MicrosoftDocs
diff --git a/‎articles/azure-monitor/alerts/itsmc-definition.md
Lines changed: 19 additions & 19 deletions b/‎articles/azure-monitor/alerts/itsmc-definition.md
Lines changed: 19 additions & 19 deletions
diff --git a/‎articles/azure-monitor/alerts/media/itsmc-definition/itsm-action-alert.png
22.5 KB b/‎articles/azure-monitor/alerts/media/itsmc-definition/itsm-action-alert.png
22.5 KB
diff --git a/‎articles/azure-monitor/alerts/media/itsmc-definition/itsm-action-event.png
22.2 KB b/‎articles/azure-monitor/alerts/media/itsmc-definition/itsm-action-event.png
22.2 KB
diff --git a/‎articles/azure-monitor/alerts/media/itsmc-definition/itsm-action-incident.png
21.4 KB b/‎articles/azure-monitor/alerts/media/itsmc-definition/itsm-action-incident.png
21.4 KB
@@ -55,11 +55,7 @@ After you've installed ITSMC, and prepped your ITSM tool, create an ITSM connect
    ![Screenshot that shows the ITSM Connections menu item.](media/itsmc-overview/add-new-itsm-connection.png)
 
 1. Select **Add Connection**.
-
 1. Specify the ServiceNow connection settings.
-
-    - [ServiceNow](./itsmc-connections-servicenow.md)
-
 1. By default, ITSMC refreshes the connection's configuration data once every 24 hours. To refresh your connection's data instantly to reflect any edits or template updates that you make, select the **Sync** button on your connection's pane.
 
     ![Screenshot that shows the Sync button on the connection's pane.](media/itsmc-overview/itsmc-connections-refresh.png)
@@ -100,28 +96,32 @@ To create an action group:
     > [!NOTE]
     > As of September 2022, we are starting the 3-year process of deprecating support of using ITSM actions to send alerts and events to ServiceNow.
 
-1. In the last section of the interface for creating an ITSM action group, if the alert is a log alert, you can define how many work items will be created for each alert. For all other alert types, create one work item per alert.
+1. In the last section of the interface for creating an ITSM action group, if the alert is a log alert, you can define how many work items will be created for each alert. For all other alert types, one work item is created per alert.
+
+    - If the work item type is **Incident**:
 
-    - If the work item type is **Incident** or **Alert**:
-    
-       If you select the **Create individual work items for each Configuration Item** checkbox, every configuration item in every alert creates a new work item. Because several alerts will occur for the same affected configuration items, there will be more than one work item for each configuration item. For example, an alert that has three configuration items creates three work items. An alert that has one configuration item creates one work item.
-    
-       If you do not select the **Create individual work items for each Configuration Item** checkbox, ITSMC will create a single work item for each alert rule and append to it all affected configuration items. A new work item will be created if the previous one is closed. Some of the fired alerts won't generate new work items in the ITSM tool. For example, an alert that has three configuration items will create one work item. If an alert for the same alert rule as the previous example has one configuration item, that configuration item will be attached to the list of affected configuration items in the created work item. An alert for a different alert rule that has one configuration item will create one work item.
-    
-       ![Screenshot that shows the I T S M Ticket area with Incident selected as a work item.](media/itsmc-overview/itsm-action-configuration.png)
+      :::image type="content" source="media/itsmc-definition/itsm-action-incident.png" alt-text="Screenshot that shows the ITSM Ticket area with an incident work item type.":::
 
     - If the work item type is **Event**:
 
-        If you select the **Create individual work items for each Log Entry** button, a work item is created for each row in the search results of the log search alert query. The description property in the payload of the work item contains the row from the search results.
+        If you select **Create a work item for each row in the search results**, every row in the search results creates a new work item. Because several alerts occur for the same affected configuration items, there is also more than one work item. For example, an alert that has three configuration items creates three work items. An alert that has one configuration item creates one work item.
+
+        If you select the **Create a work item for configuration item in the search results**, ITSMC creates a single work item for each alert rule and adds all affected configuration items to that work item. A new work item is created if the previous one is closed. This means that some of the fired alerts won't generate new work items in the ITSM tool. For example, an alert that has three configuration items creates one work item. If an alert has one configuration item, that configuration item is attached to the list of affected configuration items in the created work item. An alert for a different alert rule that has one configuration item creates one work item.
+
+        :::image type="content" source="media/itsmc-definition/itsm-action-event.png" alt-text="Screenshot that shoes the ITSM Ticket section with an even work item type.":::
+
+    - If the work item type is **Alert**:
+
+        If you select **Create a work item for each row in the search results**, every row in the search results creates a new work item. Because several alerts occur for the same affected configuration items, there is also more than one work item. For example, an alert that has three configuration items creates three work items. An alert that has one configuration item creates one work item.
 
-        If you select the **Create individual work items for each Configuration Item** button, every configuration item in every alert creates a new work item. Each configuration item can have more than one work item in the ITSM system. This option is the same as selecting the checkbox that appears after you select `Incident` as the work item type.
+        If you do not select **Create a work item for each row in the search results**, ITSMC creates a single work item for each alert rule and adds all affected configuration items to that work item. A new work item is created if the previous one is closed. This means that some of the fired alerts won't generate new work items in the ITSM tool. For example, an alert that has three configuration items creates one work item. If an alert has one configuration item, that configuration item is attached to the list of affected configuration items in the created work item. An alert for a different alert rule that has one configuration item creates one work item. 
 
-        ![Screenshot that shows the I T S M Ticket area with Event selected as a work item.](media/itsmc-overview/itsm-action-configuration-event.png)
+        :::image type="content" source="media/itsmc-definition/itsm-action-alert.png" alt-text="Screenshot that shows the ITSM Ticket area with an alert work item type.":::
 
-1. As a part of the action definition, you can define predefined fields that will contain constant values as a part of the payload. According to the work item type, three options can be used as a part of the payload:
+1. You can configure predefined fields to contain constant values as a part of the payload. Based on the work item type, three options can be used as a part of the payload:
     * **None**: Use a regular payload to ServiceNow without any extra predefined fields and values.
     * **Use default fields**: Use a set of fields and values that will be sent automatically as a part of the payload to ServiceNow. Those fields aren't flexible, and the values are defined in ServiceNow lists.
-    * **Use saved templates from ServiceNow**: Use a predefined set of fields and values that were defined as a part of a template definition in ServiceNow. If you already defined the template in ServiceNow, you can use it from the **Template** list. Otherwise, you can define it in ServiceNow. For more information, see the preceding section, [Define a template](#define-a-template).
+    * **Use saved templates from ServiceNow**: Use a predefined set of fields and values that were defined as a part of a template definition in ServiceNow. If you already defined the template in ServiceNow, you can use it from the **Template** list. Otherwise, you can define it in ServiceNow. For more information, see [define a template](#define-a-template).
 
 1. Select **OK**.
 
@@ -130,9 +130,9 @@ When you create or edit an Azure alert rule, use an action group, which has an I
 > [!NOTE]
 > * For information about the pricing of the ITSM action, see the [pricing page](https://azure.microsoft.com/pricing/details/monitor/) for action groups.
 >
-> * The short description field in the alert rule definition is limited to 40 characters when you send it by using the ITSM action.
+> * The short description field in the alert rule definition is limited to 40 characters when you send it using the ITSM action.
 >
-> * In case you have policies for inbound traffic for your ServiceNow instances, add ActionGroup service tag to allowList.
+> * If you have policies for inbound traffic for your ServiceNow instances, add ActionGroup service tag to allowList.
 > 
 > * Notice that when you are defining a query in Log Search alerts you need to have in the query result the Configuration items names with one of the label names "Computer",  "Resource", "_ResourceId" or "ResourceId”. This mapping will enable to map the configuration items to the ITSM payload