[Docs][Alerting] Changed overall alerting documentation structure (#95004)

* [Docs][Alerting] Changed overall alerting documentation structure

* fixed image link

* moved alerting and connectors under the graph in the menu list

* moved management docs to alerting and connectors

* fixed image link

* fixed connector menu position

* fixed mappings

* fixed mappings

* fixed links

* fixed levels

* move manage connectors before action types

* adjust connectors management

* adjust connectors management

* split domain specific and stack rules

* fixed rule types links

* added connectors ui images

* fixed image links

* fixed image links

* fixed image links

* test

* fixed image links

* fixed broken links

* fixed broken links

* fixed email links

* fixed email links

* fixed email links

* fixed links

* added images to connectors docs

* Update docs/user/alerting/rule-management.asciidoc

Co-authored-by: gchaps <33642766+gchaps@users.noreply.github.com>

* Update docs/user/alerting/stack-rules.asciidoc

Co-authored-by: gchaps <33642766+gchaps@users.noreply.github.com>

* fixed due to comments

* fixed due to comments

* fixed create connector

* moved connectors to stack management section

* removed bazel files

* fixed managing-alerts-and-actions links

* Revert "fixed managing-alerts-and-actions links"

This reverts commit 0ed228b090.

* fixed code owners

Co-authored-by: gchaps <33642766+gchaps@users.noreply.github.com>
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>

.github/CODEOWNERS

@@ -272,7 +272,7 @@
 /x-pack/test/functional_with_es_ssl/apps/triggers_actions_ui/ @elastic/kibana-alerting-services
 /x-pack/test/functional_with_es_ssl/fixtures/plugins/alerts/ @elastic/kibana-alerting-services
 /docs/user/alerting/ @elastic/kibana-alerting-services
-/docs/management/alerting/ @elastic/kibana-alerting-services
+/docs/management/connectors/ @elastic/kibana-alerting-services
 #CC# /x-pack/plugins/stack_alerts @elastic/kibana-alerting-services
 
 # Enterprise Search

docs/management/action-types.asciidoc

@@ -0,0 +1,117 @@
+[role="xpack"]
+[[action-types]]
+== Connectors
+
+Connectors provide a central place to store connection information for services and integrations with third party systems. Actions are instantiations of a connector that are linked to rules and run as background tasks on the {kib} server when rule conditions are met. {kib} provides the following types of connectors:
+
+[cols="2"]
+|===
+
+a| <<email-action-type, Email>>
+
+| Send email from your server.
+
+a| <<resilient-action-type, IBM Resilient>>
+
+| Create an incident in IBM Resilient.
+
+a| <<index-action-type, Index>>
+
+| Index data into Elasticsearch.
+
+a| <<jira-action-type, Jira>>
+
+| Create an incident in Jira.
+
+a| <<teams-action-type, Microsoft Teams>>
+
+| Send a message to a Microsoft Teams channel.
+
+a| <<pagerduty-action-type, PagerDuty>>
+
+| Send an event in PagerDuty.
+
+a| <<server-log-action-type, ServerLog>>
+
+| Add a message to a Kibana log.
+
+a| <<servicenow-action-type, ServiceNow>>
+
+| Create an incident in ServiceNow.
+
+a| <<slack-action-type, Slack>>
+
+| Send a message to a Slack channel or user.
+
+a| <<webhook-action-type, Webhook>>
+
+| Send a request to a web service.
+|===
+
+[NOTE]
+==============================================
+Some connector types are paid commercial features, while others are free.
+For a comparison of the Elastic subscription levels,
+see https://www.elastic.co/subscriptions[the subscription page].
+==============================================
+
+[float]
+[[connector-management]]
+=== Managing Connectors
+
+Rules use *Connectors* to route actions to different destinations like log files, ticketing systems, and messaging tools. While each {kib} app can offer their own types of rules, they typically share connectors. The *Connectors* tab offers a central place to view and manage all the connectors in the current space.
+
+For more information on connectors and the types of actions available see <<action-types>>.
+
+[role="screenshot"]
+image::images/connector-listing.png[Example connector listing in the Rules and Connectors UI]
+
+[float]
+=== Required permissions
+
+Access to connectors is granted based on your privileges to alerting-enabled features. See <<alerting-security, Alerting Security>> for more information.
+
+[float]
+[[connectors-list]]
+=== Connector list
+
+The *Connectors* tab lists all connectors in the current space. The *search bar* can be used to find specific connectors by name and/or type.
+
+[role="screenshot"]
+image::images/connector-filter-by-search.png[Filtering the connector list using the search bar]
+
+
+The *type* dropdown also lets you filter to a subset of connector types.
+
+[role="screenshot"]
+image::images/connector-filter-by-type.png[Filtering the connector list by types of connectors]
+
+You can delete individual connectors using the trash icon. Connectors can also be deleted in bulk by multi-selecting them and clicking the *Delete* button to the left of the search box. 
+
+[role="screenshot"]
+image::images/connector-delete.png[Deleting connectors individually or in bulk]
+
+[NOTE]
+============================================================================
+You can delete a connector even if there are still actions referencing it.
+When this happens the action will fail to execute, and appear as errors in the {kib} logs.
+============================================================================
+
+[float]
+[[creating-new-connector]]
+=== Creating a new connector
+
+New connectors can be created by clicking the *Create connector* button, which will guide you to select the type of connector and configure its properties. Refer to <<action-types>> for the types of connectors available and how to configure them. Once you create a connector it will be made available to you anytime you set up an action in the current space.
+
+[role="screenshot"]
+image::images/connector-select-type.png[Connector select type]
+
+[float]
+[[create-connectors]]
+=== Preconfigured connectors
+
+For out-of-the-box and standardized connectors, you can <<preconfigured-connector-example, preconfigure connectors>>
+before {kib} starts.
+
+
+include::connectors/index.asciidoc[]

