MicrosoftDocs
diff --git a/‎.openpublishing.redirection.json
Lines changed: 5 additions & 0 deletions b/‎.openpublishing.redirection.json
Lines changed: 5 additions & 0 deletions
diff --git a/‎articles/sentinel/TOC.yml
Lines changed: 2 additions & 0 deletions b/‎articles/sentinel/TOC.yml
Lines changed: 2 additions & 0 deletions
diff --git a/‎articles/sentinel/connect-azure-windows-microsoft-services.md
Lines changed: 3 additions & 1 deletion b/‎articles/sentinel/connect-azure-windows-microsoft-services.md
Lines changed: 3 additions & 1 deletion
@@ -25913,6 +25913,11 @@
       "redirect_url": "/azure/sentinel/data-connectors-reference#windows-firewall",
       "redirect_document_id": false
     },
+    {
+      "source_path_from_root": "/articles/sentinel/connect-windows-security-events.md",
+      "redirect_url": "/azure/sentinel/data-connectors-reference#windows-security-events-preview",
+      "redirect_document_id": false
+    },
     {
       "source_path_from_root": "/articles/sentinel/connect-wirex-systems.md",
       "redirect_url": "/azure/sentinel/data-connectors-reference#wirex-network-forensics-platform-preview",
 
@@ -310,6 +310,8 @@
       href: entities-reference.md
     - name: UEBA enrichments
       href: ueba-enrichments.md
+    - name: Common threat detection scenarios
+      href: common-threat-detection-scenarios.md
     - name: Watchlist template schemas
       href: watchlist-schemas.md
     - name: Kusto Query Language
 
@@ -194,7 +194,7 @@ You'll see all your data collection rules (including those created through the A
 
 ### Create data collection rules using the API
 
-You can also create data collection rules using the API ([see schema](/rest/api/monitor/data-collection-rules)), which can make life easier if you're creating many rules (if you're an MSSP, for example). Here's an example you can use as a template for creating a rule:
+You can also create data collection rules using the API ([see schema](/rest/api/monitor/data-collection-rules)), which can make life easier if you're creating many rules (if you're an MSSP, for example). Here's an example (for the [Windows Security Events](data-connectors-reference.md#windows-security-events-preview) connector) that you can use as a template for creating a rule:
 
 **Request URL and header**
 
@@ -242,6 +242,8 @@ PUT https://management.azure.com/subscriptions/703362b3-f278-4e4b-9179-c76eaf41f
     }
 }
 ```
+See this [complete description of data collection rules](../azure-monitor/agents/data-collection-rule-overview.md) from the Azure Monitor documentation.
+
 
 # [Log Analytics Agent (Legacy)](#tab/LAA)
Original file line number	Diff line number	Diff line change
`@@ -194,7 +194,7 @@ You'll see all your data collection rules (including those created through the A`
`194`	`194`
`195`	`195`	`### Create data collection rules using the API`
`196`	`196`
`197`		`-You can also create data collection rules using the API ([see schema](/rest/api/monitor/data-collection-rules)), which can make life easier if you're creating many rules (if you're an MSSP, for example). Here's an example you can use as a template for creating a rule:`
	`197`	`+You can also create data collection rules using the API ([see schema](/rest/api/monitor/data-collection-rules)), which can make life easier if you're creating many rules (if you're an MSSP, for example). Here's an example (for the [Windows Security Events](data-connectors-reference.md#windows-security-events-preview) connector) that you can use as a template for creating a rule:`
`198`	`198`
`199`	`199`	`Request URL and header`
`200`	`200`
`@@ -242,6 +242,8 @@ PUT https://management.azure.com/subscriptions/703362b3-f278-4e4b-9179-c76eaf41f`
`242`	`242`	`}`
`243`	`243`	`}`
`244`	`244`	```
	`245`	`+See this [complete description of data collection rules](../azure-monitor/agents/data-collection-rule-overview.md) from the Azure Monitor documentation.`
	`246`	`+`
`245`	`247`
`246`	`248`	`# [Log Analytics Agent (Legacy)](#tab/LAA)`
`247`	`249`