Merge branch 'main' into security-alert-schema-data-stream-fields

Author: florent-leborgne

.github/CODEOWNERS

@@ -9,19 +9,19 @@
 # The docs
 /cloud-account/                             @elastic/admin-docs
 /deploy-manage/                             @elastic/admin-docs
-/explore-analyze/                           @elastic/core-docs @elastic/experience-docs 
+/explore-analyze/                           @elastic/core-docs @elastic/experience-docs
 /extend/                                    @elastic/core-docs
 /get-started/                               @elastic/core-docs @elastic/project-docs
 
 /manage-data/                               @elastic/admin-docs
-/manage-data/data-store/                    @elastic/admin-docs @elastic/developer-docs 
+/manage-data/data-store/                    @elastic/admin-docs @elastic/developer-docs
 /manage-data/ingest/                        @elastic/ingest-docs
 
 /reference/                                 @elastic/docs
 /reference/apm-agents/                      @elastic/ingest-docs
 /reference/data-analysis/                   @elastic/docs
 /reference/data-analysis/observability/     @elastic/experience-docs
-/reference/data-analysis/kibana/            @elastic/experience-docs 
+/reference/data-analysis/kibana/            @elastic/experience-docs
 /reference/data-analysis/machine-learning/  @elastic/developer-docs
 /reference/data-analysis/observability/     @elastic/experience-docs
 /reference/elasticsearch/clients/           @elastic/developer-docs
@@ -42,8 +42,12 @@
 /release-notes/fleet-elastic-agent/         @elastic/ingest-docs
 /release-notes/intro/                       @elastic/docs
 
-/solutions/                                 @elastic/experience-docs @elastic/developer-docs 
+/solutions/                                 @elastic/experience-docs @elastic/developer-docs
 /solutions/observability/                   @elastic/experience-docs
+/solutions/observability/apm/apm-agents/    @elastic/ingest-docs
+/solutions/observability/apm/apm-server/    @elastic/ingest-docs
+/solutions/observability/apm/ingest/        @elastic/ingest-docs
+/solutions/observability/apm/opentelemetry/ @elastic/ingest-docs
 /solutions/observability/get-started/       @elastic/ski-docs @elastic/project-docs
 /solutions/search/                          @elastic/developer-docs
 /solutions/search/get-started/              @elastic/developer-docs @elastic/project-docs
@@ -54,7 +58,7 @@
 /troubleshoot/deployments/                  @elastic/admin-docs
 /troubleshoot/elasticsearch/                @elastic/admin-docs
 /troubleshoot/ingest/                       @elastic/ingest-docs
-/troubleshoot/kibana/                       @elastic/admin-docs @elastic/experience-docs 
+/troubleshoot/kibana/                       @elastic/admin-docs @elastic/experience-docs
 /troubleshoot/monitoring/                   @elastic/admin-docs @elastic/experience-docs
 /troubleshoot/observability/                @elastic/ski-docs
 /troubleshoot/security/                     @elastic/ski-docs

.github/workflows/co-docs-builder.yml

@@ -21,7 +21,7 @@ on:
 jobs:
   publish:
     if: contains(github.event.pull_request.labels.*.name, 'ci:doc-build')
-    uses: elastic/workflows/.github/workflows/docs-versioned-publish.yml@main
+    uses: elastic/dev-docs-workflows/.github/workflows/docs-versioned-publish.yml@main
     with:
       # Refers to Vercel project
       project-name: elastic-dot-co-docs-preview-docs

