Fix various warnings on new files

Author: cwatson-cat

.openpublishing.redirection.sentinel.json

@@ -65,11 +65,6 @@
             "redirect_url": "/azure/sentinel/data-connectors/crowdstrike-falcon-data-replicator-using-azure-functions",
             "redirect_document_id": true
         },
-        {
-            "source_path": "articles/sentinel/data-connectors/cyberarkepm.md",
-            "redirect_url": "/azure/sentinel/data-connectors/cyberarkepm-using-azure-functions",
-            "redirect_document_id": true
-        },
         {
             "source_path": "articles/sentinel/data-connectors/cybersixgill-actionable-alerts-using-azure-function.md",
             "redirect_url": "/azure/sentinel/data-connectors/cybersixgill-actionable-alerts-using-azure-functions",

articles/sentinel/data-connectors/armis-activities.md

@@ -81,14 +81,14 @@ Use this method for automated deployment of the Armis connector.
 	[![Deploy To Azure](https://aka.ms/deploytoazurebutton)](https://aka.ms/sentinel-ArmisActivitiesAPI-azuredeploy) [![Deploy to Azure Gov](https://aka.ms/deploytoazuregovbutton)](https://aka.ms/sentinel-ArmisActivitiesAPI-azuredeploy-gov)
 2. Select the preferred **Subscription**, **Resource Group** and **Location**. 
 3. Enter the below information : 
-		Function Name 
-		Workspace ID 
-		Workspace Key 
-		Armis Secret Key 
-		Armis URL (https://<armis-instance>.armis.com/api/v1/) 
-		Armis Activity Table Name 
-		Armis Schedule 
-		Avoid Duplicates (Default: false) 
+	- Function Name 
+	- Workspace ID 
+	- Workspace Key 
+	- Armis Secret Key 
+	- Armis URL `https://<armis-instance>.armis.com/api/v1/` 
+	- Armis Activity Table Name 
+	- Armis Schedule 
+	- Avoid Duplicates (Default: false) 
 4. Mark the checkbox labeled **I agree to the terms and conditions stated above**. 
 5. Click **Purchase** to deploy.
 
@@ -130,14 +130,14 @@ If you're already signed in, go to the next step.
 1. In the Function App, select the Function App Name and select **Configuration**.
 2. In the **Application settings** tab, select **+ New application setting**.
 3. Add each of the following application settings individually, with their respective values (case-sensitive): 
-		Workspace ID 
-		Workspace Key 
-		Armis Secret Key 
-		Armis URL (https://<armis-instance>.armis.com/api/v1/) 
-		Armis Activity Table Name 
-		Armis Schedule 
-		Avoid Duplicates (Default: false) 
-		logAnalyticsUri (optional) 
+	- Workspace ID 
+	- Workspace Key 
+	- Armis Secret Key 
+	- Armis URL `https://<armis-instance>.armis.com/api/v1/` 
+	- Armis Activity Table Name 
+	- Armis Schedule 
+	- Avoid Duplicates (Default: false) 
+	- logAnalyticsUri (optional) 
  - Use logAnalyticsUri to override the log analytics API endpoint for dedicated cloud. For example, for public cloud, leave the value empty; for Azure GovUS cloud environment, specify the value in the following format: `https://<CustomerId>.ods.opinsights.azure.us`.
 4. Once all application settings have been entered, click **Save**.
 

articles/sentinel/data-connectors/armis-alerts.md

@@ -84,14 +84,14 @@ Use this method for automated deployment of the Armis connector.
 	[![Deploy To Azure](https://aka.ms/deploytoazurebutton)](https://aka.ms/sentinel-ArmisAlertsAPI-azuredeploy) [![Deploy to Azure Gov](https://aka.ms/deploytoazuregovbutton)](https://aka.ms/sentinel-ArmisAlertsAPI-azuredeploy-gov)
 2. Select the preferred **Subscription**, **Resource Group** and **Location**. 
 3. Enter the below information : 
-		Function Name 
-		Workspace ID 
-		Workspace Key 
-		Armis Secret Key 
-		Armis URL (https://<armis-instance>.armis.com/api/v1/) 
-		Armis Alert Table Name 
-		Armis Schedule 
-		Avoid Duplicates (Default: true) 
+	- Function Name 
+	- Workspace ID 
+	- Workspace Key 
+	- Armis Secret Key 
+	- Armis URL `https://<armis-instance>.armis.com/api/v1/`
+	- Armis Alert Table Name 
+	- Armis Schedule 
+	- Avoid Duplicates (Default: true) 
 4. Mark the checkbox labeled **I agree to the terms and conditions stated above**. 
 5. Click **Purchase** to deploy.
 
@@ -133,14 +133,14 @@ If you're already signed in, go to the next step.
 1. In the Function App, select the Function App Name and select **Configuration**.
 2. In the **Application settings** tab, select **+ New application setting**.
 3. Add each of the following application settings individually, with their respective values (case-sensitive): 
-		Workspace ID 
-		Workspace Key 
-		Armis Secret Key 
-		Armis URL (https://<armis-instance>.armis.com/api/v1/) 
-		Armis Alert Table Name 
-		Armis Schedule 
-		Avoid Duplicates (Default: true) 
-		logAnalyticsUri (optional) 
+	- Workspace ID 
+	- Workspace Key 
+	- Armis Secret Key 
+	- Armis URL `https://<armis-instance>.armis.com/api/v1/` 
+	- Armis Alert Table Name 
+	- Armis Schedule 
+	- Avoid Duplicates (Default: true) 
+	- logAnalyticsUri (optional) 
  - Use logAnalyticsUri to override the log analytics API endpoint for dedicated cloud. For example, for public cloud, leave the value empty; for Azure GovUS cloud environment, specify the value in the following format: `https://<CustomerId>.ods.opinsights.azure.us`.
 4. Once all application settings have been entered, click **Save**.
 

articles/sentinel/data-connectors/armis-devices.md

@@ -84,14 +84,14 @@ Use this method for automated deployment of the Armis connector.
 	[![Deploy To Azure](https://aka.ms/deploytoazurebutton)](https://aka.ms/sentinel-ArmisDevice-azuredeploy) [![Deploy to Azure Gov](https://aka.ms/deploytoazuregovbutton)](https://aka.ms/sentinel-ArmisDevice-azuredeploy-gov)
 2. Select the preferred **Subscription**, **Resource Group** and **Location**. 
 3. Enter the below information : 
-		Function Name 
-		Workspace ID 
-		Workspace Key 
-		Armis Secret Key 
-		Armis URL (https://<armis-instance>.armis.com/api/v1/) 
-		Armis Device Table Name 
-		Armis Schedule 
-		Avoid Duplicates (Default: true) 
+	- Function Name 
+	- Workspace ID 
+	- Workspace Key 
+	- Armis Secret Key 
+	- Armis URL `https://<armis-instance>.armis.com/api/v1/` 
+	- Armis Device Table Name 
+	- Armis Schedule 
+	- Avoid Duplicates (Default: true) 
 4. Mark the checkbox labeled **I agree to the terms and conditions stated above**. 
 5. Click **Purchase** to deploy.
 
@@ -133,14 +133,14 @@ If you're already signed in, go to the next step.
 1. In the Function App, select the Function App Name and select **Configuration**.
 2. In the **Application settings** tab, select **+ New application setting**.
 3. Add each of the following application settings individually, with their respective values (case-sensitive): 
-		Workspace ID 
-		Workspace Key 
-		Armis Secret Key 
-		Armis URL (https://<armis-instance>.armis.com/api/v1/) 
-		Armis Device Table Name 
-		Armis Schedule 
-		Avoid Duplicates (Default: true) 
-		logAnalyticsUri (optional) 
+	- Workspace ID 
+	- Workspace Key 
+	- Armis Secret Key 
+	- Armis URL `https://<armis-instance>.armis.com/api/v1/`
+	- Armis Device Table Name 
+	- Armis Schedule 
+	- Avoid Duplicates (Default: true) 
+	- logAnalyticsUri (optional) 
  - Use logAnalyticsUri to override the log analytics API endpoint for dedicated cloud. For example, for public cloud, leave the value empty; for Azure GovUS cloud environment, specify the value in the following format: `https://<CustomerId>.ods.opinsights.azure.us`.
 4. Once all application settings have been entered, click **Save**.
 

articles/sentinel/data-connectors/atlassian-confluence-audit.md

@@ -19,7 +19,7 @@ This is autogenerated content. For changes, contact the solution provider.
 | Connector attribute | Description |
 | --- | --- |
 | **Application settings** | ConfluenceUsername<br/>ConfluenceAccessToken<br/>ConfluenceHomeSiteName<br/>WorkspaceID<br/>WorkspaceKey<br/>logAnalyticsUri (optional) |
-| **Azure function app code** | https://aka.ms/sentinel-confluenceauditapi-functionapp |
+| **Azure function app code** | [https://aka.ms/sentinel-confluenceauditapi-functionapp](https://github.com/Azure/Azure-Sentinel/blob/master/Solutions/AtlassianConfluenceAudit/Data%20Connector/AtlassianConfluenceAuditDataConnector/ConfluenceAuditAPISentinelConn.zip) |
 | **Log Analytics table(s)** | Confluence_Audit_CL<br/> |
 | **Data collection rules support** | Not currently supported |
 | **Supported by** | [Microsoft Corporation](https://support.microsoft.com) |
@@ -88,7 +88,7 @@ Use the following step-by-step instructions to deploy the Confluence Audit data
 
 > **NOTE:** You will need to [prepare VS code](/azure/azure-functions/functions-create-first-function-python#prerequisites) for Azure function development.
 
-1. Download the [Azure Function App](https://aka.ms/sentinel-confluenceauditapi-functionapp) file. Extract archive to your local development computer.
+1. Download the [Azure Function App](https://github.com/Azure/Azure-Sentinel/blob/master/Solutions/AtlassianConfluenceAudit/Data%20Connector/AtlassianConfluenceAuditDataConnector/ConfluenceAuditAPISentinelConn.zip) file. Extract archive to your local development computer.
 2. Start VS Code. Choose File in the main menu and select Open Folder.
 3. Select the top level folder from extracted files.
 4. Choose the Azure icon in the Activity bar, then in the **Azure: Functions** area, choose the **Deploy to function app** button.

articles/sentinel/data-connectors/digital-shadows-searchlight.md

@@ -96,7 +96,7 @@ Use this method for automated deployment of the 'Digital Shadows Searchlight' co
 2. Import Function App Code(Zip deployment)
 
 1. Install Azure CLI
-2. From terminal type **az functionapp deployment source config-zip -g <ResourceGroup> -n <FunctionApp> --src <Zip File>** and hit enter. Set the `ResourceGroup` value to: your resource group name. Set the `FunctionApp` value to: your newly created function app name. Set the `Zip File` value to: `digitalshadowsConnector.zip`(path to your zip file). Note:- Download the zip file from the link - [Function App Code](https://github.com/Azure/Azure-Sentinel/blob/master/Solutions/Digital%20Shadows/Data%20Connectors/Digital%20Shadows/digitalshadowsConnector.zip)
+2. From terminal type `az functionapp deployment source config-zip -g <ResourceGroup> -n <FunctionApp> --src <Zip File>` and hit enter. Set the `ResourceGroup` value to: your resource group name. Set the `FunctionApp` value to: your newly created function app name. Set the `Zip File` value to: `digitalshadowsConnector.zip`(path to your zip file). Note:- Download the zip file from the link - [Function App Code](https://github.com/Azure/Azure-Sentinel/blob/master/Solutions/Digital%20Shadows/Data%20Connectors/Digital%20Shadows/digitalshadowsConnector.zip)
 
 3. Configure the Function App
 
@@ -119,7 +119,7 @@ Set the `DigitalShadowsURL` value to: `https://api.searchlight.app/v1`
 Set the `HighVariabilityClassifications` value to: `exposed-credential,marked-document`
 Set the `ClassificationFilterOperation` value to: `exclude` for exclude function app or `include` for include function app 
 >Note: If using Azure Key Vault secrets for any of the values above, use the`@Microsoft.KeyVault(SecretUri={Security Identifier})`schema in place of the string values. Refer to [Azure Key Vault references documentation](/azure/app-service/app-service-key-vault-references) for further details.
- - Use logAnalyticsUri to override the log analytics API endpoint for dedicated cloud. For example, for public cloud, leave the value empty; for Azure GovUS cloud environment, specify the value in the following format: https://<CustomerId>.ods.opinsights.azure.us. 
+ - Use logAnalyticsUri to override the log analytics API endpoint for dedicated cloud. For example, for public cloud, leave the value empty; for Azure GovUS cloud environment, specify the value in the following format: `https://<CustomerId>.ods.opinsights.azure.us`. 
 4. Once all application settings have been entered, click **Save**.
 
 

articles/sentinel/data-connectors/netskope.md

@@ -55,7 +55,7 @@ Netskope
 To integrate with Netskope (using Azure Functions) make sure you have: 
 
 - **Microsoft.Web/sites permissions**: Read and write permissions to Azure Functions to create a Function App is required. [See the documentation to learn more about Azure Functions](/azure/azure-functions/).
-- **Netskope API Token**: A Netskope API Token is required. [See the documentation to learn more about Netskope API](https://innovatechcloud.goskope.com/docs/Netskope_Help/en/rest-api-v1-overview.html). **Note:** A Netskope account is required
+- **Netskope API Token**: A Netskope API Token is required. [See the documentation to learn more about Netskope API](https://docs.netskope.com/en/netskope-help/admin-console/rest-api/rest-api-v1-overview/). **Note:** A Netskope account is required
 
 
 ## Vendor installation instructions

articles/sentinel/data-connectors/onelogin-iam-platform.md

@@ -61,7 +61,7 @@ To integrate with OneLogin IAM Platform(using Azure Functions) make sure you hav
  Follow the [instructions](https://onelogin.service-now.com/kb_view_customer.do?sysparm_article=KB0010469) to configure Webhooks.
 
 1. Generate the **OneLoginBearerToken** according to your password policy.
-2. Set Custom Header in the format: Authorization: Bearer <OneLoginBearerToken>.
+2. Set Custom Header in the format: Authorization: Bearer `<OneLoginBearerToken>`.
 3. Use JSON Array Logs Format.
 
 

articles/sentinel/data-connectors/rubrik-security-cloud-data-connector.md

@@ -139,7 +139,7 @@ If you're already signed in, go to the next step.
 		ThreatHunts_table_name
 		LogLevel
 		logAnalyticsUri (optional)
- - Use logAnalyticsUri to override the log analytics API endpoint for dedicated cloud. For example, for public cloud, leave the value empty; for Azure GovUS cloud environment, specify the value in the following format: https://<CustomerId>.ods.opinsights.azure.us. 
+ - Use logAnalyticsUri to override the log analytics API endpoint for dedicated cloud. For example, for public cloud, leave the value empty; for Azure GovUS cloud environment, specify the value in the following format: `https://<CustomerId>.ods.opinsights.azure.us`. 
 4. Once all application settings have been entered, click **Save**.
 
 

articles/sentinel/data-connectors/snowflake.md

@@ -62,35 +62,42 @@ To query data from Snowflake you need a user that is assigned to a role with suf
 
