elastic · nastasha-solomon · Oct 16, 2024 · Sep 30, 2024 · Sep 30, 2024 · Sep 30, 2024
@@ -820,3 +820,21 @@ TIP: Avoid setting long time ranges with short rule intervals, or the rule previ
 
 * To close the preview, click the *Rule preview* button again.
 
+[discrete]
+[[view-rule-es-queries]]
+==== View your rule's {es} queries (optional)
+
+NOTE: This option is only offered for {esql} and event correlation rules.
+
+When previewing a rule, you can also learn about its {es} queries, which are submitted when the rule runs. This information can help you identify and troubleshoot potential rule issues. You can also use it to confirm that your rule is retrieving the expected data.   
+
+To learn more about your rule's {es} queries, preview its results and do the following:
+
+. Select the **Show {es} requests, ran during rule executions** option below the preview's date and time picker. The **Preview logged results** section displays under the histogram and alerts table. 
+. Click the **Preview logged results** section to expand it. Within the section, each rule execution is shown on an individual row. 
+. Expand each row to learn more about the {es} queries that the rule submits each time it executes. The following details are provided:
+** When the rule execution started, and how long it took to complete
+** A brief explanation of what the {es} queries do
+** The actual {es} queries that the rule submits to indices containing events that are used during the rule execution  
++
+TIP: Run the queries in {kibana-ref}/console-kibana.html[Console] to determine if your rule is retrieving the expected data. For example, to test your rule’s exceptions, run the rule’s {es} queries, which will also contain exceptions added to the rule. If your rule’s exceptions are working as intended, the query will not return events that should be ignored.
@@ -875,3 +875,25 @@ To interact with the rule preview:
 
 * To close the preview, click the **Rule preview** button again.
 
+<div id="view-rule-es-queries"></div>
+
+### View your rule's ((es)) queries (optional)
+
+<DocCallOut title="Note">
+This option is only offered for ((esql)) and event correlation rules.
+</DocCallOut>
+
+When previewing a rule, you can also learn about its ((es)) queries, which are submitted when the rule runs. This information can help you identify and troubleshoot potential rule issues. You can also use it to confirm that your rule is retrieving the expected data.   
+
+To learn more about your rule's ((es)) queries, preview its results and do the following:
+
+1. Select the **Show ((es)) requests, ran during rule executions** option below the preview's date and time picker. The **Preview logged results** section displays under the histogram and alerts table. 
+1. Click the **Preview logged results** section to expand it. Within the section, each rule execution is shown on an individual row.  
+1. Expand each row to learn more about the ((es)) queries that the rule submits each time it executes. The following details are provided:
+    * When it started, and how long it took to complete
+    * A brief explanation of what the ((es)) queries do
+    * The actual ((es)) queries that the rule submits to indices containing events that are used during the rule execution  
+
+        <DocCallOut title="Tip"> 
+        Run the queries in <DocLink slug="/serverless/devtools/run-api-requests-in-the-console">Console</DocLink> to determine if your rule is retrieving the expected data. For example, to test your rule’s exceptions, run the rule’s ((es)) queries, which will also contain exceptions added to the rule. If your rule’s exceptions are working as intended, the query will not return events that should be ignored.
+        </DocCallOut>