pre-review feedback

Author: batamig

articles/defender-for-iot/organizations/alert-engine-messages.md

@@ -9,9 +9,6 @@ ms.topic: how-to
 
 This article provides information on the alert types, descriptions, and severity that may be generated from the Defender for IoT engines. This information can be used to help map alerts into playbooks, define Forwarding rules, Exclusion rules, and custom alerts and define the appropriate rules within a SIEM. Alerts appear in the Alerts window, which allows you to manage the alert event.
 
-> [!NOTE]
-> This article contains references to the term *slave*, a term that Microsoft no longer uses. When the term is removed from the software, it will be removed from this article.
-
  ### Alert news
 
 New alerts may be added and existing alerts may be updated or disabled. Certain disabled alerts can be re-enabled from the Support page of the sensor console. Alerts tht can be re-enabled are marked with an asterisk (*) in the tables below.

articles/defender-for-iot/organizations/how-to-configure-windows-endpoint-monitoring.md

@@ -24,7 +24,7 @@ Before you begin scanning, create a firewall rule that allows outgoing traffic f
 
 1. In Defender for Cloud select **System Settings**.
 1. Under **Network monitoring**, select **Windows Endpoint Monitoring (WMI)**
-1. In the **Windows Endpoing Monitoring (WMI) dialog, select **Add ranges**. You can also import and export ranges.
+1. In the **Windows Endpoint Monitoring (WMI) dialog, select **Add ranges**. You can also import and export ranges.
 1. Specify the IP address range you want to scan. You can add multiple ranges.
 1. Add your user name and password, and ensure that **Enable** is toggled on.
 1. In **Scan will run**, specify when you want the automatic scan to run. You can set an hourly interval between scans, or a specific scan time.

articles/defender-for-iot/organizations/how-to-create-trends-and-statistics-reports.md

@@ -7,67 +7,39 @@ ms.topic: how-to
 
 # Create trends and statistics dashboards
 
-You can create dashboards to get insight into network trends and statistics.
-
-## Dashboards
-
-Dashboard | Details
---- | ---
-Channels Bandwidth |
-Traffic by Port
-Top Traffic by Port
-Total Bandwidth
-New devices
-Modbus Traffic by Function
-SRTP Traffic by Service Code
-SRTP Erros By Day
-DNP3 Traffic By Function
-Busy Devices
-S7 Traffic by Control Function
-S7 Traffic by Sub-Function
-OPC-UA Traffic By Service
-Active TCP Connections
-Incidents By Type
-MMS Traffic By Service
-IEC-60870 Traffic By ASDU
-Devices By Vendor
-Devices By OT Protocols
-EtherNet/IP Traffic By CIP Service
-EtherNet/IP Traffic By CIP Class
-EtherNet/IP Traffic By Command
-Disconnected Devices
-Devices By Operating System
-Database Tables Access
-
-
+This article describes how to create dashboards on your sensor console to get insight into network trends and statistics.
 
 
 ## Before you start
 
 You need Administrator or Security Analyst permissions to create dashboards.
 
-T
+## Create dashboards
 
-> [!NOTE]
->  The time in the widgets is set according to the sensor time.
+You can create many different types of dashboard. Based on traffic, device state, alerts, connectivity, and protocol.
 
-## Create dashboards
+1. On your Defender for IoT sensor console, select **Trends & Statistics** > **Create Dashboard**.
 
-You can create many different types of dashboard. Based on traffic, device state, alerts, connectivity, and protocol. 
+1. In the **Create Dashboard** pane that appears  on the right:
 
-1. In Defender for IoT, select **Trends & Statistics**.
-1. Select **Create Dashboard**.
-1. In the **Create Dashboard** dialog, type in a dashboard name, and in the **Dashboard widget type** dropdown menu, select a dashboard type. Each dashboard type has a description, and indicates whether it focuses on operations, security, or traffic.
-1. After selecting a dashboard type, by results are displayed for detections over the last seven days. You can use filter tools change this range. 
+    - In the **Dashboard name** field, enter a meaningful name for your dashboard.
+    - (Optional) Filter the widgets displayed by selecting a category or protocol from the **Dashboard widget type** menu.
+    - Scroll down as needed and select the widget you want to add. Each widget has a short description and indicates whether it focuses on operations, security, or traffic.
+    - Select **Save** to start your new dashboard.
 
-Each dashboard widget you create contains specific information about traffic, device state, alert information, connectivity status, or protocols. A message indicates if there's no data available for a widget. After setting you a dashboard, you can edit the dashboard name if needed, and add/remove types from the dashboard.
+1. Your widget is added to the new dashboard. Use the toolbar at the top of page to continue modifying your dashboard.
 
+By default, results are displayed for detections for over the last seven days. Select the **Filter** button at the top left of each widget to change this range.
+
+> [!NOTE]
+> The time shown in the widget is set according to the sensor machine's time.
+>
 
-## Examples
+## Sample widgets
 
-This table summarizes examples of use cases for some common widgets.
+The following table summarizes common use cases for dashboard widgets.
 
-Widget | Details
+Widget name | Sample use case
 --- | ---
 Busy devices | Lists the five busiest devices. In **Edit** mode, you can filter by known protocols.
 Total bandwidth | Tracks the bandwidth in Mbps (megabits per second). The bandwidth is indicated on the y-axis, with the date appearing on the x-axis. **Edit** mode allows you to filter results.

articles/defender-for-iot/organizations/how-to-import-device-information.md

@@ -9,7 +9,7 @@ ms.topic: how-to
 
 Sensors monitor and analyze device traffic. In some cases, because of network policies, some information might not be transmitted. In this case, you can import data and add it to device information that's already detected. You have two options for import:
 
-- **Import from the device map*: Import device names, type, group, or Purdue layer to the device map.
+- **Import from the device map**: Import device names, type, group, or Purdue layer to the device map.
 - **Import from import settings**: Import device IP address, operating system, patch level, or authorization status to the device map.
 
 ## Import from the device map
@@ -41,7 +41,7 @@ Import data as follows:
 ### Import authorization status:**
 
 1. Download the [Authorization file](https://download.microsoft.com/download/8/2/3/823c55c4-7659-4236-bfda-cc2427be2cee/CSS/authorized_devices%20-%20example.csv)  and save as a CSV file.
-1. IIn the authorized_devices sheet, specify the device IP address.
+1. In the authorized_devices sheet, specify the device IP address.
 1. Specify the authorized device name. Make sure that names are accurate. Names given to the devices in the imported list overwrite names shown in the device map.
 1. In **System settings**, under **Import settings**, select **Authorized devices** to import. Select **Add** and upload the CSV file that you prepared.
 

articles/defender-for-iot/organizations/how-to-install-software.md

@@ -986,7 +986,7 @@ The following procedure describes how to configure the Nuvo 5006LP BIOS. Make su
 
 1. Navigate to **Power** and change Power On after Power Failure to S0-Power On.
 
-    :::image type="content" source="media/tutorial-install-components/nuvo-power-on.png" alt-text="Change you Nuvo 5006 to power on after a power failure..":::
+    :::image type="content" source="media/tutorial-install-components/nuvo-power-on.png" alt-text="Change your Nuvo 5006 to power on after a power failure.":::
 
 1. Navigate to **Boot** and ensure that **PXE Boot to LAN** is set to **Disabled**.
 

articles/defender-for-iot/organizations/how-to-troubleshoot-the-sensor-and-on-premises-management-console.md

@@ -31,7 +31,7 @@ When signing into a preconfigured sensor for the first time, you'll need to perf
 
 1. Enter the unique identifier that you received on the **Password recovery** screen and select **Recover**. The `password_recovery.zip` file is downloaded.
 
-    :::image type="content" source="media/how-to-create-and-manage-users/enter-identifier.png" alt-text="Screenshot of the enter the unique identifier and then select recover.":::
+    :::image type="content" source="media/how-to-create-and-manage-users/enter-identifier.png" alt-text="Screenshot of the Recover dialog box.":::
 
     > [!NOTE]
     > Don't alter the password recovery file. It's a signed file and won't work if you tamper with it.

articles/defender-for-iot/organizations/references-work-with-defender-for-iot-apis.md

@@ -1843,7 +1843,7 @@ Array of JSON objects that represent devices.
 | Name | Type | Nullable | List of values |
 |--|--|--|--|
 | **Name** | String | No |  |
-| **Addresses** | JSON array | Yes | Master, or numeric values |
+| **Addresses** | JSON array | Yes | `Master`, or numeric values |
 
 #### Firmware fields
 
@@ -2125,7 +2125,7 @@ Array of JSON objects that represent devices.
 | Name | Type | Nullable | List of values |
 |--|--|--|--|
 | Name | String | No | - |
-| Addresses | JSON array | Yes | Master, or numeric values |
+| Addresses | JSON array | Yes | `Master`, or numeric values |
 
 #### Firmware fields
 
@@ -2724,7 +2724,7 @@ The below API's can be used with the ServiceNow integration via the ServiceNow's
     - “**timestamp**” – the time from which updates are required, only later updates will be returned.
 
 - Query parameters:
-    - “**sensorId**” - use this parameter to get only devices seen by a specific sensor. The Id should be taken from the results of the Sensors API.
+    - “**sensorId**” - use this parameter to get only devices seen by a specific sensor. The ID should be taken from the results of the Sensors API.
     - “**notificationType**” - should be a number, from the following mapping:
         - 0 – both updated and new devices (default).
         - 1 – only new devices.
@@ -2757,8 +2757,8 @@ The below API's can be used with the ServiceNow integration via the ServiceNow's
 - Structure: 
     - “**u_count**” - amount of object in the full result sets, including all pages.
     - “**u_connections**” - array of
-        - “**u_src_device_id**” - the Id of the source device.
-        - “**u_dest_device_id**” - the Id of the destination device.
+        - “**u_src_device_id**” - the ID of the source device.
+        - “**u_dest_device_id**” - the ID of the destination device.
         - “**u_connection_type**” - one of the following:
             - “**One Way**”
             - “**Two Way**”
@@ -2771,7 +2771,7 @@ The below API's can be used with the ServiceNow integration via the ServiceNow's
 - Path: “/device/{deviceId}”
 - Method type: GET
 - Path parameters:
-    - “**deviceId**” – the Id of the requested device.
+    - “**deviceId**” – the ID of the requested device.
 
 #### Response