2
__init__.py in Solutions/VMware SD-WAN and SASE/Data Connectors/Function App Connector/vmw_sdwan_sase_funcapp/sdwan_efslogs	547	9
__init__.py in Solutions/CiscoUmbrella/Data Connectors/ciscoUmbrellaDataConn	543	30
infoblox_to_azure_storage.py in Solutions/Infoblox/Data Connectors/InfobloxCloudDataConnector/InfobloxHistoricalToAzureStorage	538	10
run.ps1 in Watchlists/UpdateCloudIPs/AzureFunctionUpdateCloudIPs/UpdateCloudIPs	529	-
message_factory.py in Solutions/WithSecureElementsViaFunction/Data Connectors/WithSecureElementsAzureFunction/lib	526	8
Playbook_ARM_Template_Generator.ps1 in Tools/Playbook-ARM-Template-Generator/src	526	-
infoblox_to_azure_storage.py in Solutions/Infoblox/Data Connectors/InfobloxCloudDataConnector/InfobloxCurrentToAzureStorage	519	10
__init__.py in DataConnectors/AWS-S3-AzureFunction/AzFun-AWS-S3-Ingestion	512	28
Configure-Long-Term-Retention.ps1 in Tools/Archive-Log-Tool/ArchiveLogsTool-PowerShell	510	-
vimAuthenticationPostgreSQL.yaml in Parsers/ASimAuthentication/Parsers	494	-
ASimFilteringTest.py in ASIM/dev/ASimTester/filteringTest	484	36
MSBizAppsOrgSettings.yaml in Solutions/Microsoft Business Applications/Parsers	478	-
mimecast_audit_to_sentinel.py in Solutions/Mimecast/Data Connectors/MimecastAudit/MimecastAudit	474	7
bitsight_statistics.py in Solutions/BitSight/Data Connectors/BitSightDataConnector/AlertsGraphStatisticsDetails	473	10
main.py in Solutions/Commvault Security IQ/Data Connectors/AzureFunctionCommvaultSecurityIQ	467	18
ASimNetworkSessionCiscoASA.yaml in Parsers/ASimNetworkSession/Parsers	461	-

Files With Most Units (Top 50)

File	# lines	# units
Sentinel_AMA_troubleshoot.py in DataConnectors/Syslog	673	49
cef_troubleshoot.py in DataConnectors/CEF	653	43
logstashLoganalyticsConfiguration.rb in DataConnectors/microsoft-sentinel-log-analytics-logstash-output-plugin/lib/logstash/sentinel_la	193	38
ASimFilteringTest.py in ASIM/dev/ASimTester/filteringTest	484	36
cef_installer.py in DataConnectors/CEF	554	34
configurations.py in Solutions/Trend Micro Vision One/Data Connectors/AzureFunctionTrendMicroXDR/shared_code	117	34
__init__.py in Solutions/CiscoUmbrella/Data Connectors/ciscoUmbrellaDataConn	543	30
logstashLoganalyticsConfiguration.rb in DataConnectors/microsoft-logstash-output-azure-loganalytics/lib/logstash/logAnalyticsClient	115	29
__init__.py in DataConnectors/AWS-S3-AzureFunction/AzFun-AWS-S3-Ingestion	512	28
collector.py in Solutions/Vectra XDR/Data Connectors/VectraDataConnector/SharedCode	1099	27
__init__.py in DataConnectors/AWS-CloudTrail-AzureFunction/AzFunAWSCloudTrailLogsIngestion	378	24
__init__.py in Solutions/CognyteLuminar/Data Connectors/Cognyte Luminar	403	20
Forwarder_AMA_installer.py in DataConnectors/Syslog	248	19
transform_utils.py in Solutions/Trend Micro Vision One/Data Connectors/AzureFunctionTrendMicroXDR/shared_code	293	19
main.py in Solutions/Commvault Security IQ/Data Connectors/AzureFunctionCommvaultSecurityIQ	467	18
main.go in Solutions/BloodHound Enterprise/Data Connectors/pkg/connector	597	18
utils.py in Solutions/Infoblox/Data Connectors/InfobloxCloudDataConnector/SharedCode	948	17
main.py in Solutions/Sophos Endpoint Protection/Data Connectors/AzureFunctionSophos	140	17
IncidentProducer.cs in Solutions/CohesitySecurity/Data Connectors/Helios2Sentinel/IncidentProducer	376	17
__init__.py in DataConnectors/AWS-SecurityHubFindings/AzFunAWSSecurityHubIngestion	334	16
oat_service.py in Solutions/Trend Micro Vision One/Data Connectors/AzureFunctionTrendMicroXDR/shared_code/services	284	16
utils.py in Solutions/ESET Protect Platform/Data Connectors/integration	276	16
__init__.py in Solutions/ZoomReports/Data Connectors/ZoomSentinelConnector	299	16
__init__.py in Solutions/GoogleWorkspaceReports/Data Connectors/GWorkspaceReportsAPISentinelConn/GWorkspaceReports-QueueTrigger	273	16
exports_store.py in Solutions/TenableIO/Data Connectors	136	15
exports_store.py in Solutions/Tenable App/Data Connectors/TenableVM	138	15
models.py in Solutions/ESET Protect Platform/Data Connectors/integration	86	14
soar_connector_async.py in Solutions/AbnormalSecurity/Data Connectors/SentinelFunctionsOrchestrator	193	13
__init__.py in Solutions/Lookout Cloud Security Platform for Microsoft Sentinel/Data Connectors/LookoutCSConnector/LookoutCloudSecurityEvents	340	13
__init__.py in Solutions/Lookout Cloud Security Platform for Microsoft Sentinel/Data Connectors/LookoutCSConnector/LookoutCloudSecurityViolations	340	13
__init__.py in Solutions/Lookout Cloud Security Platform for Microsoft Sentinel/Data Connectors/LookoutCSConnector/LookoutCloudSecurityAnamolies	340	13
__init__.py in Solutions/Salesforce Service Cloud/Data Connectors/SalesforceSentinelConnector	239	13
siem_parser.py in Solutions/MimecastSEG/Data Connectors/TransformData	146	13
main.py in Solutions/CiscoDuoSecurity/Data Connectors/AzureFunctionCiscoDuo	373	13
utils.py in Solutions/Mimecast/Data Connectors/MimecastAT/SharedCode	751	13
sentinel.py in Solutions/CofenseTriage/Data Connectors/CofenseTriageDataConnector/IndicatorCreatorToDefender	751	13
main.py in Solutions/Auth0/Data Connectors/Auth0Connector	321	12
sentinel_connector.py in Solutions/Oracle Cloud Infrastructure/Data Connectors/AzureFunctionOCILogs	100	12
utils.py in Solutions/IPinfo/Data Connectors/Privacy Extended/AzureFunctionIPinfoPrivacyExtended	153	12
utils.py in Solutions/IPinfo/Data Connectors/Country ASN/AzureFunctionIPinfoCountryASN	153	12
utils.py in Solutions/IPinfo/Data Connectors/WHOIS MNT/AzureFunctionIPinfoWHOISMNT	153	12
utils.py in Solutions/IPinfo/Data Connectors/Iplocation/AzureFunctionIPinfoIplocation	153	12
utils.py in Solutions/IPinfo/Data Connectors/ASN/AzureFunctionIPinfoASN	153	12
utils.py in Solutions/IPinfo/Data Connectors/Carrier/AzureFunctionIPinfoCarrier	153	12
utils.py in Solutions/IPinfo/Data Connectors/WHOIS POC/AzureFunctionIPinfoWHOISPOC	153	12
utils.py in Solutions/IPinfo/Data Connectors/RWHOIS/AzureFunctionIPinfoRWHOIS	153	12
utils.py in Solutions/IPinfo/Data Connectors/Privacy/AzureFunctionIPinfoPrivacy	153	12
utils.py in Solutions/IPinfo/Data Connectors/Abuse/AzureFunctionIPinfoAbuse	153	12
utils.py in Solutions/IPinfo/Data Connectors/Company/AzureFunctionIPinfoCompany	153	12
utils.py in Solutions/IPinfo/Data Connectors/WHOIS ASN/AzureFunctionIPinfoWHOISASN	153	12

Files With Long Lines (Top 50)

There are 4039 files with lines longer than 120 characters. In total, there are 18242 long lines.

