[DOCS] Option to schedule Osquery packs for individual policies or globally (#146482)

Addresses https://github.com/elastic/kibana/issues/146468.

Preview
[here](https://kibana_146482.docs-preview.app.elstc.co/guide/en/kibana/master/osquery.html#osquery-schedule-query)
(updated step 4).

Co-authored-by: Joe Peeples <joe.peeples@elastic.co>
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>

docs/osquery/manage-integration.asciidoc

@@ -63,7 +63,7 @@ While this allows you to use advanced Osquery functionality like pack discovery
 
 . Edit the *Osquery config* JSON field to apply your preferred Osquery configuration. Note the following:
 
-* The field may already have content if you have scheduled packs for this agent policy. To keep these packs scheduled, do not remove the `packs` section.
+* The field may already have content if you've scheduled packs for this agent policy. To keep these packs scheduled, do not remove the `packs` section. The `shard` field value is the percentage of agents in the policy using the pack.
 
 * Refer to the https://osquery.readthedocs.io/en/stable/[Osquery documentation] for configuration options.
 

docs/osquery/osquery.asciidoc

@@ -82,23 +82,26 @@ You can run packs as live queries or schedule packs to run for one or more agent
 
 . Click the **Packs** tab.
 . Click **Add pack** to create a new pack, or click the name of an existing pack, then **Edit** to add queries to an existing pack.
+. Provide a name for the pack. The short description is optional. 
+. Schedule the pack to be deployed on specified agent policies (*Policy*) or on all agent policies (*Global*).
++
+TIP: Pack deployment details are stored within the <<osquery-custom-config,Osquery configuration>>. The `shard` field value is the percentage of agents in the policy using the pack.  
++
+If you choose the *Policy* option, configure these fields: 
++
+NOTE: When defining pack deployment details, you cannot configure the same policy multiple times. In other words, after specifying a policy, you can either choose to deploy the pack to all of the policy's agents or only a subset. You cannot choose both.
 
-. Provide the following fields:
+** *Scheduled {agent} policies (optional)*: Allows you to deploy the pack to specific agent policies. By default, the pack is deployed to all {agents} that are registered to the policies you define.  
+** *Partial deployment (shards)*: Allows you to deploy the pack to a portion of the agents on each specified agent policy. After defining a policy, use the *Shard* slider to set the amount of agents to which the pack is deployed. For example, after specifying a policy, you can choose to deploy the pack to half of the policy's agents by selecting 50% on the slider.
 
-* The name of the pack.
+. If you're creating a new pack, add queries to schedule:
 
-* A short description of the pack.
-
-* The agent policies where this pack should run. If no agent policies are set, the pack is not scheduled.
-
-. Add queries to schedule:
-
-* To add a query to the pack, click *Add query*, and then either add a saved query or enter a new query.
+ ** Click *Add query* and then add a saved query or enter a new query.
 Each query must include a unique query ID and the interval at which it should run.
 Optionally, set the minimum Osquery version and platform,
 or <<osquery-map-fields,map ECS fields>>. When you add a saved query to a pack, this adds a copy of the query. A connection is not maintained between saved queries and packs.
 
-* To upload queries from a `.conf` query pack, drag the pack to the drop zone under the query table. To explore the community packs that Osquery publishes, click *Example packs*.
+** Upload queries from a `.conf` query pack by dragging the pack to the drop zone under the query table. To explore the community packs that Osquery publishes, click *Example packs*.
 
 . Click *Save pack*. The queries run when the policy receives the update.