pr review

Author: batamig

articles/sentinel/monitor-sap-system-health.md

@@ -64,7 +64,7 @@ This procedure describes how to check your data connector's connection status fr
         |---------|---------|
         |**Production**     |  The system is defined by the SAP admin as a production system.       |
         |**Unknown (Production)**     | Microsoft Sentinel couldn't retrieve the system status. Microsoft Sentinel regards this type of system as a production system for both security and billing purposes.  <br><br>In such cases, we recommend that you check the Microsoft Sentinel role definitions and permissions on the SAP system, and validate that the system allows Microsoft Sentinel to read the content of the T000 table. Next, consider [updating the SAP connector](sap/update-sap-data-connector.md) to the latest version.       |
-        |**Non production**     | Indicates roles like developing, testing, and customizing.        |
+        |**Non-production**     | Indicates roles like developing, testing, and customizing.        |
 
     - **Agent name**. Unique ID of the installed data connector agent.
 

articles/sentinel/sap/deploy-data-connector-agent-container.md

@@ -334,7 +334,7 @@ At this stage, the system's **Health** status is **Pending**. If the agent is up
 
 ## Connect your agentless data connector (Preview)
 
-1. In Microsoft Sentinel, go to the **Configuration > Data connectors** page and locate the **Microsoft Sentinel for SAP - agent-less (Preview) (Preview)** data connector.
+1. In Microsoft Sentinel, go to the **Configuration > Data connectors** page and locate the **Microsoft Sentinel for SAP - agent-less (Preview)** data connector.
 
 1. In the **Configuration** area, scroll down and select **Add SAP client**.
 
@@ -345,7 +345,7 @@ At this stage, the system's **Health** status is **Pending**. If the agent is up
     | **RFC destination name**      | The name of the RFC destination, taken from your BTP destination.                |
     | **SAP Agentless Client ID**   | The *clientid* value taken from the Process Integration Runtime service key JSON file.                 |
     | **SAP Agentless Client Secret** | The *clientsecret* value taken from the Process Integration Runtime service key JSON file.             |
-    | **Authorization server URL**  | The *tokenurlurl* value taken from the Process Integration Runtime service key JSON file. For example: `https://your-tenant.authentication.region.hana.ondemand.com/oauth/token` |
+    | **Authorization server URL**  | The *tokenurl* value taken from the Process Integration Runtime service key JSON file. For example: `https://your-tenant.authentication.region.hana.ondemand.com/oauth/token` |
     | **Integration Suite Endpoint** | The *url* value taken from the Process Integration Runtime service key JSON file. For example: `https://your-tenant.it-account-rt.cfapps.region.hana.ondemand.com` |
 
 1. Select **Connect**.

articles/sentinel/sap/media/deployment-steps/full-flow-agentless.png

@@ -193,7 +193,7 @@ For more information, see the [SAP documentation](https://help.sap.com/docs/inte
 
 This procedure starts in Microsoft Sentinel and requires that the solution be installed before you start.
 
-1. In Microsoft Sentinel, go to the **Configuration > Data connectors** page and locate the **Microsoft Sentinel for SAP - agent-less (Preview) (Preview)** data connector.
+1. In Microsoft Sentinel, go to the **Configuration > Data connectors** page and locate the **Microsoft Sentinel for SAP - agent-less (Preview)** data connector.
 
 1. In the **Configuration** area, expand and follow the instructions in the **Initial connector configuration - Run the steps below once:** area. These steps will require a mixture of your Security and SAP BASIS teams.
 

articles/sentinel/sap/preparing-sap.md

@@ -48,7 +48,7 @@ Typically, Azure prerequisites are managed by your **security** teams.
 
 | Prerequisite | Description |Required/optional |
 | ---- | ----------- |----------- |
-| **Access to Microsoft Sentinel** | Make a note of your *workspace ID and *primary key* for your Log Analytics workspace enabled for Microsoft Sentinel.<br>You can find these details in Microsoft Sentinel: from the navigation menu, select **Settings** > **Workspace settings** > **Agents management**. Copy the *Workspace ID* and *Primary key* and paste them aside for use during the deployment process. |Required |
+| **Access to Microsoft Sentinel** | Make a note of your *workspace ID* and *primary key* for your Log Analytics workspace enabled for Microsoft Sentinel.<br>You can find these details in Microsoft Sentinel: from the navigation menu, select **Settings** > **Workspace settings** > **Agents management**. Copy the *Workspace ID* and *Primary key* and paste them aside for use during the deployment process. |Required |
 | **Permissions to create Azure resources** | You must have the necessary permissions to deploy solutions from the Microsoft Sentinel content hub. <br><br>You must also have an **Owner** role on the Microsoft Sentinel resource group, which is required for:<br>- Creating the data collection rule and data collection endpoint.<br>- Assigning the **Monitoring Metrics Publisher** role on the data collection rule. <br><br>For more information, see [Prerequisites for deploying Microsoft Sentinel solutions](../sentinel-solutions-deploy.md#prerequisites) and [Microsoft Entra built-in roles](/entra/identity/role-based-access-control/permissions-reference#application-administrator). |Required |
 | **Permissions to create an Azure key vault or access an existing one** | Use Azure Key Vault to store secrets required to connect to your SAP system. For more information, see [Assign key vault access permissions](deploy-data-connector-agent-container.md#assign-key-vault-access-permissions). |Required if you plan to store the SAP system credentials in Azure Key Vault. <br><br>Optional if you plan to store them in a configuration file. For more information, see [Create a virtual machine and configure access to your credentials](deploy-data-connector-agent-container.md#create-a-virtual-machine-and-configure-access-to-your-credentials).|
 | **Permissions to assign a privileged role to the SAP data connector agent** | Deploying the SAP data connector agent requires that you grant your agent's VM identity with specific permissions to the Microsoft Sentinel workspace, using the **Microsoft Sentinel Business Applications Agent Operator** role. To grant this role, you need **Owner** permissions on the resource group where your Microsoft Sentinel workspace resides. <br><br>For more information, see [Connect your SAP system by deploying your data connector agent container](deploy-data-connector-agent-container.md). | Required. <br> If you don't have **Owner** permissions on the resource group, the relevant step can also be performed by another user who does have the relevant permissions, separately after the agent is fully deployed.|
@@ -90,7 +90,7 @@ Typically, Azure prerequisites are managed by your **security** teams.
 
 | Prerequisite | Description |Required/optional |
 | ---- | ----------- |----------- |
-| **Permissions to create Azure resources** | You must have: <br><br>- The necessary permissions to deploy solutions from the Microsoft Sentinel content hub. For more information, see [Prerequisites for deploying Microsoft Sentinel solutions](../sentinel-solutions-deploy.md#prerequisites) and [Microsoft Entra built-in roles](/entra/identity/role-based-access-control/permissions-reference#application-administrator). <br>Owner on the Microsoft Sentinel resource group , required for:<br><br>- Creation of data collection rule and data collection endpoint.<br><br>- Monitoring Metrics Publisher role assignment on data collection rule. |Required |
+| **Permissions to create Azure resources** | You must have: <br><br>- The necessary permissions to deploy solutions from the Microsoft Sentinel content hub. For more information, see [Prerequisites for deploying Microsoft Sentinel solutions](../sentinel-solutions-deploy.md#prerequisites) and [Microsoft Entra built-in roles](/entra/identity/role-based-access-control/permissions-reference#application-administrator). <br>Owner on the Microsoft Sentinel resource group, required for:<br><br>- Creation of data collection rule and data collection endpoint.<br><br>- Monitoring Metrics Publisher role assignment on data collection rule. |Required |
 | **Read permissions to shared keys for the workspace** | For more information, see [Install Log Analytics agent on Windows computers](/azure/azure-monitor/platform/agent-windows##workspace-id-and-key). | Required |
 | **Permissions in Microsoft Entra**|You must have permissions in Microsoft Entra ID required to create app registrations. This permission can be obtained through membership of built-in Microsoft Entra ID role:<br><br>- Application Developer.|Required |
 

articles/sentinel/sap/prerequisites-for-deploying-sap-continuous-threat-monitoring.md

@@ -23,7 +23,7 @@ This article includes troubleshooting steps to help you ensure accurate and time
 
 When working with the agentless data connector, most troubleshooting is done directly in the SAP Integration Suite, where the message log displays errors indicating the nature of the issue encountered.
 
