elastic · joepeeples · Aug 23, 2022 · Aug 23, 2022
diff --git a/docs/detections/api/rules/rules-api-export.asciidoc b/docs/detections/api/rules/rules-api-export.asciidoc
@@ -12,7 +12,7 @@ You cannot export prebuilt rules, but they are available at https://github.com/e
 =================
 Although detection rule actions are included in the exported file, the connectors used by the actions are not included. Use the {kibana-ref}/managing-saved-objects.html#managing-saved-objects-export-objects[Saved Objects] UI in Kibana (*Stack Management* -> *Kibana* -> *Saved Objects*) or the Saved Objects APIs (experimental) to {kibana-ref}/saved-objects-api-export.html[export] and {kibana-ref}/saved-objects-api-import.html[import] any necessary connectors _before_ you export and import the detection rules.
 
-Similarly, any value lists used for rule exceptions are not included in rule exports or imports. Use the <<edit-value-lists, Upload value lists>> UI (*Manage* -> *Rules* -> *Upload value lists*) to export and import value lists separately.
+Similarly, any value lists used for rule exceptions are not included in rule exports or imports. Use the <<edit-value-lists, Import value lists>> UI (*Manage* -> *Rules* -> *Import value lists*) to export and import value lists separately.
 =================
 
 ==== Request URL

diff --git a/docs/detections/api/rules/rules-api-import.asciidoc b/docs/detections/api/rules/rules-api-import.asciidoc
@@ -14,7 +14,7 @@ NOTE: You need at least `Read` privileges for the `Action and Connectors` featur
 =================
 Although detection rule actions are included in the exported file, the connectors used by the actions are not included. Use the {kibana-ref}/managing-saved-objects.html#managing-saved-objects-export-objects[Saved Objects] UI in Kibana (*Stack Management* -> *Kibana* -> *Saved Objects*) or the Saved Objects APIs (experimental) to {kibana-ref}/saved-objects-api-export.html[export] and {kibana-ref}/saved-objects-api-import.html[import] any necessary connectors _before_ you export and import the detection rules.
 
-Similarly, any value lists used for rule exceptions are not included in rule exports or imports. Use the <<edit-value-lists, Upload value lists>> UI (*Manage* -> *Rules* -> *Upload value lists*) to export and import value lists separately.
+Similarly, any value lists used for rule exceptions are not included in rule exports or imports. Use the <<edit-value-lists, Import value lists>> UI (*Manage* -> *Rules* -> *Import value lists*) to export and import value lists separately.
 =================
 
 ==== Request URL

diff --git a/docs/detections/detections-ui-exceptions.asciidoc b/docs/detections/detections-ui-exceptions.asciidoc
@@ -24,6 +24,8 @@ operators to define exceptions.
 IMPORTANT: Operators `is in list` and `is not in list` are not available for
 threshold and event correlation rules.
 
+TIP: You can also use value lists as the <<indicator-value-lists,indicator match index>> when creating an indicator match rule.
+
 [float]
 [[manage-value-lists]]
 == Create value lists
@@ -42,17 +44,17 @@ act as value delimiters.
 =========================
 
 . Go to *Manage* -> *Rules*.
-. Click *Upload value lists*. The *Upload value lists* window opens.
+. Click *Import value lists*. The *Import value lists* window opens.
 +
 [role="screenshot"]
-image::images/upload-lists-ui.png[]
+image::images/upload-lists-ui.png[Import value lists flyout,75%]
 
 . Select the list type (*Keywords*, *IP addresses*, *IP ranges*, or *Text*) from the *Type of value list* drop-down.
 . Drag or select the `csv` or `txt` file that contains the values.
-. Click *Upload list*.
+. Click *Import list*.
 
-NOTE: When the name of the file you are uploading already exists, the values in
-the new file are appended to the previously uploaded values.
+NOTE: When the name of the file you are importing already exists, the values in
+the new file are appended to the previously imported values.
 
 [[edit-value-lists]]
 [discrete]
@@ -61,13 +63,11 @@ the new file are appended to the previously uploaded values.
 To view, delete, or export existing value lists:
 
 . Go to *Manage* -> *Rules*.
-. Click *Upload value lists*. The *Upload value lists* window opens.
+. Click *Import value lists*. The *Import value lists* window opens.
 . In the *Value lists* table, click the required action button.
-
++
 [role="screenshot"]
-image::images/manage-value-list.png[]
-
-TIP: You can also use a value list as the indicator match index when creating an indicator match rule. Refer to <<indicator-value-lists>> for more information.
+image::images/manage-value-list.png[Import value list flyout with action buttons highlighted,75%]
 
 [float]
 [[detection-rule-exceptions]]

diff --git a/docs/detections/images/all-rules.png b/docs/detections/images/all-rules.png
diff --git a/docs/detections/images/manage-value-list.png b/docs/detections/images/manage-value-list.png
diff --git a/docs/detections/images/monitor-table.png b/docs/detections/images/monitor-table.png
diff --git a/docs/detections/images/upload-lists-ui.png b/docs/detections/images/upload-lists-ui.png
diff --git a/docs/detections/rules-ui-create.asciidoc b/docs/detections/rules-ui-create.asciidoc
@@ -558,7 +558,7 @@ You uploaded a value list of known ransomware domains, and you want to be notifi
 * *Field*: Enter the field from the Elastic Security event indices to be used for comparing values.
 * *Indicator index field*: Enter the type of value list you created (i.e., `keyword`, `text`, or `IP`).
 +
-TIP: If you don't remember this information, go to *Manage* -> *Rules* -> *Upload value lists*. Locate the appropriate value list and note the field in the corresponding `Type` column. (Examples include keyword, text, and IP.)
+TIP: If you don't remember this information, go to *Manage* -> *Rules* -> *Import value lists*. Locate the appropriate value list and note the field in the corresponding `Type` column. (Examples include keyword, text, and IP.)
 
 [role="screenshot"]
 image::images/indicator_value_list.png[]
diff --git a/docs/detections/rules-ui-manage.asciidoc b/docs/detections/rules-ui-manage.asciidoc
@@ -140,7 +140,7 @@ The following configuration items are also included in the `.ndjson` file:
 =================
 Although detection rule actions are included in the exported file, the connectors used by the actions are not included. Use the {kibana-ref}/managing-saved-objects.html#managing-saved-objects-export-objects[Saved Objects] UI in Kibana (*Stack Management* -> *Kibana* -> *Saved Objects*) to export and import any necessary connectors _before_ you export and import the detection rules.
 
-Similarly, any value lists used for rule exceptions are not included in rule exports or imports. Use the <<edit-value-lists, Upload value lists>> UI (*Detect* -> *Rules* -> *Upload value lists*) to export and import value lists separately.
+Similarly, any value lists used for rule exceptions are not included in rule exports or imports. Use the <<edit-value-lists, Import value lists>> UI (*Detect* -> *Rules* -> *Import value lists*) to export and import value lists separately.
 =================
 
 To export and import detection rules: