diff --git a/windows/threat-protection/windows-defender-atp/get-fileactions-collection-windows-defender-advanced-threat-protection.md b/windows/threat-protection/windows-defender-atp/get-fileactions-collection-windows-defender-advanced-threat-protection.md
index 50f67db18b..dc09880bab 100644
--- a/windows/threat-protection/windows-defender-atp/get-fileactions-collection-windows-defender-advanced-threat-protection.md
+++ b/windows/threat-protection/windows-defender-atp/get-fileactions-collection-windows-defender-advanced-threat-protection.md
@@ -46,7 +46,7 @@ If successful, this method returns 200, Ok response code with a collection of Fi
 
 Request
 
-Here is an example of the request on an organization that has 3 FileActions.
+Here is an example of the request on an organization that has three FileActions.
 
 ```
 GET https://graph.microsoft.com/testwdatppreview/fileactions
diff --git a/windows/threat-protection/windows-defender-atp/get-filemachineactions-collection-windows-defender-advanced-threat-protection.md b/windows/threat-protection/windows-defender-atp/get-filemachineactions-collection-windows-defender-advanced-threat-protection.md
index bc8802062b..f89058a0f1 100644
--- a/windows/threat-protection/windows-defender-atp/get-filemachineactions-collection-windows-defender-advanced-threat-protection.md
+++ b/windows/threat-protection/windows-defender-atp/get-filemachineactions-collection-windows-defender-advanced-threat-protection.md
@@ -103,3 +103,65 @@ Content-type: application/json
 
 
 ```
+
+##Example 2
+
+Request
+
+Here is an example of a request that filters the FileMachineActions by machine ID and shows the latest two FileMachineActions.
+
+```
+GET https://graph.microsoft.com/testwdatppreview/filemachineactions?$filter=machineId eq 'f46b9bb259ed4a7fb9981b73510e3cc7aa81ec1f'&$top=2
+```
+
+Response 
+
+```
+HTTP/1.1 200 Ok
+Content-type: application/json
+{
+    "@odata.context": "https://graph.microsoft.com/testwdatppreview/$metadata#FileMachineActions",
+    "value": [
+        {
+            "id": "6f1d364c-680c-499a-b30c-dd9265ad4c9d",
+            "sha1": "87662bc3d60e4200ceaf7aae249d1c343f4b83c9",
+            "type": "StopAndQuarantineFile",
+            "requestor": "Analyst@ contoso.com ",
+            "requestorComment": "test",
+            "status": "Succeeded",
+            "fileId": "87662bc3d60e4200ceaf7aae249d1c343f4b83c9",
+            "machineId": "f46b9bb259ed4a7fb9981b73510e3cc7aa81ec1f",
+            "creationDateTimeUtc": "2017-12-04T13:13:26.2106524Z",
+            "lastUpdateDateTimeUtc": "2017-12-04T13:15:07.1639963Z",
+            "fileInstances": [
+                {
+                    "filePath": "C:\\Users\\ testUser \\Downloads\\elma.exe",
+                    "status": "Succeeded"
+                },
+                {
+                    "filePath": "C:\\Users\\ testUser \\AppData\\Local\\Packages\\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\\TempState\\Downloads\\elma (2).exe.xc9q785.partial",
+                    "status": "Succeeded"
+                },
+            ]
+        },
+        {
+            "id": "c083f601-012f-4955-b4cc-fab50fb69d79",
+            "sha1": "8d25682b3a82af25b42dc90291c35ff3293daa68",
+            "type": "RequestSample",
+            "requestor": "Analyst@ contoso.com ",
+            "requestorComment": "test",
+            "status": "Succeeded",
+            "fileId": "8d25682b3a82af25b42dc90291c35ff3293daa68",
+            "machineId": "f46b9bb259ed4a7fb9981b73510e3cc7aa81ec1f",
+            "creationDateTimeUtc": "2017-12-04T13:39:24.9399004Z",
+            "lastUpdateDateTimeUtc": "2017-12-04T13:40:01.1094743Z",
+            "fileInstances": [
+                {
+                    "filePath": "C:\\Windows\\System32\\conhost.exe",
+                    "status": "Succeeded"
+                }
+            ]
+        }
+    ]
+}
+```
\ No newline at end of file
diff --git a/windows/threat-protection/windows-defender-atp/get-machineactions-collection-windows-defender-advanced-threat-protection.md b/windows/threat-protection/windows-defender-atp/get-machineactions-collection-windows-defender-advanced-threat-protection.md
index 82fafe9653..de4303347f 100644
--- a/windows/threat-protection/windows-defender-atp/get-machineactions-collection-windows-defender-advanced-threat-protection.md
+++ b/windows/threat-protection/windows-defender-atp/get-machineactions-collection-windows-defender-advanced-threat-protection.md
@@ -42,7 +42,7 @@ If successful, this method returns 200, Ok response code with a collection of Ma
 
 Request
 
-Here is an example of the request on an organization that has 3 MachineActions
+Here is an example of the request on an organization that has three MachineActions.
 
 ```
 GET https://graph.microsoft.com/testwdatppreview/machineactions
@@ -110,7 +110,8 @@ GET https://graph.microsoft.com/testwdatppreview/machineactions?$filter=machineI
 
 
 
-Response 
+Response
+
 Here is an example of the response.
 
 ```
diff --git a/windows/threat-protection/windows-defender-atp/unisolate-machine-windows-defender-advanced-threat-protection.md b/windows/threat-protection/windows-defender-atp/unisolate-machine-windows-defender-advanced-threat-protection.md
index d8ae71b4f7..a0c2ad102c 100644
--- a/windows/threat-protection/windows-defender-atp/unisolate-machine-windows-defender-advanced-threat-protection.md
+++ b/windows/threat-protection/windows-defender-atp/unisolate-machine-windows-defender-advanced-threat-protection.md
@@ -68,10 +68,16 @@ HTTP/1.1 201 Created
 Content-type: application/json
 {
     "@odata.context": "https://graph.microsoft.com/testwdatppreview/$metadata#MachineActions/$entity",
-    "id": "ac19aae7-4146-4a13-a786-eb43d8557f7c",
+    "id": "09a0f91e-a2eb-409d-af33-5577fe9bd558",
     "type": "Unisolate",
+    "requestor": "Analyst@ contoso.com ",
+    "requestorComment": "Unisolate machine since it was clean and validated ",
     "status": "InProgress",
-    "error": "Unknown"
+    "error": "None",
+    "machineId": "f46b9bb259ed4a7fb9981b73510e3cc7aa81ec1f",
+    "creationDateTimeUtc": "2017-12-04T12:13:15.0104931Z",
+    "lastUpdateTimeUtc": "2017-12-04T12:13:15.0104931Z" 
 }
 
+
 ```
diff --git a/windows/threat-protection/windows-defender-atp/unrestrict-code-execution-windows-defender-advanced-threat-protection.md b/windows/threat-protection/windows-defender-atp/unrestrict-code-execution-windows-defender-advanced-threat-protection.md
index 9c21aa1312..a36b1ae76a 100644
--- a/windows/threat-protection/windows-defender-atp/unrestrict-code-execution-windows-defender-advanced-threat-protection.md
+++ b/windows/threat-protection/windows-defender-atp/unrestrict-code-execution-windows-defender-advanced-threat-protection.md
@@ -1,5 +1,5 @@
 ---
-title: Unrestrict code execution  API
+title: Remove app restriction API
 description: Use this API to create calls related to removing a restriction from applications from executing.
 keywords: apis, graph api, supported apis, remove machine from isolation
 search.product: eADQiWindows 10XVcnh
@@ -13,7 +13,7 @@ ms.localizationpriority: high
 ms.date: 12/07/2017
 ---
 
-# Unrestrict code execution
+# Remove app restriction
 Unrestrict execution of set of predefined applications.
 
 ## Permissions