Merge branch 'main' into add-auth-provider-origin-config

Author: rgodfrey-elastic

deploy-manage/images/self-managed-autoops-diagram.png

@@ -0,0 +1,3 @@
+1. {{agent}} connects to your ECE, ECK, or self-managed {{es}} cluster. 
+2. The agent registers your cluster with {{ecloud}} using the Cloud Connect API.
+3. The agent begins to send metrics from your cluster to AutoOps in your selected CSP region. 

deploy-manage/monitor/_snippets/autoops-cc-components.md

@@ -12,10 +12,26 @@ products:
 
 # AutoOps for self-managed clusters
 
-For ECE ({{ece}}), ECK ({{eck}}), and self-managed clusters, AutoOps can be set up in all supported [regions](ec-autoops-regions.md#autoops-for-self-managed-clusters-regions) through [Cloud Connect](/deploy-manage/cloud-connect.md). More regions are coming soon.
+For ECE ({{ece}}), ECK ({{eck}}), and self-managed {{es}} clusters, AutoOps can be set up in all supported [regions](ec-autoops-regions.md#autoops-for-self-managed-clusters-regions) through [Cloud Connect](/deploy-manage/cloud-connect.md). More regions are coming soon.
 
 Cloud Connect enables users of ECE, ECK, and self-managed clusters to use {{ecloud}} services. This means you can take advantage of the simplified cluster monitoring, real-time issue detection, and performance recommendations of AutoOps without having to run and manage the underlying infrastructure.
 
+## How your self-managed cluster connects to AutoOps
+
+To connect your ECE, ECK, or self-managed cluster to AutoOps, you have to use your {{ecloud}} account to install {{agent}}. After that, the process can be broken down into three components:
+
+:::{include} /deploy-manage/monitor/_snippets/autoops-cc-components.md
+:::
+
+:::{image} /deploy-manage/images/self-managed-autoops-diagram.png
+:alt: Diagram depicting how AutoOps for self-managed clusters works
+:::
+
+For instructions on how to get started, refer to [](/deploy-manage/monitor/autoops/cc-connect-self-managed-to-autoops.md).
+
+After this setup is complete, you can start using AutoOps to monitor your cluster. Learn more about what you can do with AutoOps in [views](/deploy-manage/monitor/autoops/views.md) and [events](/deploy-manage/monitor/autoops/ec-autoops-events.md).  
+
+
 ## Section overview
 
 In this section, you'll find the following information:
@@ -26,4 +42,5 @@ In this section, you'll find the following information:
 * A [troubleshooting guide](/deploy-manage/monitor/autoops/cc-cloud-connect-autoops-troubleshooting.md) to help you with any issues you may encounter
 
 :::{tip}
-Refer to our [FAQ](/deploy-manage/monitor/autoops/ec-autoops-faq.md#questions-about-autoops-for-self-managed-clusters) for answers to commonly asked questions about AutoOps for self-managed clusters.
+Refer to our [FAQ](/deploy-manage/monitor/autoops/ec-autoops-faq.md#questions-about-autoops-for-self-managed-clusters) for answers to commonly asked questions about AutoOps for self-managed clusters.
+:::

deploy-manage/monitor/autoops/cc-autoops-as-cloud-connected.md

@@ -44,42 +44,12 @@ $$$firewall$$$**My organization's firewall may be preventing {{agent}} from coll
     Run the following tests within the context of your execution environment. That is, if your chosen installation method is Kubernetes, run the commands from within the pod; for Docker, run the commands from within the container, and so on. 
     :::
 
-    There are three main components of {{agent}}'s connection with your system:
+    There are [three main components](/deploy-manage/monitor/autoops/cc-autoops-as-cloud-connected.md#how-your-self-managed-cluster-connects-to-autoops) of {{agent}}'s connection with your system:
 
-    1. {{agent}} registers your cluster with {{ecloud}}
-    2. {{agent}} connects to your cluster
-    3. {{agent}} sends metrics from your cluster to {{ecloud}}
-
-    If there is an issue with the first component, the agent will stop working and your logs might look like: 
-    
-    ```sh
-    ... failed to register Cloud Connected Mode: ... Post \"https://api.elastic-cloud.com/api/v1/cloud-connected/clusters\": ...
-    ```
-    
-    To test if your organization is not allowing the agent to register your cluster with {{ecloud}}, run the following command:
-
-    ```json
-    curl -XPOST -i \
-    https://api.elastic-cloud.com/api/v1/cloud-connected/clusters \
-    -H 'Content-Type: application/json' \
-    -d '{"self_managed_cluster": {"id": "my-cluster-uuid", "name": "my-cluster-name", "version": "9.1.0"}, "license": {"uid": "my-license-id", "type": "basic"}}'
-    ```
-    
-    The command should return an HTTP 401 response similar to: 
-
-    ```json
-          {"UnauthorizedMessages":["Invalid credential headers"],"Cause":null}
-    ```
-    If you do not receive a similar response, configure your HTTP proxy to allow it to reach the URL (with headers and a JSON body):
-    
-    ```json
-          POST https://api.elastic-cloud.com/api/v1/cloud-connected/clusters
-    ```
-    :::{note}
-    If you are using Docker, you may need to complete this configuration directly via the `HTTP_PROXY`, `HTTPS_PROXY`, and `NO_PROXY` environment variables.
+    :::{include} /deploy-manage/monitor/_snippets/autoops-cc-components.md
     :::
 
