Added lightbox and expandable images to each img

windows/security/threat-protection/windows-defender-application-control/wdac-wizard-parsing-event-logs.md

@@ -47,7 +47,7 @@ To create rules from the WDAC event logs on the system:
    The Wizard will parse the relevant audit and block events from the CodeIntegrity (WDAC) Operational and AppLocker MSI and Script logs. You'll see a notification when the Wizard successfully finishes reading the events. 
 
    > [!div class="mx-imgBorder"]
-   > ![Parse WDAC and AppLocker event log system events](images/wdac-wizard-event-log-system.png)
+   > [![Parse WDAC and AppLocker event log system events](images/wdac-wizard-event-log-system.png)](images/wdac-wizard-event-log-system-expanded.png)
 
 4. Select the Next button to view the audit and block events and create rules.
 5. [Generate rules from the events](#creating-policy-rules-from-the-events).
@@ -64,7 +64,7 @@ To create rules from the WDAC `.EVTX` event logs files on the system:
    The Wizard will parse the relevant audit and block events from the selected log files. You'll see a notification when the Wizard successfully finishes reading the events. 
 
    > [!div class="mx-imgBorder"]
-   > ![Parse evtx file WDAC events](images/wdac-wizard-event-log-files.png)
+   > [![Parse evtx file WDAC events](images/wdac-wizard-event-log-files.png)](images/wdac-wizard-event-log-files-expanded.png)
 
 5. Select the Next button to view the audit and block events and create rules.
 6. [Generate rules from the events](#creating-policy-rules-from-the-events).
@@ -101,7 +101,7 @@ To create rules from the WDAC events in [MDE Advanced Hunting](querying-applicat
 2. Export the WDAC event results by selecting the **Export** button in the results view.
 
    > [!div class="mx-imgBorder"]
-   > ![Export the MDE Advanced Hunting results to CSV](images/wdac-wizard-event-log-mde-ah-export.png)
+   > [![Export the MDE Advanced Hunting results to CSV](images/wdac-wizard-event-log-mde-ah-export.png)](images/wdac-wizard-event-log-mde-ah-export-expanded.png)
 
 3. Select **Policy Editor** from the WDAC Wizard main page.
 4. Select **Convert Event Log to a WDAC Policy**.
@@ -111,7 +111,7 @@ To create rules from the WDAC events in [MDE Advanced Hunting](querying-applicat
    The Wizard will parse the relevant audit and block events from the selected Advanced Hunting log files. You'll see a notification when the Wizard successfully finishes reading the events. 
 
    > [!div class="mx-imgBorder"]
-   > ![Parse the Advanced Hunting CSV WDAC event files](images/wdac-wizard-event-log-mde-ah-parsing.png)
+   > [![Parse the Advanced Hunting CSV WDAC event files](images/wdac-wizard-event-log-mde-ah-parsing.png)](images/wdac-wizard-event-log-mde-ah-parsing-expanded.png)
 
 7. Select the Next button to view the audit and block events and create rules.
 8. [Generate rules from the events](#creating-policy-rules-from-the-events).
@@ -128,7 +128,7 @@ To create a rule and add it to the WDAC policy:
 4. Select the **Add Allow Rule** button to add the configured rule to the policy generated by the Wizard. The "Added to policy" label will be added to the selected row confirming that the rule will be generated.
 
    > [!div class="mx-imgBorder"]
-   > ![Adding a publisher rule to the WDAC policy](images/wdac-wizard-event-rule-creation.png)
+   > [![Adding a publisher rule to the WDAC policy](images/wdac-wizard-event-rule-creation.png)](images/wdac-wizard-event-rule-creation-expanded.png)
 
 5. Select the **Next** button to output the policy. Once generated, the event log policy should be merged with your base or supplemental policies.