Merge pull request #102 from elastic/issue-35-network

Explore section - cleanup: Network

docs/explore/network-page-overview.mdx

@@ -2,14 +2,14 @@
 id: serverlessSecurityNetworkPageOverview
 slug: /serverless/security/network-page-overview
 title: Network page
-# description: Description to be written
-tags: [ 'serverless', 'security', 'how-to' ]
-status: rough content
+description: Analyze key network activity metrics on an interactive map, and use network event tables for deeper insights.
+tags: [ 'serverless', 'security', 'how-to', 'analyze']
+status: in review
 ---
 
-import RoughContent from '../partials/rough-content-notice.mdx'
+import InReview from '../partials/in-review-notice.mdx'
 
-<RoughContent />
+<InReview />
 
 <div id="network-page-overview"></div>
 
@@ -24,7 +24,7 @@ The Network page provides key network activity metrics in an interactive map, an
 The map provides an interactive visual overview of your network traffic. Hover over source and destination points to show more information, such as host names and IP addresses.
 
 <DocCallOut title="Note">
-To access the interactive map, you need either `Read` or `All` privileges for `Maps` (*Kibana Privileges* -> **Analytics** -> **Maps**). To learn more about map setup, refer to <DocLink id="serverlessSecurityConfMapUi">Configure network map data</DocLink>.
+To access the interactive map, you must have the appropriate user role. To learn more about map setup, refer to <DocLink id="serverlessSecurityConfMapUi">Configure network map data</DocLink>.
 </DocCallOut>
 
 There are several ways to drill down: 
@@ -37,8 +37,7 @@ There are several ways to drill down:
 You can start an investigation using the map, and the map refreshes to show related data when you run a query or update the time range.
 
 <DocCallOut title="Tip">
-To add and remove layers, click on the **Options** menu (*...*) in the top right
-corner of the map.
+To add and remove layers, click on the **Options** menu (**...**) in the top right corner of the map.
 </DocCallOut>
 
 <div id="map-widgets-tables"></div>
@@ -64,7 +63,7 @@ There are also tabs for viewing and investigating specific types of data:
 * **Anomalies**: Anomalies discovered by <DocLink id="serverlessSecurityMachineLearning">machine learning jobs</DocLink>.
 * **Events**: All network events. To display alerts received from external monitoring tools, scroll down to the events table and select **Show only external alerts** on the right.
 
-The Events table includes inline actions and several customization options. To learn more about what you can do with the data in these tables, refer to \<\<alerts-ui-manage>>.
+The Events table includes inline actions and several customization options. To learn more about what you can do with the data in these tables, refer to <DocLink id="serverlessSecurityAlertsUiManage">Manage detection alerts</DocLink>.
 
 <div id="ip-details-page"></div>
 
@@ -78,11 +77,10 @@ The IP's details page includes the following sections:
 
 * **Summary**: General details such as the location, when the IP address was first and last seen, the associated host ID and host name, and links to external sites for verifying the IP address's reputation. 
 
-<DocCallOut title="Note">
-By default, the external sites are [Talos](https://talosintelligence.com/) and
-[VirusTotal](https://www.virustotal.com/). Refer to <DocLink id="serverlessSecurityAdvancedSettings" section="display-reputation-links-on-ip-detail-pages">Display reputation links on IP detail pages</DocLink> to learn how to configure IP reputation links.
-
-</DocCallOut>
+    <DocCallOut title="Note">
+    By default, the external sites are [Talos](https://talosintelligence.com/) and
+    [VirusTotal](https://www.virustotal.com/). Refer to <DocLink id="serverlessSecurityAdvancedSettings" section="display-reputation-links-on-ip-detail-pages">Display reputation links on IP detail pages</DocLink> to learn how to configure IP reputation links.
+    </DocCallOut>
 
 * **Alert metrics**: The total number of alerts by severity, rule, and status (`Open`, `Acknowledged`, or `Closed`).