diff --git a/docs/detections/alerts-reduce.asciidoc b/docs/detections/alerts-reduce.asciidoc index 9cc9ec56ce..2520b1d457 100644 --- a/docs/detections/alerts-reduce.asciidoc +++ b/docs/detections/alerts-reduce.asciidoc @@ -9,7 +9,7 @@ | <> a| *_Stops a specific rule's notification actions from running_*. -Use to avoid unnecessary notifications from a specific rule. The rule continues to run and generate alerts during the snooze period, but its <> don't run. +Use to avoid unnecessary notifications from a specific rule. The rule continues to run and generate alerts during the snooze period, but its <> don't run. | {kibana-ref}/maintenance-windows.html[Maintenance window] a| *_Prevents all rules' notification actions from running_*. diff --git a/docs/detections/alerts-ui-manage.asciidoc b/docs/detections/alerts-ui-manage.asciidoc index 1613a1074b..96eac3e0e6 100644 --- a/docs/detections/alerts-ui-manage.asciidoc +++ b/docs/detections/alerts-ui-manage.asciidoc @@ -22,7 +22,7 @@ The Alerts page offers various ways for you to organize and triage detection ale [role="screenshot"] image::images/view-alert-details.png[View details button, 200] -* View the rule that created an alert. Click a name in the *Rule* column to open the rule's details page. +* View the rule that created an alert. Click a name in the *Rule* column to open the rule's details. * View the details of the host and user associated with the alert. In the Alerts table, click a host name to open the <>, or a user name to open the <>. @@ -115,7 +115,7 @@ image::images/group-alerts-expand.png[Expanded alert group with alerts table] Use the toolbar buttons in the upper-left of the Alerts table to customize the columns you want displayed: * **Columns**: Reorder the columns. -* **_x_ fields sorted**: Sort the table by one or more columns. +* **Sort fields _x_**: Sort the table by one or more columns. * **Fields**: Select the fields to display in the table. You can also add <> to detection alerts and display them in the Alerts table. Click the *Full screen* button in the upper-right to view the table in full-screen mode. diff --git a/docs/detections/alerts-view-details.asciidoc b/docs/detections/alerts-view-details.asciidoc index b4e7f1699c..29a8f00825 100644 --- a/docs/detections/alerts-view-details.asciidoc +++ b/docs/detections/alerts-view-details.asciidoc @@ -94,10 +94,6 @@ The About section has the following information: + NOTE: The event renderer only displays if an event renderer exists for the alert type. Fields are interactive; hover over them to access the available actions. -* **Last alert status change**: Shows the last time the alert's status was changed, along with the user who changed it. - -* **MITRE ATT&CK**: Provides relevant https://attack.mitre.org/[MITRE ATT&CK] framework tactics, techniques, and sub-techniques. - [discrete] [[investigation-section]] == Investigation diff --git a/docs/detections/images/about-section-rp.png b/docs/detections/images/about-section-rp.png index 754cf1c0dd..8df877381d 100644 Binary files a/docs/detections/images/about-section-rp.png and b/docs/detections/images/about-section-rp.png differ