Merge pull request #223295 from limwainstein/freshness

Stacyrch140 · web-flow · commit fea5a6559726 · 2023-01-09T14:19:06.000-05:00
Updating freshness
diff --git a/articles/sentinel/audit-sentinel-data.md b/articles/sentinel/audit-sentinel-data.md
@@ -3,7 +3,7 @@ title: Audit Microsoft Sentinel queries and activities | Microsoft Docs
 description: This article describes how to audit queries and activities performed in Microsoft Sentinel.
 author: limwainstein
 ms.topic: how-to
-ms.date: 11/09/2021
+ms.date: 01/09/2023
 ms.author: lwainstein
 ms.custom: ignite-fall-2021
 ---
diff --git a/articles/sentinel/best-practices-data.md b/articles/sentinel/best-practices-data.md
@@ -4,8 +4,7 @@ description: Learn about best practices to employ when connecting data sources t
 author: limwainstein
 ms.author: lwainstein
 ms.topic: conceptual
-ms.date: 11/09/2021
-ms.custom: ignite-fall-2021
+ms.date: 01/09/2023
 ---
 
 #  Data collection best practices
diff --git a/articles/sentinel/best-practices-workspace-architecture.md b/articles/sentinel/best-practices-workspace-architecture.md
@@ -4,8 +4,7 @@ description: Learn about best practices for designing your Microsoft Sentinel wo
 author: limwainstein
 ms.author: lwainstein
 ms.topic: conceptual
-ms.date: 11/09/2021
-ms.custom: ignite-fall-2021
+ms.date: 01/09/2023
 ---
 
 # Microsoft Sentinel workspace architecture best practices
diff --git a/articles/sentinel/best-practices.md b/articles/sentinel/best-practices.md
@@ -4,8 +4,7 @@ description: Learn about best practices to employ when managing your Microsoft S
 author: limwainstein
 ms.author: lwainstein
 ms.topic: conceptual
-ms.date: 11/09/2021
-ms.custom: ignite-fall-2021
+ms.date: 01/09/2023
 ---
 
 # Best practices for Microsoft Sentinel
@@ -85,7 +84,7 @@ Schedule the following Microsoft Sentinel activities regularly to ensure continu
 
 ## Integrate with Microsoft security services
 
-Microsoft Sentinel is empowered by the components that send data to your workspace, and is made stronger through integrations with other Microsoft services. Any logs ingested into products such as Microsoft Defender for Cloud Apps, Microsoft Defender for Endpoint, and Microsoft Defender for Identity allow these services to create detections, and in turn provide those detections to Microsoft Sentinel. Logs can also be ingested directly into Microsoft Sentinel to provide a fuller picture of events and incidents.
+Microsoft Sentinel is empowered by the components that send data to your workspace, and is made stronger through integrations with other Microsoft services. Any logs ingested into products such as Microsoft Defender for Cloud Apps, Microsoft Defender for Endpoint, and Microsoft Defender for Identity allow these services to create detections, and in turn provide those detections to Microsoft Sentinel. Logs can also be ingested directly into Microsoft Sentinel to provide a fuller picture for events and incidents.
 
 For example, the following image shows how Microsoft Sentinel ingests data from other Microsoft services and multi-cloud and partner platforms to provide coverage for your environment:
 
@@ -138,7 +137,7 @@ Entity behavior in Microsoft Sentinel allows users to review and investigate act
 
 - [Enable User and Entity Behavior Analytics (UEBA) in Microsoft Sentinel](enable-entity-behavior-analytics.md)
 - [Investigate incidents with UEBA data](investigate-with-ueba.md)
-- [Microsoft Sentinel UEBA reference](ueba-reference.md)
+- [Microsoft Sentinel UEBA enrichments reference](ueba-reference.md)
 
