Update custom details limits

Author: yelevin

articles/sentinel/customize-alert-details.md

@@ -71,9 +71,17 @@ Follow the procedure detailed below to use the alert details feature. These step
 
 1. When you have finished customizing your alert details, if you're now creating the rule, continue to the next tab in the wizard. If you're editing an existing rule, select the **Review and create** tab. Once the rule validation is successful, select **Save**.
 
+    > [!NOTE]
+    > 
+    > **Service limits**
+    > - The combined size limit for all alert details and [custom details](surface-custom-details-in-alerts.md), collectively, is **64 KB**.
+
 ## Next steps
 
 In this document, you learned how to customize alert details in Microsoft Sentinel analytics rules. To learn more about Microsoft Sentinel, see the following articles:
 
+- Explore the other ways to enrich your alerts:
+    - [Map data fields to entities in Microsoft Sentinel](map-data-fields-to-entities.md)
+    - [Surface custom event details in alerts in Microsoft Sentinel](surface-custom-details-in-alerts.md)
 - Get the complete picture on [scheduled query analytics rules](detect-threats-custom.md).
 - Learn more about [entities in Microsoft Sentinel](entities.md).

articles/sentinel/includes/sentinel-limits-analytics-rules.md

@@ -16,10 +16,10 @@ The following limit applies to analytics rules in Microsoft Sentinel.
 | --------- | --------- | --------- |
 | Number of *enabled* rules     | 512 rules       | None |
 | Number of near-real-time (NRT) rules | 50 NRT rules | None |
-| Entity mappings | 10 mappings per rule | None |
-| Entities identified per alert<br>(Divided equally among the mapped entities) | 500 entities per alert | None |
-| Entities cumulative size limit | 64 KB | None |
-| Custom details    | 20 details per rule | None |
-| Custom details cumulative size limit | 2 KB | None |
+| [Entity mappings](../map-data-fields-to-entities.md) | 10 mappings per rule | None |
+| [Entities](../map-data-fields-to-entities.md) identified per alert<br>(Divided equally among the mapped entities) | 500 entities per alert | None |
+| [Entities](../map-data-fields-to-entities.md) cumulative size limit | 64 KB | None |
+| [Custom details](../surface-custom-details-in-alerts.md)    | 20 details per rule | None |
+| [Custom details](../surface-custom-details-in-alerts.md) and [alert details](../customize-alert-details.md)<br>combined cumulative size limit | 64 KB | None |
 | Alerts per rule<br>Applicable when *Event grouping* is set to *Trigger an alert for each event* | 150 alerts | None |
 | Alerts per rule for NRT rules | 30 alerts | None |

articles/sentinel/map-data-fields-to-entities.md

@@ -71,8 +71,8 @@ The procedure detailed below is part of the analytics rule creation wizard. It's
 
 In this document, you learned how to map data fields to entities in Microsoft Sentinel analytics rules. To learn more about Microsoft Sentinel, see the following articles:
 
+- Explore the other ways to enrich your alerts:
+    - [Surface custom event details in alerts in Microsoft Sentinel](surface-custom-details-in-alerts.md)
+    - [Customize alert details in Microsoft Sentinel](customize-alert-details.md)
 - Get the complete picture on [scheduled query analytics rules](detect-threats-custom.md).
 - Learn more about [entities in Microsoft Sentinel](entities.md).
-
-
-

articles/sentinel/surface-custom-details-in-alerts.md

@@ -49,11 +49,14 @@ The procedure detailed below is part of the analytics rule creation wizard. It's
     > **Service limits**
     > - You can define **up to 20 custom details** in a single analytics rule.
     >
-    > - The size limit for all custom details, collectively, is **2 KB**.
+    > - The combined size limit for all custom details and [alert details](customize-alert-details.md), collectively, is **64 KB**.
 
 ## Next steps
 
 In this document, you learned how to surface custom details in alerts using Microsoft Sentinel analytics rules. To learn more about Microsoft Sentinel, see the following articles:
 
+- Explore the other ways to enrich your alerts:
+    - [Map data fields to entities in Microsoft Sentinel](map-data-fields-to-entities.md)
+    - [Customize alert details in Microsoft Sentinel](customize-alert-details.md)
 - Get the complete picture on [scheduled query analytics rules](detect-threats-custom.md).
 - Learn more about [entities in Microsoft Sentinel](entities.md).