Merge branch 'main' into synthetics-namespace-docs

Author: emilioalvap

deploy-manage/_snippets/field-doc-sec-limitations.md

@@ -40,5 +40,5 @@ When a user’s role enables document or [field level security](/deploy-manage/u
 
 * The request cache is disabled for search requests if either of the following are true:
 
-    * The role query that defines document level security is [templated](/deploy-manage/users-roles/cluster-or-deployment-auth/controlling-access-at-document-field-level.md#templating-role-query) using a [stored script](/explore-analyze/scripting/modules-scripting-using.md#script-stored-scripts).
+    * The role query that defines document level security is [templated](/deploy-manage/users-roles/cluster-or-deployment-auth/controlling-access-at-document-field-level.md#templating-role-query) using a [stored script](/explore-analyze/scripting/modules-scripting-store-and-retrieve.md).
     * The target indices are a mix of local and remote indices.

deploy-manage/images/self-managed-autoops-diagram.png

@@ -0,0 +1,3 @@
+1. {{agent}} connects to your ECE, ECK, or self-managed {{es}} cluster. 
+2. The agent registers your cluster with {{ecloud}} using the Cloud Connect API.
+3. The agent begins to send metrics from your cluster to AutoOps in your selected CSP region. 

deploy-manage/monitor/_snippets/autoops-cc-components.md

@@ -12,10 +12,26 @@ products:
 
 # AutoOps for self-managed clusters
 
-For ECE ({{ece}}), ECK ({{eck}}), and self-managed clusters, AutoOps can be set up in all supported [regions](ec-autoops-regions.md#autoops-for-self-managed-clusters-regions) through [Cloud Connect](/deploy-manage/cloud-connect.md). More regions are coming soon.
+For ECE ({{ece}}), ECK ({{eck}}), and self-managed {{es}} clusters, AutoOps can be set up in all supported [regions](ec-autoops-regions.md#autoops-for-self-managed-clusters-regions) through [Cloud Connect](/deploy-manage/cloud-connect.md). More regions are coming soon.
 
 Cloud Connect enables users of ECE, ECK, and self-managed clusters to use {{ecloud}} services. This means you can take advantage of the simplified cluster monitoring, real-time issue detection, and performance recommendations of AutoOps without having to run and manage the underlying infrastructure.
 
+## How your self-managed cluster connects to AutoOps
+
+To connect your ECE, ECK, or self-managed cluster to AutoOps, you have to use your {{ecloud}} account to install {{agent}}. After that, the process can be broken down into three components:
+
+:::{include} /deploy-manage/monitor/_snippets/autoops-cc-components.md
+:::
+
+:::{image} /deploy-manage/images/self-managed-autoops-diagram.png
+:alt: Diagram depicting how AutoOps for self-managed clusters works
+:::
+
+For instructions on how to get started, refer to [](/deploy-manage/monitor/autoops/cc-connect-self-managed-to-autoops.md).
+
+After this setup is complete, you can start using AutoOps to monitor your cluster. Learn more about what you can do with AutoOps in [views](/deploy-manage/monitor/autoops/views.md) and [events](/deploy-manage/monitor/autoops/ec-autoops-events.md).  
+
+
 ## Section overview
 
 In this section, you'll find the following information:
@@ -26,4 +42,5 @@ In this section, you'll find the following information:
 * A [troubleshooting guide](/deploy-manage/monitor/autoops/cc-cloud-connect-autoops-troubleshooting.md) to help you with any issues you may encounter
 
 :::{tip}
-Refer to our [FAQ](/deploy-manage/monitor/autoops/ec-autoops-faq.md#questions-about-autoops-for-self-managed-clusters) for answers to commonly asked questions about AutoOps for self-managed clusters.
+Refer to our [FAQ](/deploy-manage/monitor/autoops/ec-autoops-faq.md#questions-about-autoops-for-self-managed-clusters) for answers to commonly asked questions about AutoOps for self-managed clusters.
+:::

deploy-manage/monitor/autoops/cc-autoops-as-cloud-connected.md

@@ -44,42 +44,12 @@ $$$firewall$$$**My organization's firewall may be preventing {{agent}} from coll
     Run the following tests within the context of your execution environment. That is, if your chosen installation method is Kubernetes, run the commands from within the pod; for Docker, run the commands from within the container, and so on. 
     :::
 
-    There are three main components of {{agent}}'s connection with your system:
+    There are [three main components](/deploy-manage/monitor/autoops/cc-autoops-as-cloud-connected.md#how-your-self-managed-cluster-connects-to-autoops) of {{agent}}'s connection with your system:
 
