Merge branch 'master' of https://github.com/MicrosoftDocs/azure-docs-pr into 05-21-mi-ml-in-new-scheme

Author: garyericson

articles/automation/automation-onboard-solutions-from-browse.md

@@ -1,12 +1,12 @@
 ---
-title: Enable Azure Automation Update Management from Azure portal
+title: Enable Azure Automation Update Management from the Azure portal
 description: This article tells how to enable Update Management from the Azure portal.
 services: automation
 ms.date: 04/11/2019
 ms.topic: article
 ms.custom: mvc
 ---
-# Enable Update Management from Azure portal
+# Enable Update Management from the Azure portal
 
 This article describes how you can enable the [Update Management](automation-update-management.md) feature for VMs by browsing the Azure portal. To enable Azure VMs at scale, you must enable an existing VM using Update Management. 
 

articles/automation/automation-tutorial-update-management.md

@@ -9,28 +9,14 @@ ms.topic: conceptual
 
 # Manage Change Tracking and Inventory
 
-Azure Automation enables the [Change Tracking and Inventory](change-tracking.md) feature for machines in your environment. The feature tracks and makes available changes in registry keys, files, contents, and the like. This article includes procedures for working with this feature.
+When you add a new file or registry key to track, Azure Automation enables it for [Change Tracking and Inventory](change-tracking.md). This article describes how to configure tracking, review tracking results, and handle alerts when changes are detected.
 
-## Enable the full Change Tracking and Inventory feature
+Before using the procedures in this article, ensure that you've enabled Change Tracking and Inventory on your VMs using one of these techniques:
 
-If you have enabled [Azure Security Center File Integrity Monitoring (FIM)](https://docs.microsoft.com/azure/security-center/security-center-file-integrity-monitoring), you can use the full Change Tracking and Inventory feature for your machines as described below. Your settings are not removed by this process.
-
-> [!NOTE]
-> Enabling the full Change Tracking and Inventory feature might cause additional charges. See [Automation Pricing](https://azure.microsoft.com/pricing/details/automation/).
-
-1. Remove the monitoring solution by navigating to the workspace and locating it in the [list of installed monitoring solutions](../azure-monitor/insights/solutions.md#list-installed-monitoring-solutions).
-2. Click on the name of the solution to open its summary page and then click on **Delete**, as detailed in [Remove a monitoring solution](../azure-monitor/insights/solutions.md#remove-a-monitoring-solution).
-3. To re-enable Change Tracking and Inventory, navigate to the Automation account and select **Change tracking** or **Inventory** under **Configuration Management**.
-4. Choose the Log Analytics workspace and Automation account, confirm your workspace settings, and click **Enable**.
-
-## <a name="onboard"></a>Enable machines for Change Tracking and Inventory
-
-To begin tracking changes, you must enable Change Tracking and Inventory in Azure Automation. Here are the recommended and supported ways to enable this feature for your machines: 
-
-* [Enable from a virtual machine](automation-onboard-solutions-from-vm.md)
-* [Enable from browsing multiple machines](automation-onboard-solutions-from-browse.md)
-* [Enable from your Automation account](automation-onboard-solutions-from-automation-account.md)
-* [Enable in an Azure Automation runbook](automation-onboard-solutions.md)
+* [Enable Change Tracking and Inventory from an Automation account](automation-enable-changes-from-auto-acct.md)
+* [Enable Change Tracking and Inventory by browsing in Azure portal](automation-enable-changes-from-browse.md)
+* [Enable Change Tracking and Inventory from a runbook](automation-enable-changes-from-runbook.md)
+* [Enable Change Tracking and Inventory from an Azure VM](automation-enable-changes-from-vm.md)
 
 ## Track files
 
@@ -49,7 +35,7 @@ Use the following steps to configure file tracking on Windows computers:
     |Item Name     | Friendly name of the file to be tracked.        |
     |Group     | A group name for logically grouping files.        |
     |Enter Path     | The path to check for the file, for example, **c:\temp\\\*.txt**. You can also use environment variables, such as `%winDir%\System32\\\*.*`.       |
-    |Path Type     | The type of path. Possible values are File and Directory.        |    
+    |Path Type     | The type of path. Possible values are File and Folder.        |    
     |Recursion     | True if recursion is used when looking for the item to be tracked, and False otherwise.        |    
     |Upload file content | True to upload file content on tracked changes, and False otherwise.|
 
@@ -72,8 +58,8 @@ Use the following steps to configure file tracking on Linux computers:
     |Enter Path     | The path to check for the file, for example, **/etc/*.conf**.       |
     |Path Type     | The type of path. Possible values are File and Directory.        |
     |Recursion     | True if recursion is used when looking for the item to be tracked, and False otherwise.        |
-    |Use Sudo     | True to use sudo when checking for the item, and False otherwise.         |
-    |Links     | Setting that determines how to deal with symbolic links when traversing directories. Possible values are:<br> Ignore - Ignores symbolic links and doesn't include the files/directories referenced.<br>Follow - Follows the symbolic links during recursion and also includes the files/directories referenced.<br>Manage - Follows the symbolic links and allows altering of returned content. **Note** - This option isn't recommended, as it doesn't support file content retrieval.    |
+    |Use Ludo     | True to use sudo when checking for the item, and False otherwise.         |
+    |Links     | Setting that determines how to deal with symbolic links when traversing directories. Possible values are:<br> Ignore - Ignores symbolic links and doesn't include the files/directories referenced.<br>Follow - Follows the symbolic links during recursion and also includes the files/directories referenced.<br>Manage - Follows the symbolic links and allows altering of returned content.<br>**Note:** The Manage option isn't recommended, as it doesn't support file content retrieval.    |
     |Upload file content | True to upload file content on tracked changes, and False otherwise. |
 
 5. Ensure that you specify True for **Upload file content**. This setting enables file content tracking for the indicated file path.
@@ -98,7 +84,7 @@ File content tracking allows you to view the contents of a file before and after
 2. Click **Edit Settings** (the gear symbol).
 3. Select **File Content** and click **Link**. This selection opens the Add Content Location for Change Tracking pane.
 
-   ![Enable content location](./media/change-tracking-file-contents/enable.png)
+   ![Add content location](./media/change-tracking-file-contents/enable.png)
 
 4. Select the subscription and storage account to use for storing the file contents. 
 
@@ -118,7 +104,7 @@ Once Change Tracking and Inventory detects a change for a tracked file, you can
 
 1. In the Azure portal, open your Automation account, and then select **Change tracking** under **Configuration Management**.
 
-2. Choose a file in the list of changes and select **View File Content Changes** to see the contents of the file. The Change Details pane shows you the standard before and after file information.
+2. Choose a file in the list of changes and select **View File Content Changes** to see the contents of the file. The change details pane shows you the standard before and after file information for each property.
 
    ![Change details](./media/change-tracking-file-contents/change-details.png)
 
@@ -147,31 +133,31 @@ You can do various searches against the Azure Monitor logs for change records. W
 
 |Query  |Description  |
 |---------|---------|
-|ConfigurationData<br>&#124; where   ConfigDataType == "Microsoft services" and SvcStartupType == "Auto"<br>&#124; where SvcState == "Stopped"<br>&#124; summarize arg_max(TimeGenerated, *) by SoftwareName, Computer         | Shows the most recent inventory records for Microsoft services that were set to Auto but were reported as being Stopped. Results are limited to the most recent record for the specified software name and computer.    |
-|ConfigurationChange<br>&#124; where ConfigChangeType == "Software" and ChangeCategory == "Removed"<br>&#124; order by TimeGenerated desc|Shows change records for removed software.|
+|`ConfigurationData`<br>&#124; `where ConfigDataType == "Microsoft services" and SvcStartupType == "Auto"`<br>&#124; `where SvcState == "Stopped"`<br>&#124; `summarize arg_max(TimeGenerated, *) by SoftwareName, Computer`         | Shows the most recent inventory records for Microsoft services that were set to Auto but were reported as being Stopped. Results are limited to the most recent record for the specified software name and computer.    |
+|`ConfigurationChange`<br>&#124; `where ConfigChangeType == "Software" and ChangeCategory == "Removed"`<br>&#124; `order by TimeGenerated desc`|Shows change records for removed software.|
 
 ## Create alerts on changes
 
 The following example shows that the file **C:\windows\system32\drivers\etc\hosts** has been modified on a machine. This file is important because Windows uses it to resolve host names to IP addresses. This operation takes precedence over DNS, and might result in connectivity issues. It can also lead to redirection of traffic to malicious or otherwise dangerous websites.
 
-![A chart showing the hosts file change](./media/change-tracking-file-contents/changes.png)
+![Chart showing the hosts file change](./media/change-tracking-file-contents/changes.png)
 
 Let's use this example to discuss the steps for creating alerts on a change.
 
 1. In your Automation account, select **Change tracking** under **Configuration Management**, then select **Log Analytics**. 
-2. In the Logs search, look for content changes to the **hosts** file with the query `ConfigurationChange | where FieldsChanged contains "FileContentChecksum" and FileSystemPath contains "hosts"`. This query looks for a content change for files with a fully qualified path containing the word “hosts”. You can also ask for a specific file by changing the path portion to its fully qualified form, for example, using `FileSystemPath == "c:\windows\system32\drivers\etc\hosts"`.
+2. In the Logs search, look for content changes to the **hosts** file with the query `ConfigurationChange | where FieldsChanged contains "FileContentChecksum" and FileSystemPath contains "hosts"`. This query looks for a content change for files with a fully qualified path containing the word `hosts`. You can also ask for a specific file by changing the path portion to its fully qualified form, for example, using `FileSystemPath == "c:\windows\system32\drivers\etc\hosts"`.
 
-3. After the query returns the desired results, click **New alert rule** in the log search to open the alert creation page. You can also navigate to this page through **Azure Monitor** in the Azure portal. 
+3. After the query returns its results, click **New alert rule** in the log search to open the alert creation page. You can also navigate to this page through **Azure Monitor** in the Azure portal. 
 
 4. Check your query again and modify the alert logic. In this case, you want the alert to be triggered if there's even one change detected across all the machines in the environment.
 
     ![Change to query for tracking changes to hosts file](./media/change-tracking-file-contents/change-query.png)
 
-5. After the alert logic is set, assign action groups to perform actions in response to the alert being triggered. In this case, we're setting up emails to be sent and an IT Service Management (ITSM) ticket to be created. 
+5. After the alert logic is set, assign action groups to perform actions in response to triggering of the alert. In this case, we're setting up emails to be sent and an IT Service Management (ITSM) ticket to be created. 
 
     ![Configuring action group to alert on change](./media/change-tracking/action-groups.png)
 
 ## Next steps
 
 * If you need to search logs stored in your Log Analytics workspace, see [Log searches in Azure Monitor logs](../log-analytics/log-analytics-log-searches.md).
-* To troubleshoot feature errors, see [Troubleshoot Change Tracking and Inventory issues](troubleshoot/change-tracking.md).
+* To troubleshoot feature errors, see [Troubleshoot Change Tracking and Inventory issues](troubleshoot/change-tracking.md).