Doc: Update Logstash intro and security overview for serverless (#15313) (#15663)

(cherry picked from commit 0954a687f0)

Co-authored-by: Karen Metts <35154725+karenzone@users.noreply.github.com>

docs/index.asciidoc

@@ -34,6 +34,26 @@ type of event can be enriched and transformed with a broad array of input, filte
 native codecs further simplifying the ingestion process. Logstash accelerates your insights by harnessing a greater
 volume and variety of data.
 
+
+[serverless]
+.Logstash to {serverless-full}
+****
+You'll use the {ls} <<plugins-outputs-elasticsearch,{es} output plugin>> to send data to {serverless-full}.
+Note these differences between {es-serverless} and both {ess} and self-managed {es}:
+
+* Use *API keys* to access {serverless-full} from {ls}. 
+Any user-based security settings in your in your <<plugins-outputs-elasticsearch,{es} output plugin>> configuration are ignored and may cause errors.
+* {serverless-full} uses *data streams* and {ref}/data-stream-lifecycle.html[{dlm} ({dlm-init})] instead of {ilm} ({ilm-init}). 
+Any {ilm-init} settings in your <<plugins-outputs-elasticsearch,{es} output plugin>> configuration are ignored and may cause errors.
+* *{ls} monitoring* is available through the https://github.com/elastic/integrations/blob/main/packages/logstash/_dev/build/docs/README.md[{ls} Integration] in {serverless-docs}/observability/what-is-observability-serverless[Elastic Observability] on {serverless-full}.
+
+
+.Known issue for {ls} to {es-serverless}.
+
+The logstash-output-elasticsearch `hosts` setting defaults to port :9200. Set the value to port :443 instead.
+****
+
+
 // The pass blocks here point to the correct repository for the edit links in the guide.
 
 // Introduction

docs/static/security/es-security.asciidoc

@@ -11,21 +11,35 @@ See {ref}/configuring-stack-security.html[Starting the Elastic Stack with securi
   
 {ess} uses certificates signed by standard publicly trusted certificate authorities, and therefore setting a cacert is not necessary.
 
-.Hosted {ess} simplifies security
+.Security to {serverless-full} [[serverless]]
+[NOTE]
+=====
+
+{es-serverless} simplifies safe, secure communication between {ls} and {es}. 
+
+Configure the <<plugins-outputs-elasticsearch,{ls} {es} output plugin>> to use <<plugins-outputs-elasticsearch-cloud_id,`cloud_id`>> and an <<plugins-outputs-elasticsearch-api_key,`api_key`>> to establish safe, secure communication between {ls} and {es-serverless}.
+No additional SSL configuration steps are needed.
+
+Configuration example:
+
+* `output {elasticsearch { cloud_id => "<cloud id>" api_key => "<api key>" } }`
+
+For more details, check out <<ls-api-keys>>.
+=====
+
+.Security to hosted {ess} [[hosted-ess]]
 [NOTE]
 =====
 Our hosted {ess} on Elastic Cloud simplifies safe, secure communication between {ls} and {es}. 
-When you configure the elasticsearch output plugin to use <<plugins-outputs-elasticsearch-cloud_id,`cloud_id`>> with either the <<plugins-outputs-elasticsearch-cloud_auth,`cloud_auth` option>> or the <<plugins-outputs-elasticsearch-api_key,`api_key` option>>, no additional SSL configuration steps are needed.
+When you configure the <<plugins-outputs-elasticsearch,{ls} {es} output plugin>> to use <<plugins-outputs-elasticsearch-cloud_id,`cloud_id`>> with either the <<plugins-outputs-elasticsearch-cloud_auth,`cloud_auth` option>> or the <<plugins-outputs-elasticsearch-api_key,`api_key` option>>, no additional SSL configuration steps are needed.
+{ess-leadin-short}
 
-Examples:
+Configuration example:
 
 * `output {elasticsearch { cloud_id => "<cloud id>" cloud_auth => "<cloud auth>" } }`
-* `output {elasticsearch { cloud_id => "<cloud id>" api_key => "<api key>" } }``
+* `output {elasticsearch { cloud_id => "<cloud id>" api_key => "<api key>" } }`
 
-For more details, check out the
-{logstash-ref}/connecting-to-cloud.html[Logstash-to-Cloud documentation].
-
-{ess-leadin-short}
+For more details, check out <<ls-api-keys>> or <<connecting-to-cloud>>.
 =====
 
 [discrete]