From 7ed65673f58d59d55db01cbb9ef58b390cdcb963 Mon Sep 17 00:00:00 2001
From: "mergify[bot]" <37929162+mergify[bot]@users.noreply.github.com>
Date: Thu, 21 Mar 2024 14:55:45 -0400
Subject: [PATCH] Manual prebuilt rule updates support notice (#4934) (#4954)

* Add statement to relevant pages

- Upgrade Elastic Security
- Install and manage Elastic prebuilt rules

* Update docs/detections/prebuilt-rules-management.asciidoc

Co-authored-by: Benjamin Ironside Goldstein <91905639+benironside@users.noreply.github.com>

* Update docs/upgrade/upgrade-security.asciidoc

Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>

* Update docs/upgrade/upgrade-security.asciidoc

---------

Co-authored-by: Benjamin Ironside Goldstein <91905639+benironside@users.noreply.github.com>
Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>
(cherry picked from commit 9ad5d7054bafa40235c2df6888c29b92f87845f3)

Co-authored-by: Joe Peeples <joe.peeples@elastic.co>
---
 docs/detections/prebuilt-rules-management.asciidoc | 2 ++
 docs/upgrade/upgrade-security.asciidoc             | 3 +++
 2 files changed, 5 insertions(+)

diff --git a/docs/detections/prebuilt-rules-management.asciidoc b/docs/detections/prebuilt-rules-management.asciidoc
index da39e929e7..12a6635633 100644
--- a/docs/detections/prebuilt-rules-management.asciidoc
+++ b/docs/detections/prebuilt-rules-management.asciidoc
@@ -19,6 +19,8 @@ Follow these guidelines to start using the {security-app}'s <<prebuilt-rules, pr
 * Prebuilt rules don't start running by default. You must first install the rules, then enable them. After installation, only a few prebuilt rules will be enabled by default, such as the Endpoint Security rule.
 
 * You can't modify most settings on Elastic prebuilt rules. You can only edit <<rule-notifications, rule actions>> and <<add-exceptions, add exceptions>>. If you want to modify other settings on a prebuilt rule, you must first duplicate it, then make your changes to the duplicated rule. However, your customized rule is entirely separate from the original prebuilt rule, and will not get updates from Elastic if the prebuilt rule is updated.
+
+* Automatic updates of Elastic prebuilt rules are supported for the current {elastic-sec} version and the latest three previous minor releases. For example, if you’re on {elastic-sec} 8.10, you’ll be able to use the Rules UI to update your prebuilt rules until {elastic-sec} 8.14 is released. After that point, you can still manually download and install updated prebuilt rules, but you must upgrade to the latest {elastic-sec} version to receive automatic updates.
 ====
 
 [float]
diff --git a/docs/upgrade/upgrade-security.asciidoc b/docs/upgrade/upgrade-security.asciidoc
index c50e6bc026..0b097f486b 100644
--- a/docs/upgrade/upgrade-security.asciidoc
+++ b/docs/upgrade/upgrade-security.asciidoc
@@ -37,6 +37,9 @@ IMPORTANT: You can upgrade to pre-release versions for testing,
 but upgrading from a pre-release to the Generally Available version is unsupported.
 You should use pre-release versions only for testing in a temporary environment.
 
+[float]
+=== Support for Elastic prebuilt detection rule automatic updates
+<<update-prebuilt-rules,Automatic updates of Elastic prebuilt detection rules>> are supported for the current {elastic-sec} version and the latest three previous minor releases. For example, if you’re upgrading to {elastic-sec} 8.10, you’ll be able to use the Rules UI to update your prebuilt rules until {elastic-sec} 8.14 is released. After that point, you can still manually download and install updated prebuilt rules, but you must upgrade to the latest {elastic-sec} version to receive automatic updates.
 
 [float]
 [[preventing-migration-failures]]