-    If there is an issue with the second component, {{agent}} cannot connect to your cluster. To test if your organization is not allowing this connection, run the following command depending on your chosen authentication method:
+    If there is an issue with the first component, {{agent}} cannot connect to your cluster. To test if your organization is not allowing this connection, run the following command depending on your chosen authentication method:
 
     :::::{tab-set}
     :group: api-key-or-basic
@@ -138,6 +108,34 @@ $$$firewall$$$**My organization's firewall may be preventing {{agent}} from coll
     | You are using a custom SSL/TLS configuration with {{es}} | Disable SSL/TLS verification so that your system trusts all certificates. We do not recommend disabling verification in production environments. <br><br> If you are using API key authentication, run the following command: <br><br>`curl -XGET --insecure -i $AUTOOPS_ES_URL \ -H "Authorization: ApiKey $AUTOOPS_ES_API_KEY"`. <br><br> If you are using username/password authentication, run the following command: <br><br> `curl -XGET --insecure -i $AUTOOPS_ES_URL \ -u $AUTOOPS_ES_USERNAME` <br><br> If the issue is resolved, you need to configure your custom SSL/TLS settings with {{agent}}. If the issue persists, contact [Elastic support](https://support.elastic.co/).| 
     | You are connecting a local development cluster using Docker without specifying `--network host` | - Make sure you are following all the steps to [connect your local development cluster to AutoOps](/deploy-manage/monitor/autoops/cc-connect-local-dev-to-autoops.md#connect-your-local-development-cluster-to-autoops). <br> - In the [Install agent](/deploy-manage/monitor/autoops/cc-connect-self-managed-to-autoops.md#install-agent) step, make sure you are replacing `docker run -d \` with `docker run -d --network host \`. |
 
+    If there is an issue with the second component, the agent will stop working and your logs might look like: 
+    
+    ```sh
+    ... failed to register Cloud Connected Mode: ... Post \"https://api.elastic-cloud.com/api/v1/cloud-connected/clusters\": ...
+    ```
+    
+    To test if your organization is not allowing the agent to register your cluster with {{ecloud}}, run the following command:
+
+    ```json
+    curl -XPOST -i \
+    https://api.elastic-cloud.com/api/v1/cloud-connected/clusters \
+    -H 'Content-Type: application/json' \
+    -d '{"self_managed_cluster": {"id": "my-cluster-uuid", "name": "my-cluster-name", "version": "9.1.0"}, "license": {"uid": "my-license-id", "type": "basic"}}'
+    ```
+    
+    The command should return an HTTP 401 response similar to: 
+
+    ```json
+          {"UnauthorizedMessages":["Invalid credential headers"],"Cause":null}
+    ```
+    If you do not receive a similar response, configure your HTTP proxy to allow it to reach the URL (with headers and a JSON body):
+    
+    ```json
+          POST https://api.elastic-cloud.com/api/v1/cloud-connected/clusters
+    ```
+    :::{note}
+    If you are using Docker, you may need to complete this configuration directly via the `HTTP_PROXY`, `HTTPS_PROXY`, and `NO_PROXY` environment variables.
+    :::
 
     If there is an issue with the third component, the agent will attempt to establish the connection and your logs might look like: 
         

deploy-manage/monitor/autoops/cc-cloud-connect-autoops-troubleshooting.md

@@ -27,7 +27,7 @@ Learn how to use **Discover** to:
 **Discover** provides tailored interfaces and features for the following data types when accessed from Observability or Security project types or {{kib}} solution views:
 
 * Observability:
-  * **[Logs exploration](/solutions/observability/logs/explore-logs.md)**
+  * **[Logs exploration](/solutions/observability/logs/discover-logs.md)**
   * **[Metrics exploration](/solutions/observability/infra-and-hosts/discover-metrics.md)** {applies_to}`stack: preview 9.2` {applies_to}`serverless: preview`
 % LINK/PAGE TBD  * **Traces exploration**
 % * Security:

