Adding customer intents - Yechiel's files

Author: batamig

articles/sentinel/add-entity-to-threat-intelligence.md

@@ -10,6 +10,10 @@ appliesto:
     - Microsoft Sentinel in the Azure portal
 ms.collection: usx-security
 #Customer intent: As a security analyst, I want to quickly add relevant threat intelligence from my investigation for myself and others so I don't lose important information.
+
+
+#Customer intent: [AI]As a security analyst, I want to add entities to threat intelligence so that I can track and manage indicators of compromise effectively during incident investigations.
+
 ---
 
 # Add entities to threat intelligence in Microsoft Sentinel

articles/sentinel/ama-migrate.md

@@ -5,6 +5,10 @@ author: yelevin
 ms.topic: reference
 ms.date: 04/03/2024
 ms.author: yelevin
+
+
+#Customer intent: [AI]As a security operations analyst, I want to migrate from the Log Analytics Agent to the Azure Monitor Agent so that I can leverage improved performance and new features in Microsoft Sentinel.
+
 ---
 
 # AMA migration for Microsoft Sentinel

articles/sentinel/anomalies-reference.md

@@ -5,6 +5,10 @@ author: yelevin
 ms.topic: reference
 ms.date: 03/17/2024
 ms.author: yelevin
+
+
+#Customer intent: [AI]As a security analyst, I want to understand the types of anomalies detected by machine learning models in my SIEM solution so that I can effectively monitor and respond to potential security threats.
+
 ---
 
 # Anomalies detected by the Microsoft Sentinel machine learning engine

articles/sentinel/api-dcr-reference.md

@@ -6,6 +6,10 @@ ms.author: yelevin
 ms.topic: reference
 ms.date: 03/01/2024
 ms.service: microsoft-sentinel
+
+
+#Customer intent: [AI]As a cloud engineer, I want to create Data Collection Rules (DCRs) using API requests so that I can automate the ingestion of Syslog and CEF messages into Azure Monitor.
+
 ---
 # API request examples for creating Data Collection Rules (DCRs)
 

articles/sentinel/audit-track-tasks.md

@@ -5,6 +5,10 @@ author: yelevin
 ms.author: yelevin
 ms.topic: how-to
 ms.date: 05/08/2023
+
+
+#Customer intent: [AI]As a SOC manager, I want to audit and track changes to incident tasks so that I can evaluate the effectiveness of task assignments and improve SOC efficiency.
+
 ---
 
 # Audit and track changes to incident tasks in Microsoft Sentinel

articles/sentinel/bring-your-own-ml.md

@@ -6,6 +6,10 @@ ms.topic: conceptual
 ms.date: 11/09/2021
 ms.author: yelevin
 ms.custom: devx-track-azurecli
+
+
+#Customer intent: [AI]As a security professional, I want to build and integrate custom machine learning models into my security operations platform so that I can detect and respond to threats specific to my organization's environment.
+
 ---
 
 # Bring your own Machine Learning (ML) into Microsoft Sentinel

articles/sentinel/cef-syslog-ama-overview.md

@@ -7,6 +7,10 @@ ms.topic: concept-article
 ms.custom: linux-related-content
 ms.date: 07/12/2024
 #Customer intent: As a security operator, I want to understand how Microsoft Sentinel collects Syslog and CEF messages with the Azure Monitor Agent so that I can determine if this solution fits my organization's needs.  
+
+
+#Customer intent: [AI]As a security analyst, I want to collect and analyze Syslog and CEF messages from various devices using a centralized log forwarder, so that I can efficiently monitor and respond to security threats.
+
 ---
 
 # Syslog and Common Event Format (CEF) via AMA connectors for Microsoft Sentinel

articles/sentinel/collaborate-in-microsoft-teams.md

@@ -5,6 +5,10 @@ author: yelevin
 ms.topic: how-to
 ms.date: 03/30/2022
 ms.author: yelevin
+
+
+#Customer intent: [AI]As a security analyst, I want to integrate Microsoft Sentinel with Microsoft Teams so that I can collaborate efficiently on incident investigations with my team.
+
 ---
 
 # Collaborate in Microsoft Teams (Public preview)

articles/sentinel/configure-connector-login-detection.md

@@ -5,6 +5,10 @@ author: yelevin
 ms.topic: how-to
 ms.date: 02/24/2023
 ms.author: yelevin
+
+
+#Customer intent: [AI]As a security analyst, I want to configure anomalous RDP login detection so that I can identify and respond to potential security threats in my network.
+
 ---
 
 # Configure the Security Events or Windows Security Events connector for anomalous RDP login detection

articles/sentinel/configure-data-transformation.md

@@ -5,6 +5,10 @@ author: yelevin
 ms.author: yelevin
 ms.topic: how-to
 ms.date: 02/27/2022
+
+
+#Customer intent: [AI]As a security analyst, I want to configure ingestion-time data transformation and custom log ingestion so that I can control, filter, and enrich data before it is ingested into Microsoft Sentinel.
+
 ---
 
 # Transform or customize data at ingestion time in Microsoft Sentinel (preview)