From b50d5126b98377acbd06769898226c100d87125c Mon Sep 17 00:00:00 2001
From: Joey Caparas <macapara@microsoft.com>
Date: Tue, 31 Jan 2017 22:18:22 -0800
Subject: [PATCH] update folder location

---
 ...re-arcsight-windows-defender-advanced-threat-protection.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/keep-secure/configure-arcsight-windows-defender-advanced-threat-protection.md b/windows/keep-secure/configure-arcsight-windows-defender-advanced-threat-protection.md
index edc817ea88..79f1fc6389 100644
--- a/windows/keep-secure/configure-arcsight-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/configure-arcsight-windows-defender-advanced-threat-protection.md
@@ -75,7 +75,7 @@ The following steps assume that you have completed all the required steps in [Be
   - WDATP-connector.properties: C:\\*folder_location*\current\user\agent\flexagent\
 
   >[!NOTE]
-  >You must put the configuration files in this location, where *folder_location* represents the location where you installed the tool. 
+  >You must put the configuration files in this location, where *folder_location* represents the location where you installed the tool.
 4. After the installation of the core connector completes, the Connector Setup window opens. In the Connector Setup window, select **Add a Connector**.
 
 5. Select Type: **ArcSight FlexConnector REST** and click **Next**.
@@ -89,7 +89,7 @@ The following steps assume that you have completed all the required steps in [Be
   Events URL | Depending on the location of your datacenter, select either the EU or the US URL: </br></br> **For EU**: `https://wdatp-alertexporter-eu.securitycenter.windows.com/api/alerts/?sinceTimeUtc=$START_AT_TIME` </br></br>**For US**: `https://wdatp-alertexporter-us.securitycenter.windows.com/api/alerts/?sinceTimeUtc=$START_AT_TIME`
   Authentication Type |	OAuth 2
   OAuth 2 Client Properties file	| Browse to the location of the wdatp-connector.properties file.
-  Refresh Token	| Use either the Windows Defender ATP token URL or the restutil tool to obtain your refresh token. For more information, see see [Obtain a refresh token](configure-aad-windows-defender-advanced-threat-protection.md#obtain-a-refresh-token). </br> </br> **Get your refresh token using the restutil tool:** </br> a. Open a command prompt. Navigate to `C:\Program Files\ArcSightSmartConnectors\current\bin`. </br> b. Type: `arcsight restutil token -config C:\ArcSightSmartConnectors_Prod\WDATP\WDATP-connector.properties`. A Web browser window will open. </br> c. A web browser will open. Type in your credentials then click on the password field to let the page redirect. In the login prompt, enter your credentials. </br> d.	A refresh token is provided in the command prompt. </br> e. Copy and paste it into the **Refresh Token** field.
+  Refresh Token	| Use either the Windows Defender ATP token URL or the restutil tool to obtain your refresh token. For more information, see see [Obtain a refresh token](configure-aad-windows-defender-advanced-threat-protection.md#obtain-a-refresh-token). </br> </br> **Get your refresh token using the restutil tool:** </br> a. Open a command prompt. Navigate to C:\\*folder_location*\current\bin where *folder_location* represents the location where you installed the tool. </br> b. Type: `arcsight restutil token -config C:\ArcSightSmartConnectors_Prod\WDATP\WDATP-connector.properties`. A Web browser window will open. </br> c. A web browser will open. Type in your credentials then click on the password field to let the page redirect. In the login prompt, enter your credentials. </br> d.	A refresh token is provided in the command prompt. </br> e. Copy and paste it into the **Refresh Token** field.
 
 7. A browser window is opened by the connector. Login with your application credentials. After you log in, you'll be asked to give permission to your OAuth2 Client. You must give permission to your OAuth 2 Client so that the connector configuration can authenticate. </br></br>
 If the `redirect_uri` is a https URL, you'll be redirected to a URL on the local host. You'll see a page that requests for you to trust the certificate supplied by the connector running on the local host. You'll need to trust this certificate if the redirec_uri is a https. </br></br> If however you specify a http URL for the redirect_uri, you do not need to provide consent in trusting the certificate.