Merge branch 'main' into 2588-add-overview-global-fleet-management

vishaangelova · web-flow · commit b0cc03a12881 · 2025-08-15T22:07:38.000+02:00
diff --git a/deploy-manage/cloud-organization/billing.md b/deploy-manage/cloud-organization/billing.md
@@ -14,7 +14,7 @@ products:
 
 # Billing
 
-Elastic charges a recurring fee for using our offerings on {{ecloud}}. In this section, you'll learn how to about the dimensions used to calculate your bill, how to monitor account usage, how to manage billing, and more.
+Elastic charges a recurring fee for using our offerings on {{ecloud}}. In this section, you'll learn about the dimensions used to calculate your bill, how to monitor account usage, how to manage billing, and more.
 
 ## Pricing model
 
diff --git a/release-notes/fleet-elastic-agent/index.md b/release-notes/fleet-elastic-agent/index.md
@@ -54,12 +54,8 @@ There are no new features, enhancements, or fixes in this release.
 
 **Elastic Agent**
 
-* Adds a new configuration setting, `agent.upgrade.rollback.window`. [#8065]({{agent-pull}}8065) [#6881]({{agent-issue}}6881)
+* Adds a new configuration setting, `agent.upgrade.rollback.window` in preparation for enabling upgrade rollbacks in a future release. [#8065]({{agent-pull}}8065) [#6881]({{agent-issue}}6881)
 
-  The value of the `agent.upgrade.rollback.window` setting determines the period after upgrading
-  Elastic Agent when a rollback to the previous version can be triggered. This is an optional
-  setting, with a default value of `168h` (7 days). The value can be any string that is parseable
-  by <https://pkg.go.dev/time#ParseDuration>.
 * Removes resource/k8s processor and uses k8sattributes processor for service attributes. [#8599]({{agent-pull}}8599)
 
   This PR removes the `resource/k8s` processor in honour of the k8sattributes processor that
@@ -93,7 +89,7 @@ There are no new features, enhancements, or fixes in this release.
 * Makes pbkdf2 settings validation FIPS compliant. [#4542]({{fleet-server-pull}}4542)
 * Updates to Go v1.24.0. [#4543]({{fleet-server-pull}}4543)
 * Adds version metadata to version command output. [#4820]({{fleet-server-pull}}4820)
-* Adds rollback attribute to upgrade actions. [#4838]({{fleet-server-issue}}4838)
+* Adds rollback attribute to upgrade actions in preparation for enabling upgrade rollbacks in a future release. [#4838]({{fleet-server-issue}}4838)
 
 ### Fixes [fleet-elastic-agent-9.1.0-fixes]
 
diff --git a/solutions/images/security-ease-ai-assistant.png b/solutions/images/security-ease-ai-assistant.png
diff --git a/solutions/images/security-ease-alert-flyout.png b/solutions/images/security-ease-alert-flyout.png
diff --git a/solutions/observability/get-started.md b/solutions/observability/get-started.md
@@ -14,6 +14,10 @@ products:
 
 # Get started with Elastic {{observability}} [observability-get-started]
 
+```{note}
+Use this guide to get started with the Observability Complete feature tier of {{obs-serverless}}. Refer to the [Logs Essentials getting started](/solutions/observability/get-started/logs-essentials.md) docs to get started with {{obs-serverless}} Logs Essentials. The [{{obs-serverless}} feature tiers](/solutions/observability/observability-serverless-feature-tiers.md) page details the difference between tiers.
+```
+
 New to Elastic {{observability}}? Discover more about our observability features and how to get started. The following instructions guides you through setting up your first Elastic {{observability}} deployment, collecting data from infrastructure and applications, and exploring your data.
 
 ## Get started with your use case [get-started-with-use-case]
@@ -118,7 +122,7 @@ Refer to [LLM observability](/solutions/observability/applications/llm-observabi
 
 :::::{dropdown} Steps for adding Synthetics monitoring
 1. Select **Add data** from the main menu and then select **Application**.
-2. Select **Synthetic monitor**. 
+2. Select **Synthetic monitor**.
 3. Select a [monitor type](/solutions/observability/synthetics/index.md).
 4. Fill out the details.
 5. (Optional) Add a [Playwright](https://playwright.dev/) script.
diff --git a/solutions/observability/get-started/logs-essentials.md b/solutions/observability/get-started/logs-essentials.md
@@ -10,9 +10,8 @@ products:
 # Get started with {{obs-serverless}} Logs Essentials [logs-essentials-get-started]
 
 ```{note}
-Use this guide to get started with the Logs Essentials feature tier of {{obs-serverless}}. Refer to the main [{{observability}} getting started](/solutions/observability/get-started.md) docs to get started with {{obs-serverless}} Complete, which includes APM and Infrastructure metrics.
+Use this guide to get started with the Logs Essentials feature tier of {{obs-serverless}}. Refer to the main [{{observability}} getting started](/solutions/observability/get-started.md) docs to get started with {{obs-serverless}} Complete, which includes APM and Infrastructure metrics. The [{{obs-serverless}} feature tiers](../observability-serverless-feature-tiers.md) page details the difference between tiers.
 ```
-% Note should link to the feature tier comparison docs once published.
 
 New to {{obs-serverless}} Logs Essentials? Discover more about its features and how to get started. The following instructions guide you through setting up your first Elastic {{observability}} Logs Essentials deployment, collecting log data, and exploring your data.
 
diff --git a/solutions/security/ai/ease/ease-intro.md b/solutions/security/ai/ease/ease-intro.md
@@ -6,7 +6,9 @@ applies_to:
 ---
 # Elastic AI SOC Engine with {{sec-serverless}}
 
-Elastic AI Security Operations Center (SOC) Engine (EASE) is an {{sec-serverless}} project type that provides AI-powered tools and case management to augment third-party SIEM and EDR/XDR platforms. This page describes how to create an {{sec-serverless}} EASE project, how to ingest your data, and how to use its key features.
+Elastic AI SOC Engine (EASE) is an {{sec-serverless}} project type that provides cutting-edge AI-powered tools to augment your existing SIEM and EDR/XDR platforms. Because serverless deployments are quick to deploy and easy to configure, and because all the integrations that you can use to ingest data to EASE support fast and easy [agentless](/solutions/security/get-started/agentless-integrations.md) deployment, you can start getting value from EASE in minutes.
+
+This page describes how to create an EASE project, how to ingest your data, and how to use its key features.
 
 ## Create an EASE project
 
@@ -21,21 +23,29 @@ To create an EASE project:
 2. Click **Create serverless project**, and wait for your project to be provisioned. When it's ready, open it.
 
 
-## Ingest your SOC data
+## Ingest your SIEM and EDR/XDR data
 
-To ingest your SOC data: 
+To ingest third-party security data: 
 
 1. Go to the **Configurations** page using the navigation menu or the [global search field](/explore-analyze/find-and-organize/find-apps-and-objects.md).
 
     :::{image} /solutions/images/security-ease-integrations.png
     :alt: The integrations page of an EASE project
+    :width: 600px
     :::
 
-2. From the **Integrations** tab, select any [integration](integration-docs://reference/index.md) you want to ingest data from to view deployment instructions and more information.
+2. From the **Integrations** tab, select a SIEM and EDR/XDR platform from which you want to ingest data to view setup instructions and more information. You can ingest data from:
+
+    * CrowdStrike
+    * Elastic Security
+    * Google SecOps
+    * Microsoft Sentinel
+    * SentinelOne
+    * Splunk
 
 ## Select a model
 
-EASE uses LLM connectors to enable its AI features such as Attack Discovery and AI Assistant. The Elastic Managed LLM is enabled by default. You can also [create custom connectors](/solutions/security/ai/set-up-connectors-for-large-language-models-llm.md). Keep in mind that different models [perform differently](/solutions/security/ai/large-language-model-performance-matrix.md) on different tasks. 
+EASE uses LLM connectors to enable its AI features such as Attack Discovery and AI Assistant. The Elastic Managed LLM is enabled by default. You can also [configure your own third-party LLM connector](/solutions/security/ai/set-up-connectors-for-large-language-models-llm.md). Keep in mind that different models [perform differently](/solutions/security/ai/large-language-model-performance-matrix.md) on different tasks. 
 
 
 ## Features
@@ -46,13 +56,23 @@ EASE provides a set of capabilities designed to help make the most of each secur
 
      :::{image} /solutions/images/security-attck-disc-example-disc.png
      :alt: Attack Discovery detail view
+     :width: 600px
      :::
 
-- **[AI Assistant](/solutions/security/ai/ai-assistant.md)**: An LLM-powered virtual assistant specialized for digital security; it helps with data analysis, alert investigation, incident response, and {{esql}} query generation. You can add custom background knowledge and data to its [knowledge base](/solutions/security/ai/ai-assistant-knowledge-base.md) and use natural language to ask for its assistance with your SOC operations.
+     You can [schedule](/solutions/security/ai/attack-discovery.md#schedule-discoveries) Attack Discovery to run automatically, and notify you of any discoveries through a range of connectors such as Slack, Teams, PagerDuty, or email.
+
+- **[AI Assistant](/solutions/security/ai/ai-assistant.md)**: An LLM-powered virtual assistant specialized for digital security; it helps with data analysis, alert investigation, incident response, and {{esql}} query generation. You can add custom background knowledge and data to its [knowledge base](/solutions/security/ai/ai-assistant-knowledge-base.md) and use natural language to ask for its assistance with your SOC operations. 
+
+    :::{image} /solutions/images/security-ease-ai-assistant.png
+    :alt: A new conversation with AI Assistant
+    :width: 450px
+    :::
+
+    You can add custom information to AI Assistant's [Knowledge Base](/solutions/security/ai/ai-assistant-knowledge-base.md), either in the form of individual documents or entire indices containing numerous documents. This information informs the AI Assistant's responses and can include everything from threat intelligence, to information about your team's on-call rotation, to information about your infrastructure, and more. 
 
 - **[Cases](/solutions/security/investigate/cases.md)**: Helps you track and share related information about security issues. Track key investigation details and collect alerts in a central location.
 
     :::{image} /solutions/images/security-ease-cases.png
-    :alt: The Cases page in an EASE project
+    :alt: The Cases page in an EASE project showing the default state
     :::
 
diff --git a/solutions/security/get-started/agentless-integrations.md b/solutions/security/get-started/agentless-integrations.md
@@ -37,18 +37,20 @@ Agentless deployment for the following integrations is in beta and is subject to
 1. AbuseCH
 2. Cloud Asset Discovery
 3. CrowdStrike  
-4. Google SecOps 
-5. Google Security Command Center
-6. Google Workspace
-7. Microsoft 365 Defender
-8. Microsoft Defender for Endpoint
-9. Microsoft Sentinel
-10. Okta
-11. Qualys VMDR
-12. SentinelOne
-13. Tenable IO
-14. Wiz
-15. Zscaler ZIA
+4. Elastic Security
+5. Google SecOps 
+6. Google Security Command Center
+7. Google Workspace
+8. Microsoft 365 Defender
+9. Microsoft Defender for Endpoint
+10. Microsoft Sentinel
+11. Okta
+12. Qualys VMDR
+13. SentinelOne
+14. Splunk
+15. Tenable IO
+16. Wiz
+17. Zscaler ZIA
 
 
 To learn more about these integrations and find setup guides, refer to [Elastic integrations](https://docs.elastic.co/en/integrations/).
