Merge pull request #250482 from cmcclister/Broken-link-fix-cwatson-cat

Broken Links Fixed

Author: v-regandowner

articles/sentinel/data-connectors/delinea-secret-server.md

@@ -52,9 +52,6 @@ To integrate with Delinea Secret Server make sure you have:
 
 - **Delinea Secret Server**: must be configured to export logs via Syslog 
 
-   [Learn more about configure Secret Server](https://thy.center/ss/link/syslog)
-
-
 ## Vendor installation instructions
 
 1. Linux Syslog agent configuration

articles/sentinel/data-connectors/infoblox-cloud-data-connector.md

@@ -88,10 +88,12 @@ InfobloxCDC
 ## Vendor installation instructions
 
 
->**IMPORTANT:** This data connector depends on a parser based on a Kusto Function to work as expected called [**InfobloxCDC**](https://aka.ms/sentinel-InfobloxCloudDataConnector-parser) which is deployed with the solution.
+> [!IMPORTANT]
+> This data connector depends on a parser based on a Kusto Function to work as expected called **InfobloxCDC** which is deployed with the solution.
 
 
->**IMPORTANT:** This Microsoft Sentinel data connector assumes an Infoblox Cloud Data Connector host has already been created and configured in the Infoblox Cloud Services Portal (CSP). As the [**Infoblox Cloud Data Connector**](https://docs.infoblox.com/display/BloxOneThreatDefense/Deploying+the+Data+Connector+Solution) is a feature of BloxOne Threat Defense, access to an appropriate BloxOne Threat Defense subscription is required. See this [**quick-start guide**](https://www.infoblox.com/wp-content/uploads/infoblox-deployment-guide-data-connector.pdf) for more information and licensing requirements.
+> [!IMPORTANT]
+> This Microsoft Sentinel data connector assumes an Infoblox Cloud Data Connector host has already been created and configured in the Infoblox Cloud Services Portal (CSP). As the [**Infoblox Cloud Data Connector**](https://docs.infoblox.com/display/BloxOneThreatDefense/Deploying+the+Data+Connector+Solution) is a feature of BloxOne Threat Defense, access to an appropriate BloxOne Threat Defense subscription is required. See this [**quick-start guide**](https://www.infoblox.com/wp-content/uploads/infoblox-deployment-guide-data-connector.pdf) for more information and licensing requirements.
 
 1. Linux Syslog agent configuration
 
@@ -101,7 +103,7 @@ Install and configure the Linux agent to collect your Common Event Format (CEF)
 
 1.1 Select or create a Linux machine
 
-Select or create a Linux machine that Microsoft Sentinel will use as the proxy between your security solution and Microsoft Sentinel this machine can be on your on-prem environment, Microsoft Sentinel or other clouds.
+Select or create a Linux machine that Microsoft Sentinel will use as the proxy between your security solution and Microsoft Sentinel this machine can be on your on-premises environment, Microsoft Sentinel or other clouds.
 
 1.2 Install the CEF collector on the Linux machine
 
@@ -118,35 +120,36 @@ Install the Microsoft Monitoring Agent on your Linux machine and configure the m
 2. Configure Infoblox BloxOne to send Syslog data to the Infoblox Cloud Data Connector to forward to the Syslog agent
 
 Follow the steps below to configure the Infoblox CDC to send BloxOne data to Microsoft Sentinel via the Linux Syslog agent.
-2. Navigate to **Manage > Data Connector**.
-3. Click the **Destination Configuration** tab at the top.
-4. Click **Create > Syslog**. 
- - **Name**: Give the new Destination a meaningful **name**, such as **Microsoft-Sentinel-Destination**.
- - **Description**: Optionally give it a meaningful **description**.
- - **State**: Set the state to **Enabled**.
- - **Format**: Set the format to **CEF**.
- - **FQDN/IP**: Enter the IP address of the Linux device on which the Linux agent is installed.
- - **Port**: Leave the port number at **514**.
- - **Protocol**: Select desired protocol and CA certificate if applicable.
- - Click **Save & Close**.
-5. Click the **Traffic Flow Configuration** tab at the top.
-6. Click **Create**.
- - **Name**: Give the new Traffic Flow a meaningful **name**, such as **Microsoft-Sentinel-Flow**.
- - **Description**: Optionally give it a meaningful **description**. 
- - **State**: Set the state to **Enabled**. 
- - Expand the **CDC Enabled Host** section. 
-    - **On-Prem Host**: Select your desired on-prem host for which the Data Connector service is enabled. 
- - Expand the **Source Configuration** section.  
+
+1. Navigate to **Manage > Data Connector**.
+1. Click the **Destination Configuration** tab at the top.
+1. Click **Create > Syslog**. 
+   - **Name**: Give the new Destination a meaningful **name**, such as **Microsoft-Sentinel-Destination**.
+   - **Description**: Optionally give it a meaningful **description**.
+   - **State**: Set the state to **Enabled**.
+   - **Format**: Set the format to **CEF**.
+   - **FQDN/IP**: Enter the IP address of the Linux device on which the Linux agent is installed.
+   - **Port**: Leave the port number at **514**.
+   - **Protocol**: Select desired protocol and CA certificate if applicable.
+   - Click **Save & Close**.
+1. Click the **Traffic Flow Configuration** tab at the top.
+1. Click **Create**.
+   - **Name**: Give the new Traffic Flow a meaningful **name**, such as **Microsoft-Sentinel-Flow**.
+   - **Description**: Optionally give it a meaningful **description**. 
+   - **State**: Set the state to **Enabled**. 
+   - Expand the **CDC Enabled Host** section. 
+    - **On-Prem Host**: Select your desired on-premises host for which the Data Connector service is enabled. 
+   - Expand the **Source Configuration** section.  
     - **Source**: Select **BloxOne Cloud Source**. 
     - Select all desired **log types** you wish to collect. Currently supported log types are:
       - Threat Defense Query/Response Log
       - Threat Defense Threat Feeds Hits Log
       - DDI Query/Response Log
       - DDI DHCP Lease Log
- - Expand the **Destination Configuration** section.  
+   - Expand the **Destination Configuration** section.  
     - Select the **Destination** you just created. 
- - Click **Save & Close**. 
-7. Allow the configuration some time to activate.
+   - Click **Save & Close**. 
+1. Allow the configuration some time to activate.
 
 3. Validate connection
 

articles/sentinel/data-connectors/island-enterprise-browser-admin-audit-polling-ccp.md

@@ -44,7 +44,7 @@ To integrate with Island Enterprise Browser Admin Audit (Polling CCP) make sure
 
 Connect Island to Microsoft Sentinel
 
-Provide the Island API URL and Key.  API URL is https://management.island.io/api/external/v1/adminActions for US or https://eu.management.island.io/api/external/v1/adminActions for EU.
+Provide the Island API URL and Key.  API URL is ```https://management.island.io/api/external/v1/adminActions``` for US or ```https://eu.management.island.io/api/external/v1/adminActions``` for EU.
   Generate the API Key in the Management Console under Settings > API.
 
 

articles/sentinel/data-connectors/microsoft-defender-for-office-365.md

@@ -32,8 +32,3 @@ For more information, see the [Microsoft Sentinel documentation](https://go.micr
 | **Log Analytics table(s)** | SecurityAlert (OATP)<br/> |
 | **Data collection rules support** | Not currently supported |
 | **Supported by** | [Microsoft Corporation](https://support.microsoft.com/) |
-
-
-## Next steps
-
-For more information, go to the [related solution](https://azuremarketplace.microsoft.com/en-us/marketplace/apps/azuresentinel.azure-sentinel-solution-microsoftdefenderforoffice?tab=Overview) in the Azure Marketplace.

articles/sentinel/data-connectors/netskope-using-azure-functions.md

@@ -49,12 +49,10 @@ Netskope
 To integrate with Netskope (using Azure Functions) make sure you have: 
 
 - **Microsoft.Web/sites permissions**: Read and write permissions to Azure Functions to create a Function App is required. [See the documentation to learn more about Azure Functions](/azure/azure-functions/).
-- **Netskope API Token**: A Netskope API Token is required. [See the documentation to learn more about Netskope API](https://innovatechcloud.goskope.com/docs/Netskope_Help/en/rest-api-v1-overview.html). **Note:** A Netskope account is required
-
+- **Netskope API Token**: A Netskope account and API Token are required.
 
