From 95fea5eeb4376ced39e10a0fed08f1d2c1354e9c Mon Sep 17 00:00:00 2001
From: Benjamin Ironside Goldstein <benjamin.ironside@elastic.co>
Date: Mon, 17 Jun 2024 12:04:00 -0700
Subject: [PATCH] first test of new org

---
 .../ai-alert-triage.asciidoc                  |   0
 .../ai-esql-queries.asciidoc                  |   0
 docs/AI-for-security/ai-for-security.asciidoc |  24 ++++++++++++++++++
 .../ai-use-cases.asciidoc}                    |   0
 .../attack-discovery.asciidoc                 |   0
 .../azure-openai-setup.asciidoc               |   0
 .../connect-to-bedrock.asciidoc               |   0
 .../connect-to-openai.asciidoc                |   0
 .../images/add-alert-context.gif              | Bin
 .../images/add-discovery-to-assistant.gif     | Bin
 .../images/ai-assistant-button.png            | Bin
 .../images/ai-triage-add-to-case.png          | Bin
 .../images/assistant-anonymization-menu.png   | Bin
 .../images/assistant-basic-view.png           | Bin
 .../images/assistant-settings-menu.png        | Bin
 .../images/assistant.gif                      | Bin
 .../images/attack-discovery-full-card.png     | Bin
 .../images/attck-disc-11-alerts-disc.png      | Bin
 .../attck-disc-esql-query-gen-example.png     | Bin
 .../images/icon-add-note.png                  | Bin
 .../images/icon-add-to-case.png               | Bin
 .../images/icon-add-to-timeline.png           | Bin
 .../images/icon-clear-red.png                 | Bin
 .../images/icon-copy.png                      | Bin
 .../images/icon-settings.png                  | Bin
 .../images/icon-system-prompt.png             | Bin
 .../images/knowledge-base-settings.png        | Bin
 .../images/quick-prompts.png                  | Bin
 .../images/select-model-empty-state.png       | Bin
 .../images/system-prompt.gif                  | Bin
 .../llm-connector-guides.asciidoc             |   0
 .../llm-performance-matrix.asciidoc           |   0
 .../security-assistant.asciidoc               |  11 --------
 ...y-ai-assistant-incident-reporting.asciidoc |   0
 .../images/icon-add-to-timeline.png           | Bin 599 -> 0 bytes
 docs/attack-discovery/images/icon-copy.png    | Bin 538 -> 0 bytes
 docs/index.asciidoc                           |   4 +--
 37 files changed, 25 insertions(+), 14 deletions(-)
 rename docs/{assistant => AI-for-security}/ai-alert-triage.asciidoc (100%)
 rename docs/{assistant => AI-for-security}/ai-esql-queries.asciidoc (100%)
 create mode 100644 docs/AI-for-security/ai-for-security.asciidoc
 rename docs/{assistant/assistant-use-cases.asciidoc => AI-for-security/ai-use-cases.asciidoc} (100%)
 rename docs/{attack-discovery => AI-for-security}/attack-discovery.asciidoc (100%)
 rename docs/{assistant => AI-for-security}/azure-openai-setup.asciidoc (100%)
 rename docs/{assistant => AI-for-security}/connect-to-bedrock.asciidoc (100%)
 rename docs/{assistant => AI-for-security}/connect-to-openai.asciidoc (100%)
 rename docs/{assistant => AI-for-security}/images/add-alert-context.gif (100%)
 rename docs/{attack-discovery => AI-for-security}/images/add-discovery-to-assistant.gif (100%)
 rename docs/{assistant => AI-for-security}/images/ai-assistant-button.png (100%)
 rename docs/{assistant => AI-for-security}/images/ai-triage-add-to-case.png (100%)
 rename docs/{assistant => AI-for-security}/images/assistant-anonymization-menu.png (100%)
 rename docs/{assistant => AI-for-security}/images/assistant-basic-view.png (100%)
 rename docs/{assistant => AI-for-security}/images/assistant-settings-menu.png (100%)
 rename docs/{assistant => AI-for-security}/images/assistant.gif (100%)
 rename docs/{attack-discovery => AI-for-security}/images/attack-discovery-full-card.png (100%)
 rename docs/{assistant => AI-for-security}/images/attck-disc-11-alerts-disc.png (100%)
 rename docs/{assistant => AI-for-security}/images/attck-disc-esql-query-gen-example.png (100%)
 rename docs/{assistant => AI-for-security}/images/icon-add-note.png (100%)
 rename docs/{assistant => AI-for-security}/images/icon-add-to-case.png (100%)
 rename docs/{assistant => AI-for-security}/images/icon-add-to-timeline.png (100%)
 rename docs/{assistant => AI-for-security}/images/icon-clear-red.png (100%)
 rename docs/{assistant => AI-for-security}/images/icon-copy.png (100%)
 rename docs/{assistant => AI-for-security}/images/icon-settings.png (100%)
 rename docs/{assistant => AI-for-security}/images/icon-system-prompt.png (100%)
 rename docs/{assistant => AI-for-security}/images/knowledge-base-settings.png (100%)
 rename docs/{assistant => AI-for-security}/images/quick-prompts.png (100%)
 rename docs/{attack-discovery => AI-for-security}/images/select-model-empty-state.png (100%)
 rename docs/{assistant => AI-for-security}/images/system-prompt.gif (100%)
 rename docs/{assistant => AI-for-security}/llm-connector-guides.asciidoc (100%)
 rename docs/{assistant => AI-for-security}/llm-performance-matrix.asciidoc (100%)
 rename docs/{assistant => AI-for-security}/security-assistant.asciidoc (96%)
 rename docs/{assistant => AI-for-security}/use-attack-discovery-ai-assistant-incident-reporting.asciidoc (100%)
 delete mode 100644 docs/attack-discovery/images/icon-add-to-timeline.png
 delete mode 100644 docs/attack-discovery/images/icon-copy.png

diff --git a/docs/assistant/ai-alert-triage.asciidoc b/docs/AI-for-security/ai-alert-triage.asciidoc
similarity index 100%
rename from docs/assistant/ai-alert-triage.asciidoc
rename to docs/AI-for-security/ai-alert-triage.asciidoc
diff --git a/docs/assistant/ai-esql-queries.asciidoc b/docs/AI-for-security/ai-esql-queries.asciidoc
similarity index 100%
rename from docs/assistant/ai-esql-queries.asciidoc
rename to docs/AI-for-security/ai-esql-queries.asciidoc
diff --git a/docs/AI-for-security/ai-for-security.asciidoc b/docs/AI-for-security/ai-for-security.asciidoc
new file mode 100644
index 0000000000..6795fec35d
--- /dev/null
+++ b/docs/AI-for-security/ai-for-security.asciidoc
@@ -0,0 +1,24 @@
+[[ai-for-security]]
+= AI for security
+
+:frontmatter-description: Learn to use AI capabilities in {elastic-sec}.
+:frontmatter-tags-products: [security]
+:frontmatter-tags-content-type: [overview]
+:frontmatter-tags-user-goals: [get-started]
+
+The guides in this section describe use-cases for AI Assistant and Attack discovery. Refer to them to learn about each tool's individual capabilities, and what they can do together.
+
+include::security-assistant.asciidoc[leveloffset=+1]
+include::attack-discovery.asciidoc[leveloffset=+1]
+
+include::ai-use-cases.asciidoc[leveloffset=+1]
+include::ai-alert-triage.asciidoc[leveloffset=+2]
+include::use-attack-discovery-ai-assistant-incident-reporting.asciidoc[leveloffset=+2]
+include::ai-esql-queries.asciidoc[leveloffset=+2]
+
+include::llm-connector-guides.asciidoc[leveloffset=+1]
+include::azure-openai-setup.asciidoc[leveloffset=+2]
+include::connect-to-openai.asciidoc[leveloffset=+2]
+include::connect-to-bedrock.asciidoc[leveloffset=+2]
+
+include::llm-performance-matrix.asciidoc[leveloffset=+1]
diff --git a/docs/assistant/assistant-use-cases.asciidoc b/docs/AI-for-security/ai-use-cases.asciidoc
similarity index 100%
rename from docs/assistant/assistant-use-cases.asciidoc
rename to docs/AI-for-security/ai-use-cases.asciidoc
diff --git a/docs/attack-discovery/attack-discovery.asciidoc b/docs/AI-for-security/attack-discovery.asciidoc
similarity index 100%
rename from docs/attack-discovery/attack-discovery.asciidoc
rename to docs/AI-for-security/attack-discovery.asciidoc
diff --git a/docs/assistant/azure-openai-setup.asciidoc b/docs/AI-for-security/azure-openai-setup.asciidoc
similarity index 100%
rename from docs/assistant/azure-openai-setup.asciidoc
rename to docs/AI-for-security/azure-openai-setup.asciidoc
diff --git a/docs/assistant/connect-to-bedrock.asciidoc b/docs/AI-for-security/connect-to-bedrock.asciidoc
similarity index 100%
rename from docs/assistant/connect-to-bedrock.asciidoc
rename to docs/AI-for-security/connect-to-bedrock.asciidoc
diff --git a/docs/assistant/connect-to-openai.asciidoc b/docs/AI-for-security/connect-to-openai.asciidoc
similarity index 100%
rename from docs/assistant/connect-to-openai.asciidoc
rename to docs/AI-for-security/connect-to-openai.asciidoc
diff --git a/docs/assistant/images/add-alert-context.gif b/docs/AI-for-security/images/add-alert-context.gif
similarity index 100%
rename from docs/assistant/images/add-alert-context.gif
rename to docs/AI-for-security/images/add-alert-context.gif
diff --git a/docs/attack-discovery/images/add-discovery-to-assistant.gif b/docs/AI-for-security/images/add-discovery-to-assistant.gif
similarity index 100%
rename from docs/attack-discovery/images/add-discovery-to-assistant.gif
rename to docs/AI-for-security/images/add-discovery-to-assistant.gif
diff --git a/docs/assistant/images/ai-assistant-button.png b/docs/AI-for-security/images/ai-assistant-button.png
similarity index 100%
rename from docs/assistant/images/ai-assistant-button.png
rename to docs/AI-for-security/images/ai-assistant-button.png
diff --git a/docs/assistant/images/ai-triage-add-to-case.png b/docs/AI-for-security/images/ai-triage-add-to-case.png
similarity index 100%
rename from docs/assistant/images/ai-triage-add-to-case.png
rename to docs/AI-for-security/images/ai-triage-add-to-case.png
diff --git a/docs/assistant/images/assistant-anonymization-menu.png b/docs/AI-for-security/images/assistant-anonymization-menu.png
similarity index 100%
rename from docs/assistant/images/assistant-anonymization-menu.png
rename to docs/AI-for-security/images/assistant-anonymization-menu.png
diff --git a/docs/assistant/images/assistant-basic-view.png b/docs/AI-for-security/images/assistant-basic-view.png
similarity index 100%
rename from docs/assistant/images/assistant-basic-view.png
rename to docs/AI-for-security/images/assistant-basic-view.png
diff --git a/docs/assistant/images/assistant-settings-menu.png b/docs/AI-for-security/images/assistant-settings-menu.png
similarity index 100%
rename from docs/assistant/images/assistant-settings-menu.png
rename to docs/AI-for-security/images/assistant-settings-menu.png
diff --git a/docs/assistant/images/assistant.gif b/docs/AI-for-security/images/assistant.gif
similarity index 100%
rename from docs/assistant/images/assistant.gif
rename to docs/AI-for-security/images/assistant.gif
diff --git a/docs/attack-discovery/images/attack-discovery-full-card.png b/docs/AI-for-security/images/attack-discovery-full-card.png
similarity index 100%
rename from docs/attack-discovery/images/attack-discovery-full-card.png
rename to docs/AI-for-security/images/attack-discovery-full-card.png
diff --git a/docs/assistant/images/attck-disc-11-alerts-disc.png b/docs/AI-for-security/images/attck-disc-11-alerts-disc.png
similarity index 100%
rename from docs/assistant/images/attck-disc-11-alerts-disc.png
rename to docs/AI-for-security/images/attck-disc-11-alerts-disc.png
diff --git a/docs/assistant/images/attck-disc-esql-query-gen-example.png b/docs/AI-for-security/images/attck-disc-esql-query-gen-example.png
similarity index 100%
rename from docs/assistant/images/attck-disc-esql-query-gen-example.png
rename to docs/AI-for-security/images/attck-disc-esql-query-gen-example.png
diff --git a/docs/assistant/images/icon-add-note.png b/docs/AI-for-security/images/icon-add-note.png
similarity index 100%
rename from docs/assistant/images/icon-add-note.png
rename to docs/AI-for-security/images/icon-add-note.png
diff --git a/docs/assistant/images/icon-add-to-case.png b/docs/AI-for-security/images/icon-add-to-case.png
similarity index 100%
rename from docs/assistant/images/icon-add-to-case.png
rename to docs/AI-for-security/images/icon-add-to-case.png
diff --git a/docs/assistant/images/icon-add-to-timeline.png b/docs/AI-for-security/images/icon-add-to-timeline.png
similarity index 100%
rename from docs/assistant/images/icon-add-to-timeline.png
rename to docs/AI-for-security/images/icon-add-to-timeline.png
diff --git a/docs/assistant/images/icon-clear-red.png b/docs/AI-for-security/images/icon-clear-red.png
similarity index 100%
rename from docs/assistant/images/icon-clear-red.png
rename to docs/AI-for-security/images/icon-clear-red.png
diff --git a/docs/assistant/images/icon-copy.png b/docs/AI-for-security/images/icon-copy.png
similarity index 100%
rename from docs/assistant/images/icon-copy.png
rename to docs/AI-for-security/images/icon-copy.png
diff --git a/docs/assistant/images/icon-settings.png b/docs/AI-for-security/images/icon-settings.png
similarity index 100%
rename from docs/assistant/images/icon-settings.png
rename to docs/AI-for-security/images/icon-settings.png
diff --git a/docs/assistant/images/icon-system-prompt.png b/docs/AI-for-security/images/icon-system-prompt.png
similarity index 100%
rename from docs/assistant/images/icon-system-prompt.png
rename to docs/AI-for-security/images/icon-system-prompt.png
diff --git a/docs/assistant/images/knowledge-base-settings.png b/docs/AI-for-security/images/knowledge-base-settings.png
similarity index 100%
rename from docs/assistant/images/knowledge-base-settings.png
rename to docs/AI-for-security/images/knowledge-base-settings.png
diff --git a/docs/assistant/images/quick-prompts.png b/docs/AI-for-security/images/quick-prompts.png
similarity index 100%
rename from docs/assistant/images/quick-prompts.png
rename to docs/AI-for-security/images/quick-prompts.png
diff --git a/docs/attack-discovery/images/select-model-empty-state.png b/docs/AI-for-security/images/select-model-empty-state.png
similarity index 100%
rename from docs/attack-discovery/images/select-model-empty-state.png
rename to docs/AI-for-security/images/select-model-empty-state.png
diff --git a/docs/assistant/images/system-prompt.gif b/docs/AI-for-security/images/system-prompt.gif
similarity index 100%
rename from docs/assistant/images/system-prompt.gif
rename to docs/AI-for-security/images/system-prompt.gif
diff --git a/docs/assistant/llm-connector-guides.asciidoc b/docs/AI-for-security/llm-connector-guides.asciidoc
similarity index 100%
rename from docs/assistant/llm-connector-guides.asciidoc
rename to docs/AI-for-security/llm-connector-guides.asciidoc
diff --git a/docs/assistant/llm-performance-matrix.asciidoc b/docs/AI-for-security/llm-performance-matrix.asciidoc
similarity index 100%
rename from docs/assistant/llm-performance-matrix.asciidoc
rename to docs/AI-for-security/llm-performance-matrix.asciidoc
diff --git a/docs/assistant/security-assistant.asciidoc b/docs/AI-for-security/security-assistant.asciidoc
similarity index 96%
rename from docs/assistant/security-assistant.asciidoc
rename to docs/AI-for-security/security-assistant.asciidoc
index a5aaf2c4d7..503b0b837c 100644
--- a/docs/assistant/security-assistant.asciidoc
+++ b/docs/AI-for-security/security-assistant.asciidoc
@@ -189,14 +189,3 @@ In addition to practical advice, AI Assistant can offer conceptual advice, tips,
 * “I need to monitor for unusual file creation patterns that could indicate ransomware activity. How would I construct this query using EQL?”
 
 
-include::assistant-use-cases.asciidoc[leveloffset=+1]
-include::ai-alert-triage.asciidoc[leveloffset=+2]
-include::use-attack-discovery-ai-assistant-incident-reporting.asciidoc[leveloffset=+2]
-include::ai-esql-queries.asciidoc[leveloffset=+2]
-
-include::llm-connector-guides.asciidoc[leveloffset=+1]
-include::azure-openai-setup.asciidoc[leveloffset=+2]
-include::connect-to-openai.asciidoc[leveloffset=+2]
-include::connect-to-bedrock.asciidoc[leveloffset=+2]
-
-include::llm-performance-matrix.asciidoc[leveloffset=+1]
diff --git a/docs/assistant/use-attack-discovery-ai-assistant-incident-reporting.asciidoc b/docs/AI-for-security/use-attack-discovery-ai-assistant-incident-reporting.asciidoc
similarity index 100%
rename from docs/assistant/use-attack-discovery-ai-assistant-incident-reporting.asciidoc
rename to docs/AI-for-security/use-attack-discovery-ai-assistant-incident-reporting.asciidoc
diff --git a/docs/attack-discovery/images/icon-add-to-timeline.png b/docs/attack-discovery/images/icon-add-to-timeline.png
deleted file mode 100644
index c01802253c9bcdce92c73a72a5b247e06b9d2761..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 599
zcmeAS@N?(olHy`uVBq!ia0vp^N<gf_!3HGX$i27^q!^2X+?^QKos)S9<W!_ac&7RK
zGH3zW91JXsQVgshB|vP)C=F-3F={X{gT<K`7}_%#SfFbBfHVk90Ai3H2+h2J5vm#}
zwtxw)T4@0@oUH=V7Qg*XD3IbT@Q5sCU=ULUVMfm&l@CDEDm+~rLn1iehB@XPa^Q*a
z`Y&9;EcDYwvEJbkL;I?D&X?L+AKS8icgL*0SEb=|AZ*vo*sP>Wwh5fMn+o3~+T5%7
z^7HH8WT6f1ECwb5lNdi~q&~SD6+CtQF}d*hsgY@7M<>se3-9cd>}+&MVrc2Va->H<
z`1jx0=GSw~_%}VReYi(6O+{?Y`OVe>(``4pT@by%xkbR}hlg*B)Rr_I!L92>PONw@
z=zpeV*NgQHN0t^c>rdw{f4%DWy`Gq<S3ggRP@X5D6&<IL8aeZ7*4+}eb<WFPn%~Qr
zAAhS;pl17OpV;eXw{4X_Yc=yvo@cK8H4av_02QZ(u1I<NJ<%fS8>_vAy=zvdpW#p~
zn0c^H`sdm|R#J+(4$>B?pKH#25#(5Nt4`MK*2%U#es0Q+3KzKQqRKSmHkd@o8~;+C
z{>V_^?aLUce(%M$bG;vblvn_w43$Gp|Brg_5c4cj+2Wk(^5RSzz20vndcDV=cX(gD
k@cqn*3!QgsPBK_Bu)X|~^h@G@J}81bUHx3vIVCg!0Oq04R{#J2

diff --git a/docs/attack-discovery/images/icon-copy.png b/docs/attack-discovery/images/icon-copy.png
deleted file mode 100644
index e0a53121d987f6eb82effd57debf7c25ded374ee..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 538
zcmeAS@N?(olHy`uVBq!ia0vp^N<gf_!3HGX$i27^q!^2X+?^QKos)S9<W!_ac&7RK
zGH3zW91JXsQVgshB|vP)C=F-3F={X{gT<K`7}_%#SfFbBfHVk90Ai3H2+h2J5vm#}
zwtxw)T4@0@oUH=V7Qg*XD3IbT@Q5sCU=ULUVMfm&l@CDEtUX;ELn1hn|9pA+y}r$n
zVFp{H^Z~yF#bb)<@Ast5*z;EF@Uq+MKWcps7EL|z^-`KaxZu&%e6v*o6`gvN9om{@
zxPrX-5?uV0TWbDg7HPy;|0oJio~o|4B*3X9Vt(>g-hKr`#a1CD1Nnu&Wz_nP>xpQ_
z{JMB_qUpjGj!i6kZ@N5{s<B%*t(o1oqsNNH)~nM?`Nb@bspc<UCDuf|I~=xdf~e_~
zY34UhiEeUY341<a_G|}5W@BctsFYR?A7j%@py*x34LjV$-Jd_^KKM{n=|@eMoYsyX
zhqYbYE^}1b^e+?qA|UCj{6f)amfHpAlpo6k15R^Z@l&|gzG1?`Dk;X&1&)1^91WK)
zD_>(YoXnT7WkbhR?qK#$A12wbOH6NEb8Gsg3C*VS9<F0BI>9BF!o1?BnzqY|RLf14
Y4D*jR{poC!`VI<XPgg&ebxsLQ07v7eS^xk5

diff --git a/docs/index.asciidoc b/docs/index.asciidoc
index d64655893d..c56b3adfab 100644
--- a/docs/index.asciidoc
+++ b/docs/index.asciidoc
@@ -18,9 +18,7 @@ include::getting-started/index.asciidoc[]
 
 include::getting-started/security-ui.asciidoc[]
 
-include::assistant/security-assistant.asciidoc[]
-
-include::attack-discovery/attack-discovery.asciidoc[]
+include::assistant/ai-for-security.asciidoc[]
 
 include::dashboards/dashboards-overview.asciidoc[]