elastic · marciw · Dec 11, 2024 · Dec 9, 2024 · Dec 9, 2024 · Dec 9, 2024
diff --git a/docs/reference/data-streams/logs.asciidoc b/docs/reference/data-streams/logs.asciidoc
@@ -1,8 +1,8 @@
 [[logs-data-stream]]
 == Logs data stream
 
-IMPORTANT: The {es} `logsdb` index mode is generally available for Elastic Cloud Hosted 
-and Self-Managed customers as of version 8.17 and is enabled by default for 
+IMPORTANT: The {es} `logsdb` index mode is generally available in Elastic Cloud Hosted 
+and self-managed Elasticsearch as of version 8.17, and is enabled by default for 
 logs in https://www.elastic.co/elasticsearch/serverless[{serverless-full}]. 
 
 A logs data stream is a data stream type that stores log data more efficiently.
@@ -32,12 +32,12 @@ PUT _index_template/my-index-template
 ----
 // TEST
 
-<1> Index mode setting
-<2> Index template priority: By default, Elasticsearch ships with a `logs-*-*` index template with a priority of 100. To make sure your index template takes priority over the default `logs-*-*` template, set its `priority` to a number higher than 100. For more information, see <<avoid-index-pattern-collisions,Avoid index pattern collisions>>.
+<1> The index mode setting.
+<2> The index template priority. By default, Elasticsearch ships with a `logs-*-*` index template with a priority of 100. To make sure your index template takes priority over the default `logs-*-*` template, set its `priority` to a number higher than 100. For more information, see <<avoid-index-pattern-collisions,Avoid index pattern collisions>>.
 
 After the index template is created, new indices that use the template will be configured as a logs data stream. You can start indexing data and <<use-a-data-stream,using the data stream>>.
 
-You can also set the index mode and adjust other template settings in <<index-mgmt,Stack Management in {kib}>>.
+You can also set the index mode and adjust other template settings in <<index-mgmt,the Elastic UI>>.
 
 ////
 [source,console]
@@ -53,16 +53,17 @@ DELETE _index_template/my-index-template
 [[logsdb-synthetic-source]]
 === Synthetic source
 
-By default, `logsdb` mode uses <<synthetic-source,synthetic `_source`>>, which omits storing the original `_source`
+If you have the required https://www.elastic.co/subscriptions[subscription], `logsdb` index mode uses <<synthetic-source,synthetic `_source`>>, which omits storing the original `_source`
 field. Instead, the document source is synthesized from doc values or stored fields upon document retrieval. 
 
-Before using synthetic source, make sure to review the <<synthetic-source,restriction and modifications>>. To prevent modifications of a particular object or field, you can <<synthetic-source-keep,minimize synthetic source modifications>>.
+Before using synthetic source, make sure to review the <<synthetic-source,restrictions>>. 
 
 When working with multi-value fields, the `index.mapping.synthetic_source_keep` setting controls how field values
 are preserved for <<synthetic-source,synthetic source>> reconstruction. In `logsdb`, the default value is `arrays`,
 which retains both duplicate values and the order of entries. However, the exact structure of
 array elements and objects is not necessarily retained. Preserving duplicates and ordering can be critical for some log fields, such as DNS A records, HTTP headers, and log entries that represent sequential or repeated events. 
 
+If you don't have the required https://www.elastic.co/subscriptions[subscription], `logsdb` mode uses the original `_source` field.
 
 [discrete]
 [[logsdb-sort-settings]]
@@ -83,23 +84,19 @@ The `min` mode sorts indices by the minimum value of multi-value fields.
 Missing values are sorted to appear `_first`.
 
 You can override these default sort settings. For example, to sort on different fields
-and change the order, modify `index.sort.field` and `index.sort.order`.
+and change the order, manually configure `index.sort.field` and `index.sort.order`. For more details, see
+<<index-modules-index-sorting>>.
 
 When using the default sort settings, the `host.name` field is automatically injected into the index mappings as a `keyword` field to ensure that sorting can be applied. This guarantees that logs are efficiently sorted and
 retrieved based on the `host.name` and `@timestamp` fields.
 
-NOTE: If `subobjects` is set to `true` (default), the `host.name` field is mapped as an object field
+NOTE: If `subobjects` is set to `true` (default), the `host` field is mapped as an object field
 named `host` with a `name` child field of type `keyword`. If `subobjects` is set to `false`,
 a single `host.name` field is mapped as a `keyword` field.
 
-After an index is created, the sort settings cannot be modified. To use different sort settings,
-create a new index. For data streams, you can update the relevant component templates and then 
+To apply different sort settings, update the data stream's component templates, and then 
 perform or wait for an index <<data-streams-rollover,rollover>>.
 
-Keep in mind that sort
-settings can influence indexing throughput and query latency, and may affect compression efficiency. For more details, see
-<<index-modules-index-sorting>>.
-
 NOTE: For <<data-streams, data streams>>, the `@timestamp` field is automatically injected if it's not already present. If you apply custom sort settings, the `@timestamp` field is injected into the mappings but is not
 automatically added to the list of sort fields.
 
@@ -141,7 +138,7 @@ segment-level keyword dictionary. This compression is used when multiple consecu
 [[logsdb-ignored-settings]]
 === `ignore` settings
 
-`logsdb` index mode uses `ignore` settings to optimize performance. You can override these settings as needed.
+The `logsdb` index mode uses the following `ignore` settings. You can override these settings as needed.
 
 [discrete]
 [[logsdb-ignore-malformed]]
@@ -187,7 +184,7 @@ reconstructing the original value.
 
 [discrete]
 [[logsdb-settings-summary]]
-=== Full settings reference
+=== Settings reference
 
 The `logsdb` index mode uses the following settings: 
 

diff --git a/docs/reference/index-modules.asciidoc b/docs/reference/index-modules.asciidoc
@@ -113,9 +113,9 @@ Index mode supports the following values:
 
 `standard`::: Standard indexing with default settings.
 
-<<tsds,`time_series`>>::: Index mode optimized for storage of metrics documented in <<tsds-index-settings,TSDS Settings>>.
+`tsds`::: Index mode optimized for storage of metrics. For more information, see <<tsds-index-settings>>.
 
-<<logs-data-stream,`logsdb`>>::: Index mode optimized for storage of logs. By default, this setting uses <<synthetic-source,synthetic `_source`>> and sorts on the `hostname` and `timestamp` fields. You can override the defaults to <<index-modules-index-sorting,sort>> on different fields.
+`logsdb`::: Index mode optimized for <<logs-data-stream,logs>>.
 
 [[routing-partition-size]] `index.routing_partition_size`::
 

diff --git a/docs/reference/indices/put-index-template.asciidoc b/docs/reference/indices/put-index-template.asciidoc
@@ -44,7 +44,6 @@ DELETE _index_template/template_*
 * If the {es} {security-features} are enabled, you must have the
 `manage_index_templates` or `manage` <<privileges-list-cluster,cluster
 privilege>> to use this API.
-* The `logsDB` index mode requires an https://www.elastic.co/pricing[Enterprise subscription].
 
 [[put-index-template-api-desc]]
 ==== {api-description-title}
@@ -117,7 +116,7 @@ See <<create-index-template,create an index template>>.
 `index_mode`::
 (Optional, string) Type of data stream to create. Valid values are `null`
 (standard data stream), `time_series` (<<tsds,time series data stream>>) and `logsdb` 
-(<<logs-data-stream,logs data stream>>, which requires an https://www.elastic.co/pricing[Enterprise subscription]).
+(<<logs-data-stream,logs data stream>>).
 +
 The template's `index_mode` sets the `index.mode` of the backing index.
 =====

diff --git a/docs/reference/mapping/fields/synthetic-source.asciidoc b/docs/reference/mapping/fields/synthetic-source.asciidoc
@@ -1,12 +1,10 @@
 [[synthetic-source]]
 ==== Synthetic `_source`
 
-IMPORTANT: This feature requires an https://www.elastic.co/subscriptions[Enterprise subscription].
-
 Though very handy to have around, the source field takes up a significant amount
 of space on disk. Instead of storing source documents on disk exactly as you
 send them, Elasticsearch can reconstruct source content on the fly upon retrieval.
-Enable this by using the value `synthetic` for the index setting `index.mapping.source.mode`:
+To enable this https://www.elastic.co/subscriptions[subscription] feature, use the value `synthetic` for the index setting `index.mapping.source.mode`:
 
 [source,console,id=enable-synthetic-source-example]
 ----
@@ -25,7 +23,7 @@ PUT idx
 ----
 // TESTSETUP
 
-While this on the fly reconstruction is *generally* slower than saving the source
+While this on-the-fly reconstruction is _generally_ slower than saving the source
 documents verbatim and loading them at query time, it saves a lot of storage
 space. Additional latency can be avoided by not loading `_source` field in queries when it is not needed.