MicrosoftDocs
diff --git a/‎articles/sentinel/add-advanced-conditions-to-automation-rules.md
Lines changed: 4 additions & 0 deletions b/‎articles/sentinel/add-advanced-conditions-to-automation-rules.md
Lines changed: 4 additions & 0 deletions
diff --git a/‎articles/sentinel/automate-incident-handling-with-automation-rules.md
Lines changed: 4 additions & 0 deletions b/‎articles/sentinel/automate-incident-handling-with-automation-rules.md
Lines changed: 4 additions & 0 deletions
diff --git a/‎articles/sentinel/automation/authenticate-playbooks-to-sentinel.md
Lines changed: 3 additions & 1 deletion b/‎articles/sentinel/automation/authenticate-playbooks-to-sentinel.md
Lines changed: 3 additions & 1 deletion
diff --git a/‎articles/sentinel/automation/automate-responses-with-playbooks.md
Lines changed: 2 additions & 1 deletion b/‎articles/sentinel/automation/automate-responses-with-playbooks.md
Lines changed: 2 additions & 1 deletion
diff --git a/‎articles/sentinel/automation/automation.md
Lines changed: 2 additions & 1 deletion b/‎articles/sentinel/automation/automation.md
Lines changed: 2 additions & 1 deletion
diff --git a/‎articles/sentinel/automation/create-playbooks.md
Lines changed: 2 additions & 1 deletion b/‎articles/sentinel/automation/create-playbooks.md
Lines changed: 2 additions & 1 deletion
diff --git a/‎articles/sentinel/automation/create-tasks-playbook.md
Lines changed: 3 additions & 1 deletion b/‎articles/sentinel/automation/create-tasks-playbook.md
Lines changed: 3 additions & 1 deletion
diff --git a/‎articles/sentinel/automation/define-playbook-access-restrictions.md
Lines changed: 3 additions & 1 deletion b/‎articles/sentinel/automation/define-playbook-access-restrictions.md
Lines changed: 3 additions & 1 deletion
diff --git a/‎articles/sentinel/automation/logic-apps-playbooks.md
Lines changed: 2 additions & 1 deletion b/‎articles/sentinel/automation/logic-apps-playbooks.md
Lines changed: 2 additions & 1 deletion
diff --git a/‎articles/sentinel/automation/migrate-playbooks-to-automation-rules.md
Lines changed: 3 additions & 1 deletion b/‎articles/sentinel/automation/migrate-playbooks-to-automation-rules.md
Lines changed: 3 additions & 1 deletion
@@ -10,6 +10,10 @@ appliesto:
     - Microsoft Sentinel in the Microsoft Defender portal
 ms.collection: usx-security
 
+
+
+#Customer intent: As a security operations center (SOC) analyst, I want to add advanced conditions to automation rules so that I can more effectively triage incidents and improve response efficiency.
+
 ---
 
 # Add advanced conditions to Microsoft Sentinel automation rules
 
@@ -10,6 +10,10 @@ appliesto:
     - Microsoft Sentinel in the Microsoft Defender portal
 ms.collection: usx-security
 
+
+
+#Customer intent: As a SOC analyst, I want to automate incident response tasks using automation rules so that I can streamline threat management and improve operational efficiency.
+
 ---
 
 # Automate threat response in Microsoft Sentinel with automation rules
 
@@ -9,7 +9,9 @@ appliesto:
     - Microsoft Sentinel in the Azure portal
     - Microsoft Sentinel in the Microsoft Defender portal
 ms.collection: usx-security
-#customerIntent: As a SOC engineer, I want to understand my options when authenticating from playbooks to Microsoft Sentinel.
+
+#Customer intent: As a security analyst, I want to authenticate playbooks to Microsoft Sentinel so that I can automate and orchestrate security tasks efficiently.
+
 ---
 
