diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-splunk-cloud.md b/windows/security/threat-protection/microsoft-defender-atp/configure-splunk-cloud.md
deleted file mode 100644
index a84de65e3e..0000000000
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-splunk-cloud.md
+++ /dev/null
@@ -1,36 +0,0 @@
----
-title: Configure Splunk Cloud to pull Microsoft Defender ATP detections
-description: Configure Splunk Cloud to receive and pull detections from Microsoft Defender Security Center.
-keywords: configure cloud splunk, security information and events management tools, splunk
-search.product: eADQiWindows 10XVcnh
-search.appverid: met150
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
-ms.author: macapara
-author: mjcaparas
-ms.localizationpriority: medium
-manager: dansimp
-audience: ITPro
-ms.collection: M365-security-compliance 
-ms.topic: article
----
-
-# Configure Splunk Cloud to pull Microsoft Defender ATP detections
-
-**Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-configuresplunk-abovefoldlink) 
-
-
-Follow the instructions provided in [Splunk Cloud](https://splunkbase.splunk.com/app/4959/).
-
-## Related topics
-- [Configure Splunk to pull Microsoft Defender ATP detections](configure-splunk.md)
-- [Enable SIEM integration in Microsoft Defender ATP](enable-siem-integration.md)
-- [Configure ArcSight to pull Microsoft Defender ATP detections](configure-arcsight.md)
-- [Microsoft Defender ATP Detection fields](api-portal-mapping.md)
-- [Pull Microsoft Defender ATP detections using REST API](pull-alerts-using-rest-api.md)
-- [Troubleshoot SIEM tool integration issues](troubleshoot-siem.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-splunk.md b/windows/security/threat-protection/microsoft-defender-atp/configure-splunk.md
index 10c69301a9..c27fdb45cc 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-splunk.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-splunk.md
@@ -54,8 +54,10 @@ You'll need to configure Splunk so that it can pull Microsoft Defender ATP detec
 
 3. Select **Windows Defender ATP alerts** under **Local inputs**.
 
-   NOTE:
-   This input will only appear after you install the [Windows Defender ATP Modular Inputs TA](https://splunkbase.splunk.com/app/4128/).
+   >[!NOTE]
+   > - This input will only appear after you install the [Windows Defender ATP Modular Inputs TA](https://splunkbase.splunk.com/app/4128/).
+   > - For Splunk Cloud, use [Microsoft Defender ATP Add-on for Splunk](https://splunkbase.splunk.com/app/4959/).
+
 
 4. Click **New**.