 ## Vendor installation instructions
 
-
 > [!NOTE]
 >  - This connector uses Azure Functions to connect to Netskope to pull logs into Microsoft Sentinel. This might result in additional data ingestion costs. Check the [Azure Functions pricing page](https://azure.microsoft.com/pricing/details/functions/) for details.
 >  - This data connector depends on a parser based on a Kusto Function to work as expected which is deployed as part of the solution. To view the function code in Log Analytics, open Log Analytics/Microsoft Sentinel Logs blade, click Functions and search for the alias Netskope and load the function code or click [here](https://github.com/Azure/Azure-Sentinel/blob/master/Solutions/Netskope/Parsers/Netskope.txt), on the second line of the query, enter the hostname(s) of your Netskope device(s) and any other unique identifiers for the logstream. The function usually takes 10-15 minutes to activate after solution installation/update.
@@ -72,7 +70,7 @@ To integrate with Netskope (using Azure Functions) make sure you have:
 
 Option 1 - Azure Resource Manager (ARM) Template
 
-This method provides an automated deployment of the Netskope connector using an ARM Tempate.
+This method provides an automated deployment of the Netskope connector using an ARM Template.
 
 1. Click the **Deploy to Azure** button below. 
 
@@ -94,10 +92,10 @@ This method provides the step-by-step instructions to deploy the Netskope connec
 
 **1. Create a Function App**
 
-1.  From the Azure Portal, navigate to [Function App](https://portal.azure.com/#blade/HubsExtension/BrowseResource/resourceType/Microsoft.Web%2Fsites/kind/functionapp), and select **+ Add**.
+1.  From the Azure portal, navigate to [Function App](https://portal.azure.com/#blade/HubsExtension/BrowseResource/resourceType/Microsoft.Web%2Fsites/kind/functionapp), and select **+ Add**.
 2. In the **Basics** tab, ensure Runtime stack is set to **Powershell Core**. 
 3. In the **Hosting** tab, ensure the **Consumption (Serverless)** plan type is selected.
-4. Make other preferrable configuration changes, if needed, then click **Create**.
+4. Make other preferable configuration changes, if needed, then click **Create**.
 
 
 **2. Import Function App Code**
@@ -121,9 +119,9 @@ This method provides the step-by-step instructions to deploy the Netskope connec
 		timeInterval
 		logTypes
 		logAnalyticsUri (optional)
-  - Enter the URI that corresponds to your region. The `uri` value must follow the following schema: `https://<Tenant Name>.goskope.com` - There is no need to add subsquent parameters to the Uri, the Function App will dynamically append the parameteres in the proper format.
+  - Enter the URI that corresponds to your region. The `uri` value must follow the following schema: `https://<Tenant Name>.goskope.com` - There is no need to add subsequent parameters to the Uri, the Function App will dynamically append the parameters in the proper format.
   - Set the `timeInterval` (in minutes) to the default value of `5` to correspond to the default Timer Trigger of every `5` minutes. If the time interval needs to be modified, it is recommended to change the Function App Timer Trigger accordingly to prevent overlapping data ingestion.
-  - Set the `logTypes` to `alert, page, application, audit, infrastructure, network` - This list represents all the avaliable log types. Select the log types based on logging requirements, seperating each by a single comma.
+  - Set the `logTypes` to `alert, page, application, audit, infrastructure, network` - This list represents all the available log types. Select the log types based on logging requirements, separating each by a single comma.
     > [!NOTE]
     > If using Azure Key Vault, use the`@Microsoft.KeyVault(SecretUri={Security Identifier})`schema in place of the string values. Refer to [Key Vault references documentation](/azure/app-service/app-service-key-vault-references) for further details. 
   - Use logAnalyticsUri to override the log analytics API endpoint for dedicated cloud. For example, for public cloud, leave the value empty; for Azure GovUS cloud environment, specify the value in the following format: `https://<CustomerId>.ods.opinsights.azure.us`.

articles/sentinel/data-connectors/symantec-vip.md

@@ -64,12 +64,9 @@ Configure the facilities you want to collect and their severities.
  2. Select **Apply below configuration to my machines** and select the facilities and severities.
  3.  Click **Save**.
 
+3. Connect the Symantec VIP
 
-3. Configure and connect the Symantec VIP
-
-[Follow these instructions](https://help.symantec.com/cs/VIP_EG_INSTALL_CONFIG/VIP/v134652108_v128483142/Configuring-syslog) to configure the Symantec VIP Enterprise Gateway to forward syslog. Use the IP address or hostname for the Linux device with the Linux agent installed as the Destination IP address.
-
-
+Use the IP address or hostname for the Linux device with the Linux agent installed as the Destination IP address.
 
 ## Next steps