siem 7.6 updates (#57260)

2020-02-10 22:17:09 +02:00 · 2020-02-10 22:17:09 +02:00 · 6df3df0acd
commit 6df3df0acd
parent d2c482a819
2 changed files with 6 additions and 3 deletions
--- a/docs/management/advanced-options.asciidoc
+++ b/docs/management/advanced-options.asciidoc
@ -221,8 +221,10 @@ might increase the search time. This setting is off by default. Users must opt-i
 [horizontal]
 `siem:defaultAnomalyScore`:: The threshold above which Machine Learning job anomalies are displayed in the SIEM app.
 `siem:defaultIndex`:: A comma-delimited list of Elasticsearch indices from which the SIEM app collects events.
-`siem:enableNewsFeed`:: Enables the News feed
-`siem:newsFeedUrl`:: News feed content will be retrieved from this URL
+`siem:enableNewsFeed`:: Enables the security news feed on the SIEM *Overview* 
+page.
+`siem:newsFeedUrl`:: The URL from which the security news feed content is 
+retrieved.
 `siem:refreshIntervalDefaults`:: The default refresh interval for the SIEM time filter, in milliseconds.
 `siem:timeDefaults`:: The default period of time in the SIEM time filter.

--- a/docs/siem/index.asciidoc
+++ b/docs/siem/index.asciidoc
@ -33,7 +33,8 @@ https://www.elastic.co/products/beats/packetbeat[{packetbeat}]
 send security events and other data to Elasticsearch.

 The default index patterns for SIEM events are `auditbeat-*`, `winlogbeat-*`,
-`filebeat-*`, `endgame-*`, and `packetbeat-*``. You can change the default index patterns in
+`filebeat-*`, `packetbeat-*`, `endgame-*`, and `apm-*-transaction*`. You can 
+change the default index patterns in
 *Kibana > Management > Advanced Settings > siem:defaultIndex*.

 [float]