From 04dd28e7ae9deab216efbbd36b6af44021dbae2f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?R=C3=B4mulo=20Farias?= <romulo.farias@elastic.co>
Date: Fri, 31 Oct 2025 13:14:56 +0100
Subject: [PATCH 1/3] Add Incident 2194 Entity Store Broken Transform to known
 issues

---
 .../elastic-cloud-serverless/known-issues.md       | 14 ++++++++++++++
 release-notes/elastic-security/known-issues.md     | 14 ++++++++++++++
 2 files changed, 28 insertions(+)

diff --git a/release-notes/elastic-cloud-serverless/known-issues.md b/release-notes/elastic-cloud-serverless/known-issues.md
index fb8ccd7efc..9aa94e11ec 100644
--- a/release-notes/elastic-cloud-serverless/known-issues.md
+++ b/release-notes/elastic-cloud-serverless/known-issues.md
@@ -16,6 +16,20 @@ Known issues are significant defects or limitations that may impact your impleme
 
 ## Active
 
+:::{dropdown} Entity Store transform is unavailable 
+
+**Details**
+
+A new feature has been introduced to Entity Store that caused the transform to scan for non existent indices
+
+**Workaround** 
+1. Access entity store page (/app/security/entity_analytics_entity_store)
+2. Locate the Entity Store switch on the top right corner of the screen
+3. Switch the Entity Store it off
+4. Switch the Entity Store it on
+
+::::
+
 :::{dropdown} CSPM and Asset Management integrations don't ingest data when deployed using agent-based technology if {{kib}} is hosted on AWS
 Applies to: {{serverless-short}} deployments hosted on AWS
 
diff --git a/release-notes/elastic-security/known-issues.md b/release-notes/elastic-security/known-issues.md
index 1cc1a00265..e5486b5f99 100644
--- a/release-notes/elastic-security/known-issues.md
+++ b/release-notes/elastic-security/known-issues.md
@@ -16,6 +16,20 @@ Known issues are significant defects or limitations that may impact your impleme
 
 % :::
 
+:::{dropdown} Entity Store transform is unavailable 
+
+**Details**
+
+A new feature has been introduced to Entity Store on 9.2.0 that caused the transform to scan for non existent indices
+
+**Workaround** 
+1. Access entity store page (/app/security/entity_analytics_entity_store)
+2. Locate the Entity Store switch on the top right corner of the screen
+3. Switch the Entity Store it off
+4. Switch the Entity Store it on
+
+::::
+
 :::{dropdown} CSPM and Asset Management integrations don't ingest data when deployed using agent-based technology if {{kib}} is hosted on AWS
 Applies to: ECH 9.2.0 deployments hosted on AWS
 

From 3664ef491362d447144fcf1db07cbd5d20a4db8e Mon Sep 17 00:00:00 2001
From: natasha-moore-elastic <natasha.moore@elastic.co>
Date: Fri, 31 Oct 2025 12:49:56 +0000
Subject: [PATCH 2/3] tweaks

---
 .../elastic-cloud-serverless/known-issues.md      | 13 +++++++------
 release-notes/elastic-security/known-issues.md    | 15 +++++++++------
 2 files changed, 16 insertions(+), 12 deletions(-)

diff --git a/release-notes/elastic-cloud-serverless/known-issues.md b/release-notes/elastic-cloud-serverless/known-issues.md
index 9aa94e11ec..6e80a70020 100644
--- a/release-notes/elastic-cloud-serverless/known-issues.md
+++ b/release-notes/elastic-cloud-serverless/known-issues.md
@@ -16,17 +16,18 @@ Known issues are significant defects or limitations that may impact your impleme
 
 ## Active
 
-:::{dropdown} Entity Store transform is unavailable 
+:::{dropdown} Entity store transform is unavailable 
 
 **Details**
 
-A new feature has been introduced to Entity Store that caused the transform to scan for non existent indices
+A new feature has been introduced to entity store that caused the transform to scan for non-existent indices.
 
 **Workaround** 
-1. Access entity store page (/app/security/entity_analytics_entity_store)
-2. Locate the Entity Store switch on the top right corner of the screen
-3. Switch the Entity Store it off
-4. Switch the Entity Store it on
+
+Restart the entity store:
+1. Find **Entity Store** in the navigation menu or by using the [global search field](/explore-analyze/find-and-organize/find-apps-and-objects.md).
+2. On the **Entity Store** page, turn the toggle off.
+3. Turn the toggle back on.
 
 ::::
 
diff --git a/release-notes/elastic-security/known-issues.md b/release-notes/elastic-security/known-issues.md
index e5486b5f99..191ffc0eb9 100644
--- a/release-notes/elastic-security/known-issues.md
+++ b/release-notes/elastic-security/known-issues.md
@@ -16,17 +16,20 @@ Known issues are significant defects or limitations that may impact your impleme
 
 % :::
 
-:::{dropdown} Entity Store transform is unavailable 
+:::{dropdown} Entity store transform is unavailable 
+
+Applies to: 9.2.0
 
 **Details**
 
-A new feature has been introduced to Entity Store on 9.2.0 that caused the transform to scan for non existent indices
+A new feature was introduced to entity store in 9.2.0 that caused the transform to scan for non-existent indices.
 
 **Workaround** 
-1. Access entity store page (/app/security/entity_analytics_entity_store)
-2. Locate the Entity Store switch on the top right corner of the screen
-3. Switch the Entity Store it off
-4. Switch the Entity Store it on
+
+Restart the entity store:
+1. Find **Entity Store** in the navigation menu or by using the [global search field](/explore-analyze/find-and-organize/find-apps-and-objects.md).
+2. On the **Entity Store** page, turn the toggle off.
+3. Turn the toggle back on.
 
 ::::
 

From c21755ad6da642437cdf0cb8f2e8c019bf70b330 Mon Sep 17 00:00:00 2001
From: natasha-moore-elastic
 <137783811+natasha-moore-elastic@users.noreply.github.com>
Date: Fri, 31 Oct 2025 13:07:01 +0000
Subject: [PATCH 3/3] Apply suggestions from code review

Co-authored-by: Vlada Chirmicci <vlada.chirmicci@elastic.co>
---
 release-notes/elastic-cloud-serverless/known-issues.md | 2 +-
 release-notes/elastic-security/known-issues.md         | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/release-notes/elastic-cloud-serverless/known-issues.md b/release-notes/elastic-cloud-serverless/known-issues.md
index 6e80a70020..c2bc398b5f 100644
--- a/release-notes/elastic-cloud-serverless/known-issues.md
+++ b/release-notes/elastic-cloud-serverless/known-issues.md
@@ -20,7 +20,7 @@ Known issues are significant defects or limitations that may impact your impleme
 
 **Details**
 
-A new feature has been introduced to entity store that caused the transform to scan for non-existent indices.
+A new feature introduced to the entity store caused the transform to scan for nonexistent indices.
 
 **Workaround** 
 
diff --git a/release-notes/elastic-security/known-issues.md b/release-notes/elastic-security/known-issues.md
index 191ffc0eb9..89f822ee47 100644
--- a/release-notes/elastic-security/known-issues.md
+++ b/release-notes/elastic-security/known-issues.md
@@ -22,7 +22,7 @@ Applies to: 9.2.0
 
 **Details**
 
-A new feature was introduced to entity store in 9.2.0 that caused the transform to scan for non-existent indices.
+A new feature introduced to the entity store in 9.2.0 caused the transform to scan for nonexistent indices.
 
 **Workaround**