Merge pull request #89545 from cabailey/cabailey-azuredocs

Sentinel - preview disclaimers consistency

Author: PRMerger13

articles/sentinel/connect-azure-atp.md

@@ -17,10 +17,12 @@ ms.date: 09/23/2019
 ms.author: rkarlin
 
 ---
-# Connect data from Azure Advanced Threat Protection (ATP) - Preview
-
-
+# Connect data from Azure Advanced Threat Protection (ATP)
 
+> [!IMPORTANT]
+> The Azure Advanced Threat Protection data connector in Azure Sentinel is currently in public preview.
+> This feature is provided without a service level agreement, and it's not recommended for production workloads. Certain features might not be supported or might have constrained capabilities. 
+> For more information, see [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/).
 
 You can stream logs from [Azure Advanced Threat Protection](https://docs.microsoft.com/azure-advanced-threat-protection/what-is-atp) into Azure Sentinel with a single click.
 
@@ -37,7 +39,7 @@ If Azure ATP is deployed and ingesting your data, the suspicious alerts can easi
 
 1. To connect Azure ATP to Azure Sentinel, you must first enable integration between Azure ATP and Microsoft Cloud App Security. For information on how to do this, see [Azure Advanced Threat Protection integration](https://docs.microsoft.com/cloud-app-security/aatp-integration).
 
-1. In Azure Sentinel, select **Data connectors** and then click the **Azure ATP** tile.
+1. In Azure Sentinel, select **Data connectors** and then click the **Azure Advanced Threat Protection (Preview)** tile.
 
 1. You can select whether you want the alerts from Azure ATP to automatically generate incidents in Azure Sentinel automatically. Under **Create incidents** select **Enable** to enable the default analytic rule that creates incidents automatically from alerts generated in the connected security service. You can then edit this rule under **Analytics** and then **Active rules**.
 

articles/sentinel/connect-azure-information-protection.md

@@ -20,6 +20,11 @@ ms.author: cabailey
 
 # Connect data from Azure Information Protection
 
+> [!IMPORTANT]
+> The Azure Information Protection data connector in Azure Sentinel is currently in public preview.
+> This feature is provided without a service level agreement, and it's not recommended for production workloads. Certain features might not be supported or might have constrained capabilities. 
+> For more information, see [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/).
+
 You can stream logging information from [Azure Information Protection](https://azure.microsoft.com/services/information-protection/) into Azure Sentinel by configuring the Azure Information Protection data connector. Azure Information Protection helps you control and secure your sensitive data, whether it’s stored in the cloud or on-premises.
 
 If [central reporting for Azure Information Protection](https://docs.microsoft.com/azure/information-protection/reports-aip) is already configured so that logging information from this service is stored in the same Log Analytics workspace as you've currently selected for Azure Sentinel, you can skip the configuration of this data connector. The logging information from Azure Information Protection is already available to Azure Sentinel.
@@ -52,11 +57,6 @@ However, if logging information from Azure Information Protection is going to a
 
 ## Connect to Azure Information Protection
 
-> [!IMPORTANT]
-> The Azure Information Protection data connector in Azure Sentinel is currently in public preview.
-> This feature is provided without a service level agreement, and it's not recommended for production workloads. Certain features might not be supported or might have constrained capabilities. 
-> For more information, see [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/).
-
 Use the following instructions if you haven't configured a Log Analytics workspace for Azure Information Protection, or you need to change the workspace that stores the Azure Information Protection logging information.
 
 1. In Azure Sentinel, select **Data connectors**, and then **Azure Information Protection (Preview)**.

articles/sentinel/connect-dns.md

@@ -14,13 +14,16 @@ ms.devlang: na
 ms.topic: conceptual
 ms.tgt_pltfrm: na
 ms.workload: na
-ms.date: 09/23/2019
+ms.date: 09/24/2019
 ms.author: rkarlin
 
 ---
-# Connect your domain name server - Preview
-
+# Connect your domain name server
 
+> [!IMPORTANT]
+> The DNS data connector in Azure Sentinel is currently in public preview.
+> This feature is provided without a service level agreement, and it's not recommended for production workloads. Certain features might not be supported or might have constrained capabilities. 
+> For more information, see [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/).
 
 You can connect any Domain Name Server (DNS) running on Windows to Azure Sentinel. This is done by installing an agent on the DNS machine. Using DNS logs, you can gain security, performance, and operations-related insights into the DNS infrastructure of your organization by collecting, analyzing, and correlating analytic and audit logs and other related data from the DNS servers.
 
@@ -49,7 +52,7 @@ The solution collects DNS inventory and DNS event-related data from the DNS serv
 
 ## Connect your DNS appliance
 
-1. In the Azure Sentinel portal, select **Data connectors** and choose the **DNS** tile.
+1. In the Azure Sentinel portal, select **Data connectors** and choose the **DNS (Preview)** tile.
 1. If your DNS machines are in Azure:
     1. Click **Install agent on Azure Windows virtual machine**.
     1. In the **Virtual machines** list, select the DNS machine you want to stream into Azure Sentinel. Make sure this is a Windows VM.

articles/sentinel/connect-threat-intelligence.md

@@ -15,10 +15,10 @@ ms.date: 09/24/2019
 ms.author: rkarlin
 
 ---
-# Connect data from threat intelligence providers - Preview
+# Connect data from threat intelligence providers
 
 > [!IMPORTANT]
-> Threat intelligence in Azure Sentinel is currently in public preview.
+> The Threat Intelligence Platforms data connector in Azure Sentinel is currently in public preview.
 > This feature is provided without a service level agreement, and it's not recommended for production workloads. Certain features might not be supported or might have constrained capabilities. 
 > For more information, see [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/).
 

articles/sentinel/overview.md

@@ -15,14 +15,12 @@ ms.topic: overview
 ms.custom: mvc
 ms.tgt_pltfrm: na
 ms.workload: na
-ms.date: 09/23/2019
+ms.date: 09/24/2019
 ms.author: rkarlin
 
 ---
 # What is Azure Sentinel?
 
-
-
 Microsoft Azure Sentinel is a scalable, cloud-native, **security information event management (SIEM)** and **security orchestration automated response (SOAR)** solution. Azure Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. 
 
 Azure Sentinel is your birds-eye view across the enterprise alleviating the stress of increasingly sophisticated attacks, increasing volumes of alerts, and long resolution timeframes.
@@ -69,10 +67,9 @@ For example, if you use the ServiceNow ticketing system, you can use the tools p
 ![Playbooks](./media/tutorial-respond-threats-playbook/logic-app.png)
 
 
+## Investigation
 
-## Investigation (preview)
-
-Azure Sentinel [deep investigation](tutorial-investigate-cases.md) tools help you to understand the scope and find the root cause, of a potential security threat. You can choose an entity on the interactive graph to ask interesting questions for a specific entity, and drill down into that entity and its connections to get to the root cause of the threat. 
+Currently in preview, Azure Sentinel [deep investigation](tutorial-investigate-cases.md) tools help you to understand the scope and find the root cause, of a potential security threat. You can choose an entity on the interactive graph to ask interesting questions for a specific entity, and drill down into that entity and its connections to get to the root cause of the threat. 
 
 ![Investigation](./media/tutorial-investigate-cases/map-timeline.png)