From e582033945858158ec8a5aa95543ac09faaacd11 Mon Sep 17 00:00:00 2001 From: natasha-moore-elastic <137783811+natasha-moore-elastic@users.noreply.github.com> Date: Fri, 17 May 2024 16:09:25 +0100 Subject: [PATCH] Adds note to legacy risk scoring docs (#5209) (cherry picked from commit 43290239334d73e8699a3b587830cc6c986712e1) --- docs/experimental-features/host-risk-score.asciidoc | 3 +++ docs/experimental-features/user-risk-score.asciidoc | 3 +++ 2 files changed, 6 insertions(+) diff --git a/docs/experimental-features/host-risk-score.asciidoc b/docs/experimental-features/host-risk-score.asciidoc index dfd4a51f61..73f1f30c2b 100644 --- a/docs/experimental-features/host-risk-score.asciidoc +++ b/docs/experimental-features/host-risk-score.asciidoc @@ -1,6 +1,9 @@ [[host-risk-score]] == Host risk score +NOTE: This page refers to the original user and host risk score modules. If you have the original modules installed, and you're running {stack} version 8.11 or newer, you can <>. +For information about the latest risk engine, refer to <>. + NOTE: This feature is available for {stack} versions 7.16.0 and newer and requires a https://www.elastic.co/pricing[Platinum subscription] or higher. The host risk score feature highlights risky hosts from within your environment. It utilizes a transform with a scripted metric aggregation to calculate host risk scores based on alerts that were generated within the past five days. The transform runs hourly to update the score as new alerts are generated. diff --git a/docs/experimental-features/user-risk-score.asciidoc b/docs/experimental-features/user-risk-score.asciidoc index 8662ff072b..3161f265dd 100644 --- a/docs/experimental-features/user-risk-score.asciidoc +++ b/docs/experimental-features/user-risk-score.asciidoc @@ -1,6 +1,9 @@ [[user-risk-score]] == User risk score +NOTE: This page refers to the original user and host risk score modules. If you have the original modules installed, and you're running {stack} version 8.11 or newer, you can <>. +For information about the latest risk engine, refer to <>. + NOTE: This feature is available for {stack} versions 8.3.0 and newer and requires a https://www.elastic.co/pricing[Platinum subscription] or higher. The user risk score feature highlights risky usernames in your environment. It utilizes a transform with a scripted metric aggregation to calculate user risk scores based on alerts generated within the past 90 days. The transform runs hourly to update scores as new alerts are generated.