[Request][ESS] Document advanced setting that allows users to disable…

… ES|QL in ESS (#5181) * First draft * Minor edits * Updated note * Removing outdated content * Update docs/assistant/security-assistant.asciidoc * Update docs/detections/about-rules.asciidoc * Update docs/events/timeline-ui-overview.asciidoc * Fixed formatting
elastic · May 20, 2024 · 84344d6 · 84344d6
1 parent 3407651
commit 84344d6
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 0 deletions.
diff --git a/docs/assistant/security-assistant.asciidoc b/docs/assistant/security-assistant.asciidoc
@@ -185,6 +185,10 @@ The **Knowledge base** tab of the AI Assistant settings menu allows you to enabl
 [[rag-for-esql]]
 ==== Knowledge base for {esql}
 
+NOTE: {esql} is enabled by default in {kib}. It can be
+disabled using the `enableESQL` setting from the
+{kibana-ref}/advanced-options.html[Advanced Settings]. This will hide the {esql} user interface from various applications. However, users will be able to access existing {esql} artifacts like saved searches and visualizations.
+
 IMPORTANT: {esql} queries generated by AI Assistant might require additional validation. To ensure they're correct, refer to the {ref}/esql-language.html[{esql} documentation]. 
 
 When this feature is enabled, AI Assistant can help you write an {esql} query for a particular use case, or answer general questions about {esql} syntax and usage. To enable AI Assistant to answer questions about {esql}:

diff --git a/docs/detections/about-rules.asciidoc b/docs/detections/about-rules.asciidoc
@@ -43,6 +43,10 @@ TIP: You can also use value lists as the indicator match index. See <<indicator-
 * <<create-new-terms-rule, *New terms*>>: Generates an alert for each new term detected in source documents within a specified time range. You can also detect a combination of up to three new terms (for example, a `host.ip` and `host.id` that have never been observed together before).
 
 * <<create-esql-rule, *ES|QL*>>: Searches the defined indices and creates an alert when results match an {ref}/esql.html[Elasticsearch Query Language (ES|QL)] query.
++
+NOTE: {esql} is enabled by default in {kib}. It can be
+disabled using the `enableESQL` setting from the
+{kibana-ref}/advanced-options.html[Advanced Settings]. This will hide the {esql} user interface from various applications. However, users will be able to access existing {esql} artifacts like saved searches and visualizations.
 
 [role="screenshot"]
 image::images/all-rules.png[Shows the Rules page]

diff --git a/docs/events/timeline-ui-overview.asciidoc b/docs/events/timeline-ui-overview.asciidoc
@@ -196,6 +196,10 @@ From the *Correlation* tab, you can also do the following:
 [[esql-in-timeline]]
 == Use {esql} to investigate events 
 
+NOTE: {esql} is enabled by default in {kib}. It can be
+disabled using the `enableESQL` setting from the
+{kibana-ref}/advanced-options.html[Advanced Settings]. This will hide the {esql} user interface from various applications. However, users will be able to access existing {esql} artifacts like saved searches and visualizations.
+
 The {ref}/esql.html[Elasticsearch Query Language ({esql})] provides a powerful way to filter, transform, and analyze event data stored in {es}. {esql} queries use "pipes" to manipulate and transform data in a step-by-step fashion. This approach allows you to compose a series of operations, where the output of one operation becomes the input for the next, enabling complex data transformations and analysis.
 
 You can use {esql} in Timeline by opening the **{esql}** tab. From there, you can: