Merge pull request #279146 from batamig/patch-426

prmerger-automator[bot] · web-flow · commit d3b97c211dcf · 2024-06-27T09:25:34.000Z
Sentinel removing preview tags
diff --git a/articles/sentinel/automation/automation.md b/articles/sentinel/automation/automation.md
@@ -62,12 +62,12 @@ After onboarding your Microsoft Sentinel workspace to the unified security opera
 | **Microsoft incident creation rules** | Microsoft incident creation rules aren't supported in the unified security operations platform. <br><br>For more information, see [Microsoft Defender XDR incidents and Microsoft incident creation rules](../microsoft-365-defender-sentinel-integration.md#microsoft-defender-xdr-incidents-and-microsoft-incident-creation-rules). |
 | **Running automation rules from the Defender portal** | It might take up to 10 minutes from the time that an alert is triggered and an incident is created or updated in the Defender portal to when an automation rule is run. This time lag is because the incident is created in the Defender portal and then forwarded to Microsoft Sentinel for the automation rule. |
 | **Active playbooks tab** | After onboarding to the unified security operations platform, by default the **Active playbooks** tab shows a predefined filter with onboarded workspace's subscription. In the Azure portal, add data for other subscriptions using the subscription filter.  <br><br>For more information, see [Create and customize Microsoft Sentinel playbooks from content templates](use-playbook-templates.md). |
-| **Running playbooks manually on demand** | The following procedures aren't currently supported in the unified security operations platform:  <br><li>[Run a playbook manually on an alert](run-playbooks.md#run-a-playbook-manually-on-an-alert)<br><li>[Run a playbook manually on an entity (Preview)](run-playbooks.md#run-a-playbook-manually-on-an-entity-preview)    |
+| **Running playbooks manually on demand** | The following procedures aren't currently supported in the unified security operations platform:  <br><li>[Run a playbook manually on an alert](run-playbooks.md#run-a-playbook-manually-on-an-alert)<br><li>[Run a playbook manually on an entity (Preview)](run-playbooks.md#run-a-playbook-manually-on-an-entity)    |
 | **Running playbooks on incidents requires Microsoft Sentinel sync** | If you try to run a playbook on an incident from the unified security operations platform and see the message *"Can't access data related to this action. Refresh the screen in a few minutes."* message, this means that the incident isn't yet synchronized to Microsoft Sentinel. <br><br>Refresh the incident page after the incident is synchronized to run the playbook successfully. |
 
 
 ## Related content
 
 - [Automate threat response in Microsoft Sentinel with automation rules](../automate-incident-handling-with-automation-rules.md)
 - [Automate threat response with playbooks in Microsoft Sentinel](automate-responses-with-playbooks.md)
-- [Create and use Microsoft Sentinel automation rules to manage response](../create-manage-use-automation-rules.md)
+- [Create and use Microsoft Sentinel automation rules to manage response](../create-manage-use-automation-rules.md)
diff --git a/articles/sentinel/automation/run-playbooks.md b/articles/sentinel/automation/run-playbooks.md
@@ -153,7 +153,7 @@ Beginning **June 2023**, you can no longer add playbooks to analytics rules in t
 
 ## Run a playbook manually, on demand
 
-You can also manually run a playbook on demand, whether in response to alerts, incidents (in preview), or entities (also in preview). This can be useful in situations where you want more human input into and control over orchestration and response processes.
+You can also manually run a playbook on demand, whether in response to alerts, incidents, or entities. This can be useful in situations where you want more human input into and control over orchestration and response processes.
 
 ### Run a playbook manually on an alert
 
@@ -187,7 +187,7 @@ In the Azure portal, select one of the following tabs as needed for your environ
 
 You can see the run history for playbooks on an alert by selecting the **Runs** tab on the **Alert playbooks** pane. It might take a few seconds for any just-completed run to appear in the list. Selecting a specific run opens the full run log in Logic Apps.
 
-### Run a playbook manually on an incident (preview)
+### Run a playbook manually on an incident
 
 This procedure differs, depending on if you're working in Microsoft Sentinel or in the unified security operations platform. Select the relevant tab for your environment:
 
@@ -196,7 +196,7 @@ This procedure differs, depending on if you're working in Microsoft Sentinel or
 
 1. In the **Incidents** page, select an incident.
 
-1. From the incident details pane that appears on the side, select **Actions > Run playbook (Preview)**. 
+1. From the incident details pane that appears on the side, select **Actions > Run playbook**. 
 
