fix table

2025-06-16 19:03:46 +00:00 · 2017-05-24 19:14:01 -07:00
parent 226c375d50
commit 174e938e0c
1 changed files with 4 additions and 4 deletions
--- a/windows/threat-protection/windows-defender-atp/api-portal-mapping-windows-defender-advanced-threat-protection.md
+++ b/windows/threat-protection/windows-defender-atp/api-portal-mapping-windows-defender-advanced-threat-protection.md
@ -28,7 +28,7 @@ Understand what data fields are exposed as part of the alerts API and how they m
 Field numbers match the numbers in the images below.
 Portal label | SIEM field name  | ArcSight field| Example value | Description
-:---|:---|:---
+:---|:---|:---|:---|:---
 1 | AlertTitle  | name   | A dll was unexpectedly loaded into a high integrity  process without a UAC prompt |   Value available for every alert.                                  
 2 | Severity  | deviceSeverity  | Medium | Value available for every alert.  
 3 | Category  | deviceEventCategory | Privilege Escalation  | Value available for every alert.                                            
@ -62,11 +62,11 @@ Portal label | SIEM field name  | ArcSight field| Example value | Description
 ![Image of alert with numbers](images/atp-siem-mapping1.png)
-![Image of alert details pane with numbers](images/atp-mapping2.png)
+![Image of alert details pane with numbers](images/atp-siem-mapping2.png)
-![Image of alert timeline with numbers](images/atp-mapping3.png)
+![Image of alert timeline with numbers](images/atp-siem-mapping3.png)
-![Image of alert timeline with numbers](images/atp-mapping4.png)
+![Image of alert timeline with numbers](images/atp-siem-mapping4.png)
 ![Image browser URL](images/atp-mapping5.png)