MicrosoftDocs
diff --git a/‎articles/sentinel/TOC.yml
Lines changed: 1 addition & 1 deletion b/‎articles/sentinel/TOC.yml
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/sentinel/audit-track-tasks.md
Lines changed: 1 addition & 1 deletion b/‎articles/sentinel/audit-track-tasks.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/sentinel/create-analytics-rule-from-template.md
Lines changed: 2 additions & 2 deletions b/‎articles/sentinel/create-analytics-rule-from-template.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎articles/sentinel/create-analytics-rules.md
Lines changed: 1 addition & 1 deletion b/‎articles/sentinel/create-analytics-rules.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/sentinel/index.yml
Lines changed: 1 addition & 1 deletion b/‎articles/sentinel/index.yml
Lines changed: 1 addition & 1 deletion
@@ -908,7 +908,7 @@
   - name: Kusto Query Language
     items:
     - name: Overview
-      href: kusto-overview.md
+      href: /kusto/query/kusto-sentinel-overview?toc=/azure/sentinel/TOC.json&bc=/azure/sentinel/breadcrumb/toc.json
     - name: Query best practices
       href: /kusto/query/best-practices?view=microsoft-sentinel&preserve-view=true&toc=/azure/sentinel/TOC.json&bc=/azure/sentinel/breadcrumb/toc.json
     - name: SQL to KQL cheat sheet
 
@@ -50,7 +50,7 @@ Apart from the **Incident tasks workbook**, you can audit task activity by query
 
     You can add any number of statements to the query to filter and narrow down the results. To demonstrate how to view and understand the results, we're going to add statements to filter the results so that we only see the tasks for a single incident, and we'll also add a `project` statement so that we see only those fields that will be useful for our purposes, without a lot of clutter.
 
-    [Learn more about using Kusto Query Language](kusto-overview.md).
+    [Learn more about using Kusto Query Language](/kusto/query/kusto-sentinel-overview).
 
     ```kusto
     SecurityIncident
 
@@ -16,7 +16,7 @@ ms.collection: usx-security
 ---
 # Create scheduled analytics rules from templates
 
-By far the most common type of analytics rule, **Scheduled** rules are based on [Kusto queries](kusto-overview.md) that are configured to run at regular intervals and examine raw data from a defined "lookback" period. These queries can perform complex statistical operations on their target data, revealing baselines and outliers in groups of events. If the number of results captured by the query passes the threshold configured in the rule, the rule produces an alert.
+By far the most common type of analytics rule, **Scheduled** rules are based on [Kusto queries](/kusto/query/kusto-sentinel-overview) that are configured to run at regular intervals and examine raw data from a defined "lookback" period. These queries can perform complex statistical operations on their target data, revealing baselines and outliers in groups of events. If the number of results captured by the query passes the threshold configured in the rule, the rule produces an alert.
 
 Microsoft makes a vast array of **analytics rule templates** available to you through the many [solutions provided in the Content hub](sentinel-solutions.md), and strongly encourages you to use them to create your rules. The queries in scheduled rule templates are written by security and data science experts, either from Microsoft or from the vendor of the solution providing the template.
 
@@ -85,7 +85,7 @@ From the Microsoft Defender navigation menu, expand **Microsoft Sentinel**, then
 1. Cycle through the tabs of the wizard, customizing the logic and other rule settings where possible to better suit your specific needs. 
 
     If you need to make any changes to the query itself, consult the following articles from the Kusto documentation for help:
-    - [Kusto Query Language in Microsoft Sentinel](kusto-overview.md)
+    - [Kusto Query Language in Microsoft Sentinel](/kusto/query/kusto-sentinel-overview)
     - [KQL quick reference guide](/kusto/query/kql-quick-reference?view=microsoft-sentinel&preserve-view=true)
     - [Best practices for Kusto Query Language queries](/kusto/query/best-practices?view=microsoft-sentinel&preserve-view=true)
 
 
@@ -46,7 +46,7 @@ Before you do anything else, you should design and build a query in Kusto Query
 
 For some helpful tips for building Kusto queries, see [Best practices for analytics rule queries](scheduled-rules-overview.md#best-practices-for-analytics-rule-queries).
 
-For more help building Kusto queries, see [Kusto Query Language in Microsoft Sentinel](kusto-overview.md) and [Best practices for Kusto Query Language queries](/kusto/query/best-practices?view=microsoft-sentinel&preserve-view=true) (from the Kusto documentation).
+For more help building Kusto queries, see [Kusto Query Language in Microsoft Sentinel](/kusto/query/kusto-sentinel-overview) and [Best practices for Kusto Query Language queries](/kusto/query/best-practices?view=microsoft-sentinel&preserve-view=true) (from the Kusto documentation).
 
 ## Create your analytics rule
 
 
@@ -136,7 +136,7 @@ landingContent:
           - text: Threat hunting
             url: hunting.md
           - text: Kusto Query Language in Microsoft Sentinel
-            url: kusto-overview.md
+            url: /kusto/query/kusto-sentinel-overview?toc=/azure/sentinel/TOC.json&bc=/azure/sentinel/breadcrumb/toc.json
           - text: Automation rules
             url: automate-incident-handling-with-automation-rules.md
           - text: Playbooks