updated related topics

enable-custom-ti-windows-defender-advanced-threat-protection.md

@@ -1,7 +1,7 @@
 ---
-title: Enable the custom threat intelligence using REST API in Windows Defender ATP
+title: Enable the custom threat intelligence application in Windows Defender ATP
-description: Create your custom Alert definitions and Indicators of Compromise in Windows Defender ATP using the available APIs in Windows Enterprise, Education, and Pro editions.
+description: Enable the custom threat intelligence application in Windows Defender ATP so that you can create custom threat intelligence using REST API.
-keywords: alert definitions, indicators of compromise, threat indicators, custom ti, rest api, api
+keywords: enable custom threat intelligence application, custom ti application, application name, client id, authorization url, resource, client secret, access tokens
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
 ms.mktglfcycl: deploy

windows/keep-secure/TOC.md

@@ -748,6 +748,7 @@
 #### [Understand threat indicators](threat-indicator-concepts-windows-defender-advanced-threat-protection.md)
 ##### [Enable the custom threat intelligence application](enable-custom-ti-windows-defender-advanced-threat-protection.md)
 ##### [Create custom threat intelligence using REST API](custom-ti-api-windows-defender-advanced-threat-protection.md)
+##### [Troubleshoot custom threat intelligence issues](troubleshoot-custom-ti-windows-defender-advanced-threat-protection.md)
 #### [Manage alerts](manage-alerts-windows-defender-advanced-threat-protection.md)
 #### [Machines view overview](machines-view-overview-windows-defender-advanced-threat-protection.md)
 #### [Investigate machines](investigate-machines-windows-defender-advanced-threat-protection.md)

windows/keep-secure/threat-indicator-concepts-windows-defender-advanced-threat-protection.md

@@ -1,7 +1,7 @@
 ---
 title: Understand threat indicators in Windows Defender ATP
 description: Understand the concepts around threat indicators in Windows Defender Advanced Threat Protection so that you can effectively create custom indicators for your organization.
-keywords: threat indicators, alert definitions, indicators of compromise, concepts
+keywords: threat indicators, alert definitions, indicators of compromise, ioc
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
 ms.mktglfcycl: deploy
@@ -21,6 +21,8 @@ localizationpriority: high
 - Windows 10 Pro Education
 - Windows Defender Advanced Threat Protection (Windows Defender ATP)
 
+<span style="color:#ED1C24;">[Some information relates to pre-released product, which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.]</span>
+
 Advanced cybersecurity attacks comprise of multiple complex malicious events, attributes, and contextual information. Identifying and deciding which of these activities qualify as suspicious can be a challenging task. Your knowledge of known attributes and abnormal activities specific to your industry is fundamental in knowing when to call an observed behavior as suspicious.
 
 With Windows Defender ATP, you can create custom threat indicators that can help you keep track of possible attack activities in your organization. You can flag suspicious events to piece together clues and possibly stop an attack chain. These custom indicators will only appear in your organization and will flag events that you set it to track.

windows/keep-secure/troubleshoot-custom-ti-windows-defender-advanced-threat-protection.md

@@ -0,0 +1,31 @@
+---
+title: Troubleshoot custom threat intelligence issues in Windows Defender ATP
+description: Troubleshoot issues that might arise when using the custom threat intelligence feature in Windows Defender ATP.
+keywords: troubleshoot, custom threat intelligence, custom ti, rest api, api, alert definitions, indicators of compromise
+search.product: eADQiWindows 10XVcnh
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+author: mjcaparas
+localizationpriority: high
+---
+
+# Troubleshoot custom threat intelligence issues
+
+**Applies to:**
+
+- Windows 10 Enterprise
+- Windows 10 Education
+- Windows 10 Pro
+- Windows 10 Pro Education
+- Windows Defender Advanced Threat Protection (Windows Defender ATP)
+
+<span style="color:#ED1C24;">[Some information relates to pre-released product, which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.]</span>
+
+You might need to troubleshoot issues while using the custom threat intelligence feature.
+This page provides detailed steps to troubleshoot issues you might encounter and common errors that might occur.
+
+State | Potential cause of error | Error message
+:---|:---|:---
+Initialize | - Service call timed out </br> -