docs/management/alerting/connector-management.asciidoc

@@ -1,40 +0,0 @@
-[role="xpack"]
-[[connector-management]]
-=== Managing Connectors
-
-Rules use *Connectors* to route actions to different destinations like log files, ticketing systems, and messaging tools. While each {kib} app can offer their own types of rules, they typically share connectors. The *Connectors* tab offers a central place to view and manage all the connectors in the current space.
-
-For more information on connectors and the types of actions available see <<action-types>>.
-
-[role="screenshot"]
-image::images/connector-listing.png[Example connector listing in the Rules and Connectors UI]
-
-
-[float]
-==== Connector list
-
-The *Connectors* tab lists all connectors in the current space. The *search bar* can be used to find specific connectors by name and/or type.
-
-[role="screenshot"]
-image::images/connector-filter-by-search.png[Filtering the connector list using the search bar]
-
-
-The *type* dropdown also lets you filter to a subset of connector types.
-
-[role="screenshot"]
-image::images/connector-filter-by-type.png[Filtering the connector list by types of connectors]
-
-You can delete individual connectors using the trash icon. Connectors can also be deleted in bulk by multi-selecting them and clicking the *Delete* button to the left of the search box. 
-
-[role="screenshot"]
-image::images/connector-delete.png[Deleting connectors individually or in bulk]
-
-[NOTE]
-============================================================================
-You can delete a connector even if there are still actions referencing it.
-When this happens the action will fail to execute, and appear as errors in the {kib} logs.
-============================================================================
-
-==== Creating a new connector
-
-New connectors can be created by clicking the *Create connector* button, which will guide you to select the type of connector and configure its properties. Refer to <<action-types>> for the types of connectors available and how to configure them. Once you create a connector it will be made available to you anytime you set up an action in the current space.

docs/management/alerting/rules-and-connectors-intro.asciidoc

@@ -1,29 +0,0 @@
-[role="xpack"]
-[[managing-alerts-and-actions]]
-== Rules and Connectors
-
-
-The *Rules and Connectors* UI lets you <<alert-management, see and control all the rules>> in a space, and provides tools to <<connector-management, create and manage connectors>> so that rules can trigger actions like notification, indexing, and ticketing.
-
-To manage rules and connectors, open the main menu, then click *Stack Management > Alerts and Insights > Rules and Connectors*.
-
-[role="screenshot"]
-image:management/alerting/images/rules-and-connectors-ui.png[Example rule listing in the Rules and Connectors UI]
-
-[NOTE]
-============================================================================
-Similar to dashboards, rules and connectors reside in a <<xpack-spaces, space>>.
-The *Rules and Connectors* UI only shows rules and connectors for the current space.
-============================================================================
-
-[NOTE]
-============================================================================
-{es} also offers alerting capabilities through Watcher, which
-can be managed through the <<watcher-ui, Watcher UI>>. See
-<<alerting-concepts-differences>> for more information.
-============================================================================
-
-[float]
-=== Required permissions
-
-Access to rules and connectors is granted based on your privileges to alerting-enabled features. See <<alerting-security, Alerting Security>> for more information.

docs/management/connectors/action-types/email.asciidoc

@@ -25,7 +25,7 @@ Username::  Username for login type authentication.
 Password::  Password for login type authentication.
 
 [float]
-[[Preconfigured-email-configuration]]
+[[preconfigured-email-configuration]]
 ==== Preconfigured connector type
 
 [source,text]
@@ -57,6 +57,19 @@ Secrets defines sensitive information for the connector type.
 `user`:: A string that corresponds to *Username*. Required if `hasAuth` is set to `true`.
 `password`:: A string that corresponds to *Password*. Should be stored in the <<creating-keystore, {kib} keystore>>. Required if `hasAuth` is set to `true`.
 
+[float]
+[[define-email-ui]]
+==== Define connector in Stack Management
+
+Define email connector properties.
+
+[role="screenshot"]
+image::management/connectors/images/email-connector.png[Email connector]
+
+Test email action parameters.
+
+[role="screenshot"]
+image::management/connectors/images/email-params-test.png[Email params test]
 
 [float]
 [[email-action-configuration]]
@@ -68,6 +81,7 @@ To, CC, BCC::    Each item is a list of addresses. Addresses can be specified in
 Subject::       The subject line of the email.
 Message::       The message text of the email. Markdown format is supported.
 
+[float]
 [[configuring-email]]
 ==== Configuring email accounts for well-known services
 
@@ -84,7 +98,7 @@ For other email servers, you can check the list of well-known services that Node
 
 [float]
 [[gmail]]
-===== Sending email from Gmail
+==== Sending email from Gmail
 
 Use the following email connector configuration to send email from the
 https://mail.google.com[Gmail] SMTP service:
@@ -112,7 +126,7 @@ for more information.
 
 [float]
 [[outlook]]
-===== Sending email from Outlook.com
+==== Sending email from Outlook.com
 
 Use the following email connector configuration to send email from the
 https://www.outlook.com/[Outlook.com] SMTP service:
@@ -137,7 +151,7 @@ NOTE:   You must use a unique App Password if two-step verification is enabled.
 
 [float]
 [[amazon-ses]]
-===== Sending email from Amazon SES (Simple Email Service)
+==== Sending email from Amazon SES (Simple Email Service)
 
 Use the following email connector configuration to send email from the
 http://aws.amazon.com/ses[Amazon Simple Email Service] (SES) SMTP service:
@@ -164,7 +178,7 @@ NOTE:   You must use your Amazon SES SMTP credentials to send email through
 
 [float]
 [[exchange]]
-===== Sending email from Microsoft Exchange
+==== Sending email from Microsoft Exchange
 
 Use the following email connector configuration to send email from Microsoft
 Exchange:

docs/management/connectors/action-types/index.asciidoc

@@ -39,6 +39,20 @@ Config defines information for the connector type.
 `refresh`:: A boolean that corresponds to *Refresh*. Defaults to `false`.
 `executionTimeField`:: A string that corresponds to *Execution time field*.
 
+[float]
+[[define-index-ui]]
+==== Define connector in Stack Management
+
+Define Index connector properties.
+
+[role="screenshot"]
+image::management/connectors/images/index-connector.png[Index connector]
+
+Test Index action parameters.
+
+[role="screenshot"]
+image::management/connectors/images/index-params-test.png[Index params test]
+
 [float]
 [[index-action-configuration]]
 ==== Action configuration

docs/management/connectors/action-types/jira.asciidoc

@@ -46,6 +46,20 @@ Secrets defines sensitive information for the connector type.
 `email`:: A string that corresponds to *Email*.
 `apiToken`:: A string that corresponds to *API Token*. Should be stored in the <<creating-keystore, {kib} keystore>>.
 
+[float]
+[[define-jira-ui]]
+==== Define connector in Stack Management
+
+Define Jira connector properties.
+
+[role="screenshot"]
+image::management/connectors/images/jira-connector.png[Jira connector]
+
+Test Jira action parameters.
+
+[role="screenshot"]
+image::management/connectors/images/jira-params-test.png[Jira params test]
+
 [float]
 [[jira-action-configuration]]
 ==== Action configuration
@@ -60,6 +74,7 @@ Description:: The details about the incident.
 Parent:: The ID or key of the parent issue. Only for `Subtask` issue types.
 Additional comments:: Additional information for the client, such as how to troubleshoot the issue.
 
+[float]
 [[configuring-jira]]
 ==== Configure Jira
 

docs/management/connectors/action-types/pagerduty.asciidoc

@@ -40,6 +40,20 @@ Secrets defines sensitive information for the connector type.
 
 `routingKey`:: A string that corresponds to *Integration Key*.
 
+[float]
+[[define-pagerduty-ui]]
+==== Define connector in Stack Management
+
+Define PagerDuty connector properties.
+
+[role="screenshot"]
+image::management/connectors/images/pagerduty-connector.png[PagerDuty connector]
+
+Test PagerDuty action parameters.
+
+[role="screenshot"]
+image::management/connectors/images/pagerduty-params-test.png[PagerDuty params test]
+
 [float]
 [[pagerduty-action-configuration]]
 ==== Action configuration
@@ -70,14 +84,14 @@ By integrating PagerDuty with rules, you can:
 
 [float]
 [[pagerduty-support]]
-===== Support
+==== Support
 If you need help with this integration, get in touch with the {kib} team by visiting
 https://support.elastic.co[support.elastic.co] or by using the *Ask Elastic* option in the {kib} Help menu.
 You can also select the {kib} category at https://discuss.elastic.co/[discuss.elastic.co].
 
