From f1299b39cfbf4ef60e6de0204bc144d9ffd71659 Mon Sep 17 00:00:00 2001
From: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>
Date: Tue, 6 Feb 2024 17:54:02 -0500
Subject: [PATCH 1/3] [BUG][7.17-8.5]Fix note that describes how exceptions
 work with EQL rules (#4759)

(cherry picked from commit 7d74705fbdb306f552fb1cdcd275ca65f9df44d2)

# Conflicts:
#	docs/detections/detections-ui-exceptions.asciidoc
---
 docs/detections/detections-ui-exceptions.asciidoc | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/docs/detections/detections-ui-exceptions.asciidoc b/docs/detections/detections-ui-exceptions.asciidoc
index b08b76c9d9..23b1651c1c 100644
--- a/docs/detections/detections-ui-exceptions.asciidoc
+++ b/docs/detections/detections-ui-exceptions.asciidoc
@@ -83,6 +83,11 @@ IMPORTANT:  To ensure an exception is successfully applied, make sure that the f
 ==============
 Be careful when adding exceptions to event correlation rules. Exceptions are evaluated against every event in the sequence, and when the exception matches _all_ event(s) in the sequence, alerts _are not_ generated. If the exception only matches _some_ of the events in the sequence, alerts _are_ generated. 
 
+<<<<<<< HEAD
+=======
+* Be careful when adding exceptions to <<create-eql-rule,event correlation>> rules. Exceptions are evaluated against every event in the sequence, and if an exception matches any events that are necessary to complete the sequence, alerts are not created.
++
+>>>>>>> 7d74705 ([BUG][7.17-8.5]Fix note that describes how exceptions work with EQL rules (#4759))
 To exclude values from a
 specific event in the sequence, update the rule's EQL statement. For example:
 

From cc35bf58ee0bd8767d9ac44a839a1ae656da404f Mon Sep 17 00:00:00 2001
From: "nastasha.solomon" <nastasha.solomon@elastic.co>
Date: Tue, 6 Feb 2024 18:40:19 -0500
Subject: [PATCH 2/3] fixed conflict

---
 docs/detections/detections-ui-exceptions.asciidoc | 7 +------
 1 file changed, 1 insertion(+), 6 deletions(-)

diff --git a/docs/detections/detections-ui-exceptions.asciidoc b/docs/detections/detections-ui-exceptions.asciidoc
index 23b1651c1c..de21c7082a 100644
--- a/docs/detections/detections-ui-exceptions.asciidoc
+++ b/docs/detections/detections-ui-exceptions.asciidoc
@@ -81,13 +81,8 @@ IMPORTANT:  To ensure an exception is successfully applied, make sure that the f
 
 [IMPORTANT]
 ==============
-Be careful when adding exceptions to event correlation rules. Exceptions are evaluated against every event in the sequence, and when the exception matches _all_ event(s) in the sequence, alerts _are not_ generated. If the exception only matches _some_ of the events in the sequence, alerts _are_ generated. 
-
-<<<<<<< HEAD
-=======
-* Be careful when adding exceptions to <<create-eql-rule,event correlation>> rules. Exceptions are evaluated against every event in the sequence, and if an exception matches any events that are necessary to complete the sequence, alerts are not created.
+Be careful when adding exceptions to <<create-eql-rule,event correlation>> rules. Exceptions are evaluated against every event in the sequence, and if an exception matches any events that are necessary to complete the sequence, alerts are not created.
 +
->>>>>>> 7d74705 ([BUG][7.17-8.5]Fix note that describes how exceptions work with EQL rules (#4759))
 To exclude values from a
 specific event in the sequence, update the rule's EQL statement. For example:
 

From d39fa600ccb6368908b8458de60ed2f89b154258 Mon Sep 17 00:00:00 2001
From: "nastasha.solomon" <nastasha.solomon@elastic.co>
Date: Tue, 6 Feb 2024 23:34:58 -0500
Subject: [PATCH 3/3] fixed!

---
 docs/detections/detections-ui-exceptions.asciidoc | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/docs/detections/detections-ui-exceptions.asciidoc b/docs/detections/detections-ui-exceptions.asciidoc
index de21c7082a..6c42b330ce 100644
--- a/docs/detections/detections-ui-exceptions.asciidoc
+++ b/docs/detections/detections-ui-exceptions.asciidoc
@@ -82,9 +82,8 @@ IMPORTANT:  To ensure an exception is successfully applied, make sure that the f
 [IMPORTANT]
 ==============
 Be careful when adding exceptions to <<create-eql-rule,event correlation>> rules. Exceptions are evaluated against every event in the sequence, and if an exception matches any events that are necessary to complete the sequence, alerts are not created.
-+
-To exclude values from a
-specific event in the sequence, update the rule's EQL statement. For example:
+
+To exclude values from a specific event in the sequence, update the rule's EQL statement. For example:
 
 [source,eql]
 ----