File	# lines	# units	# long lines
commonFunctions.ps1 in Tools/Create-Azure-Sentinel-Solution/common	3350	-	466
createSolutionV2.ps1 in Tools/Create-Azure-Sentinel-Solution/V2	2512	-	373
CollectExchSecIns.ps1 in Solutions/Microsoft Exchange Security - Exchange Online/# - General Content/Solutions/ESICollector/OnlineDeployment	3543	-	296
CollectExchSecIns.ps1 in Solutions/Microsoft Exchange Security - Exchange On-Premises/# - General Content/Solutions/ESICollector/OnlineDeployment	3543	-	296
MSBizAppsOrgSettings.yaml in Solutions/Microsoft Business Applications/Parsers	478	-	289
vimAuditEventCiscoISE.yaml in Parsers/ASimAuditEvent/Parsers	360	-	201
ASimAuditEventCiscoISE.yaml in Parsers/ASimAuditEvent/Parsers	295	-	201
SentinelAnalyticRulesManagementScript.ps1 in Tools/PowerShell	1107	-	183
vimAuthenticationCiscoISE.yaml in Parsers/ASimAuthentication/Parsers	352	-	161
createSolution.ps1 in Tools/Create-Azure-Sentinel-Solution	1314	-	159
ASimAuthenticationCiscoISE.yaml in Parsers/ASimAuthentication/Parsers	257	-	157
build_one_solution.ps1 in Solutions/CohesitySecurity	1315	-	147
createCCPConnector.ps1 in Tools/Create-Azure-Sentinel-Solution/common	921	-	137
Migrate-LA-to-ADX.ps1 in Tools/AzureDataExplorer	613	-	78
Migrate-LA-to-ADX-Pipeline.ps1 in Tools/AzureDataExplorer/Pipeline	611	-	76
vimNetworkSessionCiscoASA.yaml in Parsers/ASimNetworkSession/Parsers	590	-	68
ASimAuditEventIllumioSaaSCore.yaml in Parsers/ASimAuditEvent/Parsers	375	-	57
__init__.py in Solutions/SlackAudit/Data Connectors/SlackAuditAPISentinelConnector	278	7	57
createSolutionV4.ps1 in Tools/Create-Azure-Sentinel-Solution/pipeline	305	-	57
__init__.py in Solutions/VMware SD-WAN and SASE/Data Connectors/Function App Connector/vmw_sdwan_sase_funcapp/sdwan_efslogs	547	9	55
Playbook_ARM_Template_Generator.ps1 in Tools/Playbook-ARM-Template-Generator/src	526	-	55
vimNetworkSessionCiscoISE.yaml in Parsers/ASimNetworkSession/Parsers	226	-	54
ASimNetworkSessionCiscoASA.yaml in Parsers/ASimNetworkSession/Parsers	461	-	52
Cohesity_Playbook_ARM_Template_Generator.ps1 in Solutions/CohesitySecurity/Tools	445	-	52
AwsResourceCreator.ps1 in DataConnectors/AWS-S3/Utils	268	-	51
vimAuditEventIllumioSaaSCore.yaml in Parsers/ASimAuditEvent/Parsers	434	-	51
Create-LA-Tables-ADX-ScriptFile.ps1 in Tools/AzureDataExplorer/CreateTables_ADX_ScriptFile	392	-	49
Configure-Long-Term-Retention.ps1 in Tools/Archive-Log-Tool/ArchiveLogsTool-PowerShell	510	-	48
run.ps1 in DataConnectors/Qualys VM/AzureFunctionQualysVM	212	-	45
get-ccp-details.ps1 in Tools/Create-Azure-Sentinel-Solution/common	362	-	45
ASimNetworkSessionCiscoISE.yaml in Parsers/ASimNetworkSession/Parsers	159	-	44
ASimFilteringTest.py in ASIM/dev/ASimTester/filteringTest	484	36	39
run.ps1 in Solutions/QualysVM/Data Connectors/AzureFunctionQualysVM_V2	285	-	39
createSolutionV3.ps1 in Tools/Create-Azure-Sentinel-Solution/V3	292	-	39
cef_troubleshoot.py in DataConnectors/CEF	653	43	38
Create-LA-Tables-ADX.ps1 in Tools/AzureDataExplorer/CreateTables_ADX	318	-	38
imNetworkSession.yaml in Parsers/ASimNetworkSession/Parsers	140	-	37
ASimNetworkSession.yaml in Parsers/ASimNetworkSession/Parsers	103	-	37
CiscoMeraki.yaml in Solutions/CiscoMeraki/Parsers	246	-	37
JamfProtectTelemetry.yaml in Solutions/Jamf Protect/Parsers	740	-	36
vimUserManagementCiscoISE.yaml in Parsers/ASimUserManagement/Parsers	173	-	35
run.ps1 in Solutions/Netskope/Data Connectors/Netskope/AzureFunctionNetskope	388	-	34
run.ps1 in DataConnectors/M365Defender-VulnerabilityManagement/functionPackage/GetMDVMData	243	-	33
ASimUserManagementCiscoISE.yaml in Parsers/ASimUserManagement/Parsers	130	-	33
imAuthentication.yaml in Parsers/ASimAuthentication/Parsers	115	-	33
run.ps1 in Solutions/Qualys VM Knowledgebase/Data Connectors/AzureFunctionQualysKB	262	-	33
SyslogConnectorsOverallStatus.yaml in Solutions/Syslog/Workspace Functions	61	-	33
detect-anomalous-process-trees.yaml in Hunting Queries/Microsoft 365 Defender/Execution	93	-	32
vimNetworkSessionForcePointFirewall.yaml in Parsers/ASimNetworkSession/Parsers	416	-	32
SyslogConnectorsEventVolumebyDeviceProduct.yaml in Solutions/Syslog/Workspace Functions	56	-	32

