V2 update.md

docs/snow_commandRef.md

@@ -13,11 +13,12 @@ Required Permissions: Warehouse, compute pool, and task management access
 
 ### Run Inference
 ```sql
-CALL static_detection.inference('your_service_name');
+CALL static_detection.inference(include_mitre_map);
 ```
-Parameters:
-- `your_service_name`: Name of the service to analyze (string)
-Purpose: Executes inference on specified service data
+Parameters: 
+- `include_mitre_map (BOOLEAN)`: Specifies whether to include MITRE technique mappings in the classified anomalies. Set to TRUE to include the mappings, or FALSE to exclude them.
+
+Purpose: This parameter acts as a toggle to determine whether MITRE tactic mappings are added to the identified anomalies during the inference process.
 
 ### Deep Dive Analysis
 ```sql
@@ -27,6 +28,18 @@ Parameters:
 - `sequence_id`: Identifier of the sequence to analyze (string/integer)
 Purpose: Investigates specific sequences flagged as anomalies
 
+
+### Mitre ATT&CK Classification
+```sql
+CALL inspect.mitre_classification();
+```
+
+Parameters:
+- `None`
+
+Purpose: Classifies MITRE tactics for a table of known anomalies sourced from the Tempo app or other systems
+
+
 ## Automated Detection
 
 ### Start Automated Inference
@@ -101,4 +114,4 @@ Purpose: Removes the specified version of the model and its metadata from the ap
 ## Notes
 - All commands require appropriate permissions for warehouse, compute pool, and task management
 - The management console is accessible via the Streamlit dashboard
-- Reference data can be managed through the web-based management interface
+- Reference data can be managed through the web-based management interface