 ### Handle incidents with watchlists and threat intelligence
 
diff --git a/articles/sentinel/connect-azure-virtual-desktop.md b/articles/sentinel/connect-azure-virtual-desktop.md
@@ -3,9 +3,8 @@ title: Connect Azure Virtual Desktop to Microsoft Sentinel | Microsoft Docs
 description: Learn to connect your Azure Virtual Desktop data to Microsoft Sentinel.
 author: limwainstein
 ms.topic: how-to
-ms.date: 11/09/2021
+ms.date: 01/09/2023
 ms.author: lwainstein
-ms.custom: ignite-fall-2021
 ---
 
 # Connect Azure Virtual Desktop data to Microsoft Sentinel
diff --git a/articles/sentinel/connect-log-forwarder.md b/articles/sentinel/connect-log-forwarder.md
@@ -3,9 +3,8 @@ title: Deploy a log forwarder to ingest Syslog and CEF logs to Microsoft Sentine
 description: Learn how to deploy a log forwarder, consisting of a Syslog daemon and the Log Analytics agent, as part of the process of ingesting Syslog and CEF logs to Microsoft Sentinel.
 author: limwainstein
 ms.topic: how-to
-ms.date: 12/23/2021
+ms.date: 01/09/2023
 ms.author: lwainstein
-ms.custom: ignite-fall-2021
 ---
 
 # Deploy a log forwarder to ingest Syslog and CEF logs to Microsoft Sentinel
diff --git a/articles/sentinel/create-custom-connector.md b/articles/sentinel/create-custom-connector.md
@@ -3,8 +3,7 @@ title: Resources for creating Microsoft Sentinel custom connectors | Microsoft D
 description: Learn about available resources for creating custom connectors for Microsoft Sentinel. Methods include the Log Analytics agent and API, Logstash, Logic Apps, PowerShell, and Azure Functions.
 author: limwainstein
 ms.topic: conceptual
-ms.custom: mvc, ignite-fall-2021
-ms.date: 11/21/2021
+ms.date: 01/09/2023
 ms.author: lwainstein
 ---
 
diff --git a/articles/sentinel/design-your-workspace-architecture.md b/articles/sentinel/design-your-workspace-architecture.md
@@ -4,8 +4,7 @@ description: Use a decision tree to understand how you might want to design your
 author: limwainstein
 ms.author: lwainstein
 ms.topic: conceptual
-ms.date: 11/09/2021
-ms.custom: ignite-fall-2021
+ms.date: 01/09/2023
 ---
 
 # Design your Microsoft Sentinel workspace architecture
diff --git a/articles/sentinel/false-positives.md b/articles/sentinel/false-positives.md
@@ -1,11 +1,10 @@
 ---
 title: Handle false positives in Microsoft Sentinel
 description: Learn how to resolve false positives in Microsoft Sentinel by creating automation rules or modifying analytics rules to specify exceptions.
-author: batamig
-ms.author: bagol
+author: yelevin
+ms.author: yelevin
 ms.topic: how-to
-ms.date: 11/09/2021
-ms.custom: ignite-fall-2021
+ms.date: 01/09/2023
 ---
 
 # Handle false positives in Microsoft Sentinel
diff --git a/articles/sentinel/geolocation-data-api.md b/articles/sentinel/geolocation-data-api.md
@@ -1,11 +1,10 @@
 ---
-title: Enrich entities with geolocation data in Microsoft Sentinel using REST API  | Microsoft Docs
+title: Enrich entities with geolocation data in Microsoft Sentinel using REST API
 description: This article describes how you can enrich entities in Microsoft Sentinel with geolocation data via REST API.
-author: batamig
+author: yelevin
 ms.topic: reference
-ms.custom: mvc, ignite-fall-2021
-ms.date: 11/09/2021
-ms.author: bagol
+ms.date: 01/09/2023
+ms.author: yelevin
 ---
 
