Repo sync for protected branch

data-explorer/kusto/functions-library/graph-blast-radius-fl.md

@@ -240,7 +240,7 @@ The function `graph_blast_radius_fl()` can be used to calculate the Blast Radius
 
 * [Functions library](functions-library.md)
 * [Graph semantics overview](../query/graph-semantics-overview.md)
-* [Graph operators](../query/graph-function.md)
-* [Graph Scenarios](../query/graph-scenarios.md)
+* [Graph operators](../query/graph-operators.md)
+* [Graph scenarios](../query/graph-scenarios.md)
 * [Best practices](../query/graph-best-practices.md)
 * [graph-path-discovery-fl()](graph-path-discovery-fl.md)

data-explorer/kusto/functions-library/graph-exposure-perimeter-fl.md

@@ -243,9 +243,18 @@ The function `graph_exposure_perimeter_fl()` can be used to calculate the Exposu
 
 ## Related content
 
+:::moniker range="microsoft-fabric || azure-data-explorer"
 * [Functions library](functions-library.md)
 * [Graph semantics overview](../query/graph-semantics-overview.md)
-* [Graph operators](../query/graph-function.md)
+* [Graph function](../query/graph-function.md)
 * [Graph scenarios](../query/graph-scenarios.md)
 * [Best practices](../query/graph-best-practices.md)
 * [graph-path-discovery-fl()](graph-path-discovery-fl.md)
+:::moniker-end
+:::moniker range="azure-monitor || microsoft-sentinel"
+* [Functions library](functions-library.md)
+* [Graph semantics overview](../query/graph-semantics-overview.md)
+* [Graph scenarios](../query/graph-scenarios.md)
+* [Best practices](../query/graph-best-practices.md)
+* [graph-path-discovery-fl()](graph-path-discovery-fl.md)
+:::moniker-end

data-explorer/kusto/functions-library/graph-node-centrality-fl.md

@@ -490,10 +490,18 @@ The example calculated the centrality metrics for all assets that are either app
 The function `graph_node_centrality_fl()` can be used in the cybersecurity domain to discover important nodes, such as well connected tokens or users, over data modeled as a graph. Various available centrality metrics provide a better understanding of node's posture and allow you to act accordingly. For example, by prioritizing related signals, hardening the node or disrupting unnecessary connections.
 
 ## Related content
-
+:::moniker range="microsoft-fabric || azure-data-explorer"
+* [Functions library](functions-library.md)
+* [Graph semantics overview](../query/graph-semantics-overview.md)
+* [Graph function](../query/graph-function.md)
+* [Graph scenarios](../query/graph-scenarios.md)
+* [Best practices](../query/graph-best-practices.md)
+* [graph-path-discovery-fl()](graph-path-discovery-fl.md)
+:::moniker-end
+:::moniker range="azure-monitor || microsoft-sentinel "
 * [Functions library](functions-library.md)
 * [Graph semantics overview](../query/graph-semantics-overview.md)
-* [Graph operators](../query/graph-function.md)
 * [Graph scenarios](../query/graph-scenarios.md)
 * [Best practices](../query/graph-best-practices.md)
 * [graph-path-discovery-fl()](graph-path-discovery-fl.md)
+:::moniker-end

data-explorer/kusto/functions-library/graph-path-discovery-fl.md

@@ -392,8 +392,16 @@ The function `graph_path_discovery_fl()` can be used in cybersecurity domain to
 
 ## Related content
 
+:::moniker range="microsoft-fabric || azure-data-explorer"
 * [Functions library](functions-library.md)
 * [Graph semantics overview](../query/graph-semantics-overview.md)
 * [Graph function](../query/graph-function.md)
 * [Graph scenarios](../query/graph-scenarios.md)
 * [Best practices](../query/graph-best-practices.md)
+:::moniker-end
+:::moniker range="azure-monitor || microsoft-sentinel"
+* [Functions library](functions-library.md)
+* [Graph semantics overview](../query/graph-semantics-overview.md)
+* [Graph scenarios](../query/graph-scenarios.md)
+* [Best practices](../query/graph-best-practices.md)
+:::moniker-end

data-explorer/kusto/management/graph/graph-model-drop.md

@@ -3,7 +3,7 @@ title: .drop graph_model command
 description: Learn how to delete an existing graph model and all its versions using the .drop graph_model command.
 ms.reviewer: herauch
 ms.topic: reference
-ms.date: 05/24/2025
+ms.date: 05/28/2025
 ---
 
 # .drop graph_model (preview)
@@ -43,11 +43,11 @@ This command doesn't return any output.
 
 ## Notes
 
-- The `.drop graph_model` command permanently deletes the graph model and all its versions. This operation cannot be undone.
+- The `.drop graph_model` command permanently deletes the graph model and all its versions. This operation can't be undone.
 - This command also deletes all snapshots associated with the graph model.
 - Dropping a graph model doesn't affect the source data that was used to create it.
 
-## Next steps
+## Related content
 
 - [Graph model overview](graph-model-overview.md)
 - [.create-or-alter graph_model](graph-model-create-or-alter.md)

data-explorer/kusto/query/graph-best-practices.md

@@ -361,13 +361,13 @@ The following example demonstrates an effective implementation of dynamic labels
 
 This dynamic labeling approach provides exceptional flexibility when modeling graphs with numerous node and edge types, eliminating the need to modify your schema each time a new entity type appears in your data. By decoupling the logical model from the physical implementation, your graph can continuously evolve to represent new relationships without requiring structural changes to the underlying schema.
 
-## Multi-tenant partitioning strategies for large-scale ISV scenarios
+## Multitenant partitioning strategies for large-scale ISV scenarios
 
 In large organizations, particularly ISV scenarios, graphs can consist of multiple billions of nodes and edges. This scale presents unique challenges that require strategic partitioning approaches to maintain performance while managing costs and complexity.
 
 ### Understanding the challenge
 
-Large-scale multi-tenant environments often exhibit the following characteristics:
+Large-scale multitenant environments often exhibit the following characteristics:
 
 - **Billions of nodes and edges** - Enterprise-scale graphs that exceed traditional graph database capabilities
 - **Tenant size distribution** - Typically follows a power law where 99.9% of tenants have small to medium graphs, while 0.1% have massive graphs
@@ -385,7 +385,7 @@ The most effective approach for managing large-scale graphs is partitioning by n
 - **Temporal partitioning** - Separate by time periods for historical analysis
 - **Functional partitioning** - Split by business domain or application area
 
