Merge pull request #89791 from memildin/asc-melvyn-test

PMEds28 · web-flow · commit 6a51c3e416e4 · 2019-09-26T10:12:35.000+01:00
Minor grammatical fixes
diff --git a/articles/security-center/security-center-partner-integration.md b/articles/security-center/security-center-partner-integration.md
@@ -24,14 +24,14 @@ This document helps you to manage security solutions already connected to Azure
 ## Integrated Azure security solutions
 Security Center makes it easy to enable integrated security solutions in Azure. Benefits include:
 
-- **Simplified deployment**: Security Center offers streamlined provisioning of integrated partner solutions. For solutions like antimalware and vulnerability assessment, Security Center can provision the needed agent on your virtual machines, and for firewall appliances, Security Center can take care of much of the network configuration required.
+- **Simplified deployment**: Security Center offers streamlined provisioning of integrated partner solutions. For solutions like antimalware and vulnerability assessment, Security Center can provision the agent on your virtual machines. For firewall appliances, Security Center can take care of much of the network configuration required.
 - **Integrated detections**: Security events from partner solutions are automatically collected, aggregated, and displayed as part of Security Center alerts and incidents. These events also are fused with detections from other sources to provide advanced threat-detection capabilities.
 - **Unified health monitoring and management**: Customers can use integrated health events to monitor all partner solutions at a glance. Basic management is available, with easy access to advanced setup by using the partner solution.
 
-Currently, integrated security solutions include Vulnerability assessment by [Qualys](https://www.qualys.com/public-cloud/#azure) and [Rapid7](https://www.rapid7.com/products/insightvm/) and Microsoft Application Gateway Web application firewall.
+Currently, integrated security solutions include vulnerability assessment by [Qualys](https://www.qualys.com/public-cloud/#azure) and [Rapid7](https://www.rapid7.com/products/insightvm/) and Microsoft Application Gateway Web application firewall.
 
 > [!NOTE]
-> Security Center does not install the Microsoft Monitoring Agent on partner virtual appliances because most security vendors prohibit external agents running on their appliance.
+> Security Center does not install the Microsoft Monitoring Agent on partner virtual appliances because most security vendors prohibit external agents running on their appliances.
 >
 >
 
@@ -50,45 +50,45 @@ Azure security solutions that are deployed from Security Center are automaticall
 
    ![Security Center Overview](./media/security-center-partner-integration/overview.png)
 
-Under **Security solutions**, you can view information about the health of integrated Azure security solutions and perform basic management tasks.
+In **Security solutions**, you can see the health of integrated Azure security solutions and run basic management tasks.
 
 ### Connected solutions
 
-The **Connected solutions** section includes security solutions that are currently connected to Security Center and information about the health status of each solution.  
+The **Connected solutions** section includes security solutions that are currently connected to Security Center. It also shows the health status of each solution.  
 
 ![Connected solutions](./media/security-center-partner-integration/security-center-partner-integration-fig4.png)
 
 The status of a partner solution can be:
 
-* Healthy (green) - there is no health issue.
-* Unhealthy (red) - there is a health issue that requires immediate attention.
+* Healthy (green) - no health issues.
+* Unhealthy (red) - there's a health issue that requires immediate attention.
 * Health issues (orange) - the solution has stopped reporting its health.
-* Not reported (gray) - the solution has not reported anything yet, a solution's status may be unreported if it has recently been connected and is still deploying, or no health data is available.
+* Not reported (gray) - the solution hasn't reported anything yet and no health data is available. A solution's status may be unreported if it was connected recently and is still deploying.
 
 > [!NOTE]
-> If health status data is not available, Security Center shows the date and time of the last event received to indicate whether the solution is reporting or not. If no health data is available and no alerts are received within the last 14 days, Security Center indicates that the solution is unhealthy or not reporting.
+> If health status data is not available, Security Center shows the date and time of the last event received to indicate whether the solution is reporting or not. If no health data is available and no alerts were received within the last 14 days, Security Center indicates that the solution is unhealthy or not reporting.
 >
 >
 
-1. Select **VIEW** for additional information and options, which includes:
+1. Select **VIEW** for additional information and options such as:
 
    - **Solution console**. Opens the management experience for this solution.
-   - **Link VM**. Opens the Link Applications blade. Here you can connect resources to the partner solution.
+   - **Link VM**. Opens the Link Applications page. Here you can connect resources to the partner solution.
    - **Delete solution**.
    - **Configure**.
 
    ![Partner solution detail](./media/security-center-partner-solutions/partner-solutions-detail.png)
 
 ### Discovered solutions
 
-Security Center automatically discovers security solutions running in Azure but are not connected to Security Center and displays the solutions in the **Discovered solutions** section. This includes Azure solutions, such as [Azure AD Identity Protection](https://docs.microsoft.com/azure/active-directory/active-directory-identityprotection), as well as partner solutions.
+Security Center automatically discovers security solutions running in Azure but not connected to Security Center and displays the solutions in the **Discovered solutions** section. These  solutions include Azure solutions, like [Azure AD Identity Protection](https://docs.microsoft.com/azure/active-directory/active-directory-identityprotection), and partner solutions.
 
 > [!NOTE]
-> The Standard tier of Security Center is required at the subscription level for the discovered solutions feature. See [Pricing](security-center-pricing.md) to learn more about Security's pricing tiers.
+> The Standard tier of Security Center is required at the subscription level for the discovered solutions feature. See [Pricing](security-center-pricing.md) to learn more about the pricing tiers.
 >
 >
 
-Select **CONNECT** under a solution to integrate with Security Center and be notified on security alerts.
+Select **CONNECT** under a solution to integrate with Security Center and be notified of security alerts.
 
 ![Discovered solutions](./media/security-center-partner-integration/security-center-partner-integration-fig5.png)
 
@@ -100,39 +100,39 @@ The **Add data sources** section includes other available data sources that can
 
 ## Exporting data to a SIEM
 
-Processed events produced by Azure Security Center are published to the Azure [Activity log](../monitoring-and-diagnostics/monitoring-overview-activity-logs.md), one of the log types available through Azure Monitor. Azure Monitor offers a consolidated pipeline for routing any of your monitoring data into a SIEM tool. This is done by streaming that data to an Event Hub where it can then be pulled into a partner tool.
+You can configure your SIEMs or other monitoring tools to receive Azure Security Center events.
 
-This pipe uses the [Azure Monitoring single pipeline](../azure-monitor/platform/stream-monitoring-data-event-hubs.md) for getting access to the monitoring data from your Azure environment. This enables you to easily set up SIEMs and monitoring tools to consume the data.
+All events from Azure Security Center are published to Azure Monitor's Azure [Activity log](../monitoring-and-diagnostics/monitoring-overview-activity-logs.md). Azure Monitor uses [a consolidated pipeline](../azure-monitor/platform/stream-monitoring-data-event-hubs.md) to  stream the data to an Event Hub where it can then be pulled into your monitoring tool.
 
 The next sections describe how you can configure data to be streamed to an event hub. The steps assume that you already have Azure Security Center configured in your Azure subscription.
 
-High-level overview
+### High-level overview
 
 ![High-Level overview](media/security-center-export-data-to-siem/overview.png)
 
 ### What is the Azure security data exposed to SIEM?
 
-In this version we expose the [security alerts.](../security-center/security-center-managing-and-responding-alerts.md) In upcoming releases, we will enrich the data set with security recommendations.
+In this version, we expose the [security alerts.](../security-center/security-center-managing-and-responding-alerts.md) In upcoming releases, we will enrich the data set with security recommendations.
 
-### How to setup the pipeline
+### How to set up the pipeline
 
 #### Create an Event Hub
 
-Before you begin, you need to [create an Event Hubs namespace](../event-hubs/event-hubs-create.md). This namespace and Event Hub is the destination for all your monitoring data.
+Before you begin, [create an Event Hubs namespace](../event-hubs/event-hubs-create.md) - the destination for all your monitoring data.
 
 #### Stream the Azure Activity Log to Event Hubs
 
-Please refer to the following article [stream activity log to Event Hubs](../azure-monitor/platform/activity-logs-stream-event-hubs.md)
+See the following article [stream activity log to Event Hubs](../azure-monitor/platform/activity-logs-stream-event-hubs.md)
 
 #### Install a partner SIEM connector 
 
 Routing your monitoring data to an Event Hub with Azure Monitor enables you to easily integrate with partner SIEM and monitoring tools.
 
-Refer to the following link to see the list of [supported SIEMs](../azure-monitor/platform/resource-logs-stream-event-hubs.md#what-you-can-do-with-resource-logs-sent-to-an-event-hub)
+See the following article for the list of [supported SIEMs](../azure-monitor/platform/resource-logs-stream-event-hubs.md#what-you-can-do-with-resource-logs-sent-to-an-event-hub)
 
 ### Example for Querying data 
 
-Here is a couple of Splunk queries that you can use to pull alert data:
+Here are some Splunk queries you can use to pull alert data:
 
 | **Description of Query** | **Query** |
 |----|----|
