[8.16] Replace placeholder URLs (backport #6990)

docs/AI-for-security/connect-to-byo.asciidoc

@@ -33,22 +33,22 @@ The following is an example Nginx configuration file:
 server {
     listen                          80;
     listen                          [::]:80;
-    server_name                     <yourdomainname.com>;
+    server_name                     <YOUR_DOMAIN_NAME>;
     server_tokens off;
     add_header x-xss-protection "1; mode=block" always;
     add_header x-frame-options "SAMEORIGIN" always;
     add_header X-Content-Type-Options "nosniff" always;
-    return 301                      https://$server_name$request_uri;
+    return 301                      <SERVER_NAME><REQUEST_URI>;
 }
 
 server {
 
     listen                          443 ssl http2;
     listen                          [::]:443 ssl http2;
-    server_name                     <yourdomainname.com>;
+    server_name                     <YOUR_DOMAIN_NAME>;
     server_tokens off;
-    ssl_certificate                 /etc/letsencrypt/live/<yourdomainname.com>/fullchain.pem;
-    ssl_certificate_key             /etc/letsencrypt/live/<yourdomainname.com>/privkey.pem;
+    ssl_certificate                 /etc/letsencrypt/live/<YOUR_DOMAIN_NAME>/fullchain.pem;
+    ssl_certificate_key             /etc/letsencrypt/live/<YOUR_DOMAIN_NAME>/privkey.pem;
     ssl_session_timeout 1d;
     ssl_session_cache shared:SSL:50m;
     ssl_session_tickets on;
@@ -62,15 +62,15 @@ server {
     add_header Referrer-Policy "strict-origin-when-cross-origin" always;
     ssl_stapling on;
     ssl_stapling_verify on;
-    ssl_trusted_certificate /etc/letsencrypt/live/<yourdomainname.com>/fullchain.pem;
+    ssl_trusted_certificate /etc/letsencrypt/live/<YOUR_DOMAIN_NAME>/fullchain.pem;
     resolver 1.1.1.1;
     location / {
 
     if ($http_authorization != "Bearer <secret token>") {
     return 401;
 }                            
 
-    proxy_pass http://localhost:1234/;
+    proxy_pass <LOCAL_HOST_URL>:1234/;
    }
 
 }
@@ -81,7 +81,7 @@ server {
 If using the example configuration file above, you must replace several values:
 
 * Replace `<secret token>` with your actual token, and keep it safe since you'll need it to set up the {elastic-sec} connector.
-* Replace `<yourdomainname.com>` with your actual domain name.
+* Replace `<YOUR_DOMAIN_NAME>` with your actual domain name.
 * Update the `proxy_pass` value at the bottom of the configuration if you decide to change the port number in LM Studio to something other than 1234.
 ====
 

docs/cloud-native-security/cspm-get-started-aws.asciidoc

@@ -250,7 +250,7 @@ You can use the AWS CLI to generate temporary credentials. For example, you coul
 
 [source,console]
 ----------------------------------
-sts get-session-token --serial-number arn:aws:iam::1234:mfa/your-email@example.com --duration-seconds 129600 --token-code 123456
+sts get-session-token --serial-number arn:aws:iam::1234:mfa/your-email<example-url> --duration-seconds 129600 --token-code 123456
 ----------------------------------
 
 The output from this command includes the following fields, which you should provide when configuring the CSPM integration:

docs/cloud-native-security/kspm-get-started.asciidoc

@@ -159,7 +159,7 @@ You can use the AWS CLI to generate temporary credentials. For example, you coul
 
 [source,console]
 ----------------------------------
-`sts get-session-token --serial-number arn:aws:iam::1234:mfa/your-email@example.com --duration-seconds 129600 --token-code 123456`
+`sts get-session-token --serial-number arn:aws:iam::1234:mfa/your-email@<example-url> --duration-seconds 129600 --token-code 123456`
 ----------------------------------
 
 The output from this command includes the following fields, which you should provide when configuring the KSPM integration:

docs/detections/prebuilt-rules/rule-details/multiple-vault-web-credentials-read.asciidoc

@@ -105,12 +105,12 @@ sequence by winlog.computer_name, winlog.process.pid with maxspan=1s
  [any where event.code : "5382" and
   (winlog.event_data.SchemaFriendlyName : "Windows Web Password Credential" and winlog.event_data.Resource : "http*") and
   not winlog.event_data.SubjectLogonId : "0x3e7" and
-  not winlog.event_data.Resource : "http://localhost/"]
+  not winlog.event_data.Resource : "<LOCAL_HOST_URL>"]
 
  [any where event.code : "5382" and
   (winlog.event_data.SchemaFriendlyName : "Windows Web Password Credential" and winlog.event_data.Resource : "http*") and
   not winlog.event_data.SubjectLogonId : "0x3e7" and
-  not winlog.event_data.Resource : "http://localhost/"]
+  not winlog.event_data.Resource : "<LOCAL_HOST_URL>"]
 
 ----------------------------------
 

docs/release-notes/8.16.asciidoc

@@ -737,7 +737,7 @@ NOTE: These instructions only apply to the Google Chrome browser. Modify the ste
 
 . Right-click anywhere on the **Alerts** page, then select *Inspect* to open Chrome's Developer Tools.
 . Go to *Application -> Storage*, then expand *Local Storage*. 
-. Click on the name of your Kibana instance, for example, http://localhost:1234. 
+. Click on the name of your Kibana instance, for example, <LOCAL_HOST_URL>:1234. 
 . Search for the `siem.<space_name>.pageFilters` key, right-click on the value, then click *Delete*. If you have multiple non-default spaces, do this for each space.
 . Refresh the **Alerts** page to reload it.
 

docs/release-notes/8.8.asciidoc

@@ -36,7 +36,7 @@ NOTE: These instructions only apply to the Google Chrome browser. Modify the ste
 
 . Right-click anywhere on the Alerts page, then select *Inspect* to open Chrome's Developer Tools.
 . Go to *Application -> Storage*, then expand *Local Storage*. 
-. Click on the name of your Kibana instance, for example, http://localhost:1234. 
+. Click on the name of your Kibana instance, for example, <LOCAL_HOST_URL>:1234. 
 . Search for the `detection-engine-alert-table-securitySolution-rule-details-gridView` key and copy its value. The value you copied is the JSON blob that's used to persist the Alerts table's state, including the table's selected columns.
 . Paste the JSON blob into a text file and edit it as follows: 
 .. Remove the `id:file.name` string from the `columns` array.  
@@ -259,7 +259,7 @@ NOTE: These instructions only apply to the Google Chrome browser. Modify the ste
 
 . Right-click anywhere on the Alerts page, then select *Inspect* to open Chrome's Developer Tools.
 . Go to *Application -> Storage*, then expand *Local Storage*. 
-. Click on the name of your Kibana instance, for example, http://localhost:1234. 
+. Click on the name of your Kibana instance, for example, <LOCAL_HOST_URL>:1234. 
 . Search for the `detection-engine-alert-table-securitySolution-rule-details-gridView` key and copy its value. The value you copied is the JSON blob that's used to persist the Alerts table's state, including the table's selected columns. 
 . Paste the JSON blob into a text file and edit it as follows: 
 .. Remove the `id:file.name` string from the `columns` array.  
@@ -413,7 +413,7 @@ NOTE: These instructions only apply to the Google Chrome browser. Modify the ste
 
 . Right-click anywhere on the Alerts page, then select *Inspect* to open Chrome's Developer Tools.
 . Go to *Application -> Storage*, then expand *Local Storage*. 
-. Click on the name of your Kibana instance, for example, http://localhost:1234. 
+. Click on the name of your Kibana instance, for example, <LOCAL_HOST_URL>:1234. 
 . Search for the `detection-engine-alert-table-securitySolution-rule-details-gridView` key and copy its value. The value you copied is the JSON blob that's used to persist the Alerts table's state, including the table's selected columns. 
 . Paste the JSON blob into a text file and edit it as follows: 
 .. Remove the `id:file.name` string from the `columns` array.  

docs/release-notes/8.9.asciidoc

@@ -48,7 +48,7 @@ NOTE: These instructions only apply to the Google Chrome browser. Modify the ste
 
 . Right-click anywhere on the Alerts page, then select *Inspect* to open Chrome's Developer Tools.
 . Go to *Application -> Storage*, then expand *Local Storage*. 
-. Click on the name of your Kibana instance, for example, http://localhost:1234. 
+. Click on the name of your Kibana instance, for example, <LOCAL_HOST_URL>:1234. 
 . Search for the `detection-engine-alert-table-securitySolution-rule-details-gridView` key and copy its value. The value you copied is the JSON blob that's used to persist the Alert table's state, including the table's selected columns. 
 . Paste the JSON blob into a text file and edit it as follows: 
 .. Remove the `id:file.name` string from the `columns` array.  
@@ -115,7 +115,7 @@ NOTE: These instructions only apply to the Google Chrome browser. Modify the ste
 
 . Right-click anywhere on the Alerts page, then select *Inspect* to open Chrome's Developer Tools.
 . Go to *Application -> Storage*, then expand *Local Storage*. 
-. Click on the name of your Kibana instance, for example, http://localhost:1234. 
+. Click on the name of your Kibana instance, for example, <LOCAL_HOST_URL>:1234. 
 . Search for the `detection-engine-alert-table-securitySolution-rule-details-gridView` key and copy its value. The value you copied is the JSON blob that's used to persist the Alert table's state, including the table's selected columns. 
 . Paste the JSON blob into a text file and edit it as follows: 
 .. Remove the `id:file.name` string from the `columns` array.