-**Example: Multi-tenant organizational structure**
+**Example: Multitenant organizational structure**
 
 ```kusto
 // Partition employees and reports by tenant
@@ -524,8 +524,16 @@ This hybrid approach enables organizations to provide always-current data analys
 
 ## Related content
 
+:::moniker range="microsoft-fabric || azure-data-explorer"
 - [Graph semantics overview](graph-semantics-overview.md)
 - [Common scenarios for using graph semantics](graph-scenarios.md)
 - [Graph function](graph-function.md)
 - [make-graph operator](make-graph-operator.md)
 - [Graph models overview](../management/graph/graph-model-overview.md)
+:::moniker-end
+
+:::moniker range="azure-monitor || microsoft-sentinel"
+- [Graph semantics overview](graph-semantics-overview.md)
+- [Common scenarios for using graph semantics](graph-scenarios.md)
+- [make-graph operator](make-graph-operator.md)
+:::moniker-end

data-explorer/kusto/query/graph-function.md

@@ -3,11 +3,11 @@ title: graph function
 description: Learn how to use the graph function to reference a persisted graph entity for querying.
 ms.reviewer: royo
 ms.topic: reference
-ms.date: 05/23/2025
+ms.date: 05/28/2025
 ---
 # graph function (preview)
 
->[!INCLUDE [applies](../includes/applies-to-version/applies.md)] [!INCLUDE [fabric](../includes/applies-to-version/fabric.md)] [!INCLUDE [azure-data-explorer](../includes/applies-to-version/azure-data-explorer.md)] [!INCLUDE [monitor](../includes/applies-to-version/monitor.md)] [!INCLUDE [sentinel](../includes/applies-to-version/sentinel.md)]
+>[!INCLUDE [applies](../includes/applies-to-version/applies.md)] [!INCLUDE [fabric](../includes/applies-to-version/fabric.md)] [!INCLUDE [azure-data-explorer](../includes/applies-to-version/azure-data-explorer.md)]
 
 > [!NOTE]
 > This feature is currently in public preview. Functionality and syntax are subject to change before General Availability.

data-explorer/kusto/query/graph-scenarios.md

@@ -3,7 +3,7 @@ title: Scenarios for using Kusto Query Language (KQL) graph semantics
 description: Learn about common scenarios for using Kusto Query Language (KQL) graph semantics.
 ms.reviewer: herauch
 ms.topic: conceptual
-ms.date: 05/25/2025
+ms.date: 05/28/2025
 # Customer intent: As a data analyst, I want to learn about common scenarios for using Kusto Query Language (KQL) graph semantics.
 ---
 
@@ -174,7 +174,7 @@ For detailed examples and implementation guidance, see the [Graph of Graph sampl
 
 Combining graph analysis with time-series analytics creates a powerful framework for detecting temporal anomalies while understanding their impact across interconnected systems. This integration delivers significant value for security analytics, IoT monitoring, and operational intelligence.
 
-:::image type="content" source="media/graphs/Time-series-graph-analytics.png" alt-text="Example image of a workflow diagram using time series and graph analytics.":::
+:::image type="content" source="media/graphs/time-series-graph-analytics.png" alt-text="Example workflow diagram using time series and graph analytics.":::
 
 ### Temporal anomaly detection with context
 
@@ -237,10 +237,20 @@ For detailed implementation examples and code samples, see the [Digital Twins sa
 
 ## Related content
 
+:::moniker range="microsoft-fabric || azure-data-explorer"
 - [Graph semantics overview](graph-semantics-overview.md)
 - [Best practices for KQL graph semantics](graph-best-practices.md)
 - [Graph function](graph-function.md)
 - [make-graph operator](make-graph-operator.md)
 - [Azure Kusto Graph Samples on GitHub](https://github.com/Azure/azure-kusto-graph-samples)
 - [Advanced KQL graph capabilities for security analysis](https://github.com/Azure/azure-kusto-graph-samples/blob/main/graph%20of%20graph/advanced-kql-capabilities.md)
 - [Digital twins with KQL graph semantics](https://github.com/Azure/azure-kusto-graph-samples/tree/main/digital%20twins)
+:::moniker-end
+:::moniker range="azure-monitor || microsoft-sentinel"
+- [Graph semantics overview](graph-semantics-overview.md)
+- [Best practices for KQL graph semantics](graph-best-practices.md)
+- [make-graph operator](make-graph-operator.md)
+- [Azure Kusto Graph Samples on GitHub](https://github.com/Azure/azure-kusto-graph-samples)
+- [Advanced KQL graph capabilities for security analysis](https://github.com/Azure/azure-kusto-graph-samples/blob/main/graph%20of%20graph/advanced-kql-capabilities.md)
+- [Digital twins with KQL graph semantics](https://github.com/Azure/azure-kusto-graph-samples/tree/main/digital%20twins)
+:::moniker-end

data-explorer/kusto/query/graph-semantics-overview.md

@@ -107,6 +107,7 @@ IoT and digital twin applications benefit significantly from persistent graphs w
 - Simulate operating conditions before implementing physical infrastructure changes
 
 This persistent approach proves invaluable for managing complex IoT ecosystems at scale.
