[8.16] Asset criticality advanced setting removed (backport #5991) (#…

…6034) * Asset criticality advanced setting removed (#5991) (cherry picked from commit 2390859) # Conflicts: # docs/advanced-entity-analytics/api/asset-criticality-api-overview.asciidoc # docs/serverless/advanced-entity-analytics/asset-criticality.mdx # docs/serverless/advanced-entity-analytics/entity-risk-scoring.mdx # docs/serverless/advanced-entity-analytics/ers-req.mdx # docs/serverless/explore/hosts-overview.mdx # docs/serverless/explore/users-page.mdx # docs/serverless/settings/advanced-settings.mdx * Delete docs/serverless directory and its contents * Update docs/advanced-entity-analytics/api/asset-criticality-api-overview.asciidoc --------- Co-authored-by: natasha-moore-elastic <[email protected]> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
elastic · Oct 30, 2024 · 18ec15d · 18ec15d
1 parent 0ee2d99
commit 18ec15d
Show file tree

Hide file tree

Showing 7 changed files with 11 additions and 33 deletions.
diff --git a/docs/advanced-entity-analytics/api/asset-criticality-api-overview.asciidoc b/docs/advanced-entity-analytics/api/asset-criticality-api-overview.asciidoc
@@ -2,4 +2,10 @@
 [role="xpack"]
 == Asset criticality API
 
-You can manage <<asset-criticality, asset criticality>> records through the API. To use this API, you must first turn on the `securitySolution:enableAssetCriticality` <<enable-asset-criticality, advanced setting>>.
+.New API Reference
+[sidebar]
+--
+For the most up-to-date API details, refer to {api-kibana}/group/endpoint-security-entity-analytics-api[Entity Analytics APIs].
+--
+
+You can manage <<asset-criticality, asset criticality>> records through the API.
diff --git a/docs/advanced-entity-analytics/asset-criticality.asciidoc b/docs/advanced-entity-analytics/asset-criticality.asciidoc
@@ -4,12 +4,7 @@
 .Requirements
 [sidebar]
 --
-To view and assign asset criticality, you must:
-
-* Have the appropriate user role.
-* Turn on the `securitySolution:enableAssetCriticality` <<enable-asset-criticality, advanced setting>>.
-
-For more information, refer to <<ers-requirements, Entity risk scoring prerequisites>>.
+To view and assign asset criticality, you must have the appropriate user role. For more information, refer to <<ers-requirements, Entity risk scoring prerequisites>>.
 --
 
 The asset criticality feature allows you to classify your organization's entities based on various operational factors that are important to your organization. Through this classification, you can improve your threat detection capabilities by focusing your alert triage, threat-hunting, and investigation activities on high-impact entities.

diff --git a/docs/advanced-entity-analytics/entity-risk-scoring.asciidoc b/docs/advanced-entity-analytics/entity-risk-scoring.asciidoc
@@ -30,11 +30,7 @@ Entity risk scores are determined by the following risk inputs:
 
 The resulting entity risk scores are stored in the `risk-score.risk-score-<space-id>` data stream alias.
 
-[NOTE]
-======
-* Entities without any alerts, or with only `Closed` alerts, are not assigned a risk score.
-* To use asset criticality, you must enable the `securitySolution:enableAssetCriticality` <<enable-asset-criticality, advanced setting>>.
-======
+NOTE: Entities without any alerts, or with only `Closed` alerts, are not assigned a risk score.
 
 [discrete]
 [[how-is-risk-score-calculated]]

diff --git a/docs/advanced-entity-analytics/ers-req.asciidoc b/docs/advanced-entity-analytics/ers-req.asciidoc
@@ -45,8 +45,6 @@ The risk scoring engine uses an internal user role to score all hosts and users,
 [discrete]
 == Asset criticality
 
-To use the asset criticality feature, turn on the `securitySolution:enableAssetCriticality` <<enable-asset-criticality, advanced setting>>.
-
 [discrete]
 === Privileges
 

diff --git a/docs/getting-started/advanced-setting.asciidoc b/docs/getting-started/advanced-setting.asciidoc
@@ -102,11 +102,6 @@ Security *Overview* page.
 * `securitySolution:newsFeedUrl`: The URL from which the security news feed content is
 retrieved.
 
-[discrete]
-[[enable-asset-criticality]]
-== Enable asset criticality workflows
-The `securitySolution:enableAssetCriticality` setting determines whether asset criticality is included as a risk input to entity risk scoring. This setting is turned off by default. Turn it on to enable asset criticality workflows and to use asset criticality as part of entity risk scoring.
-
 [discrete]
 [[exclude-cold-frozen-tiers]]
 == Exclude cold and frozen tier data from analyzer queries

diff --git a/docs/getting-started/users-page.asciidoc b/docs/getting-started/users-page.asciidoc
@@ -36,7 +36,7 @@ A user's details page displays all relevant information for the selected user. T
 
 The user details page includes the following sections: 
 
-* **Asset Criticality**: If the `securitySolution:enableAssetCriticality` <<enable-asset-criticality, advanced setting>> is on, this section displays the user's current <<asset-criticality, asset criticality level>>.
+* **Asset Criticality**: This section displays the user's current <<asset-criticality, asset criticality level>>.
 
 * *Summary*: Details such as the user ID, when the user was first and last seen, the associated IP address(es), and operating system. If the user risk score feature is enabled, this section also displays user risk score data. 
 
@@ -99,12 +99,6 @@ image::images/users/user-risk-inputs.png[User risk inputs]
 [[user-asset-criticality-section]]
 === Asset Criticality
 
-.Requirements
-[sidebar]
---
-The **Asset Criticality** section is only available if the `securitySolution:enableAssetCriticality` <<enable-asset-criticality, advanced setting>> is on.
---
-
 The **Asset Criticality** section displays the selected user's <<asset-criticality, asset criticality level>>. Asset criticality contributes to the overall <<entity-risk-scoring, user risk score>>. The criticality level defines how impactful the user is when calculating the risk score.
 
 [role="screenshot"]

diff --git a/docs/management/hosts/hosts-overview.asciidoc b/docs/management/hosts/hosts-overview.asciidoc
@@ -42,7 +42,7 @@ A host's details page displays all relevant information for the selected host. T
 
 The host details page includes the following sections: 
 
-* **Asset Criticality**: If the `securitySolution:enableAssetCriticality` <<enable-asset-criticality, advanced setting>> is on, this section displays the host's current <<asset-criticality, asset criticality level>>.
+* **Asset Criticality**: This section displays the host's current <<asset-criticality, asset criticality level>>.
 * *Summary*: Details such as the host ID, when the host was first and last seen, the associated IP addresses, and associated operating system. If the host risk score feature is enabled, this section also displays host risk score data. 
 * *Alert metrics*: The total number of alerts by severity, rule, and status (`Open`, `Acknowledged`, or `Closed`).  
 * *Data tables*: The same data tables as on the main Hosts page, except with values for the selected host instead of all hosts. 
@@ -102,12 +102,6 @@ image::images/host-risk-inputs.png[Host risk inputs]
 [[host-asset-criticality-section]]
 === Asset Criticality
 
-.Requirements
-[sidebar]
---
-The **Asset Criticality** section is only available if the `securitySolution:enableAssetCriticality` <<enable-asset-criticality, advanced setting>> is on.
---
-
 The **Asset Criticality** section displays the selected host's <<asset-criticality, asset criticality level>>. Asset criticality contributes to the overall <<entity-risk-scoring, host risk score>>. The criticality level defines how impactful the host is when calculating the risk score.
 
 [role="screenshot"]