update image and text

2025-05-16 07:17:24 +00:00 · 2017-08-21 17:04:45 -07:00 · 2017-08-21 17:04:45 -07:00 · 9f683f1cae
commit 9f683f1cae
parent 249669e6df
4 changed files with 9 additions and 6 deletions
--- a/windows/threat-protection/windows-defender-atp/images/atp-observed-in-organization.png
+++ b/windows/threat-protection/windows-defender-atp/images/atp-observed-in-organization.png
--- a/windows/threat-protection/windows-defender-atp/images/atp-user-view-ata.png
+++ b/windows/threat-protection/windows-defender-atp/images/atp-user-view-ata.png
--- a/windows/threat-protection/windows-defender-atp/investigate-machines-windows-defender-advanced-threat-protection.md
+++ b/windows/threat-protection/windows-defender-atp/investigate-machines-windows-defender-advanced-threat-protection.md
@ -45,7 +45,7 @@ For more information on how to take action on a machine, see [Take response acti

 If you have enabled the Azure Advanced Threat Protection feature and there are alerts related to the machine, you can click on the link that will take you to the Azure Advanced Threat Protection page where more information about the alerts are provided. The Azure Advanced Threat Protection tile also provides details such as the last AD site and total domain group memberships.

-For more information on how to enable the Azure Advanced Threat Protection integration, see [Turn on advanced features](advanced-features-windows-defender-advanced-threat-protection.md)
+For more information on how to enable the Azure Advanced Threat Protection integration, see [Turn on advanced features](advanced-features-windows-defender-advanced-threat-protection.md).

 Clicking on the number of total logged on users in the Logged on users tile opens the Users Details pane that displays the following information for logged on users in the past 30 days:

--- a/windows/threat-protection/windows-defender-atp/investigate-user-windows-defender-advanced-threat-protection.md
+++ b/windows/threat-protection/windows-defender-atp/investigate-user-windows-defender-advanced-threat-protection.md
@ -32,22 +32,23 @@ You can find user account information in the following views:
 A clickable user account link is available in these views, that will take you to the user account details page where more details about the user account are shown.

 When you investigate a user account entity, you'll see:
- User account details, Advanced Threat Analytics (ATA) alerts, and Logged on machines
+- User account details, Azure Advanced Threat Protection alerts, and Logged on machines
 - Alerts related to this user
 - Observed in organization (machines logged on to)


-[TAKEN FROM MOCK ONLY!!! JOEY: UPDATE WITH ACTUAL WHEN READY!!!]
 ![Image of the user account entity details page](images/atp-user-view-ata.png)

-The user account entity details, ATA alerts, and logged on machines sections display various attributes about the user account.
+The user account entity details, Azure Advanced Threat Protection alerts, and logged on machines sections display various attributes about the user account.

-The user entity tile provides details such as when the user was first and last seen. You can also contact the user using the link provided on the tile. [JOEY: CHECK IF THIS IS CORRECT.]
+The user entity tile provides details about the user such as when the user was first and last seen. Depending on the integration features you enable, you'll see other details. For example, if you enable the Skype for business integration, you'll be able to contact the user from the portal. 

-If you have enabled the ATA feature and there are alerts related to the user, you can click on the link that will take you to the ATA page where more information about the alerts are provided. The ATA tile also provides details such as the last AD site, total group memberships, and login failure associated with the user.
+If you have enabled the Azure Advanced Threat Protection feature and there are alerts related to the user, you can click on the link that will take you to the Azure Advanced Threat Protection page where more information about the alerts are provided. The Azure Advanced Threat Protection tile also provides details such as the last AD site, total group memberships, and login failure associated with the user.

 You'll also see a list of the machines that the user logged on to, and can expand these to see details of the logon events on each machine.

+For more information on how to enable advanced features, see [Turn on advanced features](advanced-features-windows-defender-advanced-threat-protection.md).
+
 The **Alerts related to this user** section provides a list of alerts that are associated with the user account. This list  is a filtered view of the [Alert queue](alerts-queue-windows-defender-advanced-threat-protection.md), and shows alerts where the user context is the selected user account, the date when the last activity was detected, a short description of the alert, the machine associated with the alert, the alert's severity, the alert's status in the queue, and who is assigned the alert.

 The **Observed in organization** section allows you to specify a date range to see a list of machines where this user was observed logged on to, and the most frequent and least frequent logged on user account on each of these machines.
@ -62,6 +63,8 @@ The machine health state is displayed in the machine icon and color as well as i
 2. Enter the user account in the **Search** field.
 3. Click the search icon or press **Enter**.

+[IS THE BEHAVIOUR BELOW STILL TRUE? I TRIED TO SEARCH FOR USERS AND IT DOESN'T SEEM TO DISPLAY A LIST - PLEASE CHECK FOR TECHNICAL ACCURACY. THANKS!]
+
 A list of users matching the query text is displayed. You'll see the user account's domain and name, when the user account was last seen, and the total number of machines it was observed logged on to in the last 30 days.

 You can filter the results by the following time periods: