PR review fixes

Author: yelevin

articles/sentinel/add-entity-to-threat-intelligence.md

@@ -83,12 +83,12 @@ Whichever of the two interfaces you choose, you will end up here:
         - Optional; automatically populated by the **incident ID**. You can add others.
 
     - **Name**
-        - Name of the indicator - this is what will be displayed in your list of indicators.
+        - Name of the indicator—this is what will be displayed in your list of indicators.
         - Optional; automatically populated by the **incident name.**
 
     - **Created by**
         - Creator of the indicator.
-        - Optional; automatically-populated by the user logged into Microsoft Sentinel.
+        - Optional; automatically populated by the user logged into Microsoft Sentinel.
 
     Fill in the remaining fields accordingly.
 

articles/sentinel/investigate-incidents.md

@@ -275,7 +275,7 @@ Select an entity to see its full details. When you select an entity, you will mo
 
 The **Entities tab** shows a list of all the entities in the incident.
 
-:::image type="content" source="media/investigate-incidents/entities-tab.png" alt-text="Screenshot of entities tab in incident details page.":::
+:::image type="content" source="media/investigate-incidents/entities-tab.png" alt-text="Screenshot of entities tab in incident details page." lightbox="media/investigate-incidents/entities-tab.png":::
 
 Like the entities widget, this list can also be searched and filtered by entity type. Searches and filters applied in one list won't apply to the other.
 
@@ -329,7 +329,7 @@ However you end up on the Logs panel, if you've run a query whose results you wa
 
 1. After creating the bookmark (or if you choose not to), select **Done** to close the **Logs** panel.
 
-:::image type="content" source="media/investigate-incidents/logs-panel.png" alt-text="Screenshot of Logs panel open in incident details page.":::
+:::image type="content" source="media/investigate-incidents/logs-panel.png" alt-text="Screenshot of Logs panel open in incident details page." lightbox="media/investigate-incidents/logs-panel.png":::
 
 ## Audit and comment on incidents
 
@@ -421,7 +421,7 @@ To use the investigation graph:
 
     For example, you can request related alerts. If you select an exploration query, the resulting entitles are added back to the graph. In this example, selecting **Related alerts** returned the following alerts into the graph:
 
-    :::image type="content" source="media/investigate-incidents/related-alerts.png" alt-text="Screenshot: view related alerts" lightbox="media/investigate-incidents/related-alerts.png":::
+    :::image type="content" source="media/investigate-incidents/related-alerts.png" alt-text="Screenshot: view related alerts." lightbox="media/investigate-incidents/related-alerts.png":::
 
     See that the related alerts appear connected to the entity by dotted lines.
 

articles/sentinel/media/investigate-incidents/add-alert-to-incident.png

@@ -21,7 +21,7 @@ One thing that this feature allows you to do is to include alerts from one data
 
 This feature is built into the latest version of the Microsoft Sentinel API, which means that it's available to the Logic Apps connector for Microsoft Sentinel. So you can use playbooks to automatically add an alert to an incident if certain conditions are met.
 
-You can also use this automation to add alerts to [manually-created incidents](create-incident-manually.md), to create custom correlations, or to define custom criteria for grouping alerts into incidents when they're created.
+You can also use this automation to add alerts to [manually created incidents](create-incident-manually.md), to create custom correlations, or to define custom criteria for grouping alerts into incidents when they're created.
 
 ### Limitations