 [float]
 [[pagerduty-integration-walkthrough]]
-===== Integration with PagerDuty walkthrough
+==== Integration with PagerDuty walkthrough
 
 [[pagerduty-in-pagerduty]]
 *In PagerDuty*
@@ -101,7 +115,7 @@ and select *Elastic Alerts* from the *Integration Type* menu.
 You will be redirected to the *Integrations* tab for your service. An Integration Key is generated on this screen.
 +
 [role="screenshot"]
-image::user/alerting/images/pagerduty-integration.png[PagerDuty Integrations tab]
+image::images/pagerduty-integration.png[PagerDuty Integrations tab]
 
 . Save this key, as you will use it when you configure the integration with Elastic in the next section.
 

docs/management/connectors/action-types/resilient.asciidoc

@@ -46,6 +46,20 @@ Secrets defines sensitive information for the connector type.
 `apiKeyId`:: A string that corresponds to *API key ID*.
 `apiKeySecret`:: A string that corresponds to *API Key secret*. Should be stored in the <<creating-keystore, {kib} keystore>>.
 
+[float]
+[[define-resilient-ui]]
+==== Define connector in Stack Management
+
+Define IBM Resilient connector properties.
+
+[role="screenshot"]
+image::management/connectors/images/resilient-connector.png[IBM Resilient connector]
+
+Test IBM Resilient action parameters.
+
+[role="screenshot"]
+image::management/connectors/images/resilient-params-test.png[IBM Resilient params test]
+
 [float]
 [[resilient-action-configuration]]
 ==== Action configuration
@@ -58,6 +72,7 @@ Name:: A name for the issue, used for searching the contents of the knowledge ba
 Description:: The details about the incident.
 Additional comments:: Additional information for the client, such as how to troubleshoot the issue.
 
+[float]
 [[configuring-resilient]]
 ==== Configure IBM Resilient
 

docs/management/connectors/action-types/server-log.asciidoc

@@ -26,6 +26,20 @@ Name::      The name of the connector. The name is used to identify a  connector
    actionTypeId: .server-log
 --
 
+[float]
+[[define-serverlog-ui]]
+==== Define connector in Stack Management
+
+Define Server log connector properties.
+
+[role="screenshot"]
+image::management/connectors/images/serverlog-connector.png[Server log connector]
+
+Test Server log action parameters.
+
+[role="screenshot"]
+image::management/connectors/images/serverlog-params-test.png[Server log params test]
+
 [float]
 [[server-log-action-configuration]]
 ==== Action configuration

docs/management/connectors/action-types/servicenow.asciidoc

@@ -43,6 +43,20 @@ Secrets defines sensitive information for the connector type.
 `username`:: A string that corresponds to *Username*.
 `password`::  A string that corresponds to *Password*. Should be stored in the <<creating-keystore, {kib} keystore>>.
 
+[float]
+[[define-servicenow-ui]]
+==== Define connector in Stack Management
+
+Define ServiceNow connector properties.
+
+[role="screenshot"]
+image::management/connectors/images/servicenow-connector.png[ServiceNow connector]
+
+Test ServiceNow action parameters.
+
+[role="screenshot"]
+image::management/connectors/images/servicenow-params-test.png[ServiceNow params test]
+
 [float]
 [[servicenow-action-configuration]]
 ==== Action configuration
@@ -56,6 +70,7 @@ Short description::    A short description for the incident, used for searching
 Description::          The details about the incident.
 Additional comments::  Additional information for the client, such as how to troubleshoot the issue.
 
+[float]
 [[configuring-servicenow]]
 ==== Configure ServiceNow
 

docs/management/connectors/action-types/slack.asciidoc

@@ -33,6 +33,20 @@ Secrets defines sensitive information for the connector type.
 
 `webhookUrl`:: A string that corresponds to *Webhook URL*.
 
+[float]
+[[define-slack-ui]]
+==== Define connector in Stack Management
+
+Define Slack connector properties.
+
+[role="screenshot"]
+image::management/connectors/images/slack-connector.png[Slack connector]
+
+Test Slack action parameters.
+
+[role="screenshot"]
+image::management/connectors/images/slack-params-test.png[Slack params test]
+
 [float]
 [[slack-action-configuration]]
 ==== Action configuration
@@ -41,6 +55,7 @@ Slack actions have the following properties.
 
 Message::   The message	text, converted to the `text` field in the Webhook JSON payload. Currently only the text field is supported. Markdown, images, and other advanced formatting are not yet supported.
 
+[float]
 [[configuring-slack]]
 ==== Configure a Slack account
 

docs/management/connectors/action-types/teams.asciidoc

@@ -33,6 +33,20 @@ Secrets defines sensitive information for the connector type.
 
