diff --git a/docs/xdr/usecases/playbook/whoIs.md b/docs/xdr/usecases/playbook/whoIs.md
index 35ce8680ac..cf7fe907f7 100644
--- a/docs/xdr/usecases/playbook/whoIs.md
+++ b/docs/xdr/usecases/playbook/whoIs.md
@@ -1,6 +1,6 @@
-# WHOIS MODULE CONFIGURATION
+# Whois module configuration
 
-This use case describes how to use WhoIs module in order to enrich an IP address, a domain name or a URL.
+This use case describes how to use Whois module in order to enrich an IP address, a domain name or a URL.
 
 ## Prerequisites
 
@@ -24,12 +24,12 @@ You can find the configuration below:
 
 | Module | Configuration |
 | --- | --- |
-| Alert webhook | configure module & trigger configuration |
-| Get Alert | uuid = `alert_uuid` of Alert webhook |
-| Get Events | earliest_time = `first_seen_at` of **Get alert**, latest_time = `last_seen_at` of **Get alert**, query = `short_id` of **Get alert** |
-| Foreach | items = `Events` of Get Events |
-| Store | item, append, `{{ node.x.default.value['source.ip'] }}` x is the node of ForEach (that can be found in the code tab) |
-| Foreach | items = {{ store.item|unique|list }} |
-| Whois | query = `Node.x.Domain.Whois.raw` x is the node of ForEach (that can be found in the code tab) |
-| Comment alert | **content** = Domain Name : `{{ node.12['Domain']['Name'] }}`, uuid = `alert_uuid` of **Alert webhook** |
+| Manual Trigger | configure module & trigger configuration |
+| Get Alert | uuid = `alert_uuid` of the **Manual Trigger** module |
+| Get Events | earliest_time = `first_seen_at` of the **Get alert** module, latest_time = `last_seen_at` of **Get alert**, query = `short_id` of **Get alert** |
+| Foreach | items = `Events` of the **Get Events** module |
+| Store | item, append, `{{ node.x.default.value['source.ip'] }}` x is the node number of the **ForEach** module (that can be found in the code tab) |
+| Foreach | items = `{{ store.item|unique|list }}` |
+| Whois | query = `Node.x.Domain.Whois.raw` x is the node number of the **ForEach** module (that can be found in the code tab) |
+| Comment alert | content = Domain Name : `{{ node.12['Domain']['Name'] }}`, uuid = `alert_uuid` of **Manual Trigger** |