Armis IoT Security Solution: Enhanced Log Ingestion and Data Collection Rule Integration

What Changed

Comprehensive update to Armis solution replacing legacy Log Analytics API with modern Azure Monitor Logs Ingestion API. Includes DCR (Data Collection Rule) integration, enhanced authentication with managed identity support, and improved data field mapping for alerts, activities, and devices.

Security Impact (Visibility & Fidelity)

Enhanced data ingestion mechanism improves reliability and field mapping accuracy for Armis IoT security events. New field additions (alert_type, alert_title, activity_type, activity_title) provide better contextual information for security analysis and incident response.

Affected Files

Solutions/Armis/Data Connectors/ArmisAlertsActivities/ArmisAlertActivitySentinelConnector/__init__.py
Solutions/Armis/Data Connectors/ArmisAlertsActivities/ArmisAlertActivitySentinelConnector/sentinel.py
Solutions/Armis/Data Connectors/ArmisDevice/ArmisDeviceSentinelConnector/__init__.py
Solutions/Armis/Parsers/ArmisActivities.yaml
Solutions/Armis/Parsers/ArmisAlerts.yaml
Solutions/Armis/Parsers/ArmisDevice.yaml
(Solutions Analyzer documentation updates, packaging artefacts)

What Changed#

Security Impact (Visibility & Fidelity)#

Affected Files#

What Changed

Security Impact (Visibility & Fidelity)

Affected Files