explore-analyze/discover/discover-get-started.md

@@ -0,0 +1,55 @@
+---
+navigation_title: ML-nodes vs EIS
+applies_to:
+  stack: ga
+  serverless: ga
+  deployment:
+    self: unavailable
+---
+
+# Using ML-nodes or Elastic {{infer-cap}} Service (EIS) [ml-nodes-vs-eis]
+
+## When to use EIS?
+
+The Elastic Inference Service (EIS) requires zero setup or management. It's always-on, has excellent ingest throughput, and uses simple token-based billing.
+
+Use EIS if you're getting started with [semantic search](/solutions/search/semantic-search.md) or [hybrid search](/solutions/search/hybrid-search.md) and want a smooth experience. Under the hood, EIS uses GPUs for ML {{infer}}, which are more efficient and allow a faster, more cost-effective experience for most usecases.
+
+## When to use {{ml}} nodes?
+
+ML nodes are a more configurable solution than EIS where you can set up specific nodes using CPUs to execute [ML {{infer}}](/explore-analyze/elastic-inference/inference-api.md). {{ml-cap}} nodes tend to give more fine-grained control.
+
+Use ML nodes if you want to decide how your models run, you want to run custom models, or you have a self-managed setup.
+
+## How do I switch from using ML nodes to EIS on an existing index?
+
+```{applies_to}
+stack: ga 9.3
+serverless: ga
+```
+
+```console
+PUT /my-ml-node-index/_mapping
+{
+  "properties": {
+    "text": {
+      "type": "semantic_text",
+      "inference_id": ".elser-2-elastic"
+    }
+  }
+}
+```
+
+You can also switch an EIS-based index to use ML nodes:
+
+```console
+PUT /my-eis-index/_mapping
+{
+  "properties": {
+    "text": {
+      "type": "semantic_text",
+      "inference_id": ".elser-2-elasticsearch"
+    }
+  }
+}
+```

explore-analyze/elastic-inference/ml-node-vs-eis.md

@@ -41,6 +41,8 @@ toc:
   - file: elastic-inference.md
     children:
       - file: elastic-inference/eis.md
+        children:
+          - hidden: elastic-inference/ml-node-vs-eis.md
       - file: elastic-inference/inference-api.md
   - file: machine-learning.md
     children:

explore-analyze/toc.yml

@@ -11,14 +11,14 @@ Use {{elastic-sec}} to protect your systems from security threats.
 :::{dropdown} Use cases
 :open:
 
-* **SIEM:** {{elastic-sec}}'s modern SIEM provides a centralized platform for ingesting, analyzing, and managing security data from various sources. 
-* **Third-party integration support:** Ingest data from a various tools and data sources so you can centralize your security data.
-* **Threat detection and analytics:** Identify threats by using prebuilt rules with the ability to customize or create custom detection rules, automatically detect anomalous activity with built-in machine learning jobs, or proactively search for threats using our powerful threat hunting and interactive visualization tools. 
-* **Automatic migration:** Migrate SIEM rules from other platforms to {{elastic-sec}}. 
-* **Endpoint protection and threat prevention:** Automatically stop cybersecurity attacks—such as malware and ransomware—before damage and loss can occur.
-* **AI-powered features:** Leverage generative AI to help enhance threat detection, assist with incident response, and improve day-to-day security operations.
-* **Custom dashboards and visualizations:** Create custom dashboards and visualizations to gain insights into security events.
-* **Cloud Security:** {{elastic-sec}} provides the following cloud features:
+* [**SIEM:**](https://www.elastic.co/security/siem): {{elastic-sec}}'s modern SIEM provides a centralized platform for ingesting, analyzing, and managing security data from various sources. 
+* [**Third-party integration support**](/solutions/security/get-started/ingest-data-to-elastic-security.md): Ingest data from a various tools and data sources so you can centralize your security data.
+* [**Threat detection and analytics:**](/solutions/security/detect-and-alert.md): Identify threats by using [prebuilt rules](/solutions/security/detect-and-alert/install-manage-elastic-prebuilt-rules.md) with the ability to customize or create custom detection rules, automatically detect anomalous activity with built-in machine learning jobs, or proactively search for threats using our powerful [threat hunting and interactive visualization tools](/solutions/security/investigate.md). 
+* [**Automatic migration**](/solutions/security/get-started/automatic-migration.md): Migrate SIEM rules from other platforms to {{elastic-sec}}. 
+* [**Endpoint protection and threat prevention**](/solutions/security/configure-elastic-defend.md): Automatically stop cybersecurity attacks—such as malware and ransomware—before damage and loss can occur.
+* [**AI-powered features**](/solutions/security/ai.md): Leverage generative AI to help enhance threat detection, assist with incident response, and improve day-to-day security operations.
+* [**Custom dashboards and visualizations**](/solutions/security/dashboards.md): Create custom dashboards and visualizations to gain insights into security events.
+* [**Cloud Security**](/solutions/security/cloud.md): {{elastic-sec}} provides the following cloud features:
   * **Cloud Security Posture Management (CSPM) and Kubernetes Security Posture Management (KSPM):** Check cloud service configurations against security benchmarks to identify and resolve misconfigurations that can be exploited.
   * **Cloud Workload Protection:** Get visibility and runtime protection for cloud workloads.
   * **Vulnerability Management:** Uncover vulnerabilities within your cloud infrastructure.

get-started/_snippets/security-overview.md

@@ -2,6 +2,7 @@
 navigation_title: Curator
 applies_to:
   stack: ga
+  serverless: unavailable
 ---
 
 # Elasticsearch Curator

manage-data/lifecycle/curator.md

@@ -2,6 +2,9 @@
 mapped_pages:
   - https://www.elastic.co/guide/en/elasticsearch/reference/current/xpack-rollup.html
   - https://www.elastic.co/guide/en/elasticsearch/reference/current/rollup-overview.html
+applies_to:
+  stack: ga
+  serverless: unavailable
 products:
   - id: elasticsearch
 ---