diff --git a/reference/fleet/alert-templates.md b/reference/fleet/alert-templates.md
index 3a9c6c7cf1..fd9896e30e 100644
--- a/reference/fleet/alert-templates.md
+++ b/reference/fleet/alert-templates.md
@@ -1,6 +1,4 @@
---
-mapped_pages:
- - https://www.elastic.co/guide/en/fleet/current/data-streams.html
applies_to:
stack: ga 9.2
serverless: ga
@@ -17,23 +15,34 @@ navigation_title: Built-in alerts and templates
When you install or upgrade {{agent}}, new alert rules are created automatically. You can configure and customize out-of-the-box alerts to get them up and running quickly.
::::{note}
-The built-in alerts feature for {{agent}} is available only for some subscription levels. The license (or a trial license) must be in place before you install or upgrade {{agent}} before this feature is available.
+The built-in alerts feature for {{agent}} is available only for some subscription levels. The license (or a trial license) must be in place _before_ you install or upgrade {{agent}} for the alert rules to be available.
-Refer [Elastic subscriptions](https://www.elastic.co/subscriptions) for more information.
+Refer to [Elastic subscriptions](https://www.elastic.co/subscriptions) for more information.
::::
In {{kib}}, you can enable out-of-the-box rules pre-configured with reasonable defaults to provide immediate value for managing agents.
-You can use [ES|QL](/explore-analyze/discover/try-esql.md) to author conditions for each rule.
-
-Connectors are not added to rules automatically, but you can attach a connector to route alerts to your platform of choice -- Slack or email, for example.
-In addition, you can add filters for policies, tags, or hostnames to scope alerts to specific sets of agents
+You can use [{{esql}}](/explore-analyze/discover/try-esql.md) to author conditions for each rule.
You can find these rules in **Stack Management** > **Alerts and Insights** > **Rules**.
+### Available rules [available-alert-rules]
+
+| Alert | Description |
+| -------- | -------- |
+| [Elastic Agent] CPU usage spike| Checks if {{agent}} or any of its processes were pegged at a high CPU for a specified window of time. This could signal a bug in an application and warrant further investigation.
- Condition: `system.process.cpu.total.time.ms` > 80% for 5 minutes
- Default: Enabled |
+| [Elastic Agent] Dropped events | Checks if percentage of events dropped to acked events from the pipeline are greater than or equal to 5%. Rows are distinct by agent id and component id. |
+| [Elastic Agent] Excessive memory usage| Checks if {{agent}} or any of its processes have a high memory usage or memory usage that is trending higher. This could signal a memory leak in an application and warrant further investigation.
- Condition: Alert on `system.process.memory.rss.pct` > 80%
- Default: Enabled (perhaps the threshold should be higher if this is on by default) |
+| [Elastic Agent] Excessive restarts| Checks if excessive restarts on a host which require further investigation. Some of these restarts could have a business impact and getting an alert for them would allow us to act quickly to mitigate.
- Condition: Alert on (not sure) > 10 times in a 5 minute window
- Default: Enabled |
+| [Elastic Agent] High pipeline queue | Checks if max of `beat.stats.libbeat.pipeline.queue.filled.pct` exceeds 90%. Rows are distinct by agent id and component id. |
+| [Elastic Agent] Output errors | Checks if the errors per minute from an agent component is greater than 5. Rows are distinct by agent id and component id. |
+| [Elastic Agent] Unhealthy status | Checks for log occurrence of an agent status change to `error` using the new elastic_agent.status_change datastreams. |
+
+**Connectors** are not added to rules automatically, but you can attach a connector to route alerts to your Slack, email, or other notification platforms.
+In addition, you can add filters for policies, tags, or hostnames to scope alerts to specific sets of agents.
-## Alert templates assets for integrations [alert-templates]
+## Alert template assets for integrations [alert-templates]
-Some integration packages include alerting rule template assets that provide pre-made definitions of alerting rules. You can use the templates to create your own custom alerting rules that you can enable and fine tune.
+Some integration packages include alerting rule template assets that provide pre-made definitions of alerting rules. You can use the templates to create your own custom alerting rules that you can enable and fine-tune.
When you click a template, you get a pre-filled rule creation form. You can define and adjust values, set up connectors, and define rule actions to create your custom alerting rule.
diff --git a/reference/fleet/manage-integrations.md b/reference/fleet/manage-integrations.md
index bbd930c4bb..a5e0b08ccc 100644
--- a/reference/fleet/manage-integrations.md
+++ b/reference/fleet/manage-integrations.md
@@ -46,4 +46,4 @@ You can perform a variety of actions in the **Integrations** app in {{kib}}. Som
## Customize integrations [customize-integrations]
-After you've started using integrations to ingest data, you can customize how the data is managed over time. Refer to [Index lifecycle management](/reference/fleet/data-streams.md#data-streams-ilm) to learn more.
+After you've started using integrations to ingest data, you can customize how the data is managed over time. Refer to [{{ilm-cap}}](/reference/fleet/data-streams.md#data-streams-ilm) to learn more.