Merge pull request #278620 from cwatson-cat/main

Onboarding - add sentence about API in 3 articles

Author: prmerger-automator[bot]

articles/sentinel/deploy-overview.md

@@ -4,7 +4,7 @@ description: Learn about the steps to deploy Microsoft Sentinel including the ph
 author: cwatson-cat
 ms.author: cwatson
 ms.topic: conceptual
-ms.date: 08/23/2023
+ms.date: 06/18/2024
 ms.service: microsoft-sentinel
 ---
 
@@ -32,7 +32,7 @@ The deployment phase is typically performed by a SOC analyst or related roles.
 
 | Step | Details |
 | --------- | ------- |
-| [**1. Enable Microsoft Sentinel, health and audit, and content**](enable-sentinel-features-content.md) | Enable Microsoft Sentinel, enable the health and audit feature, and enable the solutions and content you've identified according to your organization's needs. |
+| [**1. Enable Microsoft Sentinel, health and audit, and content**](enable-sentinel-features-content.md) | Enable Microsoft Sentinel, enable the health and audit feature, and enable the solutions and content you've identified according to your organization's needs. </br></br> To onboard to Microsoft Sentinel by using the API, see the latest supported version of [Sentinel Onboarding States](/rest/api/securityinsights/sentinel-onboarding-states). |
 | [**2. Configure content**](configure-content.md) | Configure the different types of Microsoft Sentinel security content, which allow you to detect, monitor, and respond to security threats across your systems: Data connectors, analytics rules, automation rules, playbooks, workbooks, and watchlists. |
 | [**3. Set up a cross-workspace architecture**](use-multiple-workspaces.md) |If your environment requires multiple workspaces, you can now set them up as part of your deployment. In this article, you learn how to set up Microsoft Sentinel to extend across multiple workspaces and tenants. |
 | [**4. Enable User and Entity Behavior Analytics (UEBA)**](enable-entity-behavior-analytics.md) | Enable and use the UEBA feature to streamline the analysis process.  |

articles/sentinel/enable-sentinel-features-content.md

@@ -1,10 +1,10 @@
 ---
 title: Enable Microsoft Sentinel and initial features and content
 description: As the first step of your deployment, you enable Microsoft Sentinel, and then enable the health and audit feature, solutions, and content.
-author: limwainstein
+author: cwatson-cat
 ms.topic: how-to
-ms.date: 07/05/2023
-ms.author: lwainstein
+ms.date: 06/18/2024
+ms.author: cwatson
 #Customer intent: As a SOC analyst, I want to enable the Microsoft Sentinel service and the key features and content, so I can get started with my deployment.
 ---
 
@@ -16,7 +16,7 @@ To begin your deployment, you need to enable Microsoft Sentinel and set up key f
 
 |Step  |Description  |
 |---------|---------|
-|1. [Enable the Microsoft Sentinel service](quickstart-onboard.md#enable)     | In the Azure portal, enable Microsoft Sentinel to run on the Log Analytics workspace your organization planned as part of your workspace design.       |
+|1. [Enable the Microsoft Sentinel service](quickstart-onboard.md#enable)     | In the Azure portal, enable Microsoft Sentinel to run on the Log Analytics workspace your organization planned as part of your workspace design.    </br></br>To onboard to Microsoft Sentinel by using the API, see the latest supported version of [Sentinel Onboarding States](/rest/api/securityinsights/sentinel-onboarding-states).   |
 |2. [Enable health and audit](enable-monitoring.md)     |Enable health and audit at this stage of your deployment to make sure that the service's many moving parts are always functioning as intended and that the service isn't being manipulated by unauthorized actions. Learn more about the [health and audit](health-audit.md) feature.         |
 |3. [Enable solutions and content](sentinel-solutions-deploy.md)     |When you planned your deployment, you identified which data sources you need to ingest into Microsoft Sentinel. Now, you want to enable the relevant solutions and content so that the data you need can start flowing into Microsoft Sentinel.         |
 

articles/sentinel/quickstart-onboard.md

@@ -4,7 +4,7 @@ description: In this quickstart, you enable Microsoft Sentinel, and set up data
 author: yelevin
 ms.author: yelevin
 ms.topic: quickstart
-ms.date: 06/14/2023
+ms.date: 06/18/2024
 ms.custom: references_regions, mode-other
 #Customer intent: As a security operator, set up data connectors in one place so I can monitor and protect my environment.
 ---
@@ -15,6 +15,8 @@ In this quickstart, you'll enable Microsoft Sentinel and install a solution from
 
 Microsoft Sentinel comes with many data connectors for Microsoft products such as the Microsoft Defender XDR service-to-service connector. You can also enable built-in connectors for non-Microsoft products such as Syslog or Common Event Format (CEF). For this quickstart, you'll use the Azure Activity data connector that's available in the Azure Activity solution for Microsoft Sentinel.
 
+To onboard to Microsoft Sentinel by using the API, see the latest supported version of [Sentinel Onboarding States](/rest/api/securityinsights/sentinel-onboarding-states). 
+
 ## Prerequisites
 
 - **Active Azure Subscription**. If you don't have one, create a [free account](https://azure.microsoft.com/free/?WT.mc_id=A261C142F) before you begin.
@@ -55,8 +57,6 @@ To get started, add Microsoft Sentinel to an existing workspace or create a new
 
 1. Select **Add**.
 
-As an alternative to using the portal, you can onboard to Microsoft Sentinel using an API request, by calling the [OnboardingStates ARM api](/rest/api/securityinsights/sentinel-onboarding-states/create?view=rest-securityinsights-2024-03-01&preserve-view=true&tabs=HTTP).
-
 ## Install a solution from the content hub
 
 The content hub in Microsoft Sentinel is the centralized location to discover and manage out-of-the-box content including data connectors. For this quickstart, install the solution for Azure Activity.