incorporates reviews

benironside · benironside · commit f4b08bff1813 · 2025-08-21T09:56:45.000-07:00
diff --git a/solutions/security/ai/ai-assistant-knowledge-base.md b/solutions/security/ai/ai-assistant-knowledge-base.md
@@ -124,7 +124,7 @@ Refer to the following video for an example of adding a document to Knowledge Ba
 To add an individual file to Knowledge Base, you first need to ingest it into an index and ensure that it includes a semantic text or text field. Supported file types include text, PDF, ODF, Word, Excel, PowerPoint, NDJSON, CSV, and TSV.
 
 1. Access the **Data Visualizer** interface to upload a file using the [global search field](/explore-analyze/find-and-organize/find-apps-and-objects.md) to find "File upload". 
-2. Review the list of currently supported file formats and sizes, then select the file you want to upload. Click **Import**.
+2. Review the list of currently supported file formats and sizes, then select the file you want to upload. A preview of your data appears. In the **Summary** section, click **Import**.
 3. Go to the **Advanced** tab.  In the **Index name** field , enter a name for the index that will contain the data in the uploaded file.
 4. (Optional) Review and update the mappings and ingest pipeline for your new index. 
 5. Click **Add additional field -> Add semantic text field**. 
@@ -148,7 +148,7 @@ Add an index as a knowledge source when you want information in that index to in
 ::::{important}
 Indices added to Knowledge Base must have at least one field mapped as [semantic text](elasticsearch://reference/elasticsearch/mapping-reference/semantic-text.md). 
 
-{applies_to}`stack: ga 9.1` {applies_to}`serverless: ga` You can use a text field instead of a semantic text field, though semantic text fields still offer better performance.
+{applies_to}`stack: ga 9.1` {applies_to}`serverless: ga` You can use a text field instead of a semantic text field. Semantic text fields offer better performance for large blobs of text and matching on semantic relevancy, while text fields perform better for retrieval based on specific document values or attributes, such as email or username. 
 ::::
 
 1. To open **Security AI settings**, use the [global search field](/explore-analyze/find-and-organize/find-apps-and-objects.md) to find "AI Assistant for Security." Select the **Knowledge Base** tab.
diff --git a/solutions/security/ai/usecase-knowledge-base-walkthrough.md b/solutions/security/ai/usecase-knowledge-base-walkthrough.md
@@ -25,7 +25,7 @@ AI Assistant is more useful for incident response when it can access information
 You can add messages from Slack channels to Knowledge Base using the Slack content connector. For instance, if you have a Slack channel that contains information about ongoing incidents, you could include that information in Knowledge Base to give AI Assistant more context about what your security team is dealing with. 
 
 1. Use the [global search field](/explore-analyze/find-and-organize/find-apps-and-objects.md) to find "Content connectors". Click **+ New Connector** to open the **Create a connector** interface.
-2. Follow the steps to [create a content connector](/solutions/security/get-started/content-connectors.md). This ingests your selected data into {{es}}. During setup, select `Slack`, and configure the connector to ingest your desired data.
+2. Follow the steps to [create a content connector](/solutions/security/get-started/content-connectors.md). During setup, select `Slack`, then follow the steps to [configure a Slack connector](elasticsearch://reference/search-connectors/es-connectors-slack.md). This ingests your selected data into {{es}}.
 3. Follow the instructions to [add an index to Knowledge Base](/solutions/security/ai/ai-assistant-knowledge-base.md#). Select the index you created while setting up your new connector.
 
 ### Add your on-call rotation to Knowledge Base
@@ -47,9 +47,13 @@ Whichever method you use to add the information to Knowledge Base, consider maki
 If you have threat hunting playbooks stored in a GitHub repository, you can add them to Knowledge Base using the GitHub content connector. This enables AI Assistant to tell your team about your organization's standard practices for responding to a wide range of potential threats. 
 
 1. Use the [global search field](/explore-analyze/find-and-organize/find-apps-and-objects.md) to find "Content connectors". Click **+ New Connector** to open the **Create a connector** interface.
-2. Follow the steps to [create a content connector](/solutions/security/get-started/content-connectors.md). This ingests your selected data into {{es}}. During setup, select `GitHub`, and configure the connector to ingest your desired data.
+2. Follow the steps to [create a content connector](/solutions/security/get-started/content-connectors.md). During setup, select `GitHub`, then follow the steps to [configure a GitHub connector](elasticsearch://reference/search-connectors/es-connectors-github.md). This ingests your selected data into {{es}}.
 3. Follow the instructions to [add an index to Knowledge Base](/solutions/security/ai/ai-assistant-knowledge-base.md#). Select the index you created while setting up your new connector.
 
+::::{note}
+The GitHub connector can only ingest issues, PRs and the following file types: `.markdown`, `.md`, `.rst`.
+::::
+
 ## Use Knowledge Base in conversations
 
 AI Assistant will use the information you've added to Knowledge Base to inform its responses to your prompts. With the information we've added in this guide, you can ask questions like:
