Updated per triage app customer feedback

Author: Ken Lawson

learn-pr/wwl-sci/connect-syslog-data-sources-to-azure-sentinel/2-plan-for-syslog-connector.yml

@@ -4,7 +4,7 @@ title: Plan for syslog data collection
 metadata:
   title: Plan for syslog data collection
   description: "Plan for syslog data collection"
-  ms.date: 06/27/2022
+  ms.date: 03/07/2025
   author: wwlpublish
   ms.author: kelawson
   ms.topic: unit

learn-pr/wwl-sci/connect-syslog-data-sources-to-azure-sentinel/includes/3-collect-data-from-linux-based-sources-using-syslog.md

@@ -1,6 +1,6 @@
 Configuring the Azure Monitor Agent for Syslog on Linux machines:
 
-## **For an Azure Linux VM:**
+## [Azure Linux VM](#tab/azure-linux-vm)
 
 To install the agent on an Azure Linux virtual machine:
 
@@ -44,30 +44,28 @@ To install the agent on an Azure Linux virtual machine:
     :::image type="content" source="../media/03-azure-monitor-linux-agent-azure-vm.png" alt-text="Screenshot of the Azure Monitor Linux Agent on an Azure VM." lightbox="../media/03-azure-monitor-linux-agent-azure-vm.png":::
 
     > [!NOTE]
-    > If Microsoft Defender for Cloud Auto-provisioning is enabled, the Azure Monitor Linux Agent will be installed by default as an extension using Azure Policy assignment.
+    > If Microsoft Defender for Cloud Auto-provisioning is enabled, the Azure Monitor Linux Agent is installed by default as an extension using Azure Policy assignment.
 
-## **For any other Linux machine:**
+## [Non-Azure Linux machine](#tab/non-azure-linux-machine)
 
 To install the agent on non-Azure Linux physical or virtual machines:
 
 1. In the Azure portal, enter **Arc** in the `Search resources, services, and docs` search bar.
 
-1. In **Azure Arc**, scroll down the left menu to the **Infrastructure** section and select **Servers**.
+1. In **Azure Arc**, scroll down the left navigation menu to the **Azure Arc resources** section and select **Machines**.
 
-1. On the **Servers** page, select **+ Add**.
+1. On the **Machines** page, select **+ Add/Create** and **Add a machine**.
 
-1. On the **Add servers with Azure Arc** page, locate the **Add a single server box** and select **Generate script**.
+1. On the **Add servers with Azure Arc** page, locate the **Add a single server box**, and select **Generate script**.
 
-1. On the **Add servers with Azure Arc** page, **Prerequisites** tab, review the requirements and select **Next**.
-
-1. On the **Add servers with Azure Arc** page, **Resource details** tab, select your **Subscription** and **Resource group** from the drop-down menus under **Project details**.
+1. On the **Add servers with Azure Arc** page, **Basics** tab, select your **Subscription** and **Resource group** from the drop-down menus under **Project details**.
 
     > [!TIP]
-    > Select an Azure region before creating a new Resource groups.
+    > Select an Azure region in **Server details** before creating a new Resource groups.
 
-1. On the **Add servers with Azure Arc** page, **Resource details** tab, select your **Region** and then select **Linux** from the **Operating system** drop-down menu under **Server details**.
+1. In the **Server details** section, select your **Region** and then select **Linux** from the **Operating system** drop-down menu under.
 
-1. On the **Add servers with Azure Arc** page, **Resource details** tab, select the appropriate **Connectivity method** from the radio buttons under **Connectivity method**, and then select **Next**.
+1. Select the appropriate **Connectivity method** from the radio buttons under **Connectivity method**, and then select **Next**.
 
     :::image type="content" source="../media/03-add-a-server-with-azure-arc.png" alt-text="Screenshot of Add a server Azure Arc page.":::
 
@@ -76,7 +74,7 @@ To install the agent on non-Azure Linux physical or virtual machines:
 1. On the **Add servers with Azure Arc** page, **Download and run script** tab, either download or copy the script to the clipboard.
 
     > [!TIP]
-    > If you're using a Microsoft Windows system with Microsoft Azure, it is easy to copy and paste the script into notepad, then ssh into your Linux machine with PowerShell to run the script in a Bash console.
+    > If you're using a Microsoft Windows system with Microsoft Azure, it's easy to copy and paste the script into notepad, then ssh into your Linux machine with PowerShell to run the script in a Bash console.
 
 1. Open a `Bash console` as an administrative (root) user on your non-Azure Linux machine and run the script.
 
@@ -87,7 +85,7 @@ To install the agent on non-Azure Linux physical or virtual machines:
     - Install the agent on the server.
     - Create the Azure Arc-enabled server resource and associate it with the agent.
 
-1. When the script successfully completes you should see a message stating `Latest version of azcmagent is installed`.
+1. When the script successfully completes, you should see a message stating `Latest version of azcmagent is installed`.
 
 1. On the **Add servers with Azure Arc** page, **Download and run script** tab, select **Close**.
 
@@ -96,9 +94,7 @@ To install the agent on non-Azure Linux physical or virtual machines:
 1. Copy and edit the following Bash script to include the required parameters in double quotes:
 
     ```bash
-     azcmagent connect --resource-group "resourceGroupName" --tenant-id "tenantID" --location "regionName" --subscription-id "subscriptionID" --cloud "cloudName"
-    if [ $? = 0 ]; then echo "\033[33mTo view your onboarded server(s), navigate to https://portal.azure.com/#blade/HubsExtension/BrowseResource/resourceType/Microsoft.HybridCompute%2Fmachines\033[m"; fi
-
+    sudo azcmagent connect --resource-group "$resourceGroup" --tenant-id "$tenantID" --location "$location" --subscription-id "$subscriptionID" --cloud "$cloud" --correlation-id "$correlationId";
     ```
 
     > [!TIP]
@@ -120,10 +116,10 @@ To install the agent on non-Azure Linux physical or virtual machines:
 
 1. In **Azure Arc**, scroll down the left menu to the **Infrastructure** section and select **Servers**. You should see your machine with a `Status` of **Connected**.
 
-    :::image type="content" source="../media/03-azure-arc-connected-server.png" alt-text="Screenshot of azure Arc connected Linux server":::
+    :::image type="content" source="../media/03-azure-arc-connected-server.png" alt-text="Screenshot of azure Arc connected Linux servers":::
 
     > [!NOTE]
-    > Select Refresh if the Linux machine is not displayed.
+    > Select Refresh if the Linux machine isn't displayed.
 
 1. The next task is to add your newly connected Azure Arc Linux server to your previously created Data Collection Rule for Syslog.
 

learn-pr/wwl-sci/connect-syslog-data-sources-to-azure-sentinel/index.yml

@@ -3,7 +3,7 @@ uid: learn.wwl.connect-syslog-data-sources-to-azure-sentinel
 metadata:
   title: Connect syslog data sources to Microsoft Sentinel
   description: "Connect syslog data sources to Microsoft Sentinel"
-  ms.date: 06/27/2022
+  ms.date: 03/07/2025
   author: wwlpublish
   ms.author: kelawson
   ms.topic: module