-Starting my examining the message processing logs. For more information, see the [SAP documentation](https://help.sap.com/docs/cloud-integration/sap-cloud-integration/monitor-message-processing-monitor). The error messages there can help you diagnose issues with missing permissions, connectivity errors, and other misconfigurations. 
+Start by examining the message processing logs. For more information, see the [SAP documentation](https://help.sap.com/docs/cloud-integration/sap-cloud-integration/monitor-message-processing-monitor). The error messages there can help you diagnose issues with missing permissions, connectivity errors, and other misconfigurations. 
 
 If you don't see a related error to your issue, turn on trace logging for more in-depth troubleshooting. For more information, see the [SAP documentation](https://help.sap.com/docs/cloud-integration/sap-cloud-integration/setting-log-levels).
 

articles/sentinel/sap/sap-deploy-troubleshoot.md

@@ -379,7 +379,7 @@ The **SAPUsersGetVIP** function returns the following output:
 | The *SAP_User_Config* watchlist | User on-premises SID |  | |
 | The *SAP_User_Config* watchlist | User principal name |  | |
 | The *SAP_User_Config* watchlist | `TagsList` | A list of tags assigned to user | `ChangeUserMasterDataOK`;`RunObsoleteProgOK` |
-| Logic | TagsIntersect | A set of tags that matched `SearchForTags` | ["ChangeUserMasterDataOK","RunObsoleteProgOK"]  |
+| Logic | TagsIntersect | A set of tags that matched `SearchForTags` | `["ChangeUserMasterDataOK","RunObsoleteProgOK"]`  |
 | Logic | SpecialFocusTagged | Special focus indication | `True`, `False`  |
 | Logic | IntersectionSize | The number of intersected tags | |
 
@@ -419,7 +419,7 @@ The **SAPUsersHeader** function returns the following output:
 | SAP audit log | LastSeen | A timestamp | Last audit event observed for the user  |
 | SAP audit log | LastSeenDaysAgo | Days passed since `LastSeen` | |
 | SAP audit log | PrimaryIP | Most frequently used IP address | `ChangeUserMasterDataOK`;`RunObsoleteProgOK`  |
-| SAP audit log | LastKnownIP | Most recently used IP address | ["ChangeUserMasterDataOK","RunObsoleteProgOK"]  |
+| SAP audit log | LastKnownIP | Most recently used IP address | `["ChangeUserMasterDataOK","RunObsoleteProgOK"]`  |
 | SAP audit log | PrimaryEmail | Most frequently used email address | `True`, `False`  |
 | SAP audit log | KnownIPs | List of known IP addresses | Sorted by most frequent first  |
 | SAP audit log | KnownEmails | List of known email addresses | Sorted by most frequent first  |
@@ -430,7 +430,7 @@ The **SAPUsersHeader** function returns the following output:
 
 ## TH_SERVER_LIST (Preview)
 
-The **TH_SERVER_LIST** function function is relevant when your SAP system is an older system using XAL, and lists active SAP application servers.
+The **TH_SERVER_LIST** function is relevant when your SAP system is an older system using XAL, and lists active SAP application servers.
 
 The **TH_SERVER_LIST** function is supported only with the SAP agentless data connector. For more information, see [Install a Microsoft Sentinel solution for SAP applications](deploy-sap-security-content.md?pivots=connection-agentless).
 

articles/sentinel/sap/sap-solution-function-reference.md

@@ -1838,7 +1838,7 @@ groups:
 # Owner: bagol
 - id: sentinel-sap-connection
   title: Connection
-  prompt: Choose an connection type
+  prompt: Choose a connection type
   pivots:
   - id: connection-agentless
     title: Agentless data connector (Preview)