3.1.3 iboss

[craigtattan]

Required items, please complete

Change(s):

• Added Malware and C2 Analytic Rules
• Updated Solution Has Changes from the past that remove the legacy OMS connector
• Fixing an API version issue within mainTemplate.json
• Small Verbiage Changes

Reason for Change(s):

• To Deploy a New Solution Package so that the Gov Marketplace Solution is Updated with Latest as well as give Commercial the Latest Improvements.
• Add Analytic Rules

Version Updated:

• Yes
• Added Analytic Rules

Testing Completed:

• Yes all tests passed (50/50)

Checked that the validations are passing and have addressed any issues that are present:

• Validation Test Suite Seemed to Be Failing for Every Solution. Seems like a bug with the validation test suite.

[craigtattan]

@craigtattan please read the following Contributor License Agreement(CLA). If you agree with the CLA, please reply with the following information.

@microsoft-github-policy-service agree [company="{your company}"]

Options:

• (default - no company specified) I have sole ownership of intellectual property rights to my Submissions and I am not making Submissions in the course of work for my employer.

@microsoft-github-policy-service agree

• (when company given) I am making Submissions in the course of work for my employer (or my employer has intellectual property rights in my Submissions by contract or applicable law). I have permission from my employer to make Submissions and enter into this Agreement on behalf of my employer. By signing below, the defined term “You” includes me and my employer.

@microsoft-github-policy-service agree company="Microsoft"

Contributor License Agreement

@microsoft-github-policy-service agree company="iboss"

[Copilot]

Pull request overview

Note

Copilot was unable to run its full agentic suite in this review.

Updates the iboss solution package to v3.1.3 by adding new analytic rule templates and aligning package metadata/template content with the new release.

Changes:

• Bumped solution version from 3.1.2 to 3.1.3 across package artifacts.
• Added two new analytic rules (Malware Detected, C2 Detected) to the ARM template, solution manifest, and UI definition.
• Adjusted ARM template internals (contentProductId variables, parser savedSearches apiVersion, workbook dependencies verbiage).

Reviewed changes

Copilot reviewed 5 out of 6 changed files in this pull request and generated 5 comments.

Show a summary per file

File	Description
Solutions/iboss/Package/mainTemplate.json	Version bump, introduces analytic rule contentTemplates, updates parser savedSearches apiVersion, adjusts contentProductId variables and workbook dependencies.
Solutions/iboss/Package/createUiDefinition.json	Updates install description counts and adds an Analytics blade describing the rule templates.
Solutions/iboss/Data/Solution_iboss.json	Adds analytic rules to the solution manifest and bumps version to 3.1.3.
Solutions/iboss/Analytic Rules/ibossMalwareDetected.yaml	New scheduled analytic rule template for malware detections.
Solutions/iboss/Analytic Rules/ibossCommandAndControlDetected.yaml	New scheduled analytic rule template for C2 detections.