+
 :::moniker-end
 
 ## Graph querying capabilities
@@ -128,6 +129,7 @@ Once a graph is established (through `make-graph` or from a snapshot), you can l
 These capabilities support diverse use cases including customer journey analysis, product recommendation systems, IoT networks, digital twins, and knowledge graphs.
 
 :::moniker range="azure-data-explorer || microsoft-fabric"
+
 ## Choosing the right approach
 
 The following decision tree helps you select the most appropriate graph creation approach based on your specific requirements and constraints.
@@ -180,6 +182,7 @@ External data source dependencies (Kusto, SQL, Cosmos DB) can significantly affe
 
 - **Transient graphs** - Always reflect current data state, ideal for real-time analysis
 - **Persistent graphs** - Reflect data at snapshot creation time, providing consistency for collaborative analysis but requiring periodic refreshes
+
 :::moniker-end
 
 ## Integration with KQL ecosystem
@@ -195,8 +198,17 @@ This integration enables sophisticated workflows including supply chain evolutio
 
 ## Related content
 
+:::moniker range="microsoft-fabric || azure-data-explorer"
 - [Common scenarios for using KQL graph semantics](graph-scenarios.md)
 - [Best practices for KQL graph semantics](graph-best-practices.md)
 - [Graph operators](make-graph-operator.md)
 - [Graph model overview](../management/graph/graph-model-overview.md)
 - [Graph snapshots overview](../management/graph/graph-snapshot-overview.md)
+:::moniker-end
+
+:::moniker range="azure-monitor || microsoft-sentinel"
+- [Common scenarios for using KQL graph semantics](graph-scenarios.md)
+- [Best practices for KQL graph semantics](graph-best-practices.md)
+- [Graph operators](make-graph-operator.md)
+- [Graph snapshots overview](../management/graph/graph-snapshot-overview.md)
+:::moniker-end

data-explorer/kusto/query/graph-shortest-paths-operator.md

@@ -126,6 +126,13 @@ connections
 
 ## Related content
 
+:::moniker range="microsoft-fabric || azure-data-explorer"
 * [Best practices for graph semantics](graph-best-practices.md)
 * [Graph operator](graph-function.md)
 * [make-graph operator](../query/make-graph-operator.md)
+* [Graph function](graph-function.md)
+:::moniker-end
+:::moniker range="azure-monitor || microsoft-sentinel"
+* [Best practices for graph semantics](graph-best-practices.md)
+* [make-graph operator](../query/make-graph-operator.md)
+:::moniker-end

data-explorer/kusto/query/labels-graph-function.md

@@ -3,24 +3,24 @@ title: labels() (graph function in Preview)
 description: Learn how to use the labels() function to filter nodes and edges based on their labels or project label information in graph queries.
 ms.reviewer: michalfaktor
 ms.topic: reference
-ms.date: 05/26/2025
+ms.date: 05/28/2025
 ---
 # labels() (graph function in Preview)
 
-> [!INCLUDE [applies](../includes/applies-to-version/applies.md)] [!INCLUDE [fabric](../includes/applies-to-version/fabric.md)] [!INCLUDE [azure-data-explorer](../includes/applies-to-version/azure-data-explorer.md)] [!INCLUDE [monitor](../includes/applies-to-version/monitor.md)] [!INCLUDE [sentinel](../includes/applies-to-version/sentinel.md)]
+> [!INCLUDE [applies](../includes/applies-to-version/applies.md)] [!INCLUDE [fabric](../includes/applies-to-version/fabric.md)] [!INCLUDE [azure-data-explorer](../includes/applies-to-version/azure-data-explorer.md)]
 
 > [!NOTE]
 > This feature is currently in public preview. Functionality and syntax are subject to change before General Availability.
 
-The `labels()` graph function retrieves the labels associated with nodes or edges in a graph. It can be used both for filtering elements based on their labels and for projecting label information in query results.
+The `labels()` graph function retrieves the labels associated with nodes or edges in a graph. It can be used for both filtering elements based on their labels and for projecting label information in query results.
 
 Labels are defined within [Graph models](../management/graph/graph-model-overview.md) and can be either static (fixed labels assigned to node or edge types) or dynamic (labels derived from data properties during graph construction). The `labels()` function accesses these predefined labels to enable efficient filtering and analysis of graph elements.
 
 > [!NOTE]
 > This function is used with the [graph-match](graph-match-operator.md) and [graph-shortest-paths](graph-shortest-paths-operator.md) operators.
 
 > [!IMPORTANT]
-> When the `labels()` function is used on a graph created with the `make-graph` operator (that is, a transient graph rather than a persistent graph model), it always returns an empty array (of dynamic data type) for all nodes and edges, because transient graphs do not have label metadata.
+> When the `labels()` function is used on a graph created with the `make-graph` operator (that is, a transient graph rather than a persistent graph model), it always returns an empty array (of dynamic data type) for all nodes and edges, because transient graphs don't have label metadata.
 
 ## Syntax
 
@@ -45,7 +45,7 @@ Labels are defined in [Graph models](../management/graph/graph-model-overview.md
 - **Static labels**: Fixed labels assigned to specific node or edge types during graph model definition. These labels remain constant for all instances of a particular type.
 - **Dynamic labels**: Labels derived from data properties during graph construction. These labels can vary based on the actual data values and computed expressions.
 
-The `labels()` function retrieves both static and dynamic labels that have been associated with graph elements through the graph model schema and definition.
+The `labels()` function retrieves both static and dynamic labels that were associated with graph elements through the graph model schema and definition.
 
 ## Examples
 

data-explorer/kusto/query/tutorials/your-first-graph.md

@@ -16,13 +16,21 @@ ms.date: 05/26/2025
 Graph semantics in Kusto enables you to model and query data as interconnected networks, making it intuitive to analyze complex relationships like organizational hierarchies, social networks, and attack paths. Unlike traditional relational queries that rely on joins, graphs use direct relationships between entities to traverse connections efficiently.
 
 In this tutorial, you learn how to:
-
+::: moniker range="microsoft-fabric || azure-data-explorer"
+> [!div class="checklist"]
+>
+> * [Create a transient graph](#create-a-transient-graph-with-organizational-data) using the make-graph operator
+> * [Query graphs](#query-relationships-with-graph-match-patterns) to find relationships using graph-match
+> * [Build persistent graph models](#create-a-persistent-graph-model) for reusable analysis
+> * [Compare](#compare-transient-and-persistent-graphs) transient versus persistent graph approaches
+::: moniker-end
+::: moniker range="azure-monitor || microsoft-sentinel"
 > [!div class="checklist"]
 >
-> * Create a transient graph using the make-graph operator
-> * Query graphs to find relationships using graph-match
-> * Build persistent graph models for reusable analysis
-> * Compare transient versus persistent graph approaches
+> * [Create a transient graph](#create-a-transient-graph-with-organizational-data) using the make-graph operator
+> * [Query graphs](#query-relationships-with-graph-match-patterns) to find relationships using graph-match
+> * [Compare](#compare-transient-and-persistent-graphs) transient versus persistent graph approaches
+::: moniker-end
 
 If you don't have an Azure Data Explorer cluster, [create a free cluster](/azure/data-explorer/start-for-free-web-ui) before you begin the tutorial.
 
@@ -46,6 +54,14 @@ Open the [Azure Data Explorer Web UI](https://dataexplorer.azure.com/clusters/he
 Navigate to your Microsoft Fabric workspace and open a KQL database to run the queries.
 ::: moniker-end
 
+::: moniker range="microsoft-sentinel"
+Navigate to the advanced hunting page to start querying Microsoft Sentinel data.
+::: moniker-end
+
+::: moniker range="azure-monitor"
+Navigate to Logs or to a Logs Analytics workspace in the Azure portal to start querying Azure Monitor data.
+::: moniker-end
+
 ## Create a transient graph with organizational data
 
 In this section, you'll create your first graph using sample organizational data. Transient graphs are created dynamically during query execution using the `make-graph` operator, making them perfect for ad-hoc analysis and exploration.
@@ -339,9 +355,17 @@ Now that you understand the basics of graph semantics in Kusto, advance to more
 > [!div class="nextstepaction"]
 > [Graph best practices](../graph-best-practices.md)
 
-You can also explore these related topics:
+You can also explore these related articles:
+::: moniker range="azure-data-explorer || microsoft-fabric"
+
+* [Graph operators reference](../graph-operators.md) - Complete guide to all available graph operators
+* [Graph model management](../../management/graph/graph-model-overview.md) - Deep dive into persistent graph models
+* [Graph shortest paths](../graph-shortest-paths-operator.md) - Find optimal paths between entities
+* [Advanced graph queries](../graph-scenarios.md) - Complex analysis patterns and use cases
+::: moniker-end
+::: moniker range="microsoft-sentinel || azure-monitor"
 
 * [Graph operators reference](../graph-operators.md) - Complete guide to all available graph operators
-* [Graph model management](../../management/graph/graph-model-overview.md) - Deep dive into persistent graph models  
 * [Graph shortest paths](../graph-shortest-paths-operator.md) - Find optimal paths between entities
 * [Advanced graph queries](../graph-scenarios.md) - Complex analysis patterns and use cases
+::: moniker-end