 `webhookUrl`:: A string that corresponds to *Webhook URL*.
 
+[float]
+[[define-teams-ui]]
+==== Define connector in Stack Management
+
+Define Teams connector properties.
+
+[role="screenshot"]
+image::management/connectors/images/teams-connector.png[Teams connector]
+
+Test Teams action parameters.
+
+[role="screenshot"]
+image::management/connectors/images/teams-params-test.png[Teams params test]
+
 [float]
 [[teams-action-configuration]]
 ==== Action configuration
@@ -41,6 +55,7 @@ Microsoft Teams actions have the following properties.
 
 Message::   The message	text, converted to the `text` field in the Webhook JSON payload. Currently only the text field is supported. Markdown, images, and other advanced formatting are not yet supported.
 
+[float]
 [[configuring-teams]]
 ==== Configure a Microsoft Teams account
 

docs/management/connectors/action-types/webhook.asciidoc

@@ -52,6 +52,20 @@ Secrets defines sensitive information for the connector type.
 `user`:: A string that corresponds to *User*. Required if `hasAuth` is set to `true`.
 `password`:: A string that corresponds to *Password*. Should be stored in the <<creating-keystore, {kib} keystore>>. Required if `hasAuth` is set to `true`.
 
+[float]
+[[define-webhook-ui]]
+==== Define connector in Stack Management
+
+Define Webhook connector properties.
+
+[role="screenshot"]
+image::management/connectors/images/webhook-connector.png[Webhook connector]
+
+Test Webhook action parameters.
+
+[role="screenshot"]
+image::management/connectors/images/webhook-params-test.png[Webhook params test]
+
 [float]
 [[webhook-action-configuration]]
 ==== Action configuration

docs/management/connectors/index.asciidoc

@@ -0,0 +1,11 @@
+include::action-types/email.asciidoc[]
+include::action-types/resilient.asciidoc[]
+include::action-types/index.asciidoc[]
+include::action-types/jira.asciidoc[]
+include::action-types/teams.asciidoc[]
+include::action-types/pagerduty.asciidoc[]
+include::action-types/server-log.asciidoc[]
+include::action-types/servicenow.asciidoc[]
+include::action-types/slack.asciidoc[]
+include::action-types/webhook.asciidoc[]
+include::pre-configured-connectors.asciidoc[]

docs/management/connectors/pre-configured-connectors.asciidoc

@@ -1,6 +1,5 @@
 [role="xpack"]
 [[pre-configured-connectors]]
-
 === Preconfigured connectors
 
 You can preconfigure a connector to have all the information it needs prior to startup by adding it to the `kibana.yml` file.

docs/user/alerting/action-types.asciidoc

@@ -1,75 +0,0 @@
-[role="xpack"]
-[[action-types]]
-== Connectors and actions
-
-Connectors provide a central place to store connection information for services and integrations with third party systems. Actions are instantiations of a connector that are linked to rules and run as background tasks on the {kib} server when rule conditions are met. {kib} provides the following types of connectors:
-
-[cols="2"]
-|===
-
-a| <<email-action-type, Email>>
-
-| Send email from your server.
-
-a| <<resilient-action-type, IBM Resilient>>
-
-| Create an incident in IBM Resilient.
-
-a| <<index-action-type, Index>>
-
-| Index data into Elasticsearch.
-
-a| <<jira-action-type, Jira>>
-
-| Create an incident in Jira.
-
-a| <<teams-action-type, Microsoft Teams>>
-
-| Send a message to a Microsoft Teams channel.
-
-a| <<pagerduty-action-type, PagerDuty>>
-
-| Send an event in PagerDuty.
-
-a| <<server-log-action-type, ServerLog>>
-
-| Add a message to a Kibana log.
-
-a| <<servicenow-action-type, ServiceNow>>
-
-| Create an incident in ServiceNow.
-
-a| <<slack-action-type, Slack>>
-
-| Send a message to a Slack channel or user.
-
-a| <<webhook-action-type, Webhook>>
-
-| Send a request to a web service.
-|===
-
-[NOTE]
-==============================================
-Some connector types are paid commercial features, while others are free.
-For a comparison of the Elastic subscription levels,
-see https://www.elastic.co/subscriptions[the subscription page].
-==============================================
-
-[float]
-[[create-connectors]]
-=== Preconfigured connectors
-
-For out-of-the-box and standardized connectors, you can <<preconfigured-connector-example, preconfigure connectors>>
-before {kib} starts.
-
-include::action-types/email.asciidoc[]
-include::action-types/resilient.asciidoc[]
-include::action-types/index.asciidoc[]
-include::action-types/jira.asciidoc[]
-include::action-types/teams.asciidoc[]
-include::action-types/pagerduty.asciidoc[]
-include::action-types/server-log.asciidoc[]
-include::action-types/servicenow.asciidoc[]
-include::action-types/slack.asciidoc[]
-include::action-types/webhook.asciidoc[]
-include::action-types/pre-configured-connectors.asciidoc[]

docs/user/alerting/alerting-getting-started.asciidoc

@@ -5,7 +5,7 @@
 
 --
 
-Alerting allows you to define *rules* to detect complex conditions within different {kib} apps and trigger actions when those conditions are met. Alerting is integrated with {observability-guide}/create-alerts.html[*Observability*], {security-guide}/prebuilt-rules.html[*Security*], <<geo-alerting,*Maps*>> and {ml-docs}/ml-configuring-alerts.html[*{ml-app}*], can be centrally managed from the <<management,*Management*>> UI, and provides a set of built-in <<action-types, connectors>> and <<rule-types, rules>> (known as stack rules) for you to use.
+Alerting allows you to define *rules* to detect complex conditions within different {kib} apps and trigger actions when those conditions are met. Alerting is integrated with {observability-guide}/create-alerts.html[*Observability*], {security-guide}/prebuilt-rules.html[*Security*], <<geo-alerting,*Maps*>> and {ml-docs}/ml-configuring-alerts.html[*{ml-app}*], can be centrally managed from the <<management,*Management*>> UI, and provides a set of built-in <<action-types, connectors>> and <<stack-rules, rules>> (known as stack rules) for you to use.
 
 image::images/alerting-overview.png[Rules and Connectors UI]
 
@@ -47,7 +47,7 @@ to control the details of the conditions to detect.
 
 For example, an <<rule-type-index-threshold, index threshold rule type>> lets you specify the index to query, an aggregation field, and a time window, but the details of the underlying {es} query are hidden.
 
-See <<rule-types>> for the types of rules provided by {kib} and how they express their conditions.
+See <<stack-rules>> and <<domain-specific-rules>> for the types of rules provided by {kib} and how they express their conditions.
 
 [float]
 [[alerting-concepts-scheduling]]

docs/user/alerting/domain-specific-rules.asciidoc

@@ -0,0 +1,20 @@
+[role="xpack"]
+[[domain-specific-rules]]
+== Domain-specific rules
+
+For domain-specific rules, refer to the documentation for that app.
+{kib} supports these rules:
+
+* {observability-guide}/create-alerts.html[Observability rules]
+* {security-guide}/prebuilt-rules.html[Security rules]
+* <<geo-alerting, Maps rules>>
+* {ml-docs}/ml-configuring-alerts.html[{ml-cap} rules] beta:[]
+
+[NOTE]
+==============================================
+Some rule types are subscription features, while others are free features.
+For a comparison of the Elastic subscription levels,
+see {subscriptions}[the subscription page].
+==============================================
+
+include::map-rules/geo-rule-types.asciidoc[]

docs/user/alerting/index.asciidoc

@@ -1,5 +1,7 @@
 include::alerting-getting-started.asciidoc[]
 include::defining-rules.asciidoc[]
-include::action-types.asciidoc[]
-include::rule-types.asciidoc[]
+include::rule-management.asciidoc[]
+include::rule-details.asciidoc[]
+include::stack-rules.asciidoc[]
+include::domain-specific-rules.asciidoc[]
 include::alerting-troubleshooting.asciidoc[]

docs/user/alerting/rule-details.asciidoc

@@ -1,6 +1,6 @@
 [role="xpack"]
 [[rule-details]]
-=== Rule details
+== Rule details
 
 
 The *Rule details* page tells you about the state of the rule and provides granular control over the actions it is taking. 

docs/user/alerting/rule-management.asciidoc

@@ -1,6 +1,6 @@
 [role="xpack"]
 [[alert-management]]
-=== Managing Rules
+== Managing rules
 
 
 The *Rules* tab provides a cross-app view of alerting. Different {kib} apps like {observability-guide}/create-alerts.html[*Observability*], {security-guide}/prebuilt-rules.html[*Security*], <<geo-alerting, *Maps*>> and <<xpack-ml, *Machine Learning*>> can offer their own rules. The *Rules* tab provides a central place to:
@@ -10,12 +10,12 @@ The *Rules* tab provides a cross-app view of alerting. Different {kib} apps like
 * Drill-down to <<rule-details, rule details>>
 
 [role="screenshot"]
-image:management/alerting/images/rules-and-connectors-ui.png[Example rule listing in the Rules and Connectors UI]
+image:images/rules-and-connectors-ui.png[Example rule listing in the Rules and Connectors UI]
 
 For more information on alerting concepts and the types of rules and connectors available, see <<alerting-getting-started>>.
 
 [float]
-==== Finding rules
+=== Finding rules
 
 The *Rules* tab lists all rules in the current space, including summary information about their execution frequency, tags, and type.
 
@@ -36,23 +36,28 @@ image::images/rules-filter-by-action-type.png[Filtering the rule list by type of
 
 [float]
 [[create-edit-rules]]
-==== Creating and editing rules
+=== Creating and editing rules
 
-Many rules must be created within the context of a {kib} app like <<metrics-app, Metrics>>, <<xpack-apm, APM>>, or <<uptime-app, Uptime>>, but others are generic. Generic rule types can be created in the *Rules* management UI by clicking the *Create* button. This will launch a flyout that guides you through selecting a rule type and configuring its properties. Refer to <<rule-types>> for details on what types of rules are available and how to configure them.
+Many rules must be created within the context of a {kib} app like <<metrics-app, Metrics>>, <<xpack-apm, APM>>, or <<uptime-app, Uptime>>, but others are generic. Generic rule types can be created in the *Rules* management UI by clicking the *Create* button. This will launch a flyout that guides you through selecting a rule type and configuring its properties. Refer to <<stack-rules>> for details on what types of rules are available and how to configure them.
 
 After a rule is created, you can re-open the flyout and change a rule's properties by clicking the *Edit* button shown on each row of the rule listing.
 
 
 [float]
 [[controlling-rules]]
-==== Controlling rules
+=== Controlling rules
 
 The rule listing allows you to quickly mute/unmute, disable/enable, and delete individual rules by clicking the action button. 
 
 [role="screenshot"]
-image:management/alerting/images/individual-mute-disable.png[The actions button allows an individual rule to be muted, disabled, or deleted]
+image:images/individual-mute-disable.png[The actions button allows an individual rule to be muted, disabled, or deleted]
 
 These operations can also be performed in bulk by multi-selecting rules and clicking the *Manage rules* button:
 
 [role="screenshot"]
-image:management/alerting/images/bulk-mute-disable.png[The Manage rules button lets you mute/unmute, enable/disable, and delete in bulk]
+image:images/bulk-mute-disable.png[The Manage rules button lets you mute/unmute, enable/disable, and delete in bulk]
+
+[float]
+=== Required permissions
+
+Access to rules is granted based on your privileges to alerting-enabled features. See <<alerting-security, Alerting Security>> for more information.

docs/user/alerting/stack-rules.asciidoc

@@ -1,14 +1,11 @@
 [role="xpack"]
-[[rule-types]]
-== Rules
+[[stack-rules]]
+== Stack rule types
 
 Kibana provides two types of rules:
 
 * Stack rules, which are built into {kib}
-* Domain-specific rules, which are registered by {kib} apps.
-
-[float]
-==== Standard stack rules
+* <<domain-specific-rules, Domain-specific rules>>, which are registered by {kib} apps.
 
 {kib} provides two stack rules: 
 
@@ -18,17 +15,6 @@ Kibana provides two types of rules:
 Users require the `all` privilege to access the *Stack Rules* feature and create and edit rules.
 See <<kibana-feature-privileges, feature privileges>> for more information.
 
-[float]
-==== Domain-specific rules
-
-For domain-specific rules, refer to the documentation for that app.
-{kib} supports these rules:
-
-* {observability-guide}/create-alerts.html[Observability rules]
-* {security-guide}/prebuilt-rules.html[Security rules]
-* <<geo-alerting, Maps rules>>
-* {ml-docs}/ml-configuring-alerts.html[{ml-cap} rules] beta:[]
-
 [NOTE]
 ==============================================
 Some rule types are subscription features, while others are free features.
@@ -39,4 +25,3 @@ see {subscriptions}[the subscription page].
 
 include::stack-rules/index-threshold.asciidoc[]
 include::stack-rules/es-query.asciidoc[]
-include::map-rules/geo-rule-types.asciidoc[]

docs/user/index.asciidoc

@@ -29,6 +29,8 @@ include::ml/index.asciidoc[]
 
 include::graph/index.asciidoc[]
 
+include::alerting/index.asciidoc[]
+
 include::{kib-repo-dir}/observability/index.asciidoc[]
 
 include::{kib-repo-dir}/apm/index.asciidoc[]
@@ -45,8 +47,6 @@ include::{kib-repo-dir}/fleet/fleet.asciidoc[]
 
 include::reporting/index.asciidoc[]
 
-include::alerting/index.asciidoc[]
-
 include::api.asciidoc[]
 
 include::plugins.asciidoc[]

docs/user/management.asciidoc

@@ -78,9 +78,9 @@ You can add and remove remote clusters, and check their connectivity.
 [cols="50, 50"]
 |===
 
-| <<managing-alerts-and-actions, Rules&nbsp;and Connectors>>
-| Centrally manage your rules across {kib}. Create and manage reusable
-connectors for triggering actions.
+| <<alerting-getting-started, Rules&nbsp;and Connectors>>
+| Centrally <<alert-management, manage your rules>> across {kib}. Create and <<connector-management, manage reusable
+connectors>> for triggering actions.
 
 | <<reporting-getting-started, Reporting>>
 | Monitor the generation of reports&mdash;PDF, PNG, and CSV&mdash;and download reports that you previously generated.
@@ -182,16 +182,10 @@ next major version of {es}, and then reindex, if needed.
 
 include::{kib-repo-dir}/management/advanced-options.asciidoc[]
 
-include::{kib-repo-dir}/management/alerting/rules-and-connectors-intro.asciidoc[]
-
-include::{kib-repo-dir}/management/alerting/rule-management.asciidoc[]
-
-include::{kib-repo-dir}/management/alerting/rule-details.asciidoc[]
-
-include::{kib-repo-dir}/management/alerting/connector-management.asciidoc[]
-
 include::{kib-repo-dir}/management/managing-beats.asciidoc[]
 
+include::{kib-repo-dir}/management/action-types.asciidoc[]
+
 include::{kib-repo-dir}/management/managing-fields.asciidoc[]
 
 include::{kib-repo-dir}/management/managing-licenses.asciidoc[]
@@ -202,14 +196,14 @@ include::{kib-repo-dir}/management/rollups/create_and_manage_rollups.asciidoc[]
 
 include::{kib-repo-dir}/management/managing-saved-objects.asciidoc[]
 
-include::{kib-repo-dir}/management/managing-tags.asciidoc[]
-
 include::security/index.asciidoc[]
 
 include::{kib-repo-dir}/management/snapshot-restore/index.asciidoc[]
 
 include::{kib-repo-dir}/spaces/index.asciidoc[]
 
+include::{kib-repo-dir}/management/managing-tags.asciidoc[]
+
 include::{kib-repo-dir}/management/upgrade-assistant/index.asciidoc[]
 
 include::{kib-repo-dir}/management/watcher-ui/index.asciidoc[]

docs/user/monitoring/kibana-alerts.asciidoc

@@ -20,7 +20,7 @@ analyze past performance. You can also modify active alerts.
 image::user/monitoring/images/monitoring-kibana-alerts.png["Kibana alerts in the Stack Monitoring app"]
 
 To review and modify all the available alerts, use
-<<managing-alerts-and-actions,*{alerts-ui}*>> in *{stack-manage-app}*.
+<<alert-management,*{alerts-ui}*>> in *{stack-manage-app}*.
 
 [discrete]
 [[kibana-alerts-cpu-threshold]]

src/core/public/doc_links/doc_links_service.ts

@@ -249,10 +249,10 @@ export class DocLinksService {
           guide: `${ELASTIC_WEBSITE_URL}guide/en/observability/${DOC_LINK_VERSION}/index.html`,
         },
         alerting: {
-          guide: `${ELASTIC_WEBSITE_URL}guide/en/kibana/${DOC_LINK_VERSION}/managing-alerts-and-actions.html`,
+          guide: `${ELASTIC_WEBSITE_URL}guide/en/kibana/${DOC_LINK_VERSION}/alert-management.html`,
           actionTypes: `${ELASTIC_WEBSITE_URL}guide/en/kibana/${DOC_LINK_VERSION}/action-types.html`,
           emailAction: `${ELASTIC_WEBSITE_URL}guide/en/kibana/${DOC_LINK_VERSION}/email-action-type.html`,
-          emailActionConfig: `${ELASTIC_WEBSITE_URL}guide/en/kibana/${DOC_LINK_VERSION}/email-action-type.html#configuring-email`,
+          emailActionConfig: `${ELASTIC_WEBSITE_URL}guide/en/kibana/${DOC_LINK_VERSION}/email-action-type.html`,
           generalSettings: `${ELASTIC_WEBSITE_URL}guide/en/kibana/${DOC_LINK_VERSION}/alert-action-settings-kb.html#general-alert-action-settings`,
           indexAction: `${ELASTIC_WEBSITE_URL}guide/en/kibana/${DOC_LINK_VERSION}/index-action-type.html`,
           esQuery: `${ELASTIC_WEBSITE_URL}guide/en/kibana/${DOC_LINK_VERSION}/rule-type-es-query.html`,

x-pack/plugins/triggers_actions_ui/public/application/home.test.tsx

@@ -37,7 +37,7 @@ describe('home', () => {
     const documentationLink = wrapper.find('[data-test-subj="documentationLink"]');
     expect(documentationLink.exists()).toBeTruthy();
     expect(documentationLink.first().prop('href')).toEqual(
-      'https://www.elastic.co/guide/en/kibana/mocked-test-branch/managing-alerts-and-actions.html'
+      'https://www.elastic.co/guide/en/kibana/mocked-test-branch/alert-management.html'
     );
   });
 });