From 360a91ebbb960dc7f1c6d1f69812d556469c0061 Mon Sep 17 00:00:00 2001
From: research-bot <bhavin.j.patel91@gmail.com>
Date: Wed, 18 Dec 2024 13:32:03 -0800
Subject: [PATCH 1/2] remove index

---
 macros/f5_bigip_rogue.yml | 2 +-
 macros/zeek_rpc.yml       | 2 +-
 macros/zeek_ssl.yml       | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/macros/f5_bigip_rogue.yml b/macros/f5_bigip_rogue.yml
index 4c80756aaa..2fab5f6d64 100644
--- a/macros/f5_bigip_rogue.yml
+++ b/macros/f5_bigip_rogue.yml
@@ -1,4 +1,4 @@
-definition: index=netops sourcetype="f5:bigip:rogue"
+definition: sourcetype="f5:bigip:rogue"
 description: customer specific splunk configurations(eg- index, source, sourcetype).
   Replace the macro definition with configurations for your Splunk Environment.
 name: f5_bigip_rogue
\ No newline at end of file
diff --git a/macros/zeek_rpc.yml b/macros/zeek_rpc.yml
index 373581dceb..f4c6dadea0 100644
--- a/macros/zeek_rpc.yml
+++ b/macros/zeek_rpc.yml
@@ -1,4 +1,4 @@
-definition: index=zeek sourcetype="zeek:rpc:json"
+definition: sourcetype="zeek:rpc:json"
 description: customer specific splunk configurations(eg- index, source, sourcetype).
   Replace the macro definition with configurations for your Splunk Environment.
 name: zeek_rpc
diff --git a/macros/zeek_ssl.yml b/macros/zeek_ssl.yml
index 258e60a703..8d613468cf 100644
--- a/macros/zeek_ssl.yml
+++ b/macros/zeek_ssl.yml
@@ -1,4 +1,4 @@
-definition: index=zeek sourcetype="zeek:ssl:json"
+definition: sourcetype="zeek:ssl:json"
 description: customer specific splunk configurations(eg- index, source, sourcetype).
   Replace the macro definition with configurations for your Splunk Environment.
 name: zeek_ssl

From 31821099d7535882151dca8cfe96d9292eec6004 Mon Sep 17 00:00:00 2001
From: patel-bhavin <7771446+patel-bhavin@users.noreply.github.com>
Date: Sat, 21 Dec 2024 06:57:52 +0000
Subject: [PATCH 2/2] Updated TAs

---
 contentctl.yml        | 4 ++--
 data_sources/okta.yml | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/contentctl.yml b/contentctl.yml
index 905ca78ed6..570a20607c 100644
--- a/contentctl.yml
+++ b/contentctl.yml
@@ -38,9 +38,9 @@ apps:
 - uid: 6553
   title: Splunk Add-on for Okta Identity Cloud
   appid: Splunk_TA_okta_identity_cloud
-  version: 2.2.1
+  version: 3.0.0
   description: description of app
-  hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/splunk-add-on-for-okta-identity-cloud_221.tgz
+  hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/splunk-add-on-for-okta-identity-cloud_300.tgz
 - uid: 6652
   title: Add-on for Linux Sysmon
   appid: Splunk_TA_linux_sysmon
diff --git a/data_sources/okta.yml b/data_sources/okta.yml
index 68c5787524..816d155e23 100644
--- a/data_sources/okta.yml
+++ b/data_sources/okta.yml
@@ -9,4 +9,4 @@ sourcetype: OktaIM2:log
 supported_TA:
 - name: Splunk Add-on for Okta Identity Cloud
   url: https://splunkbase.splunk.com/app/6553
-  version: 2.2.1
+  version: 3.0.0