 # Enrich entities in Microsoft Sentinel with geolocation data via REST API (Public preview)
diff --git a/articles/sentinel/includes/reference-to-feature-availability.md b/articles/sentinel/includes/reference-to-feature-availability.md
@@ -1,10 +1,10 @@
 ---
 title: Reference to feature availability in Azure Government cloud
 description: References the feature availability table for Azure Government.
-author: batamig
+author: limwainstein
 ms.topic: include
-ms.date: 11/09/2021
-ms.author: bagol
+ms.date: 01/09/2023
+ms.author: lwainstein
 ms.custom: include file
 ---
 
diff --git a/articles/sentinel/ingestion-delay.md b/articles/sentinel/ingestion-delay.md
@@ -3,7 +3,7 @@ title: Handle ingestion delay in Microsoft Sentinel | Microsoft Docs
 description:  Handle ingestion delay in Microsoft Sentinel scheduled analytics rules.
 author: limwainstein
 ms.topic: how-to
-ms.date: 04/25/2021
+ms.date: 01/09/2023
 ms.author: lwainstein
 ---
 
diff --git a/articles/sentinel/monitor-key-vault-honeytokens.md b/articles/sentinel/monitor-key-vault-honeytokens.md
@@ -1,10 +1,10 @@
 ---
 title: Deploy and monitor Azure Key Vault honeytokens with Microsoft Sentinel
 description: Plant Azure Key Vault honeytoken keys and secrets, and monitor them with Microsoft Sentinel.
-author: batamig
+author: yelevin
 ms.topic: how-to
-ms.date: 11/09/2021
-ms.author: bagol
+ms.date: 01/09/2023
+ms.author: yelevin
 ---
 
 # Deploy and monitor Azure Key Vault honeytokens with Microsoft Sentinel (Public preview)
diff --git a/articles/sentinel/mssp-protect-intellectual-property.md b/articles/sentinel/mssp-protect-intellectual-property.md
@@ -1,11 +1,10 @@
 ---
-title: Protecting managed security service provider (MSSPs) intellectual property in Microsoft Sentinel | Microsoft Docs
+title: Protecting managed security service provider (MSSPs) intellectual property in Microsoft Sentinel
 description: Learn about how  managed security service providers (MSSPs) can protect the intellectual property they've created in Microsoft Sentinel.
-author: batamig
+author: limwainstein
 ms.topic: conceptual
-ms.custom: mvc, ignite-fall-2021
-ms.date: 11/09/2021
-ms.author: bagol
+ms.date: 01/09/2023
+ms.author: lwainstein
 ---
 
 # Protecting MSSP intellectual property in Microsoft Sentinel
diff --git a/articles/sentinel/notebook-get-started.md b/articles/sentinel/notebook-get-started.md
@@ -1,10 +1,10 @@
 ---
 title: Get started with Jupyter notebooks and MSTICPy in Microsoft Sentinel
 description: Walk through the Getting Started Guide For Microsoft Sentinel ML Notebooks to learn the basics of Microsoft Sentinel notebooks with MSTICPy and queries.
-author: batamig
-ms.author: bagol
+author: austinmccollum
+ms.author: austinmc
 ms.topic: how-to
-ms.date: 11/09/2021
+ms.date: 01/09/2023
 ---
 
 # Tutorial: Get started with Jupyter notebooks and MSTICPy in Microsoft Sentinel
diff --git a/articles/sentinel/notebooks-msticpy-advanced.md b/articles/sentinel/notebooks-msticpy-advanced.md
@@ -1,11 +1,10 @@
 ---
-title: Advanced configurations for Jupyter notebooks and MSTICPy in Microsoft Sentinel | Microsoft Docs
+title: Advanced configurations for Jupyter notebooks and MSTICPy in Microsoft Sentinel
 description: Learn about advanced configurations available for Jupyter notebooks with MSTICPy when working in Microsoft Sentinel.
-author: batamig
-ms.author: bagol
+author: austinmccollum
+ms.author: austinmc
 ms.topic: how-to
-ms.date: 11/09/2021
-ms.custom: ignite-fall-2021
+ms.date: 01/09/2023
 ---
 
 # Advanced configurations for Jupyter notebooks and MSTICPy in Microsoft Sentinel
diff --git a/articles/sentinel/partner-integrations.md b/articles/sentinel/partner-integrations.md
@@ -1,10 +1,10 @@
 ---
 title: Partner integrations with Microsoft Sentinel
 description: This article describes best practices for creating your own integrations with Microsoft Sentinel.
-author: batamig
-ms.author: bagol
+author: limwainstein
+ms.author: lwainstein
 ms.topic: conceptual
-ms.date: 11/15/2021
+ms.date: 01/09/2023
 ---
 
 # Best practices for partners integrating with Microsoft Sentinel
diff --git a/articles/sentinel/powerbi.md b/articles/sentinel/powerbi.md
@@ -1,11 +1,10 @@
 ---
 title: Create a Power BI report from Microsoft Sentinel data
 description: Learn how to create a Power BI report using an exported query from Microsoft Sentinel Log Analytics. Share your report with others in the Power BI service and a Teams channel.
-author: batamig
-ms.author: bagol
+author: yelevin
+ms.author: yelevin
 ms.topic: conceptual
-ms.date: 11/09/2021
-ms.custom: ignite-fall-2021
+ms.date: 01/09/2023
 ---
 
 # Tutorial: Create a Power BI report from Microsoft Sentinel data
diff --git a/articles/sentinel/prerequisites.md b/articles/sentinel/prerequisites.md
@@ -1,11 +1,10 @@
 ---
 title: Prerequisites for deploying Microsoft Sentinel
 description: Learn about pre-deployment activities and prerequisites for deploying Microsoft Sentinel.
-author: batamig
-ms.author: bagol
+author: limwainstein
+ms.author: lwainstein
 ms.topic: conceptual
-ms.date: 11/09/2021
-ms.custom: ignite-fall-2021
+ms.date: 01/09/2023
 ---
 
 # Pre-deployment activities and prerequisites for deploying Microsoft Sentinel
diff --git a/articles/sentinel/purview-solution.md b/articles/sentinel/purview-solution.md
@@ -1,10 +1,10 @@
 ---
-title: Integrate Microsoft Sentinel and Microsoft Purview  | Microsoft Docs
+title: Integrate Microsoft Sentinel and Microsoft Purview
 description: This tutorial describes how to use the **Microsoft Sentinel** data connector and solution for **Microsoft Purview** to enable data sensitivity insights, create rules to monitor when classifications have been detected, and get an overview about data found by Microsoft Purview, and where sensitive data resides in your organization.
-author: batamig
+author: limwainstein
 ms.topic: tutorial
-ms.date: 02/08/2022
-ms.author: bagol
+ms.date: 01/09/2023
+ms.author: lwainstein
 ---
 
 # Tutorial: Integrate Microsoft Sentinel and Microsoft Purview (Public Preview)
diff --git a/articles/sentinel/resource-context-rbac.md b/articles/sentinel/resource-context-rbac.md
@@ -1,11 +1,10 @@
 ---
-title: Manage access to Microsoft Sentinel data by resource | Microsoft Docs
+title: Manage access to Microsoft Sentinel data by resource
 description: This article explains you can manage access to Microsoft Sentinel data by the resources a user can access. Managing access by resource enables you to provide access to specific data only, without the entire Microsoft Sentinel experience. This method is also known as resource-context RBAC.
-author: batamig
+author: limwainstein
 ms.topic: conceptual
-ms.date: 11/09/2021
-ms.author: bagol
-ms.custom: ignite-fall-2021
+ms.date: 01/09/2023
+ms.author: lwainstein
 ---
 
 # Manage access to Microsoft Sentinel data by resource
diff --git a/articles/sentinel/sample-workspace-designs.md b/articles/sentinel/sample-workspace-designs.md
@@ -1,11 +1,10 @@
 ---
-title: Sample Microsoft Sentinel workspace designs | Microsoft Docs
+title: Sample Microsoft Sentinel workspace designs
 description: Learn from samples of Microsoft Sentinel architecture designs with multiple tenants, clouds or regions.
-author: batamig
-ms.author: bagol
+author: limwainstein
+ms.author: lwainstein
 ms.topic: conceptual
-ms.date: 11/09/2021
-ms.custom: ignite-fall-2021
+ms.date: 01/09/2023
 ---
 
 # Microsoft Sentinel sample workspace designs
diff --git a/articles/sentinel/sap/sap-deploy-troubleshoot.md b/articles/sentinel/sap/sap-deploy-troubleshoot.md
@@ -4,8 +4,7 @@ description: Learn how to troubleshoot specific issues that may occur in your Mi
 author: limwainstein
 ms.author: lwainstein
 ms.topic: troubleshooting
-ms.custom: mvc, ignite-fall-2021
-ms.date: 11/09/2021
+ms.date: 01/09/2023
 ---
 
 # Troubleshooting your Microsoft Sentinel Solution for SAP deployment
diff --git a/articles/sentinel/sentinel-solution.md b/articles/sentinel/sentinel-solution.md
@@ -1,10 +1,10 @@
 ---
 title: Build and monitor Zero Trust (TIC 3.0) security architectures with Microsoft Sentinel
 description: Install and learn how to use the Microsoft Sentinel Zero Trust (TIC3.0) solution for an automated visualization of Zero Trust principles, cross-walked to the Trusted Internet Connections framework.
-ms.date: 12/15/2021
+ms.date: 01/09/2023
 ms.service: network-access
-author: batamig
-ms.author: bagol
+author: austinmccollum
+ms.author: austinmc
 ms.topic: how-to
 ms.collection:
   -       zerotrust-services
diff --git a/articles/sentinel/store-logs-in-azure-data-explorer.md b/articles/sentinel/store-logs-in-azure-data-explorer.md
@@ -1,11 +1,10 @@
 ---
-title: Integrate Azure Data Explorer for long-term log retention | Microsoft Docs
+title: Integrate Azure Data Explorer for long-term log retention
 description: Send Microsoft Sentinel logs to Azure Data Explorer for long-term retention to reduce data storage costs.
-author: batamig
+author: limwainstein
 ms.topic: how-to
-ms.date: 11/09/2021
-ms.author: bagol
-ms.custom: ignite-fall-2021
+ms.date: 01/09/2023
+ms.author: lwainstein
 ---
 
 # Integrate Azure Data Explorer for long-term log retention
diff --git a/articles/sentinel/top-workbooks.md b/articles/sentinel/top-workbooks.md
@@ -1,11 +1,10 @@
 ---
-title: Commonly used Microsoft Sentinel workbooks | Microsoft Docs
+title: Commonly used Microsoft Sentinel workbooks
 description: Learn about the most commonly used workbooks to use popular, out-of-the-box Microsoft Sentinel resources.
-author: batamig
+author: yelevin
 ms.topic: reference
-ms.date: 11/09/2021
-ms.author: bagol
-ms.custom: ignite-fall-2021
+ms.date: 01/09/2023
+ms.author: yelevin
 ---
 
 # Commonly used Microsoft Sentinel workbooks
diff --git a/articles/sentinel/troubleshooting-cef-syslog.md b/articles/sentinel/troubleshooting-cef-syslog.md
@@ -3,7 +3,7 @@ title: Troubleshoot a connection between Microsoft Sentinel and a CEF or Syslog
 description: Learn how to troubleshoot issues with your Microsoft Sentinel CEF or Syslog data connector.
 author: limwainstein
 ms.topic: how-to
-ms.date: 11/09/2021
+ms.date: 01/09/2023
 ms.author: lwainstein
 ms.custom: ignite-fall-2021
 ---
