Merge branch 'main' into charlotte-link-update-689

Author: charlotte-hoblik

deploy-manage/deploy/cloud-enterprise/configure.md

@@ -33,7 +33,7 @@ Other sections of the documentation describe important ECE features to consider:
 * [Configure allocator affinity](configure-allocator-affinity.md) - Determine how ECE distributes your Elastic Stack deployments across allocators.
 * [Change allocator disconnect timeout](change-allocator-disconnect-timeout.md) - Configure how long ECE waits before considering allocators to be disconnected.
 * [Migrate ECE to Podman hosts](./migrate-ece-to-podman-hosts.md) - If you are running a Docker based installation and you need to migrate to Podman.
-* [Migrate ECE on Podman hosts to SELinux in enforcing mode](migrate-ece-on-podman-hosts-to-selinux-enforce.md) - Migrate ECE to SELinux in `enforcing` mode using Podman.
+* [Migrate ECE on Podman hosts to SELinux in enforcing mode](../../security/secure-your-elastic-cloud-enterprise-installation/migrate-ece-on-podman-hosts-to-selinux-enforce.md) - Migrate ECE to SELinux in `enforcing` mode using Podman.
 
 ## Maintenance activities
 

deploy-manage/deploy/cloud-enterprise/deploy-an-orchestrator.md

@@ -52,5 +52,5 @@ To start orchestrating your {{es}} clusters, refer to [](./working-with-deployme
 The following tasks are only needed on certain circumstances:
 
 * [Migrate ECE to Podman hosts](./migrate-ece-to-podman-hosts.md)
-* [Migrate ECE on Podman hosts to SELinux enforce](./migrate-ece-on-podman-hosts-to-selinux-enforce.md)
+* [Migrate ECE on Podman hosts to SELinux enforce](./../../security/secure-your-elastic-cloud-enterprise-installation/migrate-ece-on-podman-hosts-to-selinux-enforce.md)
 * [Change allocator disconnect timeout](./change-allocator-disconnect-timeout.md)

deploy-manage/deploy/cloud-enterprise/enable-custom-endpoint-aliases.md

@@ -29,6 +29,7 @@ After installing or upgrading to version 2.10 or later:
     * For Kibana, the certificate needs to allow for ***.kb.<your-domain>**
     * For APM, the certificate needs to allow for ***.apm.<your-domain>**
     * For Fleet, the certificate needs to allow for ***.fleet.<your-domain>**
+    * For Universal Profiling, the certificate needs to allow for ***.profiling.<your-domain>** and ***.symbols.<your-domain>**
 
 3. In the **Platform** menu, select **Settings**.
 4. Under the **Enable custom endpoint alias naming**, toggle the setting to allow platform administrators and deployment managers to choose a simplified, unique URL for the endpoint.

deploy-manage/deploy/deployment-comparison.md

@@ -12,7 +12,7 @@ For more details about feature availability in Serverless, check [](elastic-clou
 | [Security configurations](/deploy-manage/security.md) | Full control | Limited control | Limited control |
 | [Authentication realms](/deploy-manage/users-roles.md) | Available | Available | Available, through Elastic Cloud only |
 | [Custom roles](/deploy-manage/users-roles.md) | Available | Available | Available |
-| [Audit logging](/deploy-manage/monitor/logging-configuration/configuring-audit-logs.md) | Available | Available | No |
+| [Audit logging](/deploy-manage/security/logging-configuration/security-event-audit-logging.md) | Available | Available | No |
 
 ## Infrastructure and cluster management
 

deploy-manage/monitor/stack-monitoring/collecting-log-data-with-filebeat.md

@@ -27,7 +27,7 @@ If you’re using {{agent}}, do not deploy {{filebeat}} for log collection. Inst
 
 2. Identify which logs you want to monitor.
 
-    The {{filebeat}} {{es}} module can handle [audit logs](../logging-configuration/logfile-audit-output.md), [deprecation logs](../logging-configuration/elasticsearch-log4j-configuration-self-managed.md#deprecation-logging), [gc logs](elasticsearch://reference/elasticsearch/jvm-settings.md#gc-logging), [server logs](../logging-configuration/elasticsearch-log4j-configuration-self-managed.md), and [slow logs](elasticsearch://reference/elasticsearch/index-settings/slow-log.md). For more information about the location of your {{es}} logs, see the [path.logs](../../deploy/self-managed/important-settings-configuration.md#path-settings) setting.
+    The {{filebeat}} {{es}} module can handle [audit logs](../../security/logging-configuration/logfile-audit-output.md), [deprecation logs](../logging-configuration/elasticsearch-log4j-configuration-self-managed.md#deprecation-logging), [gc logs](elasticsearch://reference/elasticsearch/jvm-settings.md#gc-logging), [server logs](../logging-configuration/elasticsearch-log4j-configuration-self-managed.md), and [slow logs](elasticsearch://reference/elasticsearch/index-settings/slow-log.md). For more information about the location of your {{es}} logs, see the [path.logs](../../deploy/self-managed/important-settings-configuration.md#path-settings) setting.
 
     ::::{important}
     If there are both structured (`*.json`) and unstructured (plain text) versions of the logs, you must use the structured logs. Otherwise, they might not appear in the appropriate context in {{kib}}.

deploy-manage/monitor/stack-monitoring/ece-stack-monitoring.md

@@ -181,7 +181,7 @@ When shipping logs to a monitoring deployment there are more logging features av
 
 #### For {{es}}: [ece-extra-logging-features-elasticsearch]
 
-* [Audit logging](../logging-configuration/enabling-audit-logs.md) - logs security-related events on your deployment
+* [Audit logging](../../security/logging-configuration/enabling-audit-logs.md) - logs security-related events on your deployment
 * [Slow query and index logging](elasticsearch://reference/elasticsearch/index-settings/slow-log.md) - helps find and debug slow queries and indexing
 * Verbose logging - helps debug stack issues by increasing component logs
 
@@ -190,7 +190,7 @@ After you’ve enabled log delivery on your deployment, you can [add the Elastic
 
 #### For Kibana: [ece-extra-logging-features-kibana]
 
-* [Audit logging](../logging-configuration/enabling-audit-logs.md) - logs security-related events on your deployment
+* [Audit logging](../../security/logging-configuration/enabling-audit-logs.md) - logs security-related events on your deployment
 
 After you’ve enabled log delivery on your deployment, you can [add the Kibana user settings](../../deploy/cloud-enterprise/edit-stack-settings.md) to enable this feature.
 

deploy-manage/security.md

@@ -121,6 +121,7 @@ There is no orchestration layer for self-managed deployments because you directl
 - [**Traffic filtering**](security/traffic-filtering.md): IP filtering, private links, and static IPs
 - [**Secure communications**](security/secure-cluster-communications.md): TLS configuration, certificates management
 - [**Data protection**](security/data-security.md): Encryption at rest, secure settings, saved objects
+- [**Security event audit logging**](security/logging-configuration/security-event-audit-logging.md): {{es}} and {{kib}} audit logs
 - [**Session management**](security/kibana-session-management.md): Kibana session controls
 - [**FIPS 140-2 compliance**](security/fips-140-2.md): Federal security standards
 

deploy-manage/monitor/logging-configuration/auditing-search-queries.md renamed to deploy-manage/security/logging-configuration/auditing-search-queries.md

@@ -26,7 +26,7 @@ When auditing security events, a single client request might generate multiple a
 
 For a complete description of event details and format, refer to the following resources:
   * [{{es}} audit events details and schema](elasticsearch://reference/elasticsearch/elasticsearch-audit-events.md)
-  * [{{es}} log entry output format](/deploy-manage/monitor/logging-configuration/logfile-audit-output.md#audit-log-entry-format)
+  * [{{es}} log entry output format](./logfile-audit-output.md#audit-log-entry-format)
 
 ### Kibana auditing configuration