 # Authenticate playbooks to Microsoft Sentinel
 
@@ -9,7 +9,8 @@ appliesto:
     - Microsoft Sentinel in the Azure portal
     - Microsoft Sentinel in the Microsoft Defender portal
 ms.collection: usx-security
-#customerIntent: As a SOC engineer, I want to understand how Microsoft Sentinel playbooks can help make my SOC team more efficient.
+#Customer intent: As a SOC analyst, I want to automate threat response using playbooks so that I can efficiently manage security alerts and incidents, reducing manual intervention and focusing on deeper investigations.
+
 ---
 
 # Automate threat response with playbooks in Microsoft Sentinel
 
@@ -9,7 +9,8 @@ appliesto:
     - Microsoft Sentinel in the Azure portal
     - Microsoft Sentinel in the Microsoft Defender portal
 ms.collection: usx-security
-#customerIntent: As a SOC engineer, I want to understand how automation in Microsoft Sentinel can help my SOC team be more efficient and remediate threats quicker.
+#Customer intent: As a SOC analyst, I want to automate incident response and remediation tasks using SOAR capabilities so that I can focus on investigating advanced threats and reduce the risk of missed alerts.
+
 ---
 
 # Automation in Microsoft Sentinel: Security orchestration, automation, and response (SOAR)
 
@@ -9,7 +9,8 @@ appliesto:
     - Microsoft Sentinel in the Azure portal
     - Microsoft Sentinel in the Microsoft Defender portal
 ms.collection: usx-security
-#customer-intent: As a SOC engineer, I want to understand how to create playbooks in Microsoft Sentinel so that my team can automate threat responses in our environment.
+#Customer intent: As a security analyst, I want to manage automated response playbooks so that I can efficiently handle incidents and alerts in my environment.
+
 ---
 
 # Create and manage Microsoft Sentinel playbooks 
 
@@ -9,7 +9,9 @@ appliesto:
     - Microsoft Sentinel in the Azure portal
     - Microsoft Sentinel in the Microsoft Defender portal
 ms.collection: usx-security
-#customerIntent: As a SOC analyst, I want to understand how to use playbooks to manage complex analysis processes in Microsoft Sentinel.
+
+#Customer intent: As a security analyst, I want to automate incident management tasks using playbooks so that I can streamline and manage complex workflows efficiently.
+
 ---
 
 # Create and perform incident tasks in Microsoft Sentinel using playbooks
 
@@ -9,7 +9,9 @@ appliesto:
     - Microsoft Sentinel in the Azure portal
     - Microsoft Sentinel in the Microsoft Defender portal
 ms.collection: usx-security
-#customerIntent: As a SOC engineer who's using Standard-plan playbooks, I want to understand how to define an access restriction policy, ensure that only Microsoft Sentinel has access to my Standard logic app with my playbook workflows.
+
+#Customer intent: As a security engineer using Standard-plan playbooks, I want to define an access restriction policy for playbooks so that I can ensure only authorized services can access sensitive workflows.
+
 ---
 
 # Define an access restriction policy for Standard-plan playbooks
 
@@ -9,7 +9,8 @@ appliesto:
     - Microsoft Sentinel in the Azure portal
     - Microsoft Sentinel in the Microsoft Defender portal
 ms.collection: usx-security
-#customer intent: As a SOC engineer, I want to understand more about how Azure Logic Apps works with Microsoft Sentinel playbooks to help me automate threat prevention and response.
+
+#Customer intent: As a security engineer, I want to manage automated workflows using Azure Logic Apps for Microsoft Sentinel so that I can efficiently respond to security incidents and alerts.
 
 ---
 
 
@@ -9,7 +9,9 @@ appliesto:
     - Microsoft Sentinel in the Azure portal
     - Microsoft Sentinel in the Microsoft Defender portal
 ms.collection: usx-security
-#customerIntent: As a SOC engineer, I want to understand how to migrate alert-trigger playbooks to automation rules, and why I might want to do so.
+
+#Customer intent: As a security engineer, I want to migrate my alert-trigger playbooks to automation rules so that I can streamline automation management and prepare for the deprecation of analytics rule triggers.
+
 ---
 
 # Migrate your Microsoft Sentinel alert-trigger playbooks to automation rules