Correlations

File Size vs. Commits (all time): 6180 points

		3543.0	lines of code min: 1.0 average: 63.97 25th percentile: 23.0 median: 37.0 75th percentile: 69.0 max: 3543.0
0	759.0
commits (all time) min: 1.0 \| average: 83.34 \| 25th percentile: 40.0 \| median: 65.0 \| 75th percentile: 110.0 \| max: 759.0

File Size vs. Contributors (all time): 6180 points

		3543.0	lines of code min: 1.0 average: 63.97 25th percentile: 23.0 median: 37.0 75th percentile: 69.0 max: 3543.0
0	159.0
contributors (all time) min: 1.0 \| average: 41.06 \| 25th percentile: 22.0 \| median: 34.0 \| 75th percentile: 55.0 \| max: 159.0

File Size vs. Commits (30 days): 340 points

		3543.0	lines of code min: 1.0 average: 108.09 25th percentile: 38.0 median: 55.5 75th percentile: 82.0 max: 3543.0
0	21.0
commits (30d) min: 2.0 \| average: 6.94 \| 25th percentile: 3.0 \| median: 4.0 \| 75th percentile: 11.0 \| max: 21.0

File Size vs. Contributors (30 days): 340 points

		3543.0	lines of code min: 1.0 average: 108.09 25th percentile: 38.0 median: 55.5 75th percentile: 82.0 max: 3543.0
0	11.0
contributors (30d) min: 2.0 \| average: 3.61 \| 25th percentile: 2.0 \| median: 2.0 \| 75th percentile: 5.0 \| max: 11.0

File Size vs. Commits (90 days): 1320 points

		3543.0	lines of code min: 1.0 average: 77.05 25th percentile: 30.0 median: 41.0 75th percentile: 74.75 max: 3543.0
0	47.0
commits (90d) min: 1.0 \| average: 5.36 \| 25th percentile: 1.0 \| median: 3.0 \| 75th percentile: 10.0 \| max: 47.0

File Size vs. Contributors (90 days): 1320 points

		3543.0	lines of code min: 1.0 average: 77.05 25th percentile: 30.0 median: 41.0 75th percentile: 74.75 max: 3543.0
0	19.0
contributors (90d) min: 1.0 \| average: 3.81 \| 25th percentile: 1.0 \| median: 3.0 \| 75th percentile: 5.0 \| max: 19.0