Merging changes synced from https://github.com/MicrosoftDocs/azure-docs-pr (branch live)

Author: Learn Build Service GitHub App

articles/azure-monitor/alerts/alerts-create-log-alert-rule.md

@@ -106,7 +106,7 @@ Alerts triggered by these alert rules contain a payload that uses the [common al
 
     > [!NOTE]
     > There are some limitations to using a <a name="frequency">one minute</a> alert rule frequency. When you set the alert rule frequency to one minute, an internal manipulation is performed to optimize the query. This manipulation can cause the query to fail if it contains unsupported operations. The following are the most common reasons a query are not supported: 
-    > * The query contains the **search**, **union** or **take** (limit) operations
+    > * The query contains the **search**, **union** * or **take** (limit) operations
     > * The query contains the **ingestion_time()** function
     > * The query uses the **adx** pattern
     > * The query calls a function that calls other tables
@@ -191,4 +191,4 @@ Alerts triggered by these alert rules contain a payload that uses the [common al
 
 ## Next steps
 - [Log alert query samples](./alerts-log-alert-query-samples.md) 
-- [View and manage your alert instances](alerts-manage-alert-instances.md)
+- [View and manage your alert instances](alerts-manage-alert-instances.md)

articles/azure-monitor/logs/customer-managed-keys.md

@@ -3,7 +3,7 @@ title: Azure Monitor customer-managed key
 description: Information and steps to configure Customer-managed key to encrypt data in your Log Analytics workspaces using an Azure Key Vault key.
 ms.topic: conceptual
 ms.reviewer: yossiy
-ms.date: 06/01/2023 
+ms.date: 01/04/2024
 ms.custom: devx-track-azurepowershell, devx-track-azurecli
 
 ---
@@ -187,7 +187,7 @@ Content-type: application/json
   },
   "sku": {
     "name": "CapacityReservation",
-    "capacity": 500
+    "capacity": 100
   }
 }
 ```
@@ -207,7 +207,7 @@ Response to GET request when key update is completed:
   },
   "sku": {
     "name": "capacityreservation",
-    "capacity": 500
+    "capacity": 100
   },
   "properties": {
     "keyVaultProperties": {
@@ -224,7 +224,7 @@ Response to GET request when key update is completed:
     "isAvailabilityZonesEnabled": false,
     "capacityReservationProperties": {
       "lastSkuUpdate": "last-sku-modified-date",
-      "minCapacity": 500
+      "minCapacity": 100
     }
   },
   "id": "/subscriptions/subscription-id/resourceGroups/resource-group-name/providers/Microsoft.OperationalInsights/clusters/cluster-name",

articles/defender-for-cloud/release-notes.md

@@ -24,13 +24,22 @@ If you're looking for items older than six months, you can find them in the [Arc
 
 |Date | Update |
 |----------|----------|
+| January 31 | [New insight for active repositories in Cloud Security Explorer](#new-insight-for-active-repositories-in-cloud-security-explorer) |
 | January 25 | [Deprecation of security alerts and update of security alerts to informational severity level](#deprecation-of-security-alerts-and-update-of-security-alerts-to-informational-severity-level) |
 | January 24 | [Agentless container posture for GCP in Defender for Containers and Defender CSPM (Preview)](#agentless-container-posture-for-gcp-in-defender-for-containers-and-defender-cspm-preview) |
 | January 16 | [Public preview of agentless malware scanning for servers](#public-preview-of-agentless-malware-scanning-for-servers)|
 | January 15 | [General availability of Defender for Cloud's integration with Microsoft Defender XDR](#general-availability-of-defender-for-clouds-integration-with-microsoft-defender-xdr) |
 | January 12 | [DevOps security Pull Request annotations are now enabled by default for Azure DevOps connectors](#devops-security-pull-request-annotations-are-now-enabled-by-default-for-azure-devops-connectors) |
 | January 4 | [Recommendations released for preview: Nine new Azure security recommendations](#recommendations-released-for-preview-nine-new-azure-security-recommendations) |
 
+### New insight for active repositories in Cloud Security Explorer
+
+January 31, 2024
+
+A new insight for Azure DevOps repositories has been added to the Cloud Security Explorer to indicate whether repositories are active. This insight indicates that the code repository is not archived or disabled, meaning that write access to code, builds, and pull requests is still available for users. Archived and disabled repositories might be considered lower priority as the code is not typically used in active deployments. 
+
+To test out the query through Cloud Security Explorer, use [this query link](https://ms.portal.azure.com#view/Microsoft_Azure_Security/SecurityGraph.ReactView/query/%7B%22type%22%3A%22securitygraphquery%22%2C%22version%22%3A2%2C%22properties%22%3A%7B%22source%22%3A%7B%22type%22%3A%22datasource%22%2C%22properties%22%3A%7B%22sources%22%3A%5B%7B%22type%22%3A%22entity%22%2C%22properties%22%3A%7B%22source%22%3A%22azuredevopsrepository%22%7D%7D%5D%2C%22conditions%22%3A%7B%22type%22%3A%22conditiongroup%22%2C%22properties%22%3A%7B%22operator%22%3A%22and%22%2C%22conditions%22%3A%5B%7B%22type%22%3A%22insights%22%2C%22properties%22%3A%7B%22name%22%3A%226b8f221b-c0ce-48e3-9fbb-16f917b1c095%22%7D%7D%5D%7D%7D%7D%7D%7D%7D)
+
 ### Deprecation of security alerts and update of security alerts to informational severity level
 
 January 25, 2024