docs: homogeneize and add more data for "i don't see"

Author: iru

README.md

@@ -184,25 +184,20 @@ When scanning is activated, should see following lines on the cloud-connector co
 
 ## Troubleshooting
 
-### Q-General: Need to modify cloud-connector config (to troubleshoot with `debug` loglevel, modify ingestors for testing, ...)
+### Q-Debug: Need to modify cloud-connector config (to troubleshoot with `debug` loglevel, modify ingestors for testing, ...)
 A: both in ECS and AppRunner workload types, cloud-connector configuration is passed as a base64-encoded string through the env var `CONFIG`
 <br/>S: Get current value, decode it, edit the desired (ex.:`logging: debug` value), encode it again, and spin it again with this new definition.
 <br/>For information on all the modifyable configuration see [Cloud-Connector Chart](https://charts.sysdig.com/charts/cloud-connector/#configuration-detail) reference
 
-### Q-General: Getting error "Error: cannot verify credentials" on "sysdig_secure_trusted_cloud_identity" data
-A: This happens when Sysdig credentials are not working correctly.
-<br/>S: Check sysdig provider block is correctly configured with the `sysdig_secure_url` and `sysdig_secure_api_token` variables
-with the correct values. Check [Sysdig SaaS per-region URLs if required](https://docs.sysdig.com/en/docs/administration/saas-regions-and-ip-ranges)
+### Q-General: I'm not able to see any data
+A: Solution is based on Cloudtrail delivery times
+S: Wait at least 15 minutes [as specified in the official AWS documentation](https://aws.amazon.com/cloudtrail/faqs/#Event_payload.2C_Timeliness.2C_and_Delivery_Frequency)
+<br/>For Identity and Access Management, when connected it will be in the [learning mode](https://docs.sysdig.com/en/docs/sysdig-secure/posture/identity-and-access/#understanding-learning-mode-and-disconnected-states)
 
-### Q-General: I'm not able to see Cloud Infrastructure Entitlements Management (CIEM) results
+### Q-CIEM: I'm not able to see Cloud Infrastructure Entitlements Management (CIEM) results
 A: Make sure you installed both [cloud-bench](https://github.com/sysdiglabs/terraform-aws-secure-for-cloud/tree/master/modules/services/cloud-bench) and [cloud-connector](https://github.com/sysdiglabs/terraform-aws-secure-for-cloud/tree/master/modules/services/cloud-connector) modules
 
-
-### Q-General-Networking: What's the requirements for the inbound/outbound connection?
-A: Refer to [Sysdig SASS Region and IP Ranges Documentation](https://docs.sysdig.com/en/docs/administration/saas-regions-and-ip-ranges/) to get Sysdig SaaS endpoint and allow both outbound (for compute vulnerability report) and inbound (for scheduled compliance checkups)
-<br/>ECS type deployment will create following [security-group setup](https://github.com/sysdiglabs/terraform-aws-secure-for-cloud/blob/master/modules/services/cloud-connector-ecs/sec-group.tf)
-
-### Q-Scanning: I'm not seeing any image scanning results
+### Q-Scanning: I'm not able to see any image scanning results
 A: Need to check several steps
 <br/>S: First, image scanning is not activated by default. Ensure you have the [required scanning enablers](https://docs.sysdig.com/en/docs/installation/sysdig-secure-for-cloud/deploy-sysdig-secure-for-cloud-on-aws/#enabling-image-scanner) in place.
 <br/>Currently, images are scanned on registry/repository push events, and on the supported compute services on deployment. Make sure these events are triggered.
@@ -242,6 +237,16 @@ A: We don’t scan images from the management account ECR because is [not a best
     ]
   }
   ```
+
+### Q-General: Getting error "Error: cannot verify credentials" on "sysdig_secure_trusted_cloud_identity" data
+A: This happens when Sysdig credentials are not working correctly.
+<br/>S: Check sysdig provider block is correctly configured with the `sysdig_secure_url` and `sysdig_secure_api_token` variables
+with the correct values. Check [Sysdig SaaS per-region URLs if required](https://docs.sysdig.com/en/docs/administration/saas-regions-and-ip-ranges)
+
+### Q-General-Networking: What's the requirements for the inbound/outbound connection?
+A: Refer to [Sysdig SASS Region and IP Ranges Documentation](https://docs.sysdig.com/en/docs/administration/saas-regions-and-ip-ranges/) to get Sysdig SaaS endpoint and allow both outbound (for compute vulnerability report) and inbound (for scheduled compliance checkups)
+<br/>ECS type deployment will create following [security-group setup](https://github.com/sysdiglabs/terraform-aws-secure-for-cloud/blob/master/modules/services/cloud-connector-ecs/sec-group.tf)
+
 ### Q-AWS: Getting Error "BadRequestException: Cannot create group: group already exists
 A: This happens when a previous installation of secure-for-cloud exists. On each account where Sysdig has to create resources, it will create a grouping resource-group using the `name` variable (defaulted to `sfc` on main examples).
 <br/>S: Remove previous installation, or if multiple setups are required, use the `name` varible to change the resource-group name.
@@ -301,7 +306,7 @@ This error happens when the ECS `TaskRole` has no permissions to assume this rol
 A: Probably you or someone in the same environment you're using, already deployed a resource with the sysdig terraform module and a naming collision is happening.
 <br/>S: If you want to maintain several versions, make use of the [`name` input var of the examples](https://github.com/sysdiglabs/terraform-aws-secure-for-cloud/tree/master/examples/single-account-ecs#input_name)
 
-### Q-AWS-Datasources: I cannot see my acccount alias in the `Data Sources > Cloud page`
+### Q-AWS-Datasources: I'm not able to see my acccount alias in the `Data Sources > Cloud page`
 A: There are several causes to this.
 <br/>Check that your aws account has an alias set-up. It's not the same as the account name.
 ```bash