-    1. {{agent}} registers your cluster with {{ecloud}}
-    2. {{agent}} connects to your cluster
-    3. {{agent}} sends metrics from your cluster to {{ecloud}}
-
-    If there is an issue with the first component, the agent will stop working and your logs might look like: 
-    
-    ```sh
-    ... failed to register Cloud Connected Mode: ... Post \"https://api.elastic-cloud.com/api/v1/cloud-connected/clusters\": ...
-    ```
-    
-    To test if your organization is not allowing the agent to register your cluster with {{ecloud}}, run the following command:
-
-    ```json
-    curl -XPOST -i \
-    https://api.elastic-cloud.com/api/v1/cloud-connected/clusters \
-    -H 'Content-Type: application/json' \
-    -d '{"self_managed_cluster": {"id": "my-cluster-uuid", "name": "my-cluster-name", "version": "9.1.0"}, "license": {"uid": "my-license-id", "type": "basic"}}'
-    ```
-    
-    The command should return an HTTP 401 response similar to: 
-
-    ```json
-          {"UnauthorizedMessages":["Invalid credential headers"],"Cause":null}
-    ```
-    If you do not receive a similar response, configure your HTTP proxy to allow it to reach the URL (with headers and a JSON body):
-    
-    ```json
-          POST https://api.elastic-cloud.com/api/v1/cloud-connected/clusters
-    ```
-    :::{note}
-    If you are using Docker, you may need to complete this configuration directly via the `HTTP_PROXY`, `HTTPS_PROXY`, and `NO_PROXY` environment variables.
+    :::{include} /deploy-manage/monitor/_snippets/autoops-cc-components.md
     :::
 
-    If there is an issue with the second component, {{agent}} cannot connect to your cluster. To test if your organization is not allowing this connection, run the following command depending on your chosen authentication method:
+    If there is an issue with the first component, {{agent}} cannot connect to your cluster. To test if your organization is not allowing this connection, run the following command depending on your chosen authentication method:
 
     :::::{tab-set}
     :group: api-key-or-basic
@@ -138,6 +108,34 @@ $$$firewall$$$**My organization's firewall may be preventing {{agent}} from coll
     | You are using a custom SSL/TLS configuration with {{es}} | Disable SSL/TLS verification so that your system trusts all certificates. We do not recommend disabling verification in production environments. <br><br> If you are using API key authentication, run the following command: <br><br>`curl -XGET --insecure -i $AUTOOPS_ES_URL \ -H "Authorization: ApiKey $AUTOOPS_ES_API_KEY"`. <br><br> If you are using username/password authentication, run the following command: <br><br> `curl -XGET --insecure -i $AUTOOPS_ES_URL \ -u $AUTOOPS_ES_USERNAME` <br><br> If the issue is resolved, you need to configure your custom SSL/TLS settings with {{agent}}. If the issue persists, contact [Elastic support](https://support.elastic.co/).| 
     | You are connecting a local development cluster using Docker without specifying `--network host` | - Make sure you are following all the steps to [connect your local development cluster to AutoOps](/deploy-manage/monitor/autoops/cc-connect-local-dev-to-autoops.md#connect-your-local-development-cluster-to-autoops). <br> - In the [Install agent](/deploy-manage/monitor/autoops/cc-connect-self-managed-to-autoops.md#install-agent) step, make sure you are replacing `docker run -d \` with `docker run -d --network host \`. |
 
+    If there is an issue with the second component, the agent will stop working and your logs might look like: 
+    
+    ```sh
+    ... failed to register Cloud Connected Mode: ... Post \"https://api.elastic-cloud.com/api/v1/cloud-connected/clusters\": ...
+    ```
+    
+    To test if your organization is not allowing the agent to register your cluster with {{ecloud}}, run the following command:
+
+    ```json
+    curl -XPOST -i \
+    https://api.elastic-cloud.com/api/v1/cloud-connected/clusters \
+    -H 'Content-Type: application/json' \
+    -d '{"self_managed_cluster": {"id": "my-cluster-uuid", "name": "my-cluster-name", "version": "9.1.0"}, "license": {"uid": "my-license-id", "type": "basic"}}'
+    ```
+    
+    The command should return an HTTP 401 response similar to: 
+
+    ```json
+          {"UnauthorizedMessages":["Invalid credential headers"],"Cause":null}
+    ```
+    If you do not receive a similar response, configure your HTTP proxy to allow it to reach the URL (with headers and a JSON body):
+    
+    ```json
+          POST https://api.elastic-cloud.com/api/v1/cloud-connected/clusters
+    ```
+    :::{note}
+    If you are using Docker, you may need to complete this configuration directly via the `HTTP_PROXY`, `HTTPS_PROXY`, and `NO_PROXY` environment variables.
+    :::
 
