Merge branch 'main' into vishaangelova-patch-1

Author: vishaangelova

explore-analyze/report-and-share.md

@@ -88,6 +88,10 @@ In the following dashboard, the shareable container is highlighted:
     * {applies_to}`stack: ga 9.0` From the toolbar, click **Share** > **Export** tab, then choose a file type. Note that when you create a dashboard report that includes a data table or Discover session, the PDF includes only the visible data.
     * {applies_to}`stack: ga 9.1` From the toolbar, click the **Export** icon, then choose a file type. 
 
+    ::::{note}
+    When you create a dashboard report that includes a data table or Discover session, the PDF includes only the visible data.
+    ::::
+
     ::::{tip}
 
     Tips for generating PDF reports:

explore-analyze/report-and-share/automating-report-generation.md

@@ -16,18 +16,18 @@ To automatically generate PDF and CSV reports, generate a POST URL, then submit
 
 Create the POST URL that triggers a report to generate PDF and CSV reports.
 
-### PDF reports
+### PDF and PNG reports [pdf-png-post-url]
 
 To create the POST URL for PDF reports:
 
 1. Go to **Dashboards**, **Visualize Library**, or **Canvas**.
 2. Open the dashboard, visualization, or **Canvas** workpad you want to view as a report. From the toolbar, do one of the following:
 
-    * {applies_to}`stack: ga 9.0` If you are using **Dashboard** or **Visualize Library**, click **Share > Export**, select the PDF option, then click **Copy POST URL**.
+    * {applies_to}`stack: ga 9.0` If you are using **Dashboard** or **Visualize Library**, click **Share > Export**, select the PDF or PNG option, then click **Copy POST URL**.
     * {applies_to}`stack: ga 9.0` If you are using **Canvas**, click **Share > PDF Reports**, then click **Advanced options > Copy POST URL**.
-    * {applies_to}`stack: ga 9.1` Click the **Export** icon, then **PDF**. In the export flyout, copy the POST URL.
+    * {applies_to}`stack: ga 9.1` Click the **Export** icon, then **PDF** or **PNG**. In the export flyout, copy the POST URL.
 
-### CSV reports
+### CSV reports [csv-post-url]
 
 To create the POST URL for CSV reports:
 

solutions/images/logs-streams-retention.png

@@ -11,34 +11,22 @@ products:
   - id: observability
 ---
 
-# Use OpenTelemetry with APM [apm-open-telemetry]
-
-::::{note}
-For a complete overview of using OpenTelemetry with Elastic, explore [**Elastic Distributions of OpenTelemetry**](opentelemetry://reference/index.md).
-::::
+# Use OpenTelemetry with APM [apm-otel-elastic-distros]
 
 [OpenTelemetry](https://opentelemetry.io/docs/concepts/what-is-opentelemetry/) is a set of APIs, SDKs, tooling, and integrations that enable the capture and management of telemetry data from your services and applications.
 
-Elastic integrates with OpenTelemetry, allowing you to reuse your existing instrumentation to easily send observability data to the {{stack}}. There are several ways to integrate OpenTelemetry with the {{stack}}:
-
-* [Elastic Distributions of OpenTelemetry language SDKs](/solutions/observability/apm/use-opentelemetry-with-apm.md#apm-otel-elastic-distros)
-* [Upstream OpenTelemetry API/SDK + Elastic APM agent](/solutions/observability/apm/use-opentelemetry-with-apm.md#apm-otel-api-sdk-elastic-agent)
-* [Upstream OpenTelemetry Collector and language SDKs](/solutions/observability/apm/use-opentelemetry-with-apm.md#apm-otel-upstream)
-* [AWS Lambda Collector exporter](/solutions/observability/apm/use-opentelemetry-with-apm.md#apm-otel-lambda)
-
-## Elastic Distributions of OpenTelemetry language SDKs [apm-otel-elastic-distros]
+Elastic offers several distributions of OpenTelemetry language SDKs. Each Elastic Distribution of OpenTelemetry is a customized version of an [OpenTelemetry language SDK](https://opentelemetry.io/docs/languages/), ready to send data to the [Managed OTLP endpoint](opentelemetry://reference/motlp.md), Elastic APM server, or directly to {{es}}.
 
-Elastic offers several distributions of OpenTelemetry language SDKs. A *distribution* is a customized version of an upstream OpenTelemetry repository. Each Elastic Distribution of OpenTelemetry is a customized version of an [OpenTelemetry language SDK](https://opentelemetry.io/docs/languages/).
-
-:::{image} /solutions/images/observability-apm-otel-distro.png
-:alt: apm otel distro
+:::{image} /solutions/images/observability-apm-otel-distro2.png
+:alt: APM data ingest path
 :screenshot:
 :::
 
 With an Elastic Distribution of OpenTelemetry language SDK you have access to all the features of the OpenTelemetry SDK that it customizes, plus:
 
-* You may get access to SDK improvements and bug fixes contributed by the Elastic team *before* the changes are available upstream in the OpenTelemetry repositories.
-* The distribution preconfigures the collection of tracing and metrics signals, applying some opinionated defaults, such as which sources are collected by default.
+* You can get access to SDK improvements and bug fixes contributed by the Elastic team before the changes are available upstream in the OpenTelemetry repositories.
+* The distribution preconfigures the collection of tracing and metrics signals, applying opinionated defaults, such as which sources are collected by default.
+* By sending data through the [EDOT Collector](opentelemetry://reference/edot-collector/index.md), you make sure to onboard infrastructure logs and metrics.
 
 Get started with an Elastic Distribution of OpenTelemetry language SDK:
 
@@ -48,28 +36,17 @@ Get started with an Elastic Distribution of OpenTelemetry language SDK:
 * [**Elastic Distribution of OpenTelemetry Python**](opentelemetry://reference/edot-sdks/python/index.md)
 * [**Elastic Distribution of OpenTelemetry PHP**](opentelemetry://reference/edot-sdks/php/index.md)
 
-::::{note}
-For more details about OpenTelemetry distributions in general, visit the [OpenTelemetry documentation](https://opentelemetry.io/docs/concepts/distributions).
+::::{important}
+For a complete overview of OpenTelemetry and Elastic, explore [**Elastic Distributions of OpenTelemetry**](opentelemetry://reference/index.md).
 ::::
 
-## Upstream OpenTelemetry Collector and language SDKs [apm-otel-upstream]
+## Upstream OpenTelemetry Collector and SDKs [apm-otel-upstream]
 
 The {{stack}} natively supports the OpenTelemetry protocol (OTLP). This means trace data and metrics collected from your applications and infrastructure by an OpenTelemetry Collector or OpenTelemetry language SDK can be sent to the {{stack}}.
 
-You can set up an [OpenTelemetry Collector](https://opentelemetry.io/docs/collector/), instrument your application with an [OpenTelemetry language SDK](https://opentelemetry.io/docs/languages/) that sends data to the collector, and use the collector to process and export the data to either {{apm-server-or-mis}}.
-
-:::{image} /solutions/images/observability-apm-otel-api-sdk-collector.png
-:alt: apm otel api sdk collector
-:screenshot:
-:::
-
-::::{note}
-It’s also possible to send data directly to either {{apm-server-or-mis}} from an upstream OpenTelemetry SDK. You might do this during development or if you’re monitoring a small-scale application. Read more about when to use a collector in the [OpenTelemetry documentation](https://opentelemetry.io/docs/collector/#when-to-use-a-collector).
-::::
-
-This approach works well when you need to instrument a technology that Elastic doesn’t provide a solution for. For example, if you want to instrument C or C++ you could use the [OpenTelemetry C++ client](https://github.com/open-telemetry/opentelemetry-cpp).
+You can set up an [OpenTelemetry Collector](https://opentelemetry.io/docs/collector/), instrument your application with an [OpenTelemetry language SDK](https://opentelemetry.io/docs/languages/) that sends data to the Collector, and use the Collector to process and export the data to either the [Managed OTLP endpoint](opentelemetry://reference/motlp.md) or {{apm-server-or-mis}}.
 
-However, there are some limitations when using collectors and language SDKs built and maintained by OpenTelemetry, including:
+This approach works well when you need to instrument a technology that Elastic doesn’t provide a solution for. For example, if you want to instrument C or C++ you could use the [OpenTelemetry C++ client](https://github.com/open-telemetry/opentelemetry-cpp). However, there are some limitations when using upstream OpenTelemetry collectors and language SDKs, including:
 
 * Elastic can’t provide implementation support on how to use upstream OpenTelemetry tools.
 * You won’t have access to Elastic enterprise APM features.
@@ -79,24 +56,13 @@ For more on the limitations associated with using upstream OpenTelemetry tools,
 
 [**Get started with upstream OpenTelemetry Collectors and language SDKs →**](/solutions/observability/apm/upstream-opentelemetry-collectors-language-sdks.md)
 
