MicrosoftDocs
diff --git a/‎articles/sentinel/entity-pages.md
Lines changed: 4 additions & 4 deletions b/‎articles/sentinel/entity-pages.md
Lines changed: 4 additions & 4 deletions
diff --git a/‎articles/sentinel/identify-threats-with-entity-behavior-analytics.md
Lines changed: 1 addition & 1 deletion b/‎articles/sentinel/identify-threats-with-entity-behavior-analytics.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/sentinel/media/add-entity-to-threat-intelligence/add-entity-to-ti.png
35.3 KB b/‎articles/sentinel/media/add-entity-to-threat-intelligence/add-entity-to-ti.png
35.3 KB
diff --git a/‎articles/sentinel/media/add-entity-to-threat-intelligence/entity-actions-from-overview.png
518 Bytes b/‎articles/sentinel/media/add-entity-to-threat-intelligence/entity-actions-from-overview.png
518 Bytes
diff --git a/‎articles/sentinel/media/add-entity-to-threat-intelligence/incident-details-overview.png
15.1 KB b/‎articles/sentinel/media/add-entity-to-threat-intelligence/incident-details-overview.png
15.1 KB
diff --git a/‎articles/sentinel/media/add-entity-to-threat-intelligence/new-indicator-panel.png
6.59 KB b/‎articles/sentinel/media/add-entity-to-threat-intelligence/new-indicator-panel.png
6.59 KB
diff --git a/‎articles/sentinel/media/connect-google-cloud-platform/add-new-collector.png
8.98 KB b/‎articles/sentinel/media/connect-google-cloud-platform/add-new-collector.png
8.98 KB
diff --git a/‎articles/sentinel/media/connect-google-cloud-platform/find-tenant-id.png
41.7 KB b/‎articles/sentinel/media/connect-google-cloud-platform/find-tenant-id.png
41.7 KB
diff --git a/‎articles/sentinel/media/connect-logstash/logstash-custom-logs-query.png
36.6 KB b/‎articles/sentinel/media/connect-logstash/logstash-custom-logs-query.png
36.6 KB
diff --git a/‎articles/sentinel/media/entity-pages/entity-page-sentinel.png
18.5 KB b/‎articles/sentinel/media/entity-pages/entity-page-sentinel.png
18.5 KB
@@ -39,11 +39,11 @@ If you're using the **[Microsoft Sentinel in the Defender portal](https://go.mic
 
 # [Azure portal](#tab/azure-portal)
 
-:::image type="content" source="./media/entity-pages/entity-page-sentinel.png" alt-text="Screenshot of an example of an entity page in the Azure portal.":::
+:::image type="content" source="./media/entity-pages/entity-page-sentinel.png" alt-text="Screenshot of an example of an entity page in the Azure portal." lightbox="./media/entity-pages/entity-page-sentinel.png":::
 
 # [Defender portal](#tab/defender-portal)
 
-:::image type="content" source="./media/entity-pages/entity-pages-timeline-defender.png" alt-text="Screenshot of an example of an entity page in the Defender portal.":::
+:::image type="content" source="./media/entity-pages/entity-pages-timeline-defender.png" alt-text="Screenshot of an example of an entity page in the Defender portal." lightbox="./media/entity-pages/entity-pages-timeline-defender.png":::
 
 ---
 
@@ -65,7 +65,7 @@ The following types of items are included in the timeline.
 
 - **Activities**: aggregation of notable events relating to the entity. A wide range of activities are collected automatically, and you can now [customize this section by adding activities](customize-entity-activities.md) of your own choosing.
 
-:::image type="content" source="./media/entity-pages/entity-pages-timeline-sentinel.png" alt-text="Screenshot of an example of a timeline on an entity page in the Azure portal.":::
+:::image type="content" source="./media/entity-pages/entity-pages-timeline-sentinel.png" alt-text="Screenshot of an example of a timeline on an entity page in the Azure portal." lightbox="./media/entity-pages/entity-pages-timeline-sentinel.png":::
 
 # [Defender portal](#tab/defender-portal)
 
@@ -83,7 +83,7 @@ The following types of items are included in the timeline.
 
 - **Activities**: aggregation of notable events relating to the entity. A wide range of activities are collected automatically, and you can now [customize this section by adding activities](customize-entity-activities.md) of your own choosing.
 
-:::image type="content" source="./media/entity-pages/entity-pages-timeline-defender.png" alt-text="Screenshot of an example of a timeline on an entity page in the Defender portal.":::
+:::image type="content" source="./media/entity-pages/entity-pages-timeline-defender.png" alt-text="Screenshot of an example of a timeline on an entity page in the Defender portal." lightbox="./media/entity-pages/entity-pages-timeline-defender.png":::
 
 This timeline displays information from the past 24 hours. This period is not currently adjustable.
 
 
@@ -97,7 +97,7 @@ User peers' metadata provides important context in threat detections, in investi
 
 Microsoft Sentinel calculates and ranks a user's peers, based on the user’s Microsoft Entra security group membership, mailing list, et cetera, and stores the peers ranked 1-20 in the **UserPeerAnalytics** table. The screenshot below shows the schema of the UserPeerAnalytics table, and displays the top eight-ranked peers of the user Kendall Collins. Microsoft Sentinel uses the *term frequency-inverse document frequency* (TF-IDF) algorithm to normalize the weighing for calculating the rank: the smaller the group, the higher the weight. 
 
-:::image type="content" source="./media/identify-threats-with-entity-behavior-analytics/user-peers-metadata.png" alt-text="Screen shot of user peers metadata table":::
+:::image type="content" source="./media/identify-threats-with-entity-behavior-analytics/user-peers-metadata.png" alt-text="Screen shot of user peers metadata table" lightbox="./media/identify-threats-with-entity-behavior-analytics/user-peers-metadata.png":::
 
 You can use the [Jupyter notebook](https://github.com/Azure/Azure-Sentinel-Notebooks/tree/master/scenario-notebooks/UserSecurityMetadata) provided in the Microsoft Sentinel GitHub repository to visualize the user peers metadata. For detailed instructions on how to use the notebook, see the [Guided Analysis - User Security Metadata](https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/scenario-notebooks/UserSecurityMetadata/Guided%20Analysis%20-%20User%20Security%20Metadata.ipynb) notebook.