public/Convert-SentinelARArmToYaml.ps1
<#
.SYNOPSIS Converts an Azure Sentinel Analytics Rule ARM template to YAML .DESCRIPTION Converts an Azure Sentinel Analytics Rule ARM template to YAML. The ARM template can be provided as a file or as a string. The YAML file can be saved to the same directory as the ARM template file. .PARAMETER Filename The path to the Analytics Rule ARM template file .PARAMETER Data The ARM template data as a string .PARAMETER OutFile The path to the output YAML file .PARAMETER UseOriginalFilename If set, the output file will be saved with the original filename of the ARM template file The extension will be replaced with .yaml .PARAMETER UseDisplayNameAsFilename If set, the output file will be saved with the display name of the Analytics Rule as filename The extension will be replaced with .yaml .PARAMETER UseIdAsFilename If set, the output file will be saved with the id of the Analytics Rule as filename The extension will be replaced with .yaml .EXAMPLE Convert-SentinelARArmToYaml -Filename "C:\Temp\MyRule.json" -OutFile "C:\Temp\MyRule.yaml" Will convert a the file with a single ART to a single YAML-file .EXAMPLE Convert-SentinelARArmToYaml -Filename "C:\Temp\MyRule.json" -UseOriginalFilename Will convert a the file with a single ART to a single YAML-file, with the same basename as the supplied JSON (ARM). .EXAMPLE Get-Content -Path "C:\Temp\MyRule.json" -Raw | Convert-SentinelARArmToYaml -OutFile "C:\Temp\MyRule.yaml" Will convert JSON ARM-text in the pipeline containg a single ART to a single YAML-file, saved in the supplied filename. .EXAMPLE Convert-SentinelARArmToYaml -Filename "C:\Temp\MultipleRules.json" -OutFile "C:\Temp\MultipleRules.yaml" Will create multiple files, one per alert in the file: MultipleRules.yaml, MultipleRules_1.yaml, MultipleRules_2.yaml etc. .EXAMPLE Convert-SentinelARArmToYaml -Filename "C:\Temp\MultipleRules.json" -UseOriginalFilename Will create multiple files in the same directory, one per alert in the file names as: MultipleRules.yaml, MultipleRules_1.yaml and MultipleRules_2.yaml. .EXAMPLE Convert-SentinelARArmToYaml -Filename "C:\Temp\Multiple.json" -UseDisplayNameAsFilename Will create multiple files in the same directory, one per alert in the file names as: Displaynameofalert1.yaml, Displaynameofalert2.yaml, Displayname3.yaml .EXAMPLE Convert-SentinelARArmToYaml -Filename "C:\Temp\MyRule.json" -UseIdAsFilename Will create multiple files in the same directory, one per alert in the file, with the names: 734075d4-1974-4318-b262-5268e36e4f35.yaml, 734075d4-1974-4318-b262-5268e36e4f34.yaml etc. .EXAMPLE Get-Content -Path "C:\Temp\Multiple.json" -Raw | Convert-SentinelARArmToYaml -OutFile "C:\Temp\MyRule.yaml" Will create multiple files in the supplied directory, with the prefix mentioned in OutFile, one per alert in the file, with the names: MyRule.yaml, MyRule_1.yaml etc. .EXAMPLE Get-Content -Path "C:\Temp\Multiple.json" -Raw | Convert-SentinelARArmToYaml -Directory "C:\Temp\" -UseDisplayNameAsFilename Will create multiple files in the supplied directory, one per alert in the file, with the names: Displaynameofalert1.yaml, Displaynameofalert2.yaml, Displayname3.yaml .EXAMPLE Get-Content -Path "C:\Temp\Multiple.json" -Raw | Convert-SentinelARArmToYaml -Directory "C:\Temp\" -UseIdAsFilename Will create multiple files in the supplied directory, one per alert in the file, with the names: 734075d4-1974-4318-b262-5268e36e4f35.yaml, 734075d4-1974-4318-b262-5268e36e4f34.yaml etc. .NOTES Author: Fabian Bader (https://cloudbrothers.info/) #> function Convert-SentinelARArmToYaml { [CmdletBinding(DefaultParameterSetName = 'StdOut')] param ( [Parameter(Mandatory, Position = 0, ParameterSetName = 'Path')] [Parameter( Position = 0, ParameterSetName = 'UseOriginalFilename')] [Parameter( Position = 0, ParameterSetName = 'UseDisplayNameAsFilename')] [Parameter( Position = 0, ParameterSetName = 'UseIdAsFilename')] [Parameter( Position = 0, ParameterSetName = 'StdOut')] [string]$Filename, [Alias('Yaml')] [Parameter(Mandatory, ValueFromPipeline, ParameterSetName = 'Pipeline', Position = 0)] [array]$Data, [Parameter(ParameterSetName = 'Path')] [Parameter(ParameterSetName = 'Pipeline')] [string]$OutFile, [Parameter(ParameterSetName = 'UseOriginalFilename')] [switch]$UseOriginalFilename, [Parameter(ParameterSetName = 'Pipeline')] [Parameter(ParameterSetName = 'UseDisplayNameAsFilename')] [switch]$UseDisplayNameAsFilename, [Parameter(ParameterSetName = 'Pipeline')] [Parameter(ParameterSetName = 'UseIdAsFilename')] [switch]$UseIdAsFilename, [Parameter(ParameterSetName = 'Pipeline')] [string]$Directory = $PWD, [Parameter( ParameterSetName = 'Path')] [Parameter( ParameterSetName = 'UseOriginalFilename')] [Parameter( ParameterSetName = 'UseDisplayNameAsFilename')] [Parameter( ParameterSetName = 'UseIdAsFilename')] [Parameter( ParameterSetName = 'StdOut')] [Parameter( ParameterSetName = 'Pipeline')] [switch]$Force = $false ) process { #region common if ($PsCmdlet.ParameterSetName -ne "Pipeline" ) { try { if (-not (Test-Path $Filename)) { Write-Error -Exception } } catch { throw "File not found" } } # Mapping of Arm property names to YAML when different $ValueNameMappingArm2Yaml = [ordered]@{ "displayName" = "name" "alertRuleTemplateName" = "id" "templateVersion" = "version" "techniques" = "relevantTechniques" } # Mapping of Arm operator names to YAML when different $CompareOperatorArm2Yaml = @{ "Equals" = "eq" "GreaterThan" = "gt" "GreaterThanOrEqual" = "ge" "LessThan" = "lt" "LessThanOrEqual" = "le" } # Default sort order, naming is before key rename $DefaultSortOrderInYAML = @( "id" "alertRuleTemplateName", # id "displayName", # name "version", "templateVersion", #version "kind", "description", "severity", "requiredDataConnectors", "queryFrequency", "queryPeriod", "triggerOperator", "triggerThreshold", "tactics", "techniques", #relevantTechniques "query" ) # Use pipeline data and create a variable containing all parsed strings if ($PsCmdlet.ParameterSetName -eq "Pipeline") { $FullARM += $Data } # Use parsed pipeline data if no file was specified (default) try { if ($PsCmdlet.ParameterSetName -eq "Pipeline") { if ($PSVersionTable.PSEdition -ne "Core") { $AnalyticsRuleTemplate = $FullARM | ConvertFrom-Json -Verbose } else { $AnalyticsRuleTemplate = $FullARM | ConvertFrom-Json -Depth 99 } } else { Write-Verbose "Read file `"$Filename`"" if ($PSVersionTable.PSEdition -ne "Core") { $AnalyticsRuleTemplate = Get-Content $Filename | ConvertFrom-Json -Verbose } else { $AnalyticsRuleTemplate = Get-Content $Filename | ConvertFrom-Json -Depth 99 -Verbose } } } catch { throw "Could not convert source file. JSON might be corrupted" } try { if ( (-not $AnalyticsRuleTemplate.resources) ) { throw "This template contains no Analytics Rules or resources" } } catch { $PSCmdlet.ThrowTerminatingError($_) } #endregion common #region ART $resourceCounter = 0 foreach ($resource in ( $AnalyticsRuleTemplate.resources | Where-Object { $_.type -eq "Microsoft.OperationalInsights/workspaces/providers/alertRules" } ) ) { if ( $resource.kind -notin @("Scheduled", "NRT") ) { Write-Warning "Analytics Rule $($resource.properties.displayName) is using an unsupported type `"$($resource.kind)`". Only type `"Scheduled`", `"NRT`" are supported." Continue } elseif ($resource.kind -eq "NRT") { # List of values to always remove for a NRT $RemoveArmValues = @( "enabled", "startTimeUtc", "queryFrequency", "queryPeriod", "triggerOperator", "triggerThreshold" ) } else { # List of values to always remove $RemoveArmValues = @( "enabled" ) } # Get the id of the analytic rule if ($resource.id -match "[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}") { $Id = $Matches[0] } else { Write-Warning "Error reading current Id. Generating new Id." $Id = (New-Guid).Guid } Write-Verbose "Convert Analytics Rule: $($resource.properties.displayName) ($($Id)) to YAML file" #region Set output filename to defined value if not specified by user if ($PsCmdlet.ParameterSetName -in ("UseOriginalFilename", "UseDisplayNameAsFilename", "UseIdAsFilename") ) { $FileObject = Get-ChildItem $Filename if ($UseOriginalFilename) { # Use original filename as new filename if ($resourceCounter -eq 0) { $NewFileName = $FileObject.Name -replace $FileObject.Extension, ".yaml" } else { $NewFileName = $FileObject.BaseName + "_$resourceCounter" + ".yaml" } } if ($UseDisplayNameAsFilename) { # Use the display name of the Analytics Rule as filename $NewFileName = $resource.properties.displayName -Replace '[^0-9A-Z]', ' ' # Convert To CamelCase $NewFileName = ((Get-Culture).TextInfo.ToTitleCase($NewFileName) -Replace ' ') + '.yaml' } if ($UseIdAsFilename) { # Use id as of the Analytics Rule filename $NewFileName = $Id + '.yaml' } $OutFilePath = Join-Path $FileObject.Directory $NewFileName } elseif ( $PsCmdlet.ParameterSetName -in ("Pipeline", "Path") -and $OutFile ) { $DirectoryName = [System.IO.Path]::GetDirectoryName($OutFile) $FileExtension = [System.IO.Path]::GetExtension($OutFile) $FileNameWithoutExtension = [System.IO.Path]::GetFileNameWithoutExtension($OutFile) if ($resourceCounter -gt 0) { $NewFileName = "$($FileNameWithoutExtension)_$($resourceCounter)$($FileExtension)" $OutFilePath = Join-Path $DirectoryName $NewFileName } else { $OutFilePath = Join-Path $DirectoryName ([System.IO.Path]::GetFileName($OutFile)) } } elseif ($PsCmdlet.ParameterSetName -in ("Pipeline") -and ($UseDisplayNameAsFilename -or $UseIdAsFilename)) { if ($UseDisplayNameAsFilename) { # Use the display name of the Analytics Rule as filename $NewFileName = $resource.properties.displayName -Replace '[^0-9A-Z]', ' ' # Convert To CamelCase $NewFileName = ((Get-Culture).TextInfo.ToTitleCase($NewFileName) -Replace ' ') + '.yaml' } if ($UseIdAsFilename) { # Use id as of the Analytics Rule filename $NewFileName = $Id + '.yaml' } $OutFilePath = Join-Path -Path $Directory -ChildPath $NewFileName } #endregion # Get the properties of the analytic rule $AnalyticsRule = $resource | Select-Object -ExpandProperty properties # Add the id and kind from the ARM template $AnalyticsRule = $AnalyticsRule | Add-Member -MemberType NoteProperty -Name "id" -Value $Id -PassThru -Force $AnalyticsRule = $AnalyticsRule | Add-Member -MemberType NoteProperty -Name "kind" -Value $resource.kind -PassThru -Force # Add version if not present if ( [string]::IsNullOrWhiteSpace($resource.properties.templateVersion) ) { $AnalyticsRule = $AnalyticsRule | Add-Member -MemberType NoteProperty -Name "version" -Value "1.0.0" -PassThru -Force } # Remove values that are not needed foreach ($RemoveArmValue in $RemoveArmValues) { $AnalyticsRule.PSObject.Properties.Remove($RemoveArmValue) | Out-Null } $JSON = $AnalyticsRule | ConvertTo-Json -Depth 100 # Use ISO8601 format for timespan values $JSON = $JSON -replace '"PT([0-9]+)M"', '"$1m"' -replace '"PT([0-9]+)H"', '"$1h"' -replace '"P([0-9]+)D"', '"$1d"' # Convert the compare operators to the names used in the YAML foreach ($Arm2Yaml in $CompareOperatorArm2Yaml.Keys) { $JSON = $JSON -replace "`"$Arm2Yaml`"", "`"$($CompareOperatorArm2Yaml[$Arm2Yaml])`"" } # Convert the JSON to a PowerShell object $AnalyticsRule = $JSON | ConvertFrom-Json # Use custom sort order of YAML $ErrorActionPreference = "SilentlyContinue" $AnalyticsRuleKeys = $AnalyticsRule.PSObject.Properties.Name | Sort-Object { $i = $DefaultSortOrderInYAML.IndexOf($_) ; if ( $i -eq -1 ) { 100 } else { $i } } $ErrorActionPreference = "Continue" # Create ordered hashtable $AnalyticsRuleCleaned = [ordered]@{} foreach ($PropertyName in $AnalyticsRuleKeys) { # Remove empty properties if ( -not [string]::IsNullOrWhiteSpace($AnalyticsRule.$PropertyName) -or ( $AnalyticsRule.$PropertyName -is [array] -and ($AnalyticsRule.$PropertyName.Count -gt 0) ) ) { # Change the name of the value if needed $KeyName = $ValueNameMappingArm2Yaml[$PropertyName] # If the name is not in the mapping, use the original name if ([string]::IsNullOrWhiteSpace($KeyName)) { $KeyName = $PropertyName } # Special case for subTechniques since we cannot add duplicate keys to $ValueNameMappingArm2Yaml # We must merge all techniques since (relevant)techniques could contain values not preset in subTechniques if ($PropertyName -like "*techniques") { foreach ($value in $AnalyticsRule.$PropertyName) { $KeyName = "techniques" $technique = $value -replace "(T\d{4})\.\d{3}", '$1' # Create an empty key if ( -not $AnalyticsRuleCleaned.Contains($KeyName) ) { $AnalyticsRuleCleaned.Add($KeyName, @()) } # Add subTechnique if the mainTechnique is not already present if (-not($AnalyticsRuleCleaned[$KeyName].contains($technique))) { $AnalyticsRuleCleaned[$KeyName] += $value # Replace mainTechnique with subTechnique } else { $AnalyticsRuleCleaned[$KeyName][$AnalyticsRuleCleaned[$KeyName].indexOf($technique)] = $value } } } if ( -not $AnalyticsRuleCleaned.Contains($KeyName)) { $AnalyticsRuleCleaned.Add($KeyName, $AnalyticsRule.$PropertyName) } } } # Convert the PowerShell object to YAML $AnalyticsRuleYAML = $AnalyticsRuleCleaned | ConvertTo-Yaml #endregion ART # Write the YAML to a file or return the YAML if ($OutFilePath) { $AnalyticsRuleYAML | Out-File $OutFilePath -NoClobber:(-not $Force) -Encoding utf8 Write-Verbose "Output written to file: `"$OutFilePath`"" } else { $AnalyticsRuleYAML } $resourceCounter++ } } } # SIG # Begin signature block # MIIoBgYJKoZIhvcNAQcCoIIn9zCCJ/MCAQExDzANBglghkgBZQMEAgEFADB5Bgor # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCBRq9iCH1l9L0B4 # GG4iDm3sn9NUJUGNqEFeMl9CJY29OKCCIQkwggWNMIIEdaADAgECAhAOmxiO+dAt # 5+/bUOIIQBhaMA0GCSqGSIb3DQEBDAUAMGUxCzAJBgNVBAYTAlVTMRUwEwYDVQQK # EwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xJDAiBgNV # BAMTG0RpZ2lDZXJ0IEFzc3VyZWQgSUQgUm9vdCBDQTAeFw0yMjA4MDEwMDAwMDBa # Fw0zMTExMDkyMzU5NTlaMGIxCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2Vy # dCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xITAfBgNVBAMTGERpZ2lD # ZXJ0IFRydXN0ZWQgUm9vdCBHNDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC # ggIBAL/mkHNo3rvkXUo8MCIwaTPswqclLskhPfKK2FnC4SmnPVirdprNrnsbhA3E # MB/zG6Q4FutWxpdtHauyefLKEdLkX9YFPFIPUh/GnhWlfr6fqVcWWVVyr2iTcMKy # unWZanMylNEQRBAu34LzB4TmdDttceItDBvuINXJIB1jKS3O7F5OyJP4IWGbNOsF # xl7sWxq868nPzaw0QF+xembud8hIqGZXV59UWI4MK7dPpzDZVu7Ke13jrclPXuU1 # 5zHL2pNe3I6PgNq2kZhAkHnDeMe2scS1ahg4AxCN2NQ3pC4FfYj1gj4QkXCrVYJB # MtfbBHMqbpEBfCFM1LyuGwN1XXhm2ToxRJozQL8I11pJpMLmqaBn3aQnvKFPObUR # WBf3JFxGj2T3wWmIdph2PVldQnaHiZdpekjw4KISG2aadMreSx7nDmOu5tTvkpI6 # nj3cAORFJYm2mkQZK37AlLTSYW3rM9nF30sEAMx9HJXDj/chsrIRt7t/8tWMcCxB # YKqxYxhElRp2Yn72gLD76GSmM9GJB+G9t+ZDpBi4pncB4Q+UDCEdslQpJYls5Q5S # UUd0viastkF13nqsX40/ybzTQRESW+UQUOsxxcpyFiIJ33xMdT9j7CFfxCBRa2+x # q4aLT8LWRV+dIPyhHsXAj6KxfgommfXkaS+YHS312amyHeUbAgMBAAGjggE6MIIB # NjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTs1+OC0nFdZEzfLmc/57qYrhwP # TzAfBgNVHSMEGDAWgBRF66Kv9JLLgjEtUYunpyGd823IDzAOBgNVHQ8BAf8EBAMC # AYYweQYIKwYBBQUHAQEEbTBrMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdp # Y2VydC5jb20wQwYIKwYBBQUHMAKGN2h0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNv # bS9EaWdpQ2VydEFzc3VyZWRJRFJvb3RDQS5jcnQwRQYDVR0fBD4wPDA6oDigNoY0 # aHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0QXNzdXJlZElEUm9vdENB # LmNybDARBgNVHSAECjAIMAYGBFUdIAAwDQYJKoZIhvcNAQEMBQADggEBAHCgv0Nc # Vec4X6CjdBs9thbX979XB72arKGHLOyFXqkauyL4hxppVCLtpIh3bb0aFPQTSnov # Lbc47/T/gLn4offyct4kvFIDyE7QKt76LVbP+fT3rDB6mouyXtTP0UNEm0Mh65Zy # oUi0mcudT6cGAxN3J0TU53/oWajwvy8LpunyNDzs9wPHh6jSTEAZNUZqaVSwuKFW # juyk1T3osdz9HNj0d1pcVIxv76FQPfx2CWiEn2/K2yCNNWAcAgPLILCsWKAOQGPF # mCLBsln1VWvPJ6tsds5vIy30fnFqI2si/xK4VC0nftg62fC2h5b9W9FcrBjDTZ9z # twGpn1eqXijiuZQwggauMIIElqADAgECAhAHNje3JFR82Ees/ShmKl5bMA0GCSqG # SIb3DQEBCwUAMGIxCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMx # GTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xITAfBgNVBAMTGERpZ2lDZXJ0IFRy # dXN0ZWQgUm9vdCBHNDAeFw0yMjAzMjMwMDAwMDBaFw0zNzAzMjIyMzU5NTlaMGMx # CzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5EaWdpQ2VydCwgSW5jLjE7MDkGA1UEAxMy # RGlnaUNlcnQgVHJ1c3RlZCBHNCBSU0E0MDk2IFNIQTI1NiBUaW1lU3RhbXBpbmcg # Q0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDGhjUGSbPBPXJJUVXH # JQPE8pE3qZdRodbSg9GeTKJtoLDMg/la9hGhRBVCX6SI82j6ffOciQt/nR+eDzMf # UBMLJnOWbfhXqAJ9/UO0hNoR8XOxs+4rgISKIhjf69o9xBd/qxkrPkLcZ47qUT3w # 1lbU5ygt69OxtXXnHwZljZQp09nsad/ZkIdGAHvbREGJ3HxqV3rwN3mfXazL6IRk # tFLydkf3YYMZ3V+0VAshaG43IbtArF+y3kp9zvU5EmfvDqVjbOSmxR3NNg1c1eYb # qMFkdECnwHLFuk4fsbVYTXn+149zk6wsOeKlSNbwsDETqVcplicu9Yemj052FVUm # cJgmf6AaRyBD40NjgHt1biclkJg6OBGz9vae5jtb7IHeIhTZgirHkr+g3uM+onP6 # 5x9abJTyUpURK1h0QCirc0PO30qhHGs4xSnzyqqWc0Jon7ZGs506o9UD4L/wojzK # QtwYSH8UNM/STKvvmz3+DrhkKvp1KCRB7UK/BZxmSVJQ9FHzNklNiyDSLFc1eSuo # 80VgvCONWPfcYd6T/jnA+bIwpUzX6ZhKWD7TA4j+s4/TXkt2ElGTyYwMO1uKIqjB # Jgj5FBASA31fI7tk42PgpuE+9sJ0sj8eCXbsq11GdeJgo1gJASgADoRU7s7pXche # MBK9Rp6103a50g5rmQzSM7TNsQIDAQABo4IBXTCCAVkwEgYDVR0TAQH/BAgwBgEB # /wIBADAdBgNVHQ4EFgQUuhbZbU2FL3MpdpovdYxqII+eyG8wHwYDVR0jBBgwFoAU # 7NfjgtJxXWRM3y5nP+e6mK4cD08wDgYDVR0PAQH/BAQDAgGGMBMGA1UdJQQMMAoG # CCsGAQUFBwMIMHcGCCsGAQUFBwEBBGswaTAkBggrBgEFBQcwAYYYaHR0cDovL29j # c3AuZGlnaWNlcnQuY29tMEEGCCsGAQUFBzAChjVodHRwOi8vY2FjZXJ0cy5kaWdp # Y2VydC5jb20vRGlnaUNlcnRUcnVzdGVkUm9vdEc0LmNydDBDBgNVHR8EPDA6MDig # NqA0hjJodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRUcnVzdGVkUm9v # dEc0LmNybDAgBgNVHSAEGTAXMAgGBmeBDAEEAjALBglghkgBhv1sBwEwDQYJKoZI # hvcNAQELBQADggIBAH1ZjsCTtm+YqUQiAX5m1tghQuGwGC4QTRPPMFPOvxj7x1Bd # 4ksp+3CKDaopafxpwc8dB+k+YMjYC+VcW9dth/qEICU0MWfNthKWb8RQTGIdDAiC # qBa9qVbPFXONASIlzpVpP0d3+3J0FNf/q0+KLHqrhc1DX+1gtqpPkWaeLJ7giqzl # /Yy8ZCaHbJK9nXzQcAp876i8dU+6WvepELJd6f8oVInw1YpxdmXazPByoyP6wCeC # RK6ZJxurJB4mwbfeKuv2nrF5mYGjVoarCkXJ38SNoOeY+/umnXKvxMfBwWpx2cYT # gAnEtp/Nh4cku0+jSbl3ZpHxcpzpSwJSpzd+k1OsOx0ISQ+UzTl63f8lY5knLD0/ # a6fxZsNBzU+2QJshIUDQtxMkzdwdeDrknq3lNHGS1yZr5Dhzq6YBT70/O3itTK37 # xJV77QpfMzmHQXh6OOmc4d0j/R0o08f56PGYX/sr2H7yRp11LB4nLCbbbxV7HhmL # NriT1ObyF5lZynDwN7+YAN8gFk8n+2BnFqFmut1VwDophrCYoCvtlUG3OtUVmDG0 # YgkPCr2B2RP+v6TR81fZvAT6gt4y3wSJ8ADNXcL50CN/AAvkdgIm2fBldkKmKYcJ # RyvmfxqkhQ/8mJb2VVQrH4D6wPIOK+XW+6kvRBVK5xMOHds3OBqhK/bt1nz8MIIG # sDCCBJigAwIBAgIQCK1AsmDSnEyfXs2pvZOu2TANBgkqhkiG9w0BAQwFADBiMQsw # CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu # ZGlnaWNlcnQuY29tMSEwHwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJvb3QgRzQw # HhcNMjEwNDI5MDAwMDAwWhcNMzYwNDI4MjM1OTU5WjBpMQswCQYDVQQGEwJVUzEX # MBUGA1UEChMORGlnaUNlcnQsIEluYy4xQTA/BgNVBAMTOERpZ2lDZXJ0IFRydXN0 # ZWQgRzQgQ29kZSBTaWduaW5nIFJTQTQwOTYgU0hBMzg0IDIwMjEgQ0ExMIICIjAN # BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA1bQvQtAorXi3XdU5WRuxiEL1M4zr # PYGXcMW7xIUmMJ+kjmjYXPXrNCQH4UtP03hD9BfXHtr50tVnGlJPDqFX/IiZwZHM # gQM+TXAkZLON4gh9NH1MgFcSa0OamfLFOx/y78tHWhOmTLMBICXzENOLsvsI8Irg # nQnAZaf6mIBJNYc9URnokCF4RS6hnyzhGMIazMXuk0lwQjKP+8bqHPNlaJGiTUyC # EUhSaN4QvRRXXegYE2XFf7JPhSxIpFaENdb5LpyqABXRN/4aBpTCfMjqGzLmysL0 # p6MDDnSlrzm2q2AS4+jWufcx4dyt5Big2MEjR0ezoQ9uo6ttmAaDG7dqZy3SvUQa # khCBj7A7CdfHmzJawv9qYFSLScGT7eG0XOBv6yb5jNWy+TgQ5urOkfW+0/tvk2E0 # XLyTRSiDNipmKF+wc86LJiUGsoPUXPYVGUztYuBeM/Lo6OwKp7ADK5GyNnm+960I # HnWmZcy740hQ83eRGv7bUKJGyGFYmPV8AhY8gyitOYbs1LcNU9D4R+Z1MI3sMJN2 # FKZbS110YU0/EpF23r9Yy3IQKUHw1cVtJnZoEUETWJrcJisB9IlNWdt4z4FKPkBH # X8mBUHOFECMhWWCKZFTBzCEa6DgZfGYczXg4RTCZT/9jT0y7qg0IU0F8WD1Hs/q2 # 7IwyCQLMbDwMVhECAwEAAaOCAVkwggFVMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYD # VR0OBBYEFGg34Ou2O/hfEYb7/mF7CIhl9E5CMB8GA1UdIwQYMBaAFOzX44LScV1k # TN8uZz/nupiuHA9PMA4GA1UdDwEB/wQEAwIBhjATBgNVHSUEDDAKBggrBgEFBQcD # AzB3BggrBgEFBQcBAQRrMGkwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2lj # ZXJ0LmNvbTBBBggrBgEFBQcwAoY1aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29t # L0RpZ2lDZXJ0VHJ1c3RlZFJvb3RHNC5jcnQwQwYDVR0fBDwwOjA4oDagNIYyaHR0 # cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0VHJ1c3RlZFJvb3RHNC5jcmww # HAYDVR0gBBUwEzAHBgVngQwBAzAIBgZngQwBBAEwDQYJKoZIhvcNAQEMBQADggIB # ADojRD2NCHbuj7w6mdNW4AIapfhINPMstuZ0ZveUcrEAyq9sMCcTEp6QRJ9L/Z6j # fCbVN7w6XUhtldU/SfQnuxaBRVD9nL22heB2fjdxyyL3WqqQz/WTauPrINHVUHmI # moqKwba9oUgYftzYgBoRGRjNYZmBVvbJ43bnxOQbX0P4PpT/djk9ntSZz0rdKOtf # JqGVWEjVGv7XJz/9kNF2ht0csGBc8w2o7uCJob054ThO2m67Np375SFTWsPK6Wrx # oj7bQ7gzyE84FJKZ9d3OVG3ZXQIUH0AzfAPilbLCIXVzUstG2MQ0HKKlS43Nb3Y3 # LIU/Gs4m6Ri+kAewQ3+ViCCCcPDMyu/9KTVcH4k4Vfc3iosJocsL6TEa/y4ZXDlx # 4b6cpwoG1iZnt5LmTl/eeqxJzy6kdJKt2zyknIYf48FWGysj/4+16oh7cGvmoLr9 # Oj9FpsToFpFSi0HASIRLlk2rREDjjfAVKM7t8RhWByovEMQMCGQ8M4+uKIw8y4+I # Cw2/O/TOHnuO77Xry7fwdxPm5yg/rBKupS8ibEH5glwVZsxsDsrFhsP2JjMMB0ug # 0wcCampAMEhLNKhRILutG4UI4lkNbcoFUCvqShyepf2gpx8GdOfy1lKQ/a+FSCH5 # Vzu0nAPthkX0tGFuv2jiJmCG6sivqf6UHedjGzqGVnhOMIIGwjCCBKqgAwIBAgIQ # BUSv85SdCDmmv9s/X+VhFjANBgkqhkiG9w0BAQsFADBjMQswCQYDVQQGEwJVUzEX # MBUGA1UEChMORGlnaUNlcnQsIEluYy4xOzA5BgNVBAMTMkRpZ2lDZXJ0IFRydXN0 # ZWQgRzQgUlNBNDA5NiBTSEEyNTYgVGltZVN0YW1waW5nIENBMB4XDTIzMDcxNDAw # MDAwMFoXDTM0MTAxMzIzNTk1OVowSDELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDkRp # Z2lDZXJ0LCBJbmMuMSAwHgYDVQQDExdEaWdpQ2VydCBUaW1lc3RhbXAgMjAyMzCC # AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKNTRYcdg45brD5UsyPgz5/X # 5dLnXaEOCdwvSKOXejsqnGfcYhVYwamTEafNqrJq3RApih5iY2nTWJw1cb86l+uU # UI8cIOrHmjsvlmbjaedp/lvD1isgHMGXlLSlUIHyz8sHpjBoyoNC2vx/CSSUpIIa # 2mq62DvKXd4ZGIX7ReoNYWyd/nFexAaaPPDFLnkPG2ZS48jWPl/aQ9OE9dDH9kgt # XkV1lnX+3RChG4PBuOZSlbVH13gpOWvgeFmX40QrStWVzu8IF+qCZE3/I+PKhu60 # pCFkcOvV5aDaY7Mu6QXuqvYk9R28mxyyt1/f8O52fTGZZUdVnUokL6wrl76f5P17 # cz4y7lI0+9S769SgLDSb495uZBkHNwGRDxy1Uc2qTGaDiGhiu7xBG3gZbeTZD+BY # QfvYsSzhUa+0rRUGFOpiCBPTaR58ZE2dD9/O0V6MqqtQFcmzyrzXxDtoRKOlO0L9 # c33u3Qr/eTQQfqZcClhMAD6FaXXHg2TWdc2PEnZWpST618RrIbroHzSYLzrqawGw # 9/sqhux7UjipmAmhcbJsca8+uG+W1eEQE/5hRwqM/vC2x9XH3mwk8L9CgsqgcT2c # kpMEtGlwJw1Pt7U20clfCKRwo+wK8REuZODLIivK8SgTIUlRfgZm0zu++uuRONhR # B8qUt+JQofM604qDy0B7AgMBAAGjggGLMIIBhzAOBgNVHQ8BAf8EBAMCB4AwDAYD # VR0TAQH/BAIwADAWBgNVHSUBAf8EDDAKBggrBgEFBQcDCDAgBgNVHSAEGTAXMAgG # BmeBDAEEAjALBglghkgBhv1sBwEwHwYDVR0jBBgwFoAUuhbZbU2FL3MpdpovdYxq # II+eyG8wHQYDVR0OBBYEFKW27xPn783QZKHVVqllMaPe1eNJMFoGA1UdHwRTMFEw # T6BNoEuGSWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFRydXN0ZWRH # NFJTQTQwOTZTSEEyNTZUaW1lU3RhbXBpbmdDQS5jcmwwgZAGCCsGAQUFBwEBBIGD # MIGAMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wWAYIKwYB # BQUHMAKGTGh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFRydXN0 # ZWRHNFJTQTQwOTZTSEEyNTZUaW1lU3RhbXBpbmdDQS5jcnQwDQYJKoZIhvcNAQEL # BQADggIBAIEa1t6gqbWYF7xwjU+KPGic2CX/yyzkzepdIpLsjCICqbjPgKjZ5+PF # 7SaCinEvGN1Ott5s1+FgnCvt7T1IjrhrunxdvcJhN2hJd6PrkKoS1yeF844ektrC # QDifXcigLiV4JZ0qBXqEKZi2V3mP2yZWK7Dzp703DNiYdk9WuVLCtp04qYHnbUFc # jGnRuSvExnvPnPp44pMadqJpddNQ5EQSviANnqlE0PjlSXcIWiHFtM+YlRpUurm8 # wWkZus8W8oM3NG6wQSbd3lqXTzON1I13fXVFoaVYJmoDRd7ZULVQjK9WvUzF4UbF # KNOt50MAcN7MmJ4ZiQPq1JE3701S88lgIcRWR+3aEUuMMsOI5ljitts++V+wQtaP # 4xeR0arAVeOGv6wnLEHQmjNKqDbUuXKWfpd5OEhfysLcPTLfddY2Z1qJ+Panx+VP # NTwAvb6cKmx5AdzaROY63jg7B145WPR8czFVoIARyxQMfq68/qTreWWqaNYiyjvr # moI1VygWy2nyMpqy0tg6uLFGhmu6F/3Ed2wVbK6rr3M66ElGt9V/zLY4wNjsHPW2 # obhDLN9OTH0eaHDAdwrUAuBcYLso/zjlUlrWrBciI0707NMX+1Br/wd3H3GXREHJ # uEbTbDJ8WC9nR2XlG3O2mflrLAZG70Ee8PBf4NvZrZCARK+AEEGKMIIHSDCCBTCg # AwIBAgIQCoIwkEerNiPKwx+yPazrmjANBgkqhkiG9w0BAQsFADBpMQswCQYDVQQG # EwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xQTA/BgNVBAMTOERpZ2lDZXJ0 # IFRydXN0ZWQgRzQgQ29kZSBTaWduaW5nIFJTQTQwOTYgU0hBMzg0IDIwMjEgQ0Ex # MB4XDTIyMDUxODAwMDAwMFoXDTI1MDUxNzIzNTk1OVowTTELMAkGA1UEBhMCREUx # EDAOBgNVBAcTB0hhbWJ1cmcxFTATBgNVBAoTDEZhYmlhbiBCYWRlcjEVMBMGA1UE # AxMMRmFiaWFuIEJhZGVyMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA # wSPFSbbOIFCY82i///NpwIqHv7GJCDqju+CJg7TAojDV2CDSz72qN2PYjV5anfh/ # jeJVGtA7BrCeKWkLzVH9P4pW52juEhwRe7fbv7s+PkpThLBdwQXh/JHEXpIv9jLk # OGH3YxrxoIS5bdnzKfuyUr8qJ/J+U6a9SgkOkFNM6pGHFGY2TsRA8wMjTdphYGTK # f585hH4mD7/Gq1db72IQDpooKXYPZobQ+LAuLtF/RgTVH1Ytg/61md28pV35QyZu # jAccoYJjgDWzecx7O7cdYuwAlsPfh6L+YFVOx9LyuaVFQg6w63e1DNYEguImPl6t # WtAMOHmgXxd4a4w/H0tvUkqjOH5K4dU4CWmcISnkdh2sdHNwx8gjfYe3TwpWxlFO # U1HEae6HANF6tVtIyVhQRwS7J1DNJO1KIOGZDBhKhiPklr17WMnR5eYECOdcackH # DT9yZJ3QHkT0GMa3KnZSR56RhObz7NH8llJRSZ/2yzDOPAhiFOrKjZPYYL8R5248 # ZkxOxbTJWpThW53dKPM6b9NotqiJW5ru4eOVq0yjSMdtPLttQAu6HEtNKI190Aiv # 5XPPQYMyI1PHVLY5sV7pm36hIpY5EW23HnJs3024AiF45FN1mxHlUkm7c+CYsNAb # nyRJlIcUyF121akFNVuGQUwbIQntmQoa/kxd/vpY2pECAwEAAaOCAgYwggICMB8G # A1UdIwQYMBaAFGg34Ou2O/hfEYb7/mF7CIhl9E5CMB0GA1UdDgQWBBT1CpTCfZbD # HlbuSkDmmKmFygIOOTAOBgNVHQ8BAf8EBAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUH # AwMwgbUGA1UdHwSBrTCBqjBToFGgT4ZNaHR0cDovL2NybDMuZGlnaWNlcnQuY29t # L0RpZ2lDZXJ0VHJ1c3RlZEc0Q29kZVNpZ25pbmdSU0E0MDk2U0hBMzg0MjAyMUNB # MS5jcmwwU6BRoE+GTWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFRy # dXN0ZWRHNENvZGVTaWduaW5nUlNBNDA5NlNIQTM4NDIwMjFDQTEuY3JsMD4GA1Ud # IAQ3MDUwMwYGZ4EMAQQBMCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNl # cnQuY29tL0NQUzCBlAYIKwYBBQUHAQEEgYcwgYQwJAYIKwYBBQUHMAGGGGh0dHA6 # Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBcBggrBgEFBQcwAoZQaHR0cDovL2NhY2VydHMu # ZGlnaWNlcnQuY29tL0RpZ2lDZXJ0VHJ1c3RlZEc0Q29kZVNpZ25pbmdSU0E0MDk2 # U0hBMzg0MjAyMUNBMS5jcnQwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQsFAAOC # AgEACcHIVShggRroVDxi+SDfJOqVM2Z92T25Yv8xyWGMUm14bGEOBgnfHiIUJmK9 # Bpm0k/hnYEpV5Ill8/Rf20l+yvlwTj1m4st2Rr4c84RSGmrW83mkYxMhg5YLtLiZ # dafNCcku9+26dgZ537K7YDhGuIeWg708VchAnDEb8CliqWMYLw6J4vagQ91E5emP # pq7FhDs2qNMElnrjWULjQkYRGlDfw22AcpstCrEBkc+18WZl6BD2Ow1D1whMV6P1 # 472ZgTco6Pcp8BKhrqooUXq2CDwYXJb/iFNwRnu7Cs78u+dlLu+sXNxsbGuPT9Ig # +5OvC1FiHMeOa4aS8HZSpTbu4w8cclL9EdXqlgVXFC2PlDir/2W9Vj9s6tiSp3hd # lH7dIO5FEQh8JLrdPFwKXZ8drgvP26Mf11jCvykM+QQm9jhB/VhAnwiskgUodIkf # ox0RjJtCQkNT1oXqJVErwBql/IVQUNQCR7Q7fA8U2jU8FBTkYryUQAQaIEqxav3c # +GqM94Th3C5FvrOu4CU28/HZuTjZZCBP7s2EW//4bRUQSnXB4maszUR+/8R+bX++ # yfH/Ou1HQL5aGo9q2L36oaVFjaM282w1pzFAEUf0jgpUkBeJOFUeFvirYWyqex+o # Kwy8Vzgs+BKd7FOShLa7wCai1fjfYvpO7GxbpdYJqanNMmAxggZTMIIGTwIBATB9 # MGkxCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5EaWdpQ2VydCwgSW5jLjFBMD8GA1UE # AxM4RGlnaUNlcnQgVHJ1c3RlZCBHNCBDb2RlIFNpZ25pbmcgUlNBNDA5NiBTSEEz # ODQgMjAyMSBDQTECEAqCMJBHqzYjysMfsj2s65owDQYJYIZIAWUDBAIBBQCggYQw # GAYKKwYBBAGCNwIBDDEKMAigAoAAoQKAADAZBgkqhkiG9w0BCQMxDAYKKwYBBAGC # NwIBBDAcBgorBgEEAYI3AgELMQ4wDAYKKwYBBAGCNwIBFTAvBgkqhkiG9w0BCQQx # IgQgX6t5w1ZlGkrW8kr5JjYc8gvfuPCdnAC4kJSNdCR5oLcwDQYJKoZIhvcNAQEB # BQAEggIAO6WWfjFQbN15Ligln6lDcBj7tGrpmwk+SAJU/7MPYmdgk7m9T3DjZbc1 # zr3kfqW7uD0d9knwd+g2NlgwewcIKUDFRiXp1nFTL+Go92dvTBHbFTKxsOg9gNcJ # 6LXwB4ZrDbezTwlq69qPEwUgyJCodA8MiiVHtb6OprwEOajB/E3FMKew8vSoDM3U # AqYNzEMDE6eV+GNQkCAwzx7hziVQPfbSDO23+OS2EImvHwjFTIzmIpjZ5FP41J8I # 3S+iCRx32AkweKqTi7aDWnWQbM1mtkc3sWiDajGPwnpJ5mPvbbnAatCpFaQIYbSw # /sma484Hz9CvLHLU59zbkW/5CuvLXbbtKA0+EMBF9dh1urOlxGWslFXbjKFoQXN5 # cqnVbLPtl0bbKjpvG8BpXIlnNohcym7gjIOTvQKYimYTbv9EcjLWaLsqYlQlN+/4 # tHBWKufZ2PdXab4NY7941AZJki+HyQebaw0njGhEexNQCOdtI6/YMRlB+u9on9HZ # zvpeyuj9XWKNpCFV4xlbiOsN6sHELCx0tZ/M/I+KZvmTUBrXvOTywAKZOnXOITiI # i+GSiDrbogSDDM0J+SlYoQg5C7TQORW9ZT6rGxVpgUnDRDDAP3h7FVPQfcEeBv4n # UZuMO8fXe2w/rMLe0rGq14YfOBSlsi08bASXLi3tzxCsiTziqrGhggMgMIIDHAYJ # KoZIhvcNAQkGMYIDDTCCAwkCAQEwdzBjMQswCQYDVQQGEwJVUzEXMBUGA1UEChMO # RGlnaUNlcnQsIEluYy4xOzA5BgNVBAMTMkRpZ2lDZXJ0IFRydXN0ZWQgRzQgUlNB # NDA5NiBTSEEyNTYgVGltZVN0YW1waW5nIENBAhAFRK/zlJ0IOaa/2z9f5WEWMA0G # CWCGSAFlAwQCAQUAoGkwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG # 9w0BCQUxDxcNMjQwODA2MDgyNjU4WjAvBgkqhkiG9w0BCQQxIgQg7LWnkRj39+gm # URTXNbs41+XRzyi6uk6cNjlpbuXqTm4wDQYJKoZIhvcNAQEBBQAEggIAc9zRzrlo # To7tbg6mttfG3kMBhnagKUUGY/I3wwGVjMfTBqyBRifbbQBxzEQJ2mohXes4OPAm # siI4j5iOGNUnyVbZ9psE5J++T1jQWevF2AiiymlNYt5yGlx+X+PR2PKgf3a5F0LJ # 6RXZznHt3mH9ngSpcu+BJFYiKD/ZpCBYhdwBEbogVgMSYPA4FkKOAsMZirHdwGZj # Gw7H5kGUkgGrHAkdNm8wht/O0YTH0k2cCbs5vQu6s31jlfoeDBfOCKEi+0nIzX5P # QNC7TFb2DC4rt8G1GG70v39REWc+Fj41sIFswDPVWe9f+PslaHe1ps1bRnakxQqk # e9Gp3hXM2TmzVsz5Snjm9V3IXJYWgx4pZUMdFSEaD+Efmy9Cu45pBAJmRGYrg1oW # YO8X10i9X2CYTgx/+IuzozfCIhRRHJ/fofZtYvq2Z5oy9ANqXuBuVOaAYiAE4OoX # oufk7Y9ZxSvkOjwQID0nlQSNTXK8YL6jaYj5rRE2awtos3JieyLjrdB4H0007AQv # 41YjE2B+3aL7Rz+ayGORIqO3Sod1m3gi4uUO1I/JmNBxr2tnyOtvQmydN9PuGBas # IpJWf1PIST+KrT0N8bUYgfRtfcfICxgtSnm90jmiDBq4hcCHun1eI3omfIi42Uyr # WPqMWQPp8kbnzLE9HMRJliZcXmWzLsqH/Gg= # SIG # End signature block |