-## AWS Lambda collector exporter [apm-otel-lambda]
-
-AWS Lambda functions can be instrumented with OpenTelemetry and monitored with Elastic {{observability}} or {{obs-serverless}}.
-
-To get started, follow the official AWS Distro for OpenTelemetry Lambda documentation, and configure the OpenTelemetry Collector to output traces and metrics to your Elastic cluster:
-
-[**Get started with the AWS Distro for OpenTelemetry Lambda**](https://aws-otel.github.io/docs/getting-started/lambda)
-
-## Upstream OpenTelemetry with the Elastic APM agent [apm-otel-api-sdk-elastic-agent]
-
-You can  use the OpenTelemetry API/SDKs with [Elastic APM agents](/solutions/observability/apm/get-started-fleet-managed-apm-server.md#_step_3_install_apm_agents) to translate OpenTelemetry API calls to Elastic APM API calls.
-
-:::{image} /solutions/images/observability-apm-otel-api-sdk-elastic-agent.png
-:alt: apm otel api sdk elastic agent
-:screenshot:
+:::{note}
+To understand the differences between Elastic Distributions of OpenTelemetry and upstream OpenTelemetry, refer to [EDOT compared to upstream OpenTelemetry](opentelemetry://reference/compatibility/edot-vs-upstream.md).
 :::
 
-This allows you to reuse your existing OpenTelemetry instrumentation to create Elastic APM transactions and spans — avoiding vendor lock-in and having to redo manual instrumentation.
+## Upstream OpenTelemetry with Elastic APM agent [apm-otel-api-sdk-elastic-agent]
+
+You can use the OpenTelemetry API/SDKs with [Elastic APM agents](/solutions/observability/apm/get-started-fleet-managed-apm-server.md#_step_3_install_apm_agents) to translate OpenTelemetry API calls to Elastic APM API calls. This allows you to reuse your existing OpenTelemetry instrumentation to create Elastic APM transactions and spans, avoiding vendor lock-in and having to redo manual instrumentation.
 
 However, not all features of the OpenTelemetry API are supported when using this approach, and not all Elastic APM agents support this approach.
 
@@ -105,4 +71,12 @@ Find more details about how to use an OpenTelemetry API or SDK with an Elastic A
 * [**APM Java agent**](apm-agent-java://reference/opentelemetry-bridge.md)
 * [**APM .NET agent**](apm-agent-dotnet://reference/opentelemetry-bridge.md)
 * [**APM Node.js agent**](apm-agent-nodejs://reference/opentelemetry-bridge.md)
-* [**APM Python agent**](apm-agent-python://reference/opentelemetry-api-bridge.md)
+* [**APM Python agent**](apm-agent-python://reference/opentelemetry-api-bridge.md)
+
+## AWS Lambda Collector Exporter [apm-otel-lambda]
+
+AWS Lambda functions can be instrumented with OpenTelemetry and monitored with Elastic {{observability}} or {{obs-serverless}}.
+
+To get started, follow the official AWS Distro for OpenTelemetry Lambda documentation, and configure the OpenTelemetry Collector to output traces and metrics to your Elastic cluster:
+
+[**Get started with the AWS Distro for OpenTelemetry Lambda**](https://aws-otel.github.io/docs/getting-started/lambda)

solutions/images/observability-apm-otel-distro2.png

@@ -1,10 +1,10 @@
 ---
 applies_to:
   serverless: preview
+  stack: preview 9.1
 ---
 # Configure advanced settings [streams-advanced-settings]
 
-The **Advanced** tab on the **Manage stream** page shows the lower-level details of your stream. While Streams simplifies many configurations, it doesn't currently support modifying all pipelines and templates. From the **Advanced** tab, you can manually interact with the index or component templates, or modify any of the other ingest pipelines that are being used.
-This UI is intended for more advanced users.
+The **Advanced** tab on the **Manage stream** page shows the underlying configuration details of your stream. While Streams simplifies many configurations, it doesn't support modifying all pipelines and templates. From the **Advanced** tab, you can manually interact with the index or component templates or modify other ingest pipelines that used by the stream.
 
-![Screenshot of the Advanced tab](<../../../../images/logs-streams-advanced.png>)
+This UI is intended for advanced users.

solutions/images/observability-obs-ai-assistant-anonymization.png

@@ -1,17 +1,18 @@
 ---
 applies_to:
   serverless: preview
+  stack: preview 9.1
 ---
 # Extract fields [streams-extract-fields]
 
-Unstructured log messages need to be parsed into meaningful fields so you can filter and analyze them quickly. Common fields to extract include timestamp and the log level, but you can also extract information like IP addresses, usernames, or ports.
+Unstructured log messages must be parsed into meaningful fields before you can filter and analyze them effectively. Commonly extracted fields include `@timestamp` and the `log.level`, but you can also extract information like IP addresses, usernames, and ports.
 
-Use the **Extract field** tab on the **Manage stream** page to process your data. The UI simulates your changes and provides an immediate preview that's tested end-to-end.
+Use the **Processing** tab on the **Manage stream** page to process your data. The UI simulates your changes and provides an immediate preview that's tested end-to-end.
 
 The UI also shows indexing problems, such as mapping conflicts, so you can address them before applying changes.
 
 :::{note}
-Applied changes aren't retroactive and only affect *future data ingested*.
+Applied changes aren't retroactive and only affect *future ingested data*.
 :::
 
 ## Add a processor [streams-add-processors]
@@ -33,7 +34,7 @@ To add a processor:
 1. Select **Add Processor** to save the processor.
 
 :::{note}
-Editing processors with JSON is planned for a future release. More processors may be added over time.
+Editing processors with JSON is planned for a future release, and additional processors may be supported over time.
 :::
 
 ### Add conditions to processors [streams-add-processor-conditions]
@@ -59,12 +60,12 @@ Under **Processors for field extraction**, when you set pipeline processors to m
 When you add or edit processors, the **Data preview** updates automatically.
 
 :::{note}
-To avoid unexpected results, focus on adding processors rather than removing or reordering existing processors.
+To avoid unexpected results, we recommend adding processors rather than removing or reordering existing processors.
 :::
 
 **Data preview** loads 100 documents from your existing data and runs your changes using them.
 For any newly added processors, this simulation is reliable. You can save individual processors during the preview, and even reorder them.
-Selecting 'Save changes' applies your changes to the data stream.
+Selecting **Save changes** applies your changes to the data stream.
 
 If you edit the stream again, note the following:
 - Adding more processors to the end of the list will work as expected.
@@ -85,29 +86,31 @@ Turn on **Ignore missing fields** to ignore the processor if the field is not pr
 
 Documents fail processing for different reasons. Streams helps you to easily find and handle failures before deploying changes.
 
-The following example shows not all messages matched the provided Grok pattern:
+In the following screenshot, the **Failed** percentage shows that not all messages matched the provided Grok pattern:
 
 ![Screenshot showing some failed documents](<../../../../images/logs-streams-parsed.png>)
 
-You can filter your documents by selecting **Parsed** or **Failed** at the top of the table. Select **Failed** to see the documents that failed:
+You can filter your documents by selecting **Parsed** or **Failed** at the top of the table. Select **Failed** to see the documents that weren't parsed correctly:
 
 ![Screenshot showing the documents UI with Failed selected](<../../../../images/logs-streams-failures.png>)
 
 Failures are displayed at the bottom of the process editor:
 
 ![Screenshot showing failure notifications](<../../../../images/logs-streams-processor-failures.png>)
 
-These failures may be something you should address, but in some cases they also act as more of a warning.
+These failures may require action, but in some cases, they serve more as warnings.
 
-### Mapping Conflicts
+### Mapping conflicts
 
-As part of processing, Streams also checks for mapping conflicts by simulating the change end to end. If a mapping conflict is detected, Streams marks the processor as failed and displays a failure message:
+As part of processing, Streams also checks for mapping conflicts by simulating the change end to end. If a mapping conflict is detected, Streams marks the processor as failed and displays a failure message like the following:
 
 ![Screenshot showing mapping conflict notifications](<../../../../images/logs-streams-mapping-conflicts.png>)
 
+You can then use the information in the failure message to find and troubleshoot mapping issues going forward.
+
 ## Processor statistics and detected fields [streams-stats-and-detected-fields]
 
-Once saved, the processor also gives you a quick look at how successful the processing was for this step and which fields were added.
+Once saved, the processor provides a quick look at the processor's success rate and the fields that it added.
 
 ![Screenshot showing field stats](<../../../../images/logs-streams-field-stats.png>)
 
@@ -143,12 +146,12 @@ Streams then creates and manages the `<data_stream_name>@stream.processing` pipe
 ### User interaction with pipelines
 
 Do not manually modify the `<data_stream_name>@stream.processing` pipeline created by Streams.
-You can still add your own processors manually to the `@custom` pipeline if needed. Adding processors before the pipeline processor crated by Streams may cause unexpected behavior.
+You can still add your own processors manually to the `@custom` pipeline if needed. Adding processors before the pipeline processor created by Streams may cause unexpected behavior.
 
 ## Known limitations [streams-known-limitations]
 
 - Streams does not support all processors. We are working on adding more processors in the future.
 - Streams does not support all processor options. We are working on adding more options in the future.
 - The data preview simulation may not accurately reflect the changes to the existing data when editing existing processors or re-ordering them.
-- Dots in field names are not supported. You can use the dot expand processor in the `@custom` pipeline as a workaround. You need to manually add the dot processor.
-- Providing any arbitrary JSON in the Streams UI is not supported. We are working on adding this in the future.
+- Dots in field names are not supported. You can use the dot expand processor in the `@custom` pipeline as a workaround. You need to manually add the dot expand processor.
+- Providing any arbitrary JSON in the Streams UI is not supported. We are working on adding this in the future.