From d324da579255523a70a0a45d57b55c125de89866 Mon Sep 17 00:00:00 2001
From: Nastasha Solomon <nastasha.solomon@elastic.co>
Date: Thu, 17 Jul 2025 16:43:40 -0400
Subject: [PATCH 1/2] First draft

---
 .../detect-and-alert/suppress-detection-alerts.md         | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/solutions/security/detect-and-alert/suppress-detection-alerts.md b/solutions/security/detect-and-alert/suppress-detection-alerts.md
index 7303a19756..f5446168ca 100644
--- a/solutions/security/detect-and-alert/suppress-detection-alerts.md
+++ b/solutions/security/detect-and-alert/suppress-detection-alerts.md
@@ -147,3 +147,11 @@ Some rule types have a maximum number of alerts that can be suppressed (custom q
 
 * **Threshold, event correlation, {{esql}}, and {{ml}}:** The maximum number of alerts is the value you choose for the rule’s **Max alerts per run** [advanced setting](/solutions/security/detect-and-alert/create-detection-rule.md#rule-ui-advanced-params), which is `100` by default.
 * **Indicator match and new terms:** The maximum number is five times the value you choose for the rule’s **Max alerts per run** [advanced setting](/solutions/security/detect-and-alert/create-detection-rule.md#rule-ui-advanced-params). The default value is `100`, which means the default maximum limit for indicator match rules and new terms rules is `500`.
+
+## Bulk apply and remove alert suppression [security-alert-suppression-bulk-apply]
+
+```{applies_to}
+   stack: ga 9.1 
+```
+
+From the Rules table, use the **Bulk actions** menu to apply or remove alert suppression to multiple rules. The *Apply alert suppression** option can be used for all rules types except for the threshold rule type. To bulk-apply alert suppression to threshold rules, use the bulk menu option that's labeled for threshold rules only.
\ No newline at end of file

From 27a0fdb42b74531784a43b0ee0b968430c4dc3ee Mon Sep 17 00:00:00 2001
From: Nastasha Solomon <nastasha.solomon@elastic.co>
Date: Thu, 17 Jul 2025 16:52:07 -0400
Subject: [PATCH 2/2] Added missing char

---
 .../security/detect-and-alert/suppress-detection-alerts.md      | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/solutions/security/detect-and-alert/suppress-detection-alerts.md b/solutions/security/detect-and-alert/suppress-detection-alerts.md
index f5446168ca..5323bcd573 100644
--- a/solutions/security/detect-and-alert/suppress-detection-alerts.md
+++ b/solutions/security/detect-and-alert/suppress-detection-alerts.md
@@ -154,4 +154,4 @@ Some rule types have a maximum number of alerts that can be suppressed (custom q
    stack: ga 9.1 
 ```
 
-From the Rules table, use the **Bulk actions** menu to apply or remove alert suppression to multiple rules. The *Apply alert suppression** option can be used for all rules types except for the threshold rule type. To bulk-apply alert suppression to threshold rules, use the bulk menu option that's labeled for threshold rules only.
\ No newline at end of file
+From the Rules table, use the **Bulk actions** menu to apply or remove alert suppression to multiple rules. The **Apply alert suppression** option can be used for all rules types except for the threshold rule type. To bulk-apply alert suppression to threshold rules, use the bulk menu option that's labeled for threshold rules only.
\ No newline at end of file