[Internal]: Document new advanced setting for max cases per rule run (Cases alert action)

[nastasha-solomon]

Summary

⚠️ Don't merge this doc PR until after elastic/kibana#264070 is merged ⚠️

Fixes #5737 by adding a section for the new maxOpenCasesPerRuleRun advanced setting. The section covers the following:

• What the setting controls (the maximum cases created per rule run)
• The default value (20) and allowed range (1–1000)
• Practical guidance for high-volume environments
• A note that Attack Discovery keeps its own case-creation limit and is unaffected

Corresponding Kibana PR: elastic/kibana#263876

Generative AI disclosure

1. Did you use a generative AI (GenAI) tool to assist in creating this contribution?

• Yes
• No

Cursor + Composer

[github-actions]

🔍 Preview links for changed docs

• solutions/security/get-started/configure-advanced-settings.md

[github-actions]

✅ Vale Linting Results

No issues found on modified lines!

---

The Vale linter checks documentation changes against the Elastic Docs style guide.

To use Vale locally or report issues, refer to Elastic style guide for Vale.

[janmonschke]

Docs lgtm!

[janmonschke]

@nastasha-solomon The serverless config PR has been merged

[nastasha-solomon]

Still promoting to prod non canary. Will check back EOD and merge this PR if this advanced setting is available in the UI.