Add requirement on 'search.allow_expensive_queries' to detections-requirement.md

Author: sdesalas

solutions/security/detect-and-alert/detections-requirements.md

@@ -35,8 +35,8 @@ These steps are only required for **self-managed** deployments:
     `xpack.encryptedSavedObjects.encryptionKey: 'fhjskloppd678ehkdfdlliverpoolfcr'`
 
 * In [`elasticsearch.yml`](/deploy-manage/deploy/self-managed/configure-elasticsearch.md):
-    * Set the `xpack.security.enabled` setting to `true`. Refer to [General security settings](elasticsearch://reference/elasticsearch/configuration-reference/security-settings.md#general-security-settings) for more information.
-    2. We need the `search.allow_expensive_queries` setting to be left on its default value of `true` for key detection features like [alerting rules](https://www.elastic.co/docs/explore-analyze/alerts-cases/alerts/alerting-setup#alerting-prerequisites) and rule exceptions to work. Please remove the line `search.allow_expensive_queries=false` if you find it.
+    1. Set the `xpack.security.enabled` setting to `true`. Refer to [General security settings](elasticsearch://reference/elasticsearch/configuration-reference/security-settings.md#general-security-settings) for more information.
+    2. Remove the line `search.allow_expensive_queries=false` if you find it. The `search.allow_expensive_queries` setting must be left on its default value of `true` for key detection features like [alerting rules](https://www.elastic.co/docs/explore-analyze/alerts-cases/alerts/alerting-setup#alerting-prerequisites) and rule exceptions to work.
 
 
 ::::{important}