     Selecting the three dots at the end of the incident's line on the grid or right-clicking the incident displays the same list as the **Action** button.
 
@@ -216,7 +216,7 @@ This procedure differs, depending on if you're working in Microsoft Sentinel or
 
 1. In the **Incidents** page, select an incident.
 
-1. From the incident details pane that appears on the side, select **Run Playbook (Preview)**.
+1. From the incident details pane that appears on the side, select **Run Playbook**.
 
 1. The **Run playbook on incident** panel opens on the side, with all related playbooks for the selected incident. In the **Action** column, select **Run playbook** for the playbook you want to run immediately.
 
@@ -231,7 +231,7 @@ The **Actions** column might also show one of the following statuses:
 
 View the run history for playbooks on an incident by selecting the **Runs** tab on the **Run playbook on incident** panel. It might take a few seconds for any just-completed run to appear in the list. Selecting a specific run opens the full run log in Logic Apps.
 
-### Run a playbook manually on an entity (preview)
+### Run a playbook manually on an entity
 
 This procedure isn't supported in the unified security operations platform.
 
@@ -243,11 +243,11 @@ Select an entity in one of the following ways, depending on your originating con
 
 In the **Entities** widget in the **Overview** tab, locate your entity, and do one of the following: 
 
-- Don't select the entity. Instead, select the three dots to the right of the entity, and then select **Run playbook (Preview)**. Locate the playbook you want to run, and select **Run** in that playbook's row.
+- Don't select the entity. Instead, select the three dots to the right of the entity, and then select **Run playbook**. Locate the playbook you want to run, and select **Run** in that playbook's row.
 
 - Select the entity to open the **Entities tab** of the incident details page. Locate your entity on the list, and select the three dots to the right. Locate the playbook you want to run, and select **Run** in that playbook's row.
 
-- Select an entity and drill down to the entity details page. Then, select the **Run playbook (Preview)** button in the left-hand panel. Locate the playbook you want to run, and select **Run** in that playbook's row.
+- Select an entity and drill down to the entity details page. Then, select the **Run playbook** button in the left-hand panel. Locate the playbook you want to run, and select **Run** in that playbook's row.
 
 #### [Incident details page (legacy)](#tab/incident-details-legacy)
 
@@ -257,18 +257,18 @@ In the **Entities** widget in the **Overview** tab, locate your entity, and do o
 
 1. Do one of the following:
 
-    - Select the **Run playbook (Preview)** link at the end of the entity line in the list.  
-    - Select the entity to drill down to the entity details page and select the **Run playbook (Preview)** button in the left-hand panel.
+    - Select the **Run playbook** link at the end of the entity line in the list.  
+    - Select the entity to drill down to the entity details page and select the **Run playbook** button in the left-hand panel.
 
 1. Locate the playbook you want to run, and select **Run** in that playbook's row.
 
 #### [Investigation graph](#tab/investigation-graph)
 
 **If you're in the Investigation graph:**
 
-1. Select an entity in the graph and then select the **Run playbook (Preview)** button in the entity side panel.  
+1. Select an entity in the graph and then select the **Run playbook** button in the entity side panel.  
 
-    For some entity types, you might have to select the **Entity actions** button and from the resulting menu select **Run playbook (Preview)**.
+    For some entity types, you might have to select the **Entity actions** button and from the resulting menu select **Run playbook**.
 
 1. Locate the playbook you want to run, and select **Run** in that playbook's row.
     
@@ -277,7 +277,7 @@ In the **Entities** widget in the **Overview** tab, locate your entity, and do o
 **If you're proactively hunting for threats:**
 
 1. From the **Entity behavior** screen, select an entity from the lists on the page, or search for and select another entity.
-1. In the [entity page](../entity-pages.md), select the **Run playbook (Preview)** button in the left-hand panel.
+1. In the [entity page](../entity-pages.md), select the **Run playbook** button in the left-hand panel.
 1. Locate the playbook you want to run, and select **Run** in that playbook's row.
 ---
 
@@ -290,4 +290,4 @@ On the **Run playbook on *\<entity type>** pane, select the **Runs** tab to see
 For more information, see:
 
 - [Create and manage Microsoft Sentinel playbooks](create-playbooks.md)
-- [Automate threat response in Microsoft Sentinel with automation rules](../automate-incident-handling-with-automation-rules.md)
+- [Automate threat response in Microsoft Sentinel with automation rules](../automate-incident-handling-with-automation-rules.md)
