diff --git a/docs/experimental-features/host-risk-score.asciidoc b/docs/experimental-features/host-risk-score.asciidoc index dfd4a51f61..73f1f30c2b 100644 --- a/docs/experimental-features/host-risk-score.asciidoc +++ b/docs/experimental-features/host-risk-score.asciidoc @@ -1,6 +1,9 @@ [[host-risk-score]] == Host risk score +NOTE: This page refers to the original user and host risk score modules. If you have the original modules installed, and you're running {stack} version 8.11 or newer, you can <>. +For information about the latest risk engine, refer to <>. + NOTE: This feature is available for {stack} versions 7.16.0 and newer and requires a https://www.elastic.co/pricing[Platinum subscription] or higher. The host risk score feature highlights risky hosts from within your environment. It utilizes a transform with a scripted metric aggregation to calculate host risk scores based on alerts that were generated within the past five days. The transform runs hourly to update the score as new alerts are generated. diff --git a/docs/experimental-features/user-risk-score.asciidoc b/docs/experimental-features/user-risk-score.asciidoc index 8662ff072b..3161f265dd 100644 --- a/docs/experimental-features/user-risk-score.asciidoc +++ b/docs/experimental-features/user-risk-score.asciidoc @@ -1,6 +1,9 @@ [[user-risk-score]] == User risk score +NOTE: This page refers to the original user and host risk score modules. If you have the original modules installed, and you're running {stack} version 8.11 or newer, you can <>. +For information about the latest risk engine, refer to <>. + NOTE: This feature is available for {stack} versions 8.3.0 and newer and requires a https://www.elastic.co/pricing[Platinum subscription] or higher. The user risk score feature highlights risky usernames in your environment. It utilizes a transform with a scripted metric aggregation to calculate user risk scores based on alerts generated within the past 90 days. The transform runs hourly to update scores as new alerts are generated.