Merge branch 'main' into update_rbac_docs

Author: yctercero

deploy-manage/deploy/cloud-enterprise/ece-install-offline-images.md

@@ -38,10 +38,16 @@ Enterprise Search is not available in versions 9.0+.
 
 | Required downloads | Minimum required ECE version |
 | --- | --- |
-| [{{es}}, {{kib}}, APM, and Enterprise Search stack pack: 9.2.0](https://download.elastic.co/cloud-enterprise/versions/9.2.0.zip) | ECE 4.0.0 |
-| docker.elastic.co/cloud-release/elasticsearch-cloud-ess:9.2.0 | ECE 4.0.0 |
-| docker.elastic.co/cloud-release/kibana-cloud:9.2.0 | ECE 4.0.0 |
-| docker.elastic.co/cloud-release/elastic-agent-cloud:9.2.0 | ECE 4.0.0 |
+| [{{es}}, {{kib}}, APM, and Enterprise Search stack pack: 9.2.1](https://download.elastic.co/cloud-enterprise/versions/9.2.1.zip) | ECE 4.0.0 |
+| docker.elastic.co/cloud-release/elasticsearch-cloud-ess:9.2.1 | ECE 4.0.0 |
+| docker.elastic.co/cloud-release/kibana-cloud:9.2.1 | ECE 4.0.0 |
+| docker.elastic.co/cloud-release/elastic-agent-cloud:9.2.1 | ECE 4.0.0 |
+|  |  |
+| [{{es}}, {{kib}}, APM, and Enterprise Search stack pack: 8.19.7](https://download.elastic.co/cloud-enterprise/versions/8.19.7.zip) | ECE 3.0.0<br>(+ Docker 20.10.10+ required for 8.16+) |
+| docker.elastic.co/cloud-release/elasticsearch-cloud-ess:8.19.7 | ECE 3.0.0<br>(+ Docker 20.10.10+ required for 8.16+) |
+| docker.elastic.co/cloud-release/kibana-cloud:8.19.7 | ECE 3.0.0 |
+| docker.elastic.co/cloud-release/elastic-agent-cloud:8.19.7 | ECE 3.0.0 |
+| docker.elastic.co/cloud-release/enterprise-search-cloud:8.19.7 | ECE 3.0.0 |
 |  |  |
 | [{{es}}, {{kib}}, APM, and Enterprise Search stack pack: 8.19.6](https://download.elastic.co/cloud-enterprise/versions/8.19.6.zip) | ECE 3.0.0<br>(+ Docker 20.10.10+ required for 8.16+) |
 | docker.elastic.co/cloud-release/elasticsearch-cloud-ess:8.19.6 | ECE 3.0.0<br>(+ Docker 20.10.10+ required for 8.16+) |
@@ -67,11 +73,21 @@ Enterprise Search is not available in versions 9.0+.
 ::::{dropdown} Expand to view the full list
 | Required downloads | Minimum required ECE version |
 | --- | --- |
+| [{{es}}, {{kib}}, APM, and Enterprise Search stack pack: 9.2.1](https://download.elastic.co/cloud-enterprise/versions/9.2.1.zip) | ECE 4.0.0 |
+| docker.elastic.co/cloud-release/elasticsearch-cloud-ess:9.2.1 | ECE 4.0.0 |
+| docker.elastic.co/cloud-release/kibana-cloud:9.2.1 | ECE 4.0.0 |
+| docker.elastic.co/cloud-release/elastic-agent-cloud:9.2.1 | ECE 4.0.0 |
+|  |  |
 | [{{es}}, {{kib}}, APM, and Enterprise Search stack pack: 9.2.0](https://download.elastic.co/cloud-enterprise/versions/9.2.0.zip) | ECE 4.0.0 |
 | docker.elastic.co/cloud-release/elasticsearch-cloud-ess:9.2.0 | ECE 4.0.0 |
 | docker.elastic.co/cloud-release/kibana-cloud:9.2.0 | ECE 4.0.0 |
 | docker.elastic.co/cloud-release/elastic-agent-cloud:9.2.0 | ECE 4.0.0 |
 |  |  |
+| [{{es}}, {{kib}}, APM, and Enterprise Search stack pack: 9.1.7](https://download.elastic.co/cloud-enterprise/versions/9.1.7.zip) | ECE 4.0.0 |
+| docker.elastic.co/cloud-release/elasticsearch-cloud-ess:9.1.7 | ECE 4.0.0 |
+| docker.elastic.co/cloud-release/kibana-cloud:9.1.7 | ECE 4.0.0 |
+| docker.elastic.co/cloud-release/elastic-agent-cloud:9.1.7 | ECE 4.0.0 |
+|  |  |
 | [{{es}}, {{kib}}, APM, and Enterprise Search stack pack: 9.1.6](https://download.elastic.co/cloud-enterprise/versions/9.1.6.zip) | ECE 4.0.0 |
 | docker.elastic.co/cloud-release/elasticsearch-cloud-ess:9.1.6 | ECE 4.0.0 |
 | docker.elastic.co/cloud-release/kibana-cloud:9.1.6 | ECE 4.0.0 |
@@ -147,6 +163,12 @@ Enterprise Search is not available in versions 9.0+.
 | docker.elastic.co/cloud-release/kibana-cloud:9.0.0 | ECE 4.0.0 |
 | docker.elastic.co/cloud-release/elastic-agent-cloud:9.0.0 | ECE 4.0.0 |
 |  |  |
+| [{{es}}, {{kib}}, APM, and Enterprise Search stack pack: 8.19.7](https://download.elastic.co/cloud-enterprise/versions/8.19.7.zip) | ECE 3.0.0<br>(+ Docker 20.10.10+ required for 8.16+) |
+| docker.elastic.co/cloud-release/elasticsearch-cloud-ess:8.19.7 | ECE 3.0.0<br>(+ Docker 20.10.10+ required for 8.16+) |
+| docker.elastic.co/cloud-release/kibana-cloud:8.19.7 | ECE 3.0.0 |
+| docker.elastic.co/cloud-release/elastic-agent-cloud:8.19.7 | ECE 3.0.0 |
+| docker.elastic.co/cloud-release/enterprise-search-cloud:8.19.7 | ECE 3.0.0 |
+|  |  |
 | [{{es}}, {{kib}}, APM, and Enterprise Search stack pack: 8.19.6](https://download.elastic.co/cloud-enterprise/versions/8.19.6.zip) | ECE 3.0.0<br>(+ Docker 20.10.10+ required for 8.16+) |
 | docker.elastic.co/cloud-release/elasticsearch-cloud-ess:8.19.6 | ECE 3.0.0<br>(+ Docker 20.10.10+ required for 8.16+) |
 | docker.elastic.co/cloud-release/kibana-cloud:8.19.6 | ECE 3.0.0 |

deploy-manage/deploy/cloud-enterprise/manage-elastic-stack-versions.md

@@ -37,6 +37,8 @@ $$$ece-elastic-stack-stackpacks-recent$$$
 | Stack pack download link | Minimum required ECE version |
 | --- | --- |
 | [{{es}}, {{kib}}, and APM stack pack: 9.2.0](https://download.elastic.co/cloud-enterprise/versions/9.2.0.zip) | ECE 4.0.0 |
+| [{{es}}, {{kib}}, APM, and Enterprise Search stack pack: 8.19.7](https://download.elastic.co/cloud-enterprise/versions/8.19.7.zip) | ECE 3.0.0<br>(+ Docker 20.10.10+ required for 8.16+) |
+| [{{es}}, {{kib}}, and APM stack pack: 9.2.1](https://download.elastic.co/cloud-enterprise/versions/9.2.1.zip) | ECE 4.0.0 |
 | [{{es}}, {{kib}}, APM, and Enterprise Search stack pack: 8.19.6](https://download.elastic.co/cloud-enterprise/versions/8.19.6.zip) | ECE 3.0.0<br>(+ Docker 20.10.10+ required for 8.16+) |
 | [{{es}}, {{kib}}, APM, and Enterprise Search stack pack: 7.17.29](https://download.elastic.co/cloud-enterprise/versions/7.17.29.zip) | ECE 2.2.2 |
 
@@ -48,7 +50,9 @@ Following is the full list of available packs containing {{stack}} versions. Not
 ::::{dropdown} Expand to view the full list
 | Stack pack download link | Minimum required ECE version |
 | --- | --- |
+| [{{es}}, {{kib}}, and APM stack pack: 9.2.1](https://download.elastic.co/cloud-enterprise/versions/9.2.1.zip) | ECE 4.0.0 |
 | [{{es}}, {{kib}}, and APM stack pack: 9.2.0](https://download.elastic.co/cloud-enterprise/versions/9.2.0.zip) | ECE 4.0.0 |
+| [{{es}}, {{kib}}, and APM stack pack: 9.1.7](https://download.elastic.co/cloud-enterprise/versions/9.1.7.zip) | ECE 4.0.0 |
 | [{{es}}, {{kib}}, and APM stack pack: 9.1.6](https://download.elastic.co/cloud-enterprise/versions/9.1.6.zip) | ECE 4.0.0 |
 | [{{es}}, {{kib}}, and APM stack pack: 9.1.5](https://download.elastic.co/cloud-enterprise/versions/9.1.5.zip) | ECE 4.0.0 |
 | [{{es}}, {{kib}}, and APM stack pack: 9.1.4](https://download.elastic.co/cloud-enterprise/versions/9.1.4.zip) | ECE 4.0.0 |
@@ -64,6 +68,7 @@ Following is the full list of available packs containing {{stack}} versions. Not
 | [{{es}}, {{kib}}, and APM stack pack: 9.0.2](https://download.elastic.co/cloud-enterprise/versions/9.0.2.zip) | ECE 4.0.0 |
 | [{{es}}, {{kib}}, and APM stack pack: 9.0.1](https://download.elastic.co/cloud-enterprise/versions/9.0.1.zip) | ECE 4.0.0 |
 | [{{es}}, {{kib}}, and APM stack pack: 9.0.0](https://download.elastic.co/cloud-enterprise/versions/9.0.0.zip) | ECE 4.0.0 |
+| [{{es}}, {{kib}}, APM, and Enterprise Search stack pack: 8.19.7](https://download.elastic.co/cloud-enterprise/versions/8.19.7.zip) | ECE 3.0.0<br>(+ docker 20.10.10+ required for 8.16+) |
 | [{{es}}, {{kib}}, APM, and Enterprise Search stack pack: 8.19.6](https://download.elastic.co/cloud-enterprise/versions/8.19.6.zip) | ECE 3.0.0<br>(+ docker 20.10.10+ required for 8.16+) |
 | [{{es}}, {{kib}}, APM, and Enterprise Search stack pack: 8.19.5](https://download.elastic.co/cloud-enterprise/versions/8.19.5.zip) | ECE 3.0.0<br>(+ docker 20.10.10+ required for 8.16+) |
 | [{{es}}, {{kib}}, APM, and Enterprise Search stack pack: 8.19.4](https://download.elastic.co/cloud-enterprise/versions/8.19.4.zip) | ECE 3.0.0<br>(+ docker 20.10.10+ required for 8.16+) |

release-notes/elastic-cloud-serverless/known-issues.md

@@ -16,6 +16,22 @@ Known issues are significant defects or limitations that may impact your impleme
 
 ## Active
 
+
+
+::::{dropdown} Alerts aren't generated for rules with alert flapping off and an alert delay higher than 1
+
+**Details**
+
+On October 22, 2025, it was discovered that alerts aren't generated for rules that have **Alert flapping detection** turned off and the alert delay set to a value higher than 1.
+
+**Workaround**
+
+Set the alert delay value to 1 or turn on **Alert flapping detection**.
+
+::::
+
+## Resolved
+
 :::{dropdown} Entity store transform is unavailable 
 
 **Details**
@@ -29,22 +45,12 @@ Restart the entity store:
 2. On the **Entity Store** page, turn the toggle off.
 3. Turn the toggle back on.
 
-::::
-
-::::{dropdown} Alerts aren't generated for rules with alert flapping off and an alert delay higher than 1
-
-**Details**
-
-On October 22, 2025, it was discovered that alerts aren't generated for rules that have **Alert flapping detection** turned off and the alert delay set to a value higher than 1.
+**Resolved** 
 
-**Workaround**
-
-Set the alert delay value to 1 or turn on **Alert flapping detection**.
+This was resolved on November 4, 2025.
 
 ::::
 
-## Resolved
-
 :::{dropdown} CSPM and Asset Management integrations don't ingest data when deployed using agent-based technology if {{kib}} is hosted on AWS
 Applies to: {{serverless-short}} deployments hosted on AWS
 

release-notes/elastic-observability/index.md

@@ -21,6 +21,15 @@ To check for security updates, go to [Security announcements for the Elastic sta
 % ### Fixes [elastic-observability-next-fixes]
 % *
 
+## 9.2.1 [elastic-observability-9.2.1-release-notes]
+
+### Fixes [elastic-observability-9.2.1-fixes]
+* Fixes simulation of geo points in Streams [#241824]({{kib-pull}}241824).
+* Speeds up field simulation in Streams [#241313]({{kib-pull}}241313).
+* Fixes the incorrectly formatted **Values** dropdown in Storybook [#241812]({{kib-pull}}241812).
+* Escapes special characters when creating ESQL query for Lens charts [#241662]({{kib-pull}}241662).
+
+
 ## 9.2.0 [elastic-observability-9.2.0-release-notes]
 
 ### Features and enhancements[elastic-observability-9.2.0-features]
@@ -94,6 +103,14 @@ To check for security updates, go to [Security announcements for the Elastic sta
 * Improves accessibility for Streams badges [#235625]({{kib-pull}}235625).
 * Fixes code area responsiveness in Stream management [#232630]({{kib-pull}}232630).
 
+## 9.1.7 [elastic-observability-9.1.7-release-notes]
+
+### Fixes [elastic-observability-9.1.7-fixes]
+* Adds missing transaction action links [#241336]({{kib-pull}}241336).
+* Fixes overlapping components in the Observability AI Assistant flyout on small screens [#241026]({{kib-pull}}241026).
+* Excludes stale SLOs from "group by" stats [#240077]({{kib-pull}}240077).
+* Fixes Kibana tool from failing when using a proxy [#236653]({{kib-pull}}236653).
+
 ## 9.1.6 [elastic-observability-9.1.6-release-notes]
 
 ### Fixes [elastic-observability-9.1.6-fixes]

release-notes/elastic-security/index.md

@@ -27,6 +27,23 @@ To check for security updates, go to [Security announcements for the Elastic sta
 
 % *
 
+## 9.2.1 [elastic-security-9.2.1-release-notes]
+
+### Features and enhancements [elastic-security-9.2.1-features-enhancements]
+
+* Improves the startup log in {{elastic-defend}} to explain the details of unsigned policy.
+* Improves the accuracy of thread CPU usage reported in {{elastic-defend}} metrics documents.
+
+### Fixes [elastic-security-9.2.1-fixes]
+* Fixes an issue where the CSPM and Asset Discovery integrations failed to collect data when using agent-based deployment [#241390]({{kib-pull}}241390).
+* Fixes a react-query key collision that occurred when two different integration lookups shared the same key, which could cause errors when navigating between pages [#240517]({{kib-pull}}240517).
+* Fixes multiple issues searching installed rules by allowing partial matches on rule name and improving special character support [#237496]({{kib-pull}}237496).
+* Fixes an {{elastic-defend}} bug in Linux event collection where some long-running processes were not enriched.
+* Fixes multiple {{elastic-defend}} issues in malware protection for Linux where a deadlock could sometimes occur when containers and autofs were both active.
+* Fixes an {{elastic-defend}} issue that could cause the `get-file` and `execute` response actions to fail after many were issued with a single running instance of {{elastic-defend}}
+* Improves {{elastic-defend}} detection of file rename operations on Windows when performed over Server Message Block (SMB).
+* Fixes an {{elastic-defend}} issue on Windows where the `code_signature.thumbprint_sha256` field was missing under process and DLL events for certain event types.
+
 
 ## 9.2.0 [elastic-security-9.2.0-release-notes]
 
@@ -121,6 +138,29 @@ To check for security updates, go to [Security announcements for the Elastic sta
 * Fixes an issue to improve reliability of health status reporting between {{elastic-endpoint}} and {{agent}}.
 * Fixes a race condition in {{elastic-defend}} that occasionally resulted in corrupted process command lines on Windows. This could cause incorrect values for `process.command_line`, `process.args_count`, and `process.args`, leading to false positives.
 * Fixes an issue in {{elastic-defend}} that could result in a crash if a specified {{ls}} output configuration contained a certificate that couldn't be parsed.
+* Fixes CVE-2025-37735 ([ESA-2025-23](https://discuss.elastic.co/t/elastic-defend-8-19-6-9-1-6-and-9-2-0-security-update-esa-2025-23/383272)) in {{elastic-defend}} on Windows which could allow a low-privilege attacker to delete arbitrary files on the system and potentially escalate privileges to SYSTEM. Windows 11 24H2 includes changes which make this issue harder to exploit.
+
+
+## 9.1.7 [elastic-security-9.1.7-release-notes]
+
+### Features and enhancements [elastic-security-9.1.7-features-enhancements]
+* Improves the reliability of Cloud Security Posture (CSP) data by automatically upgrading outdated Misconfiguration and Vulnerabilities data views to the correct versions [#238547]({{kib-pull}}238547).
+* Adds more {{elastic-defend}} options to the {{ls}} output, allowing for finer control.
+* Improves the accuracy of thread CPU usage reported in {{elastic-defend}} metrics documents.
+
+
+### Fixes [elastic-security-9.1.7-fixes]
+* Fixes entity flyout **Risk contributions** tab link [#241153]({{kib-pull}}241153).
+* Fixes a pagination issue with the data table on the **Indicators** page [#241108]({{kib-pull}}241108).
+* Fixes a react-query key collision that occurred when two different integration lookups shared the same key, which could cause errors when navigating between pages [#240517]({{kib-pull}}240517).
+* Fixes multiple issues searching installed rules by allowing partial matches on rule name and improving special character support [#237496]({{kib-pull}}237496).
+* Fixes an issue where rule exception operators could not be cleared when editing a rule exception [#236051]({{kib-pull}}236051).
+* Fixes an {{elastic-defend}} issue on Linux by preventing unnecessary locking within malware protection to avoid invalid watchdog firings.
+* Fixes issues that could sometimes cause crashes of the {{elastic-defend}} user-mode process on very busy Windows systems.
+* Fixes multiple {{elastic-defend}} issues in malware protection for Linux where a deadlock could sometimes occur when containers and autofs were both active.
+* Fixes CVE-2025-37735 ([ESA-2025-23](https://discuss.elastic.co/t/elastic-defend-8-19-6-9-1-6-and-9-2-0-security-update-esa-2025-23/383272)) in {{elastic-defend}} on Windows which could allow a low-privilege attacker to delete arbitrary files on the system and potentially escalate privileges to SYSTEM. Windows 11 24H2 includes changes which make this issue harder to exploit.
+* Fixes an {{elastic-defend}} bug in Linux event collection where some long-running processes were not enriched.
+* Fixes an {{elastic-defend}} issue that could cause the `get-file` and `execute` response actions to fail after many were issued with a single running instance of {{elastic-defend}}.
 
 
 ## 9.1.6 [elastic-security-9.1.6-release-notes]

release-notes/elastic-security/known-issues.md

@@ -31,6 +31,10 @@ Restart the entity store:
 2. On the **Entity Store** page, turn the toggle off.
 3. Turn the toggle back on.
 
+**Resolved**<br>
+
+Resolved in {{stack}} 9.2.1
+
 ::::
 
 :::{dropdown} CSPM and Asset Management integrations don't ingest data when deployed using agent-based technology if {{kib}} is hosted on AWS