Corrections to layout

windows/security/threat-protection/microsoft-defender-atp/raw-data-export-storage.md

@@ -36,13 +36,18 @@ Want to experience Defender for Endpoint? [Sign up for a free trial.](https://ww
 ## Enable raw data streaming:
 
 1. Log in to [Microsoft Defender for Endpoint portal](https://securitycenter.windows.com) with Global Admin user.
-2. Go to [Data export settings page](https://securitycenter.windows.com/interoperability/dataexport) on Microsoft Defender Security Center.
-3. Click on **Add data export settings**.
-4. Choose a name for your new settings.
-5. Choose **Forward events to Azure Storage**.
-6. Type your **Storage Account Resource Id**. In order to get your **Storage Account Resource Id**, go to your Storage account page on [Azure portal](https://ms.portal.azure.com/) > properties tab > copy the text under **Storage account resource ID**:
 
-  ![Image of event hub resource Id](images/storage-account-resource-id.png)
+2. Go to [Data export settings page](https://securitycenter.windows.com/interoperability/dataexport) on Microsoft Defender Security Center.
+
+3. Click on **Add data export settings**.
+
+4. Choose a name for your new settings.
+
+5. Choose **Forward events to Azure Storage**.
+
+6. Type your **Storage Account Resource ID**. In order to get your **Storage Account Resource ID**, go to your Storage account page on [Azure portal](https://ms.portal.azure.com/) > properties tab > copy the text under **Storage account resource ID**:
+
+   ![Image of event hub resource ID](images/storage-account-resource-id.png)
 
 7. Choose the events you want to stream and click **Save**.
 
@@ -50,22 +55,25 @@ Want to experience Defender for Endpoint? [Sign up for a free trial.](https://ww
 
 - A blob container will be created for each event type: 
 
-![Image of event hub resource Id](images/storage-account-event-schema.png)
+  ![Image of event hub resource ID](images/storage-account-event-schema.png)
 
 - The schema of each row in a blob is the following JSON: 
 
-```
-{
-        "time": "<The time WDATP received the event>"
-        "tenantId": "<Your tenant ID>"
-        "category": "<The Advanced Hunting table name with 'AdvancedHunting-' prefix>"
-        "properties": { <WDATP Advanced Hunting event as Json> }
-}               
-```
+  ```
+  {
+          "time": "<The time WDATP received the event>"
+          "tenantId": "<Your tenant ID>"
+          "category": "<The Advanced Hunting table name with 'AdvancedHunting-' prefix>"
+          "properties": { <WDATP Advanced Hunting event as Json> }
+  }               
+  ```
 
 - Each blob contains multiple rows.
+
 - Each row contains the event name, the time Defender for Endpoint received the event, the tenant it belongs (you will only get events from your tenant), and the event in JSON format in a property called "properties".
+
 - For more information about the schema of Microsoft Defender for Endpoint events, see [Advanced Hunting overview](advanced-hunting-overview.md).
+
 - In Advanced Hunting, the **DeviceInfo** table has a column named **MachineGroup** which contains the group of the device. Here every event will be decorated with this column as well. See [Device Groups](machine-groups.md) for more information.
 
 ## Data types mapping:
@@ -73,18 +81,18 @@ Want to experience Defender for Endpoint? [Sign up for a free trial.](https://ww
 In order to get the data types for our events properties do the following:
 
 1. Log in to [Microsoft Defender Security Center](https://securitycenter.windows.com) and go to [Advanced Hunting page](https://securitycenter.windows.com/hunting-package).
+
 2. Run the following query to get the data types mapping for each event: 
 
-```
-{EventType}
-| getschema
-| project ColumnName, ColumnType 
-
-```
+   ```
+   {EventType}
+   | getschema
+   | project ColumnName, ColumnType 
+   ```
 
 - Here is an example for Device Info event: 
 
-![Image of event hub resource ID](images/machine-info-datatype-example.png)
+  ![Image of event hub resource ID](images/machine-info-datatype-example.png)
 
 ## Related topics
 - [Overview of Advanced Hunting](advanced-hunting-overview.md)