Revert "Revert "Add updates to creating a detector UX (#5176)""

This reverts commit c384b10.
opensearch-project · Oct 13, 2023 · dc8b2cc · dc8b2cc
1 parent c384b10
commit dc8b2cc
Show file tree

Hide file tree

Showing 7 changed files with 77 additions and 91 deletions.
diff --git a/_security-analytics/index.md b/_security-analytics/index.md
@@ -61,7 +61,7 @@ To learn more about findings, see [Working with findings]({{site.url}}{{site.bas
 
 When defining a detector, you can specify certain conditions that will trigger an alert. When an event triggers an alert, the system sends a notification to a preferred channel, such as Amazon Chime, Slack, or email. The alert can be triggered when the detector matches one or multiple rules. Further conditions can be set by rule severity and tags. You can also create a notification message with a customized subject line and message body.
 
-For information about setting up alerts, see [Step 4. Set up alerts]({{site.url}}{{site.baseurl}}/security-analytics/sec-analytics-config/detectors-config/#step-4-set-up-alerts) in the detector creation documentation. For information about managing alerts in the Alerts window, see [Working with alerts]({{site.url}}{{site.baseurl}}/security-analytics/usage/alerts/).
+For information about setting up alerts, see [Creating detectors]({{site.url}}{{site.baseurl}}/security-analytics/sec-analytics-config/detectors-config/). For information about managing alerts in the Alerts window, see [Working with alerts]({{site.url}}{{site.baseurl}}/security-analytics/usage/alerts/).
 
 
 ### Correlation engine

diff --git a/_security-analytics/sec-analytics-config/detectors-config.md b/_security-analytics/sec-analytics-config/detectors-config.md
diff --git a/_security-analytics/usage/detectors.md b/_security-analytics/usage/detectors.md
@@ -53,3 +53,5 @@ Threat detector actions allow you to stop and start detectors or delete a detect
 1. Select **Delete** in the dropdown list. The Delete detector popup window opens and asks you to verify that you want to delete the detector or detectors.
 1. Select **Cancel** to decline the action. Select **Delete detector** to delete the detector or detectors permanently from the list.
 
+## Related articles
+[Creating detectors]({{site.url}}{{site.baseurl}}/security-analytics/sec-analytics-config/detectors-config/)
diff --git a/_security-analytics/usage/findings.md b/_security-analytics/usage/findings.md
@@ -52,7 +52,7 @@ Use the **Rule severity** dropdown list to filter the list of findings by severi
 The **Actions** column includes two options for each finding:
 * The diagonal arrow provides a way to open the [**Finding details**](#finding-details) pane, which describes the finding according to parameters defined when creating the detector and includes the document that generated the finding.
 * The bell icon allows you to open the **Create detector alert trigger** pane, where you can quickly set up an alert for the specific finding and modify rules and their conditions as required.
-For information about setting up alerts, see [Step 4. Set up alerts]({{site.url}}{{site.baseurl}}/security-analytics/sec-analytics-config/detectors-config/#step-4-set-up-alerts) in the detector creation documentation.
+For information about setting up alerts, see [Step 2. Set up alerts]({{site.url}}{{site.baseurl}}/security-analytics/sec-analytics-config/detectors-config/#step-2-set-up-alerts) in the detector creation documentation.
 
 ### Finding details
 
@@ -69,7 +69,7 @@ The **Finding details** pane contains specific information about the finding, in
 
     <img src="{{site.url}}{{site.baseurl}}/images/Security/findings2.png" alt="popup window prompting users to create an index pattern" width="60%">
 
-1. In the **Create index pattern to view documents** window, the index pattern name is automatically populated. Enter the appropriate time field from the log index used to determine the timing for log events. For information on mapping log fields to detector fields, see [Step 2. Create field mappings]({{site.url}}{{site.baseurl}}/security-analytics/sec-analytics-config/detectors-config/#step-2-create-field-mappings). Choose **Create index pattern**. The **Create index pattern to view documents** confirmation window opens.
+1. In the **Create index pattern to view documents** window, the index pattern name is automatically populated. Enter the appropriate time field from the log index used to determine the timing for log events. Choose **Create index pattern**. The **Create index pattern to view documents** confirmation window opens.
 1. Select **View surrounding documents** in the confirmation window. The **Discover** panel opens, as shown in the following image.
 
     <img src="{{site.url}}{{site.baseurl}}/images/Security/findings4.png" alt="Discover panel with surrounding documents" width="85%">

diff --git a/images/Security/automatic-mappings.png b/images/Security/automatic-mappings.png
diff --git a/images/Security/detector-rules.png b/images/Security/detector-rules.png
diff --git a/images/Security/pending-mappings.png b/images/Security/pending-mappings.png