     If there is an issue with the third component, the agent will attempt to establish the connection and your logs might look like: 
         

deploy-manage/monitor/autoops/cc-cloud-connect-autoops-troubleshooting.md

@@ -70,7 +70,8 @@ If you don’t have an existing {{ecloud}} account:
 :sync: existing
 
 If you already have an {{ecloud}} account:
-1. Log in to [{{ecloud}}](https://cloud.elastic.co?page=docs&placement=docs-body).
+1. Log in to [{{ecloud}}](https://cloud.elastic.co/login?redirectTo=%2Fconnect-cluster-services).
+    - The link provided should take you directly to the **Connect your self-managed cluster** page
 2. On your home page, in the **Connected clusters** section, select **Connect self-managed cluster**. 
 3. On the **Connect your self-managed cluster** page, in the **AutoOps** section, select **Connect**.
 4. Go through the installation wizard as detailed in the following sections.

deploy-manage/monitor/autoops/cc-connect-self-managed-to-autoops.md

@@ -91,7 +91,7 @@ By default, a snapshot of a cluster contains the cluster state, all regular data
 - [Legacy index templates](https://www.elastic.co/guide/en/elasticsearch/reference/8.18/indices-templates-v1.html)
 - [Ingest pipelines](/manage-data/ingest/transform-enrich/ingest-pipelines.md)
 - [ILM policies](/manage-data/lifecycle/index-lifecycle-management.md)
-- [Stored scripts](/explore-analyze/scripting/modules-scripting-using.md#script-stored-scripts)
+- [Stored scripts](/explore-analyze/scripting/modules-scripting-store-and-retrieve.md)
 - For snapshots taken after 7.12.0, [feature states](#feature-state)
 
 You can also take snapshots of only specific data streams or indices in the cluster. A snapshot that includes a data stream or index automatically includes its aliases. When you restore a snapshot, you can choose whether to restore these aliases.

deploy-manage/tools/snapshot-and-restore.md

@@ -36,7 +36,7 @@ To provide login instructions to users, use the `xpack.security.loginHelp` setti
 ::::
 
 
-If you don’t want a specific provider to show up at the Login Selector UI (e.g. to only support third-party initiated login) you can hide it with `showInSelector` setting set to `false`. However, in this case, the provider is presented in the provider chain and may be consulted during authentication based on its `order`. To disable the provider, use the `enabled` setting.
+If you don’t want a specific provider to show up at the Login Selector UI (for example, if you only want to support third-party initiated login) you can hide it with `showInSelector` setting set to `false`. Or, if you only want to show a provider for a specific origin(s), you can use the `origin` setting. However, in both cases the provider is still part of the provider chain and may be used during authentication based on its order. To fully disable a provider, use the `enabled` setting.
 
 ::::{tip}
 The Login Selector UI can also be disabled or enabled with `xpack.security.authc.selector.enabled` setting.

deploy-manage/users-roles/cluster-or-deployment-auth/kibana-authentication.md

@@ -184,7 +184,7 @@ Deactivating a watch also enables you to keep it around for future use without d
 
 You can use scripts and templates when defining a watch. Scripts and templates can reference elements in the watch execution context, including the watch payload. The execution context defines variables you can use in a script and parameter placeholders in a template.
 
-{{watcher}} uses the Elasticsearch script infrastructure, which supports [inline](#inline-templates-scripts) and [stored](#stored-templates-scripts). Scripts and templates are compiled and cached by Elasticsearch to optimize recurring execution. Autoloading is also supported. For more information, see [Scripting](../../scripting.md) and [*How to write scripts*](../../scripting/modules-scripting-using.md).
+{{watcher}} uses the Elasticsearch script infrastructure, which supports [inline](#inline-templates-scripts) and [stored](#stored-templates-scripts). Scripts and templates are compiled and cached by Elasticsearch to optimize recurring execution. Autoloading is also supported. For more information, see [Scripting](../../scripting.md) and [*How to write Painless scripts*](../../scripting/modules-scripting-using.md).
 
 
 ### Watch execution context [watch-execution-context]

explore-analyze/alerts-cases/watcher/how-watcher-works.md

@@ -27,7 +27,7 @@ Learn how to use **Discover** to:
 **Discover** provides tailored interfaces and features for the following data types when accessed from Observability or Security project types or {{kib}} solution views:
 
 * Observability:
-  * **[Logs exploration](/solutions/observability/logs/explore-logs.md)**
+  * **[Logs exploration](/solutions/observability/logs/discover-logs.md)**
   * **[Metrics exploration](/solutions/observability/infra-and-hosts/discover-metrics.md)** {applies_to}`stack: preview 9.2` {applies_to}`serverless: preview`
 % LINK/PAGE TBD  * **Traces exploration**
 % * Security: