diff --git a/notebooks/network-intrusion-detection-part-3/notebook.ipynb b/notebooks/network-intrusion-detection-part-3/notebook.ipynb
index be2b88a..26cbae0 100644
--- a/notebooks/network-intrusion-detection-part-3/notebook.ipynb
+++ b/notebooks/network-intrusion-detection-part-3/notebook.ipynb
@@ -39,10 +39,18 @@
     },
     {
       "cell_type": "markdown",
-      "id": "f6100d05-d796-452b-893c-8e9240d9a3f9",
+      "id": "b4cd5073",
       "metadata": {},
       "source": [
-        "We start creating a simple table to load the logs into a JSON column"
+        "### We recommend for that step to use a S1+ size workspace"
+      ]
+    },
+    {
+      "cell_type": "markdown",
+      "id": "ee260ca9",
+      "metadata": {},
+      "source": [
+        "<div class=\"alert alert-block alert-warning\">    <b class=\"fa fa-solid fa-exclamation-circle\"></b>    <div>        <p><b>Action Required</b></p>        <p>Make sure to select the <tt>siem_log_kafka_demo</tt> database from the drop-down menu at the top of this notebook.        It updates the <tt>connection_url</tt> which is used by the <tt>%%sql</tt> magic command and SQLAlchemy to make connections to the selected database.</p>    </div></div>"
       ]
     },
     {
@@ -57,6 +65,14 @@
         "drop table `siem_log_real`;"
       ]
     },
+    {
+      "cell_type": "markdown",
+      "id": "f6100d05-d796-452b-893c-8e9240d9a3f9",
+      "metadata": {},
+      "source": [
+        "We start creating a simple table to load the logs into a JSON column"
+      ]
+    },
     {
       "cell_type": "code",
       "execution_count": 2,
@@ -88,9 +104,9 @@
       "source": [
         "%%sql\n",
         "CREATE PIPELINE `siem_log_real`\n",
-        "AS LOAD DATA KAFKA 'pkc-XXX.us-east-1.aws.confluent.cloud:9092/connections_siem_logs'\n",
-        "CONFIG '{\\\"sasl.username\\\": \\\"YOURKEY\\\",\\n         \\\"sasl.mechanism\\\": \\\"PLAIN\\\",\\n         \\\"security.protocol\\\": \\\"SASL_SSL\\\",\\n         \\\"ssl.ca.location\\\": \\\"/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem\\\"}'\n",
-        "CREDENTIALS '{\"sasl.password\": \"YOURPASSWORD\"}'\n",
+        "AS LOAD DATA KAFKA 'pkc-p11xm.us-east-1.aws.confluent.cloud:9092/singlestore_topic'\n",
+        "CONFIG '{\\\"sasl.username\\\": \\\"WTIVCYPLUAIMIAYQ\\\",\\n         \\\"sasl.mechanism\\\": \\\"PLAIN\\\",\\n         \\\"security.protocol\\\": \\\"SASL_SSL\\\",\\n         \\\"ssl.ca.location\\\": \\\"/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem\\\"}'\n",
+        "CREDENTIALS '{\"sasl.password\": \"/qIOhlTFEK8RNNCc1qSOnpNj4mqhXfudBlQQFgRfc0qBEjfm99VcyvEuwPILBcnv\"}'\n",
         "BATCH_INTERVAL 20\n",
         "DISABLE OFFSETS METADATA GC\n",
         "INTO TABLE `siem_log_real`\n",