Merge pull request #285489 from batamig/cust-intents-yechiel

Adding customer intents - Yechiel's files

Author: v-ccolin

articles/sentinel/add-entity-to-threat-intelligence.md

@@ -2,14 +2,15 @@
 title: Add entities to threat intelligence
 titleSuffix: Microsoft Sentinel
 description: Learn how to add a malicious entity discovered in an incident investigation to your threat intelligence in Microsoft Sentinel.
-author: yelevin
-ms.author: yelevin
+author: austinmccollum
+ms.author: austinmc
 ms.topic: how-to
 ms.date: 3/14/2024
 appliesto: 
     - Microsoft Sentinel in the Azure portal
 ms.collection: usx-security
-#Customer intent: As a security analyst, I want to quickly add relevant threat intelligence from my investigation for myself and others so that I don't lose important information.
+
+#Customer intent: As a security engineer, I want to add entities to threat intelligence during incident investigations so that my team can track and manage indicators of compromise effectively.
 ---
 
 # Add entities to threat intelligence in Microsoft Sentinel

articles/sentinel/ama-migrate.md

@@ -5,6 +5,10 @@ author: yelevin
 ms.topic: reference
 ms.date: 10/01/2024
 ms.author: yelevin
+
+
+#Customer intent: As a security engineer, I want to migrate from the Log Analytics Agent to the Azure Monitor Agent so that we can maintain support for our Microsoft Sentinel deployment, while benefiting from improved performance and new features.
+
 ---
 
 # AMA migration for Microsoft Sentinel

articles/sentinel/anomalies-reference.md

@@ -5,6 +5,10 @@ author: yelevin
 ms.topic: reference
 ms.date: 03/17/2024
 ms.author: yelevin
+
+
+#Customer intent: As a security analyst, I want to understand the types of anomalies detected by machine learning models in my SIEM solution so that I can effectively monitor and respond to potential security threats.
+
 ---
 
 # Anomalies detected by the Microsoft Sentinel machine learning engine

articles/sentinel/api-dcr-reference.md

@@ -6,6 +6,10 @@ ms.author: yelevin
 ms.topic: reference
 ms.date: 03/01/2024
 ms.service: microsoft-sentinel
+
+
+#Customer intent: As a security engineer, I want to create Data Collection Rules (DCRs) using API requests so that I can automate the ingestion of supported log types into Microsoft Sentinel.
+
 ---
 # API request examples for creating Data Collection Rules (DCRs)
 

articles/sentinel/audit-track-tasks.md

@@ -5,6 +5,10 @@ author: yelevin
 ms.author: yelevin
 ms.topic: how-to
 ms.date: 05/08/2023
+
+
+#Customer intent: As a SOC manager, I want to audit and track changes to incident tasks so that I can evaluate the effectiveness of task assignments and improve SOC efficiency.
+
 ---
 
 # Audit and track changes to incident tasks in Microsoft Sentinel

articles/sentinel/bring-your-own-ml.md

@@ -6,6 +6,10 @@ ms.topic: conceptual
 ms.date: 11/09/2021
 ms.author: yelevin
 ms.custom: devx-track-azurecli
+
+
+#Customer intent: As a security engineer, I want to build and integrate custom machine learning models into my security operations platform so that we can detect and respond to threats specific to our organization's environment.
+
 ---
 
 # Bring your own Machine Learning (ML) into Microsoft Sentinel

articles/sentinel/cef-syslog-ama-overview.md

@@ -6,7 +6,10 @@ ms.author: yelevin
 ms.topic: concept-article
 ms.custom: linux-related-content
 ms.date: 07/12/2024
-#Customer intent: As a security operator, I want to understand how Microsoft Sentinel collects Syslog and CEF messages with the Azure Monitor Agent so that I can determine if this solution fits my organization's needs.  
+
+
+#Customer intent: As a security engineer, I want to collect Syslog and CEF messages from various devices, either directly or using a centralized log forwarder, so that I can efficiently monitor and respond to security threats.
+
 ---
 
 # Syslog and Common Event Format (CEF) via AMA connectors for Microsoft Sentinel

articles/sentinel/collaborate-in-microsoft-teams.md

@@ -5,6 +5,10 @@ author: yelevin
 ms.topic: how-to
 ms.date: 03/30/2022
 ms.author: yelevin
+
+
+#Customer intent: As a security analyst, I want to take advantage of Microsoft Teams' integration with Microsoft Sentinel to collaborate efficiently on incident investigations with my team.
+
 ---
 
 # Collaborate in Microsoft Teams (Public preview)

articles/sentinel/configure-connector-login-detection.md

@@ -5,6 +5,10 @@ author: yelevin
 ms.topic: how-to
 ms.date: 02/24/2023
 ms.author: yelevin
+
+
+#Customer intent: As a security engineer, I want to enable the detection of anomalous RDP logins, so that analysts can identify and respond to the resulting potential security threats in my network.
+
 ---
 
 # Configure the Security Events or Windows Security Events connector for anomalous RDP login detection

articles/sentinel/configure-data-transformation.md

@@ -5,6 +5,10 @@ author: yelevin
 ms.author: yelevin
 ms.topic: how-to
 ms.date: 02/27/2022
+
+
+#Customer intent: As a security engineer, I want to configure ingestion-time data transformation and custom log ingestion so that I can control, filter, and enrich data before it is ingested into Microsoft Sentinel.
+
 ---
 
 # Transform or customize data at ingestion time in Microsoft Sentinel (preview)