[DOCS] Updates anomaly detection alert docs with the new alerting ter…

…minology (#70486)

Co-authored-by: Lisa Cawley <[email protected]>

docs/reference/ml/anomaly-detection/ml-configuring-alerts.asciidoc

@@ -1,92 +1,94 @@
 [role="xpack"]
 [[ml-configuring-alerts]]
-= Configuring {anomaly-detect} alerts
+= Generating alerts for {anomaly-jobs}
 
 beta::[]
 
-{anomaly-detect-cap} alerts run scheduled checks on an {anomaly-job} or a group 
-of jobs to detect anomalies with certain conditions. If an anomaly meets the 
-conditions, the alert triggers the defined action. For example, you can create 
-an alert that checks an {anomaly-job} every fifteen minutes for critical 
-anomalies and notifies you in an email. This page helps you to configure an 
-{anomaly-detect} alert. To learn more about alerts in the {stack}, refer to 
+{kib} {alert-features} include support for {ml} rules, which run scheduled 
+checks on an {anomaly-job} or a group of jobs to detect anomalies with certain 
+conditions. If an anomaly meets the conditions, an alert is created and the 
+associated action is triggered. For example, you can create a rule to check an 
+{anomaly-job} every fifteen minutes for critical anomalies and to notify you in 
+an email. To learn more about {kib} {alert-features}, refer to 
 {kibana-ref}/alerting-getting-started.html#alerting-getting-started[Alerting and Actions].
 
 
-[[creating-anomaly-alerts]]
-== Creating an alert
+[[creating-anomaly-alert-rules]]
+== Creating a rule
 
-You can create {anomaly-detect} alerts in the {anomaly-job} wizard after you 
-start the job, from the job list, or under **{stack-manage-app} > {alerts-ui}**. 
-On the *Create alert* window, select *{anomaly-detect-cap} alert* under the 
-{ml-cap} section, then give a name to the alert and optionally provide tags.
+You can create {ml} rules in the {anomaly-job} wizard after 
+you start the job, from the job list, or under **{stack-manage-app} > 
+{alerts-ui}**. On the *Create rule* window, select *{anomaly-detect-cap} alert* 
+under the {ml} section, then give a name to the rule and optionally provide 
+tags.
 
-Specify the time interval for the alert to check detected anomalies. It is 
+Specify the time interval for the rule to check detected anomalies. It is 
 recommended to select an interval that is close to the bucket span of the 
 associated job. You can also select a notification option by using the _Notify_ 
-selector. An alert instance remains active as long as anomalies are found for a 
+selector. An alert remains active as long as anomalies are found for a 
 particular {anomaly-job} during the check interval. When there is no anomaly 
 found in the next interval, the `Recovered` action group is invoked and the 
-status of the alert instance changes to `OK`. For more details, refer to the 
+status of the alert changes to `OK`. For more details, refer to the 
 documentation of 
-{kibana-ref}/defining-alerts.html#defining-alerts-general-details[general alert details].
+{kibana-ref}/defining-alerts.html#defining-alerts-general-details[general rule details].
 
 [role="screenshot"]
-image::images/ml-anomaly-alert-type.jpg["Creating an anomaly detection alert"]
+image::images/ml-anomaly-alert-type.jpg["Creating a rule for an anomaly detection alert"]
 
-Select the {anomaly-job} or the group of {anomaly-jobs} that is checked by the 
-alert. If you assign additional jobs to the group, the alert automatically 
-checks the new jobs the next time when the alert runs.
+Select the {anomaly-job} or the group of {anomaly-jobs} that is checked against 
+the rule. If you assign additional jobs to the group, the new jobs are 
+automatically checked the next time the conditions are checked.
 
-You can select the result type of the {anomaly-job} that triggers the alert. 
-In particular, you can create alerts based on bucket, record, or influencer 
+You can select the result type of the {anomaly-job} that is checked against the 
+rule. In particular, you can create rules based on bucket, record, or influencer 
 results.
 
 [role="screenshot"]
 image::images/ml-anomaly-alert-severity.jpg["Selecting result type, severity, and test interval"]
 
-For each alert, you can configure the `anomaly_score` that triggers it. The 
-`anomaly_score` indicates the significance of a given anomaly compared to 
+For each rule, you can configure the `anomaly_score` that triggers the action. 
+The `anomaly_score` indicates the significance of a given anomaly compared to 
 previous anomalies. The default severity threshold is 75 which means every 
-anomaly with an `anomaly_score` of 75 or higher triggers the alert.
+anomaly with an `anomaly_score` of 75 or higher triggers the associated action.
 
-You can select whether you want the alert to include interim results. Interim 
-results are created by the {anomaly-job} before a bucket is finalized. These 
-results might disappear after the bucket is fully processed. Include 
-interim results if you want to be notified earlier about a potential anomaly 
-even if it might be a false positive. If you want to get notified 
-only about anomalies of fully processed buckets, do not include interim results.
+You can select whether you want to include interim results. Interim results are 
+created by the {anomaly-job} before a bucket is finalized. These results might 
+disappear after the bucket is fully processed. Include interim results if you 
+want to be notified earlier about a potential anomaly even if it might be a 
+false positive. If you want to get notified only about anomalies of fully 
+processed buckets, do not include interim results.
 
 You can also test the configured conditions against your existing data and check 
 the sample results by providing a valid interval for your data. The generated 
-preview contains the number of potentially created alert instances during the 
-relative time range you defined.
+preview contains the number of potentially created alerts during the relative 
+time range you defined.
 
 
 [[defining-actions]]
 == Defining actions
 
-As a next step, connect your alert to actions that use supported built-in 
-integrations. Actions are {kib} services or third-party integrations that run 
-when the alert conditions are met.
+As a next step, connect your rule to actions that use supported built-in 
+integrations by selecting a connector type. Connectors are {kib} services or 
+third-party integrations that perform an action when the rule conditions are 
+met.
 
 [role="screenshot"]
-image::images/ml-anomaly-alert-actions.jpg["Selecting action type"]
+image::images/ml-anomaly-alert-actions.jpg["Selecting connector type"]
 
-For example, you can choose _Slack_ as an action type and configure it to send a 
-message to a channel you selected. You can also create an index connector that 
+For example, you can choose _Slack_ as a connector type and configure it to send 
+a message to a channel you selected. You can also create an index connector that 
 writes the JSON object you configure to a specific index. It's also possible to 
 customize the notification messages. A list of variables is available to include 
 in the message, like job ID, anomaly score, time, or top influencers.
 
 [role="screenshot"]
 image::images/ml-anomaly-alert-messages.jpg["Customizing your message"]
 
-After you save the configurations, the alert appears in the *{alerts-ui}* list 
+After you save the configurations, the rule appears in the *{alerts-ui}* list 
 where you can check its status and see the overview of its configuration 
 information.
 
-The name of an alert instance is always the same as the job ID of the associated 
-{anomaly-job} that triggered the alert. You can mute the notifications for a 
-particular {anomaly-job} on the page of the alert that lists the individual 
-alert instances. You can open it via *{alerts-ui}* by selecting the alert name.
+The name of an alert is always the same as the job ID of the associated 
+{anomaly-job} that triggered it. You can mute the notifications for a particular 
+{anomaly-job} on the page of the rule that lists the individual alerts. You can 
+open it via *{alerts-ui}* by selecting the rule name.