From 7d1fcfd970cc0366c1f972fb7f571e7a0b250ac1 Mon Sep 17 00:00:00 2001 From: "nastasha.solomon" Date: Wed, 2 Apr 2025 14:04:04 -0400 Subject: [PATCH 1/3] Removed info that's no longer applicable --- docs/getting-started/advanced-setting.asciidoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/getting-started/advanced-setting.asciidoc b/docs/getting-started/advanced-setting.asciidoc index 05c000d946..013407ab5d 100644 --- a/docs/getting-started/advanced-setting.asciidoc +++ b/docs/getting-started/advanced-setting.asciidoc @@ -114,7 +114,7 @@ Including data from cold and frozen {ref}/data-tiers.html[data tiers] in <> on the alert or event details flyout. This setting is turned off by default. +The `securitySolution:enableVisualizationsInFlyout` setting allows you to access the event analyzer and Session View in the **Visualize** <> on the alert or event details flyout. [discrete] == Change the default search interval and data refresh time From 6d5ce226c47b9370f738fa981a0f5a22444fee8f Mon Sep 17 00:00:00 2001 From: "nastasha.solomon" Date: Wed, 2 Apr 2025 14:09:19 -0400 Subject: [PATCH 2/3] More changes --- docs/detections/alerts-view-details.asciidoc | 6 ------ docs/detections/visual-event-analyzer.asciidoc | 2 -- 2 files changed, 8 deletions(-) diff --git a/docs/detections/alerts-view-details.asciidoc b/docs/detections/alerts-view-details.asciidoc index 6ab2cad433..cf60cd1d62 100644 --- a/docs/detections/alerts-view-details.asciidoc +++ b/docs/detections/alerts-view-details.asciidoc @@ -134,12 +134,6 @@ Click **Visualizations** to display the following previews: preview::[] -.Requirements -[sidebar] --- -To use the **Visualize** tab, you must turn on the `securitySolution:enableVisualizationsInFlyout` <>. --- - The **Visualize** tab allows you to maintain the context of the Alerts table, while providing a more detailed view of alerts that you're investigating in the event analyzer or Session View. To open the tab, click **Session viewer preview** or **Analyzer preview** from the right panel. [role="screenshot"] diff --git a/docs/detections/visual-event-analyzer.asciidoc b/docs/detections/visual-event-analyzer.asciidoc index 22fff8304f..a21075af1e 100644 --- a/docs/detections/visual-event-analyzer.asciidoc +++ b/docs/detections/visual-event-analyzer.asciidoc @@ -30,8 +30,6 @@ Or ** `agent.type:"winlogbeat" and event.module: "sysmon" and process.entity_id : *` . Events that can be visually analyzed are denoted by a cubical **Analyze event** icon. Select this option to open the event in the visual analyzer. The event analyzer is accessible from the **Hosts**, **Alerts**, and **Timelines** pages, as well as the alert details flyout. -+ -TIP: Turn on the `securitySolution:enableVisualizationsInFlyout` <> to access the event analyzer from the **Visualize** tab in the alert or event details flyout. + [role="screenshot"] From 18ed2e4a43aba0a5fc457dc9cc56241e7f5b6b8f Mon Sep 17 00:00:00 2001 From: "nastasha.solomon" Date: Wed, 2 Apr 2025 14:41:24 -0400 Subject: [PATCH 3/3] Removes tech preview tag --- docs/detections/alerts-view-details.asciidoc | 2 -- docs/getting-started/advanced-setting.asciidoc | 2 -- 2 files changed, 4 deletions(-) diff --git a/docs/detections/alerts-view-details.asciidoc b/docs/detections/alerts-view-details.asciidoc index cf60cd1d62..dabc2bb727 100644 --- a/docs/detections/alerts-view-details.asciidoc +++ b/docs/detections/alerts-view-details.asciidoc @@ -132,8 +132,6 @@ Click **Visualizations** to display the following previews: [[expanded-visualizations-view]] === Expanded visualizations view -preview::[] - The **Visualize** tab allows you to maintain the context of the Alerts table, while providing a more detailed view of alerts that you're investigating in the event analyzer or Session View. To open the tab, click **Session viewer preview** or **Analyzer preview** from the right panel. [role="screenshot"] diff --git a/docs/getting-started/advanced-setting.asciidoc b/docs/getting-started/advanced-setting.asciidoc index 013407ab5d..6782d7b050 100644 --- a/docs/getting-started/advanced-setting.asciidoc +++ b/docs/getting-started/advanced-setting.asciidoc @@ -112,8 +112,6 @@ Including data from cold and frozen {ref}/data-tiers.html[data tiers] in <> on the alert or event details flyout. [discrete]