elastic · kosabogi · Apr 8, 2025 · Apr 2, 2025 · Apr 2, 2025 · Apr 2, 2025
diff --git a/docs/reference/ml/anomaly-detection/ml-configuring-alerts.asciidoc b/docs/reference/ml/anomaly-detection/ml-configuring-alerts.asciidoc
@@ -156,7 +156,11 @@ rule's check interval.
 
 Alternatively, you can set the action frequency such that actions run for each
 alert. Choose how often the action runs (at each check interval, only when the
-alert status changes, or at a custom action interval). For {anomaly-detect}
+alert status changes, or at a custom action interval). 
+
+When you use an email action with an {anomaly-detect} rule, the alert includes only the top three anomalous records or influencers detected during the check interval. This behavior ensures that the alert remains concise by highlighting the most significant anomalies based on their scores.
+
+For {anomaly-detect}
 alert rules, you must also choose whether the action runs when the anomaly score
 matches the condition or when the alert recovers: