[8.11] [Request] [8.11.4 & 8.12][ESS] Document feature flag for the E…

…S|QL Timeline tab (backport #4552) (#4590) * First draft * Small edit * Small edits * Update docs/events/timeline-ui-overview.asciidoc * Update docs/events/timeline-ui-overview.asciidoc * Update docs/events/timeline-ui-overview.asciidoc (cherry picked from commit 10b4fba) Co-authored-by: Nastasha Solomon <[email protected]>
elastic · Jan 10, 2024 · 1d53fef · 1d53fef
1 parent 4556082
commit 1d53fef
Showing 1 changed file with 2 additions and 0 deletions.
diff --git a/docs/events/timeline-ui-overview.asciidoc b/docs/events/timeline-ui-overview.asciidoc
@@ -185,6 +185,8 @@ From the *Correlation* tab, you can also do the following:
 
 preview::["Do not use {esql} on production environments. This functionality is in technical preview and may be changed or removed in a future release. Elastic will work to fix any issues, but features in technical preview are not subject to the support SLA of official GA features."]
 
+NOTE: The {esql} tab is available by default. Since it's in technical preview, you can remove it by editing your {cloud}/ec-manage-kibana-settings.html#ec-manage-kibana-settings[{kib} user settings] and adding the `xpack.securitySolution.enableExperimental: ["timelineEsqlTabDisabled"]` feature flag.
+
 The {ref}/esql.html[Elasticsearch Query Language ({esql})] provides a powerful way to filter, transform, and analyze event data stored in {es}. {esql} queries use "pipes" to manipulate and transform data in a step-by-step fashion. This approach allows you to compose a series of operations, where the output of one operation becomes the input for the next, enabling complex data transformations and analysis.
 
 You can use {esql} in Timeline by opening the **{esql}** tab. From there, you can: