Update match list articles

Author: jpipkin1

docs/cse/match-lists-suppressed-lists/create-match-list.md

@@ -18,11 +18,11 @@ Here’s a use case for using a match list to define an allow list:  Vulnerabil
 There’s no reason you can’t use a match list to define “deny lists” of items. However, Cloud SIEM’s threat intel feature is designed for exactly that purpose. Most of the time, but not always, you should use threat intel lists for negative indicators. For more information, see [Match lists or threat intel: which to use?](#match-listor-threat-intel-which-to-use).
 :::
 
-Here’s an example of a match list in the Cloud SIEM UI. It is a list of trusted domains.  
+Here are some match lists in the Cloud SIEM UI.  
 
 <img src={useBaseUrl('img/cse/example-match-list.png')} alt="Example match list" style={{border: '1px solid gray'}} width="800"/>
 
-Note that the match list has a **Target Column**, which you define when you create the list. The Target Column indicates what type of record fields should be compared to the match list, for example, hostnames, URLs, domains, IP addresses, usernames, and so on. For more information, see [How are match lists Used?](#how-are-match-lists-used)
+Note that each match list has a **Target Column**, which you define when you create the list. The Target Column indicates what type of record fields should be compared to the match list, for example, hostnames, URLs, domains, IP addresses, usernames, and so on. For more information, see [How are match lists Used?](#how-are-match-lists-used)
 
 ## Built-in rules refer to standard match list names
 
@@ -82,24 +82,24 @@ You can also create and manage match lists with Cloud SIEM's REST [API](/docs/cs
 :::
 
 1. [**Classic UI**](/docs/get-started/sumo-logic-ui-classic). In the top menu select **Content > Match Lists**. <br/>[**New UI**](/docs/get-started/sumo-logic-ui). In the main Sumo Logic menu, select **Cloud SIEM > Match List**. You can also click the **Go To...** menu at the top of the screen and select **Match List**. 
-1. Click **Create**.
-1. On the **New Match List** popup, enter the following:
+1. Click **Add Match List**.
+1. On the **Add Match List** popup, enter the following:
     1. **Name**. Name of the Match list. If you are creating a standard match list, make sure the name matches the standard match list name. For more information, see [Standard match lists](/docs/cse/match-lists-suppressed-lists/standard-match-lists#standard-match-lists).   We recommend no embedded spaces in list names. For example, instead of *my list*, use *my_list*.
     1. **Description**. Enter a description for the list. Descriptions for standard match lists can be found in [Standard match lists](/docs/cse/match-lists-suppressed-lists/standard-match-lists#standard-match-lists).
-    1. **Time to Live (hours)**. (Optional) Enter the number of hours after which the entries on the list should expire.
     1. **Target Column**. The type of message field to which items on the list should be compared. The **Target Column** for standard match lists can be found in [Standard match lists](/docs/cse/match-lists-suppressed-lists/standard-match-lists#standard-match-lists). <br/>
         :::note
         Once you create a match list, it's not possible to change its **Target Column**.
         :::
-    1. Click **Create**.<br/><img src={useBaseUrl('img/cse/new-match-list.png')} alt="New match list" style={{border: '1px solid gray'}} width="400"/>
+    1. **Time to Live (hours)**. (Optional) Enter the number of hours after which the entries on the list should expire.
+    1. Click **Save**.<br/><img src={useBaseUrl('img/cse/new-match-list.png')} alt="New match list" style={{border: '1px solid gray'}} width="400"/>
 1. The match list now appears on the **Match Lists** page.
 1. Click the name of the match list to open it.
-1. On the **Match List > Details** page, click **Add List Item**.
-1. On the **New Match List Item** popup, enter:
+1. On the **Match Lists > Details** page, click **Add Match List Item**.
+1. On the **Add Match List Item** popup, enter:
    * **Value**. The value of the entity. Make sure the value you enter is of the same type as the type you selected as the Target Column for the list. For example, if the Target Column is `Domain`, enter a domain.
    * **Description**. (Optional) Enter a description of the entity instance you entered.
    * **Expiration**. (Optional) The date and time at which the list item should be removed from the list.
-   * Click **Add** to add the item to the list.
+   * Click **Save** to add the item to the list.
 1. The item now appears in the match list.
 
 ## Import a match list

docs/cse/match-lists-suppressed-lists/custom-match-list-columns.md

@@ -26,25 +26,28 @@ To see the custom columns that have been defined in your environment:
 
 ## Create a Custom Column
 
-1. On the **Custom Columns** page, click **Create**.
-1. The **Create Match List Column** popup appears. <br/><img src={useBaseUrl('img/cse/create-column.png')} alt="Create column" style={{border: '1px solid gray'}} width="400"/>
+1. On the **Custom Columns** page, click **Add Custom Column**.
+1. The **Add Custom Column** popup appears. <br/><img src={useBaseUrl('img/cse/create-column.png')} alt="Create column" style={{border: '1px solid gray'}} width="400"/>
 1. **Name**. Enter a name for the custom column.
-1. **Fields**. Click the chevron icon to display a selector list of Cloud SIEM attributes. You can select multiple attributes. If multiple attributes are selected, the match list will match if the list item value matches a record value for any of the custom column attributes. Click the icon next to Show field guide to view more information, such as data type, about attributes. 
-1. Click **Create** to add the new column.
+1. **Fields**. Click to display a selector list of Cloud SIEM attributes. You can select multiple attributes. If multiple attributes are selected, the match list will match if the list item value matches a record value for any of the custom column attributes. Click **Show Field Guide** to view more information about attributes, such as data type. 
+1. Click **Save** to add the new column.
 
 ## Edit a custom column
 
 1. On the **Custom Columns** page, click the custom column name or the edit icon in the row for the column.
-1. Make your changes on the **Edit Match List Column** popup.
-1. Click **Update** to save the changes.
+1. Click **Edit**. 
+1. Make your changes on the edit popup.
+1. Click **Save** to save the changes.
 
 ## Delete a custom column
 
-1. On the **Custom Columns** page, click the trash can icon in the row for the column you want to delete.
-1. On the **Delete column** popup, click confirmation popup **Yes, Delete Column**.
+1. On the **Custom Columns** page, hover your mouse over a custom column in the list.
+1. Click the three-dot kebab button on the far right of the item. 
+1. Select **Delete**.
+1. On the delete confirmation popup, click **Delete**
 
 ## Create a match list with a custom column
 
-Follow the instructions in [Create a Match List](/docs/cse/match-lists-suppressed-lists/create-match-list), and select the desired column in the **Custom** section of the **Target Column** selector list.
-
-<img src={useBaseUrl('img/cse//target-column-selector.png')} alt="Target column selector" style={{border: '1px solid gray'}} width="400"/>
+1. Follow the instructions in [Create a Match List](/docs/cse/match-lists-suppressed-lists/create-match-list/#create-a-match-list).
+1. In the **Add Match List** dialog, click **Target Column**. A list of available target column values appears.
+1. Select the desired column in the **Custom** section of the selector list.<br/><img src={useBaseUrl('img/cse//target-column-selector.png')} alt="Target column selector" style={{border: '1px solid gray'}} width="400"/>