From e2d6b84dc7331c820245ae649451b30a0d62b477 Mon Sep 17 00:00:00 2001 From: "mergify[bot]" <37929162+mergify[bot]@users.noreply.github.com> Date: Fri, 1 Nov 2024 16:59:06 +0000 Subject: [PATCH] [8.16] Spaces in serverless (backport #5813) (#6049) * Spaces in serverless (#5813) * Add previously omitted spaces page, align with ESS * Fix typo in description frontmatter * Minor edit * Update "Data views in Elastic Security" Align across platforms, and omit "feature visibility" since it's unavailable in security * Update "Timeline" * Update "Timeline templates" * Update link to general docs on spaces This link will be broken until https://github.com/elastic/docs-content/pull/55 is merged * Fix links: targets from stateful to serverless (cherry picked from commit 686800d3a0218499e7f1cf2f32406f83b2eb2e7f) # Conflicts: # docs/serverless/explore/data-views-in-sec.mdx # docs/serverless/investigate/timeline-templates-ui.mdx # docs/serverless/investigate/timelines-ui.mdx # docs/serverless/sec-requirements.mdx # docs/serverless/serverless-security.docnav.json * Delete docs/serverless directory and its contents --------- Co-authored-by: Joe Peeples Co-authored-by: github-actions[bot] --- docs/events/timeline-templates.asciidoc | 2 +- docs/events/timeline-ui-overview.asciidoc | 2 +- docs/getting-started/data-views-in-sec.asciidoc | 2 +- docs/getting-started/security-spaces.asciidoc | 8 ++++---- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/docs/events/timeline-templates.asciidoc b/docs/events/timeline-templates.asciidoc index b4e90f9535..54fafc59ed 100644 --- a/docs/events/timeline-templates.asciidoc +++ b/docs/events/timeline-templates.asciidoc @@ -136,7 +136,7 @@ NOTE: You cannot delete prebuilt templates. == Export and import Timeline templates You can import and export Timeline templates, which enables importing templates -from one {kib} space or instance to another. Exported templates are saved in an `ndjson` file. +from one space or {elastic-sec} instance to another. Exported templates are saved in an `ndjson` file. . Go to *Timelines* -> *Templates*. . To export templates, do one of the following: diff --git a/docs/events/timeline-ui-overview.asciidoc b/docs/events/timeline-ui-overview.asciidoc index fe3d534f8e..9d2dc54ef6 100644 --- a/docs/events/timeline-ui-overview.asciidoc +++ b/docs/events/timeline-ui-overview.asciidoc @@ -171,7 +171,7 @@ then select an action from the *Bulk actions* menu. == Export and import Timelines You can export and import Timelines, which enables you to share Timelines from one -{kib} space or instance to another. Exported Timelines are saved as `.ndjson` files. +space or {elastic-sec} instance to another. Exported Timelines are saved as `.ndjson` files. To export Timelines: diff --git a/docs/getting-started/data-views-in-sec.asciidoc b/docs/getting-started/data-views-in-sec.asciidoc index 1e5d4d8000..62cfddaa9f 100644 --- a/docs/getting-started/data-views-in-sec.asciidoc +++ b/docs/getting-started/data-views-in-sec.asciidoc @@ -33,7 +33,7 @@ NOTE: You cannot update the data view for the Alerts page. This includes referen [[default-data-view-security]] == The default {data-source} -The default {data-source} is defined by the `securitySolution:defaultIndex` setting, which you can modify in {kib}'s advanced settings (**Stack Management** > **Advanced Settings** > **Security Solution**). To learn more about this setting, including its default value, refer to {security-guide}/advanced-settings.html#update-sec-indices[Advanced settings]. +The default {data-source} is defined by the `securitySolution:defaultIndex` setting, which you can modify in {security-guide}/advanced-settings.html#update-sec-indices[advanced settings]. The first time a user visits {elastic-sec} within a given {kib} {kibana-ref}/xpack-spaces.html[space], the default {data-source} generates in that space and becomes active. diff --git a/docs/getting-started/security-spaces.asciidoc b/docs/getting-started/security-spaces.asciidoc index 0e06ee2d83..be1a8c27eb 100644 --- a/docs/getting-started/security-spaces.asciidoc +++ b/docs/getting-started/security-spaces.asciidoc @@ -2,13 +2,13 @@ = Spaces and {elastic-sec} {elastic-sec} supports the organization of your security operations into -logical instances with the {kibana-ref}/xpack-spaces.html[{kib} spaces] +logical instances with the {kibana-ref}/xpack-spaces.html[spaces] feature. Each space in {kib} represents a separate logical instance of {elastic-sec} in which detection rules, rule exceptions, value lists, alerts, Timelines, cases, and {kib} advanced settings are private to the space and accessible only by users that have role privileges to -access the space. For details about configuring privileges for -{es} and {kib}, refer to <>. +access the space. For details about privileges for +{elastic-sec} and specific features, refer to <>. For example, if you create a `SOC_prod` space in which you load and activate all the {elastic-sec} prebuilt detection rules, these rules and @@ -22,7 +22,7 @@ the `SOC_dev` space, and they will run independently of those in the [NOTE] ===== By default, alerts created by detection rules are stored in {es} indices -under the `.alerts-security.alerts-` index pattern, and they may be +under the `.alerts-security.alerts-` index pattern, and they may be accessed by any user with role privileges to access those {es} indices. In our example above, any user with {es} privileges to access `.alerts-security.alerts-SOC_prod` will be able to view `SOC_prod` alerts from