From a016e26bf14a95c3888baf18ae9c12baf738d4bc Mon Sep 17 00:00:00 2001
From: Andres Mariano Gorzelany <36666927+get-itips@users.noreply.github.com>
Date: Thu, 29 Aug 2019 09:45:25 -0300
Subject: [PATCH 1/2] Added 2 examples

---
 .../policy-and-compliance/Set-ProtectionAlert.md       | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/exchange/exchange-ps/exchange/policy-and-compliance/Set-ProtectionAlert.md b/exchange/exchange-ps/exchange/policy-and-compliance/Set-ProtectionAlert.md
index b8ed0d1873..b9954222a9 100644
--- a/exchange/exchange-ps/exchange/policy-and-compliance/Set-ProtectionAlert.md
+++ b/exchange/exchange-ps/exchange/policy-and-compliance/Set-ProtectionAlert.md
@@ -18,6 +18,7 @@ Use the Set-ProtectionAlert cmdlet to modify alert policies in the Security & Co
 
 For information about the parameter sets in the Syntax section below, see Exchange cmdlet syntax (https://technet.microsoft.com/library/bb123552.aspx).
 
+
 > [!NOTE]
 > You cannot use this cmdlet to edit default alert policies. You can only modify alerts you have created using New-ProtectionAlert cmdlet.
 
@@ -43,17 +44,18 @@ You need to be assigned permissions in the Office 365 Security & Compliance Cent
 
 ### -------------------------- Example 1 --------------------------
 ```
-Insert example commands for example 1.
+Set-ProtectionAlert -Identity "Content search deleted" -Severity High
 ```
 
-Insert descriptive text for example 1.
+This example modifies the Severity of the detection to High
 
 ### -------------------------- Example 2 --------------------------
 ```
-Insert example commands for example 2.
+Set-ProtectionAlert -Identity "Content search deleted" -NotifyUserOnFilterMatch:$true -AggregationType SimpleAggregation -Threshold 10 -TimeWindow 120
 ```
 
-Insert descriptive text for example 2.
+This example modifies an alert so that even though it is configured for aggregated activity, a notification is triggered during a match for the activity, a threshold of 10 detections and a TimeWindow of two hours are also configured in the same command
+
 
 ## PARAMETERS
 

From 5825c28279afcf90e43ae0f54980d0f13429c34c Mon Sep 17 00:00:00 2001
From: Chris Davis <chris.davis@microsoft.com>
Date: Tue, 3 Sep 2019 13:07:34 -0700
Subject: [PATCH 2/2] Update Set-ProtectionAlert.md

---
 .../Set-ProtectionAlert.md                    | 30 +++++++++++++------
 1 file changed, 21 insertions(+), 9 deletions(-)

diff --git a/exchange/exchange-ps/exchange/policy-and-compliance/Set-ProtectionAlert.md b/exchange/exchange-ps/exchange/policy-and-compliance/Set-ProtectionAlert.md
index b9954222a9..825d3f567a 100644
--- a/exchange/exchange-ps/exchange/policy-and-compliance/Set-ProtectionAlert.md
+++ b/exchange/exchange-ps/exchange/policy-and-compliance/Set-ProtectionAlert.md
@@ -26,15 +26,27 @@ For information about the parameter sets in the Syntax section below, see Exchan
 
 ```
 Set-ProtectionAlert [-Identity] <ComplianceRuleIdParameter>
- [-AggregationType <None | SimpleAggregation | AnomalousAggregation>] [-AlertBy <MultiValuedProperty>]
+ [-AggregationType <None | SimpleAggregation | AnomalousAggregation>]
+ [-AlertBy <MultiValuedProperty>]
  [-AlertFor <MultiValuedProperty>]
  [-Category <None | DataLossPrevention | ThreatManagement | DataGovernance | AccessGovernance | Others>]
- [-Comment <String>] [-Confirm] [-Description <String>] [-Disabled <$true | $false>] [-Filter <String>]
- [-Name <String>] [-NotificationCulture <CultureInfo>] [-NotifyUser <MultiValuedProperty>]
- [-NotifyUserOnFilterMatch <$true | $false>] [-NotifyUserSuppressionExpiryDate <DateTime>]
- [-NotifyUserThrottleThreshold <Int32>] [-NotifyUserThrottleWindow <Int32>] [-Operation <MultiValuedProperty>]
- [-Severity <Low | Medium | High | None>] [-Threshold <Int32>] [-TimeWindow <Int32>] [-WhatIf]
- [<CommonParameters>]
+ [-Comment <String>]
+ [-Confirm]
+ [-Description <String>]
+ [-Disabled <$true | $false>]
+ [-Filter <String>]
+ [-Name <String>]
+ [-NotificationCulture <CultureInfo>]
+ [-NotifyUser <MultiValuedProperty>]
+ [-NotifyUserOnFilterMatch <$true | $false>]
+ [-NotifyUserSuppressionExpiryDate <DateTime>]
+ [-NotifyUserThrottleThreshold <Int32>]
+ [-NotifyUserThrottleWindow <Int32>]
+ [-Operation <MultiValuedProperty>]
+ [-Severity <Low | Medium | High | None>]
+ [-Threshold <Int32>]
+ [-TimeWindow <Int32>]
+ [-WhatIf] [<CommonParameters>]
 ```
 
 ## DESCRIPTION
@@ -47,14 +59,14 @@ You need to be assigned permissions in the Office 365 Security & Compliance Cent
 Set-ProtectionAlert -Identity "Content search deleted" -Severity High
 ```
 
-This example modifies the Severity of the detection to High
+This example sets the Severity of the detection to High.
 
 ### -------------------------- Example 2 --------------------------
 ```
 Set-ProtectionAlert -Identity "Content search deleted" -NotifyUserOnFilterMatch:$true -AggregationType SimpleAggregation -Threshold 10 -TimeWindow 120
 ```
 
-This example modifies an alert so that even though it is configured for aggregated activity, a notification is triggered during a match for the activity, a threshold of 10 detections and a TimeWindow of two hours are also configured in the same command
+This example modifies an alert so that even though it's configured for aggregated activity, a notification is triggered during a match for the activity. A threshold of 10 detections and a TimeWindow of two hours are also configured in the same command.
 
 
 ## PARAMETERS