.github/workflows/update-kube-stack-version.yml

@@ -1,65 +1,106 @@
-name: Update Kube-Stack Version
+name: Update Kube Stack Version
 
 on:
   schedule:
     # Run every Monday at 9:00 AM UTC
     - cron: '0 9 * * 1'
-  workflow_dispatch: # Allow manual triggering
+  workflow_dispatch:
+    inputs:
+      dry_run:
+        description: 'Dry run (check for updates without creating PR)'
+        required: false
+        default: false
+        type: boolean
 
 jobs:
   update-kube-stack-version:
     runs-on: ubuntu-latest
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v4
+      uses: actions/checkout@v5
       with:
         token: ${{ secrets.GITHUB_TOKEN }}
-    
+        fetch-depth: 0
+
     - name: Set up Python
-      uses: actions/setup-python@v4
+      uses: actions/setup-python@v5
       with:
-        python-version: '3.9'
-    
-    - name: Run kube-stack version update script
+        python-version: '3.13'
+
+    - name: Install dependencies
       run: |
-        cd scripts
-        python update_kube_stack_version.py
-    
+        python -m pip install --upgrade pip
+        pip install requests
+
+    - name: Run update script
+      id: update-script
+      run: |
+        echo "Running kube-stack-version update script..."
+        python scripts/update_kube_stack_version.py
+        echo "Script completed successfully"
+
     - name: Check for changes
-      id: verify-changed-files
+      id: check-changes
       run: |
-        if [ -n "$(git status --porcelain)" ]; then
-          echo "changed=true" >> $GITHUB_OUTPUT
+        if git diff --quiet HEAD -- docset.yml; then
+          echo "No changes detected in docset.yml"
+          echo "has_changes=false" >> $GITHUB_OUTPUT
         else
-          echo "changed=false" >> $GITHUB_OUTPUT
+          echo "Changes detected in docset.yml"
+          echo "has_changes=true" >> $GITHUB_OUTPUT
+          
+          # Show the diff for logging
+          echo "Changes:"
+          git diff HEAD -- docset.yml
         fi
-    
-    - name: Commit and push changes
-      if: steps.verify-changed-files.outputs.changed == 'true'
-      run: |
-        git config --local user.email "[email protected]"
-        git config --local user.name "GitHub Action"
-        git add docs/docset.yml
-        git commit -m "chore: update kube-stack version [skip ci]"
-        git push
-    
+
     - name: Create Pull Request
-      if: steps.verify-changed-files.outputs.changed == 'true'
-      uses: peter-evans/create-pull-request@v5
+      if: steps.check-changes.outputs.has_changes == 'true' && github.event.inputs.dry_run != 'true'
+      uses: peter-evans/create-pull-request@v7
       with:
         token: ${{ secrets.GITHUB_TOKEN }}
-        commit-message: "chore: update kube-stack version"
-        title: "chore: update kube-stack version"
+        commit-message: 'chore: update kube-stack-version'
+        title: 'chore: update kube-stack-version'
         body: |
-          This PR automatically updates the kube-stack version in `docs/docset.yml` based on the latest version from the elastic-agent repository.
+          This PR automatically updates the `kube-stack-version` in `docset.yml` based on the latest version from the elastic-agent repository.
           
           **Changes:**
-          - Updated kube-stack version in docset.yml
+          - Updated `kube-stack-version` to the latest value from elastic-agent repository
+          
+          **Generated by:** [Update Kube Stack Version workflow](https://github.com/${{ github.repository }}/actions/workflows/update-kube-stack-version.yml)
           
-          This PR was created automatically by the weekly kube-stack version update workflow.
+          This is an automated update. Please review the changes before merging.
         branch: update-kube-stack-version
         delete-branch: true
         labels: |
           automated
-          documentation
+          chore
+          kube-stack-version
+
+    - name: Dry run summary
+      if: github.event.inputs.dry_run == 'true'
+      run: |
+        echo "## Dry Run Summary" >> $GITHUB_STEP_SUMMARY
+        echo "" >> $GITHUB_STEP_SUMMARY
+        if [ "${{ steps.check-changes.outputs.has_changes }}" == "true" ]; then
+          echo "✅ **Changes detected** - A PR would be created in a real run" >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "**Changes that would be made:**" >> $GITHUB_STEP_SUMMARY
+          echo '```diff' >> $GITHUB_STEP_SUMMARY
+          git diff HEAD -- docset.yml >> $GITHUB_STEP_SUMMARY
+          echo '```' >> $GITHUB_STEP_SUMMARY
+        else
+          echo "ℹ️ **No changes needed** - kube-stack-version is already up to date" >> $GITHUB_STEP_SUMMARY
+        fi
+
+    - name: Summary
+      if: github.event.inputs.dry_run != 'true'
+      run: |
+        echo "## Update Summary" >> $GITHUB_STEP_SUMMARY
+        echo "" >> $GITHUB_STEP_SUMMARY
+        if [ "${{ steps.check-changes.outputs.has_changes }}" == "true" ]; then
+          echo "✅ **PR Created** - Changes detected and pull request created" >> $GITHUB_STEP_SUMMARY
+        else
+          echo "ℹ️ **No changes needed** - kube-stack-version is already up to date" >> $GITHUB_STEP_SUMMARY
+        fi

.gitignore

@@ -2,6 +2,10 @@
 .artifacts
 .DS_store
 
+# Jetbrains files
+.idea
+*.iml
+
 # Add LLM/AI related files
 AGENTS.md
 .github/copilot-instructions.md

deploy-manage/_snippets/autoops-cc-payment-faq.md

@@ -1 +1 @@
-Using [AutoOps for ECE, ECK, and self-managed clusters](/deploy-manage/monitor/autoops/cc-autoops-as-cloud-connected.md) through Cloud Connect is included with your [self-managed Enterprise license](https://www.elastic.co/subscriptions).
+Using [AutoOps for ECE, ECK, and self-managed clusters](/deploy-manage/monitor/autoops/cc-autoops-as-cloud-connected.md) through Cloud Connect is included with your [self-managed Enterprise license](https://www.elastic.co/subscriptions) and self-managed free trials. 

deploy-manage/autoscaling/trained-model-autoscaling.md

@@ -133,8 +133,8 @@ In case of ingest-optimized deployments, we maximize the number of model allocat
 | Level | Allocations | Threads | VCUs |
 | --- | --- | --- | --- |
 | Low | 0 to 2 dynamically | 1 | 0 to 16 dynamically |
-| Medium | 1 to 32 dynamically | 1 | 8 to 256 dynamically |
-| High | 1 to 512 for Search<br> 1 to 128 for Security and Observability<br> | 1 | 8 to 4096 for Search<br> 8 to 1024 for Security and Observability<br> |
+| Medium | 0 to 32 dynamically | 1 | 8 to 256 dynamically |
+| High | 0 to 512 for Search<br> 1 to 128 for Security and Observability<br> | 1 | 8 to 4096 for Search<br> 8 to 1024 for Security and Observability<br> |
 
 :::
 

deploy-manage/deploy/cloud-enterprise/ece-install-offline-images.md

@@ -38,16 +38,16 @@ Enterprise Search is not available in versions 9.0+.
 
 | Required downloads | Minimum required ECE version |
 | --- | --- |
-| [{{es}}, {{kib}}, APM, and Enterprise Search stack pack: 9.1.3](https://download.elastic.co/cloud-enterprise/versions/9.1.3.zip) | ECE 4.0.0 |
-| docker.elastic.co/cloud-release/elasticsearch-cloud-ess:9.1.3 | ECE 4.0.0 |
-| docker.elastic.co/cloud-release/kibana-cloud:9.1.3 | ECE 4.0.0 |
-| docker.elastic.co/cloud-release/elastic-agent-cloud:9.1.3 | ECE 4.0.0 |
+| [{{es}}, {{kib}}, APM, and Enterprise Search stack pack: 9.1.4](https://download.elastic.co/cloud-enterprise/versions/9.1.4.zip) | ECE 4.0.0 |
+| docker.elastic.co/cloud-release/elasticsearch-cloud-ess:9.1.4 | ECE 4.0.0 |
+| docker.elastic.co/cloud-release/kibana-cloud:9.1.4 | ECE 4.0.0 |
+| docker.elastic.co/cloud-release/elastic-agent-cloud:9.1.4 | ECE 4.0.0 |
 |  |  |
-| [{{es}}, {{kib}}, APM, and Enterprise Search stack pack: 8.19.3](https://download.elastic.co/cloud-enterprise/versions/8.19.3.zip) | ECE 3.0.0<br>(+ Docker 20.10.10+ required for 8.16+) |
-| docker.elastic.co/cloud-release/elasticsearch-cloud-ess:8.19.3 | ECE 3.0.0<br>(+ Docker 20.10.10+ required for 8.16+) |
-| docker.elastic.co/cloud-release/kibana-cloud:8.19.3 | ECE 3.0.0 |
-| docker.elastic.co/cloud-release/elastic-agent-cloud:8.19.3 | ECE 3.0.0 |
-| docker.elastic.co/cloud-release/enterprise-search-cloud:8.19.3 | ECE 3.0.0 |
+| [{{es}}, {{kib}}, APM, and Enterprise Search stack pack: 8.19.4](https://download.elastic.co/cloud-enterprise/versions/8.19.4.zip) | ECE 3.0.0<br>(+ Docker 20.10.10+ required for 8.16+) |
+| docker.elastic.co/cloud-release/elasticsearch-cloud-ess:8.19.4 | ECE 3.0.0<br>(+ Docker 20.10.10+ required for 8.16+) |
+| docker.elastic.co/cloud-release/kibana-cloud:8.19.4 | ECE 3.0.0 |
+| docker.elastic.co/cloud-release/elastic-agent-cloud:8.19.4 | ECE 3.0.0 |
+| docker.elastic.co/cloud-release/enterprise-search-cloud:8.19.4 | ECE 3.0.0 |
 |  |  |
 | [{{es}}, {{kib}}, APM, and Enterprise Search stack pack: 7.17.29](https://download.elastic.co/cloud-enterprise/versions/7.17.29.zip) | ECE 2.2.2 |
 | docker.elastic.co/cloud-assets/elasticsearch:7.17.29-0 | ECE 2.2.2 |
@@ -67,6 +67,11 @@ Enterprise Search is not available in versions 9.0+.
 ::::{dropdown} Expand to view the full list
 | Required downloads | Minimum required ECE version |
 | --- | --- |
+| [{{es}}, {{kib}}, APM, and Enterprise Search stack pack: 9.1.4](https://download.elastic.co/cloud-enterprise/versions/9.1.4.zip) | ECE 4.0.0 |
+| docker.elastic.co/cloud-release/elasticsearch-cloud-ess:9.1.4 | ECE 4.0.0 |
+| docker.elastic.co/cloud-release/kibana-cloud:9.1.4 | ECE 4.0.0 |
+| docker.elastic.co/cloud-release/elastic-agent-cloud:9.1.4 | ECE 4.0.0 |
+|  |  |
 | [{{es}}, {{kib}}, APM, and Enterprise Search stack pack: 9.1.3](https://download.elastic.co/cloud-enterprise/versions/9.1.3.zip) | ECE 4.0.0 |
 | docker.elastic.co/cloud-release/elasticsearch-cloud-ess:9.1.3 | ECE 4.0.0 |
 | docker.elastic.co/cloud-release/kibana-cloud:9.1.3 | ECE 4.0.0 |
@@ -122,6 +127,12 @@ Enterprise Search is not available in versions 9.0+.
 | docker.elastic.co/cloud-release/kibana-cloud:9.0.0 | ECE 4.0.0 |
 | docker.elastic.co/cloud-release/elastic-agent-cloud:9.0.0 | ECE 4.0.0 |
 |  |  |
+| [{{es}}, {{kib}}, APM, and Enterprise Search stack pack: 8.19.4](https://download.elastic.co/cloud-enterprise/versions/8.19.4.zip) | ECE 3.0.0<br>(+ Docker 20.10.10+ required for 8.16+) |
+| docker.elastic.co/cloud-release/elasticsearch-cloud-ess:8.19.4 | ECE 3.0.0<br>(+ Docker 20.10.10+ required for 8.16+) |
+| docker.elastic.co/cloud-release/kibana-cloud:8.19.4 | ECE 3.0.0 |
+| docker.elastic.co/cloud-release/elastic-agent-cloud:8.19.4 | ECE 3.0.0 |
+| docker.elastic.co/cloud-release/enterprise-search-cloud:8.19.4 | ECE 3.0.0 |
+|  |  |
 | [{{es}}, {{kib}}, APM, and Enterprise Search stack pack: 8.19.3](https://download.elastic.co/cloud-enterprise/versions/8.19.3.zip) | ECE 3.0.0<br>(+ Docker 20.10.10+ required for 8.16+) |
 | docker.elastic.co/cloud-release/elasticsearch-cloud-ess:8.19.3 | ECE 3.0.0<br>(+ Docker 20.10.10+ required for 8.16+) |
 | docker.elastic.co/cloud-release/kibana-cloud:8.19.3 | ECE 3.0.0 |

deploy-manage/deploy/cloud-enterprise/edit-stack-settings-apm.md

@@ -18,7 +18,7 @@ Starting in {{stack}} version 8.0, how you change APM settings and the settings
 :   New deployments created in {{stack}} version 8.0 and later will be managed by {{fleet}}.
 
     * This mode requires SSL/TLS configuration. Check [TLS configuration for {{fleet}}-managed mode](#ece-edit-apm-fleet-tls) for details.
-    * Check [APM integration input settings](/solutions/observability/apm/configure-apm-server.md) for all other Elastic APM configuration options in this mode.
+    * Check [APM integration input settings](/solutions/observability/apm/apm-server/configure.md) for all other Elastic APM configuration options in this mode.
 
 
 Standalone APM Server (legacy)
@@ -45,7 +45,7 @@ Pick one of the following options:
 {{ece}} supports most of the legacy APM settings. Through a YAML editor in the console, you can append your APM Server properties to the `apm-server.yml` file. Your changes to the configuration file are read on startup.
 
 ::::{important}
-Be aware that some settings could break your cluster if set incorrectly and that the syntax might change between major versions. Before upgrading, be sure to review the full list of the [latest APM settings and syntax](/solutions/observability/apm/configure-apm-server.md).
+Be aware that some settings could break your cluster if set incorrectly and that the syntax might change between major versions. Before upgrading, be sure to review the full list of the [latest APM settings and syntax](/solutions/observability/apm/apm-server/configure.md).
 ::::
 
 

deploy-manage/deploy/cloud-enterprise/fresh-installation-of-ece-using-podman-hosts.md

@@ -76,4 +76,6 @@ This section provides guidelines and recommendations to install ECE using a Podm
 
     To add a new allocator, use `--roles "allocator"`. To add a new coordinator, director, proxy, and allocator, use `--roles "allocator,coordinator,director,proxy"`
 
-
+::::{note}
+When using Podman, removing an image with the `--force` (`-f`) option not only deletes the image reference but also removes any containers that depend on that image. This behavior differs from Docker, where forced image removal does not automatically remove running or stopped containers. Therefore, avoid using the `--force` (`-f`) option with the `docker rmi` command.
+::::

deploy-manage/deploy/cloud-enterprise/manage-elastic-stack-versions.md

@@ -37,8 +37,8 @@ $$$ece-elastic-stack-stackpacks-recent$$$
 
 | Stack pack download link | Minimum required ECE version |
 | --- | --- |
-| [{{es}}, {{kib}}, and APM stack pack: 9.1.3](https://download.elastic.co/cloud-enterprise/versions/9.1.3.zip) | ECE 4.0.0 |
-| [{{es}}, {{kib}}, APM, and Enterprise Search stack pack: 8.19.3](https://download.elastic.co/cloud-enterprise/versions/8.19.3.zip) | ECE 3.0.0<br>(+ Docker 20.10.10+ required for 8.16+) |
+| [{{es}}, {{kib}}, and APM stack pack: 9.1.4](https://download.elastic.co/cloud-enterprise/versions/9.1.4.zip) | ECE 4.0.0 |
+| [{{es}}, {{kib}}, APM, and Enterprise Search stack pack: 8.19.4](https://download.elastic.co/cloud-enterprise/versions/8.19.4.zip) | ECE 3.0.0<br>(+ Docker 20.10.10+ required for 8.16+) |
 | [{{es}}, {{kib}}, APM, and Enterprise Search stack pack: 7.17.29](https://download.elastic.co/cloud-enterprise/versions/7.17.29.zip) | ECE 2.2.2 |
 | [{{es}}, {{kib}}, and APM stack pack: 6.8.23](https://download.elastic.co/cloud-enterprise/versions/6.8.23.zip) | ECE 1.1.4 |
 
@@ -50,6 +50,7 @@ Following is the full list of available packs containing {{stack}} versions. Not
 ::::{dropdown} Expand to view the full list
 | Stack pack download link | Minimum required ECE version |
 | --- | --- |
+| [{{es}}, {{kib}}, and APM stack pack: 9.1.4](https://download.elastic.co/cloud-enterprise/versions/9.1.4.zip) | ECE 4.0.0 |
 | [{{es}}, {{kib}}, and APM stack pack: 9.1.3](https://download.elastic.co/cloud-enterprise/versions/9.1.3.zip) | ECE 4.0.0 |
 | [{{es}}, {{kib}}, and APM stack pack: 9.1.2](https://download.elastic.co/cloud-enterprise/versions/9.1.2.zip) | ECE 4.0.0 |
 | [{{es}}, {{kib}}, and APM stack pack: 9.1.1](https://download.elastic.co/cloud-enterprise/versions/9.1.1.zip) | ECE 4.0.0 |
@@ -61,6 +62,7 @@ Following is the full list of available packs containing {{stack}} versions. Not
 | [{{es}}, {{kib}}, and APM stack pack: 9.0.2](https://download.elastic.co/cloud-enterprise/versions/9.0.2.zip) | ECE 4.0.0 |
 | [{{es}}, {{kib}}, and APM stack pack: 9.0.1](https://download.elastic.co/cloud-enterprise/versions/9.0.1.zip) | ECE 4.0.0 |
 | [{{es}}, {{kib}}, and APM stack pack: 9.0.0](https://download.elastic.co/cloud-enterprise/versions/9.0.0.zip) | ECE 4.0.0 |
+| [{{es}}, {{kib}}, APM, and Enterprise Search stack pack: 8.19.4](https://download.elastic.co/cloud-enterprise/versions/8.19.4.zip) | ECE 3.0.0<br>(+ docker 20.10.10+ required for 8.16+) |
 | [{{es}}, {{kib}}, APM, and Enterprise Search stack pack: 8.19.3](https://download.elastic.co/cloud-enterprise/versions/8.19.3.zip) | ECE 3.0.0<br>(+ docker 20.10.10+ required for 8.16+) |
 | [{{es}}, {{kib}}, APM, and Enterprise Search stack pack: 8.19.2](https://download.elastic.co/cloud-enterprise/versions/8.19.2.zip) | ECE 3.0.0<br>(+ docker 20.10.10+ required for 8.16+) |
 | [{{es}}, {{kib}}, APM, and Enterprise Search stack pack: 8.19.1](https://download.elastic.co/cloud-enterprise/versions/8.19.1.zip) | ECE 3.0.0<br>(+ docker 20.10.10+ required for 8.16+) |