 1. Enter the Snowflake console.
 2. Switch role to SECURITYADMIN and [create a new role](https://docs.snowflake.com/en/sql-reference/sql/create-role.html):
-```
-USE ROLE SECURITYADMIN;
-CREATE OR REPLACE ROLE EXAMPLE_ROLE_NAME;```
-3. Switch role to SYSADMIN and [create warehouse](https://docs.snowflake.com/en/sql-reference/sql/create-warehouse.html) and [grand access](https://docs.snowflake.com/en/sql-reference/sql/grant-privilege.html) to it:
-```
-USE ROLE SYSADMIN;
-CREATE OR REPLACE WAREHOUSE EXAMPLE_WAREHOUSE_NAME
-  WAREHOUSE_SIZE = 'SMALL' 
-  AUTO_SUSPEND = 5
-  AUTO_RESUME = true
-  INITIALLY_SUSPENDED = true;
-GRANT USAGE, OPERATE ON WAREHOUSE EXAMPLE_WAREHOUSE_NAME TO ROLE EXAMPLE_ROLE_NAME;```
-4. Switch role to SECURITYADMIN and [create a new user](https://docs.snowflake.com/en/sql-reference/sql/create-user.html):
-```
-USE ROLE SECURITYADMIN;
-CREATE OR REPLACE USER EXAMPLE_USER_NAME
-   PASSWORD = 'example_password'
-   DEFAULT_ROLE = EXAMPLE_ROLE_NAME
-   DEFAULT_WAREHOUSE = EXAMPLE_WAREHOUSE_NAME
-;```
-5. Switch role to ACCOUNTADMIN and [grant access to snowflake database](https://docs.snowflake.com/en/sql-reference/account-usage.html#enabling-account-usage-for-other-roles) for role.
-```
-USE ROLE ACCOUNTADMIN;
-GRANT IMPORTED PRIVILEGES ON DATABASE SNOWFLAKE TO ROLE EXAMPLE_ROLE_NAME;```
-6. Switch role to SECURITYADMIN and [assign role](https://docs.snowflake.com/en/sql-reference/sql/grant-role.html) to user:
-```
-USE ROLE SECURITYADMIN;
-GRANT ROLE EXAMPLE_ROLE_NAME TO USER EXAMPLE_USER_NAME;```
 
+   ```
+   USE ROLE SECURITYADMIN;
+   CREATE OR REPLACE ROLE EXAMPLE_ROLE_NAME;
+   ```
+
+1. Switch role to SYSADMIN and [create warehouse](https://docs.snowflake.com/en/sql-reference/sql/create-warehouse.html) and [grand access](https://docs.snowflake.com/en/sql-reference/sql/grant-privilege.html) to it:
+
+   ```
+   USE ROLE SYSADMIN;
+   CREATE OR REPLACE WAREHOUSE EXAMPLE_WAREHOUSE_NAME
+     WAREHOUSE_SIZE = 'SMALL' 
+     AUTO_SUSPEND = 5
+     AUTO_RESUME = true
+     INITIALLY_SUSPENDED = true;
+   GRANT USAGE, OPERATE ON WAREHOUSE EXAMPLE_WAREHOUSE_NAME TO ROLE EXAMPLE_ROLE_NAME;
+   ```
+1. Switch role to SECURITYADMIN and [create a new user](https://docs.snowflake.com/en/sql-reference/sql/create-user.html):
+   ```
+   USE ROLE SECURITYADMIN;
+   CREATE OR REPLACE USER EXAMPLE_USER_NAME
+      PASSWORD = 'example_password'
+      DEFAULT_ROLE = EXAMPLE_ROLE_NAME
+      DEFAULT_WAREHOUSE = EXAMPLE_WAREHOUSE_NAME;
+   ```
+1. Switch role to ACCOUNTADMIN and [grant access to snowflake database](https://docs.snowflake.com/en/sql-reference/account-usage.html#enabling-account-usage-for-other-roles) for role.
+    ```
+    USE ROLE ACCOUNTADMIN;
+    GRANT IMPORTED PRIVILEGES ON DATABASE SNOWFLAKE TO ROLE EXAMPLE_ROLE_NAME;
+   ```
+1. Switch role to SECURITYADMIN and [assign role](https://docs.snowflake.com/en/sql-reference/sql/grant-role.html) to user:
+   ```
+   USE ROLE SECURITYADMIN;
+   GRANT ROLE EXAMPLE_ROLE_NAME TO USER EXAMPLE_USER_NAME;
+   ```
+   
 >**IMPORTANT:** Save user and API password created during this step as they will be used during deployment step.