Merge pull request #238384 from austinmccollum/austinmc-next-steps

update next steps change

Author: v-regandowner

articles/sentinel/sentinel-content-centralize.md

@@ -25,9 +25,19 @@ To centralize all OOTB content, we're planning to retire the gallery-only conten
 
 To facilitate this transition, we're publishing a central tool to reinstate **IN USE** retired templates from corresponding content hub solutions.
 
+## Data connector page change
+
+All data connectors are now part of a solution. Previously, in order to promote dashboard visualizations (now called workbooks) and provide sample KQL queries, we included a few of these items on a **Next Steps** tab of the data connector page. We have deprecated the **Next Steps** portion of the data connector page in favor of the new *solution* content behavior where all the solution components are managed alongside the data connector. 
+
+The key to experiencing the updated behavior is to start in **Content hub (Preview)**. For a comparison of the previous behavior with the new experience, examine the **Azure Activity** data connector. After installing the solution from content hub and selecting **Manage**, the entire solution is available for inspection. If you want a visualization of the Azure Activity data connector, view the template for the workbook. If you want to see KQL queries, start with the data table. For advanced queries, look to the analytics rules and hunting queries.
+
+For more information on the new solution content behavior, see [Discover and deploy OOTB content](sentinel-solutions-deploy.md#enable-content-items-in-a-solution).
+
+If there was a particular sample query for a third party data connector you are looking for, we still publish them in our **All connectors** index. For example, here are the sample queries for the [Jamf Protect connector](data-connectors/jamf-protect.md).
+
 ## Microsoft Sentinel GitHub changes
 
-Microsoft Sentinel has an official [GitHub repository](https://github.com/Azure/Azure-Sentinel) for community contributions that are vetted by Microsoft and the community. It's the source for most of the content items in the content hub.
+Microsoft Sentinel has an official [GitHub repository](https://github.com/Azure/Azure-Sentinel) for community contributions vetted by Microsoft and the community. It's the source for most of the content items in the content hub.
 
 For consistent discovery of this content, the OOTB content centralization changes have already been extended to the Microsoft Sentinel GitHub repo:
 
@@ -41,7 +51,9 @@ These changes to the content hub and the Microsoft Sentinel GitHub repo will com
 > [!IMPORTANT]
 > The following timeline is tentative and subject to change.
 
-The centralization change in the Microsoft Sentinel portal is expected to go live in all Microsoft Sentinel workspaces in Q2 2023. The Microsoft Sentinel GitHub changes have already happened. Standalone content is available in existing GitHub folders, and solution content has been moved to the *Solutions* folder.  
+The centralization change in the Microsoft Sentinel portal is expected to go live in all Microsoft Sentinel workspaces in Q2 2023. The Microsoft Sentinel GitHub changes have already happened. Standalone content is available in existing GitHub folders, and solution content has been moved to the *Solutions* folder.
+
+The change to the **Next Steps** tab has already been completed. 
 
 ## Scope of change
 

articles/sentinel/whats-new.md

@@ -21,6 +21,7 @@ See these [important announcements](#announcements) about recent changes to feat
 
 - [Use Hunts to conduct end-to-end proactive threat hunting in Microsoft Sentinel](#use-hunts-to-conduct-end-to-end-proactive-threat-hunting)
 - [Audit and track incident task activity](#audit-and-track-incident-task-activity)
+- Updated the announcement for [Out-of-the-box content centralization changes](#out-of-the-box-content-centralization-changes) to include information on the **Next Steps** tab in data connectors that's deprecated.
 
 ### Use Hunts to conduct end-to-end proactive threat hunting
 
@@ -172,12 +173,14 @@ If you aren't interested in ingesting the new fields, use ingest-time transforma
 Learn more about [ingest-time transformations](../azure-monitor/essentials/data-collection-transformations.md).
 
 ### Out-of-the-box content centralization changes
-A new banner is appearing in Microsoft Sentinel gallery pages! This informational banner is rolling out to all tenants to explain upcoming changes regarding out-of-the-box (OOTB) content. In short, the **Content hub** will be the central source whether you're looking for standalone content or packaged solutions. Expect banners to appear in the templates section of **Workbooks**, **Hunting**, **Automation**, **Analytics** and **Data connectors** galleries. Here's an example of the banner in the **Workbooks** gallery. 
+A new banner has appeared in Microsoft Sentinel gallery pages! This informational banner has rolled out to all tenants to explain upcoming changes regarding out-of-the-box (OOTB) content. In short, the **Content hub** will be the central source whether you're looking for standalone content or packaged solutions. Banners appear in the templates section of **Workbooks**, **Hunting**, **Automation**, **Analytics** and **Data connectors** galleries. Here's an example of the banner in the **Workbooks** gallery. 
 
 :::image type="complex" source="media/whats-new/example-content-central-change-banner.png" alt-text="Screenshot shows an example informational banner in the **Workbooks** gallery." lightbox="media/whats-new/example-content-central-change-banner.png":::
 The banner reads, 'All Workbook templates, and additional out-of-the-box (OOTB) content are now centrally available in Content hub. Starting Q2 2023, only Workbook templates installed from the content hub will be available in this gallery. Learn more about the OOTB content centralization changes.'
 :::image-end:::
 
+As part of this centralization change, the **Next Steps** tab on data connector pages [has been deprecated](sentinel-content-centralize.md#data-connector-page-change).
+
 For all the details on what these upcoming changes will mean for you, see [Microsoft Sentinel out-of-the-box content centralization changes](sentinel-content-centralize.md).
 
 ### New behavior for alert grouping in analytics rules