elastic · natasha-moore-elastic · Feb 5, 2025 · Feb 5, 2025 · Feb 5, 2025 · Feb 5, 2025
@@ -58,7 +58,7 @@ To explore a case, click on its name. You can then:
 
     ::::
 
-* Examine [alerts](../../../solutions/security/investigate/open-manage-cases.md#cases-examine-alerts) and [indicators](../../../troubleshoot/security/indicators-of-compromise.md#review-indicator-in-case) attached to the case
+* Examine [alerts](../../../solutions/security/investigate/open-manage-cases.md#cases-examine-alerts) and [indicators](../../../solutions/security/investigate/indicators-of-compromise.md#review-indicator-in-case) attached to the case
 * [Add files](../../../solutions/security/investigate/open-manage-cases.md#cases-add-files)
 * [Add a Lens visualization](../../../solutions/security/investigate/open-manage-cases.md#cases-lens-visualization)
 * Modify the case’s description, assignees, category, severity, status, and tags.

@@ -1,6 +1,6 @@
 # Enable threat intelligence integrations [security-threat-intelligence]
 
-The Threat Intelligence view provides a streamlined way to collect threat intelligence data that you can use for threat detection and matching. Threat intelligence data consists of  [threat indicators](../../../troubleshoot/security/indicators-of-compromise.md#ti-indicators) ingested from third-party threat intelligence sources.
+The Threat Intelligence view provides a streamlined way to collect threat intelligence data that you can use for threat detection and matching. Threat intelligence data consists of  [threat indicators](../../../solutions/security/investigate/indicators-of-compromise.md#ti-indicators) ingested from third-party threat intelligence sources.
 
 Threat indicators describe potential threats, unusual behavior, or malicious activity on a network or in an environment. They are commonly used in indicator match rules to detect and match known threats. When an indicator match rule generates an alert, it includes information about the matched threat indicator.
 
@@ -34,7 +34,7 @@ There are a few scenarios when data won’t display in the Threat Intelligence v
     ::::
 
 3. Select an {{agent}} integration, then complete the installation steps.
-4. Return to the Threat Intelligence view on the Overview dashboard. If indicator data isn’t displaying, refresh the page or refer to these [troubleshooting steps](../../../troubleshoot/security/indicators-of-compromise.md#troubleshoot-indicators-page).
+4. Return to the Threat Intelligence view on the Overview dashboard. If indicator data isn’t displaying, refresh the page or refer to these [troubleshooting steps](../../../troubleshoot/security/indicators-of-compromise.md).
 
 
 ## Add a {{filebeat}} Threat Intel module integration [ti-mod-integration]

@@ -80,7 +80,7 @@ To explore a case, click on its name. You can then:
     Comments can contain Markdown. For syntax help, click the Markdown icon (![Click markdown icon](../../../images/security-markdown-icon.png "")) in the bottom right of the comment.
     ::::
 
-* Examine [alerts](../../../solutions/security/investigate/open-manage-cases.md#cases-examine-alerts) and [indicators](../../../troubleshoot/security/indicators-of-compromise.md#review-indicator-in-case) attached to the case
+* Examine [alerts](../../../solutions/security/investigate/open-manage-cases.md#cases-examine-alerts) and [indicators](../../../solutions/security/investigate/indicators-of-compromise.md#review-indicator-in-case) attached to the case
 * [Add files](../../../solutions/security/investigate/open-manage-cases.md#cases-add-files)
 * [Add a Lens visualization](../../../solutions/security/investigate/open-manage-cases.md#cases-lens-visualization)
 * Modify the case’s description, assignees, category, severity, status, and tags.

@@ -1,6 +1,6 @@
 # Enable threat intelligence integrations [es-threat-intel-integrations]
 
-The Threat Intelligence view provides a streamlined way to collect threat intelligence data that you can use for threat detection and matching. Threat intelligence data consists of  [threat indicators](../../../troubleshoot/security/indicators-of-compromise.md#ti-indicators) ingested from third-party threat intelligence sources.
+The Threat Intelligence view provides a streamlined way to collect threat intelligence data that you can use for threat detection and matching. Threat intelligence data consists of  [threat indicators](../../../solutions/security/investigate/indicators-of-compromise.md#ti-indicators) ingested from third-party threat intelligence sources.
 
 Threat indicators describe potential threats, unusual behavior, or malicious activity on a network or in an environment. They are commonly used in indicator match rules to detect and match known threats. When an indicator match rule generates an alert, it includes information about the matched threat indicator.
 
@@ -33,7 +33,7 @@ There are a few scenarios when data won’t display in the Threat Intelligence v
     ::::
 
 3. Select an {{agent}} integration, then complete the installation steps.
-4. Return to the Threat Intelligence view on the Overview dashboard. If indicator data isn’t displaying, refresh the page or refer to these [troubleshooting steps](../../../troubleshoot/security/indicators-of-compromise.md#troubleshoot-indicators-page).
+4. Return to the Threat Intelligence view on the Overview dashboard. If indicator data isn’t displaying, refresh the page or refer to these [troubleshooting steps](../../../troubleshoot/security/indicators-of-compromise.md).
 
 
 ## Add a {{filebeat}} Threat Intel module integration [ti-mod-integration]