Merge branch 'main' into issue-5-value-list-constraints-pt2

Author: nastasha-solomon

docs/detections/alerts-ui-manage.asciidoc

@@ -61,7 +61,8 @@ image::images/alert-page-dropdown-controls.png[Alerts page with drop-down contro
 ====
 * You can have a maximum of four controls on the Alerts page.
 * You can't remove the *Status* control.
-* If you make any changes to the controls, you _must_ save the pending changes for them to persist.
+* If you make any changes to the controls, you _must_ save the pending changes for them to persist. 
+* Saved changes are stored in your browser's local storage, not your {ref}/user-profile.html[user profile]. If you clear your browser's storage or log into your user profile from a different browser, you will lose your customizations.
 ====
 
 . Click the three-dot icon next to the controls (image:images/three-dot-icon-blue.png[Three-dot icon,18,18]), then select *Edit Controls*.

docs/detections/images/alert-page.png

@@ -1,7 +1,7 @@
 [[prebuilt-rule-8-4-3-host-files-system-changes-via-windows-subsystem-for-linux]]
 === Host Files System Changes via Windows Subsystem for Linux
 
-Detects files creation and modification on the host system from the the Windows Subsystem for Linux. Adversaries may enable and use WSL for Linux to avoid detection.
+Detects files creation and modification on the host system from the Windows Subsystem for Linux. Adversaries may enable and use WSL for Linux to avoid detection.
 
 *Rule type*: eql
 

docs/detections/prebuilt-rules/downloadable-packages/8-4-3/prebuilt-rule-8-4-3-host-files-system-changes-via-windows-subsystem-for-linux.asciidoc

@@ -1,7 +1,7 @@
 [[prebuilt-rule-8-4-3-suspicious-execution-via-windows-subsystem-for-linux]]
 === Suspicious Execution via Windows Subsystem for Linux
 
-Detects Linux Bash commands from the the Windows Subsystem for Linux. Adversaries may enable and use WSL for Linux to avoid detection.
+Detects Linux Bash commands from the Windows Subsystem for Linux. Adversaries may enable and use WSL for Linux to avoid detection.
 
 *Rule type*: eql
 

docs/detections/prebuilt-rules/downloadable-packages/8-4-3/prebuilt-rule-8-4-3-suspicious-execution-via-windows-subsystem-for-linux.asciidoc

@@ -41,13 +41,13 @@ This section lists all updates associated with version 8.4.3 of the Fleet integr
 
 |<<prebuilt-rule-8-4-3-untrusted-driver-loaded, Untrusted Driver Loaded>> | Identifies attempt to load an untrusted driver. Adversaries may modify code signing policies to enable execution of unsigned or self-signed code. | new | 1 
 
-|<<prebuilt-rule-8-4-3-suspicious-execution-via-windows-subsystem-for-linux, Suspicious Execution via Windows Subsystem for Linux>> | Detects Linux Bash commands from the the Windows Subsystem for Linux. Adversaries may enable and use WSL for Linux to avoid detection. | new | 1 
+|<<prebuilt-rule-8-4-3-suspicious-execution-via-windows-subsystem-for-linux, Suspicious Execution via Windows Subsystem for Linux>> | Detects Linux Bash commands from the Windows Subsystem for Linux. Adversaries may enable and use WSL for Linux to avoid detection. | new | 1 
 
 |<<prebuilt-rule-8-4-3-execution-via-windows-subsystem-for-linux, Execution via Windows Subsystem for Linux>> | Detects attempts to execute a program on the host from the Windows Subsystem for Linux. Adversaries may enable and use WSL for Linux to avoid detection. | new | 1 
 
 |<<prebuilt-rule-8-4-3-windows-subsystem-for-linux-enabled-via-dism-utility, Windows Subsystem for Linux Enabled via Dism Utility>> | Detects attempts to enable the Windows Subsystem for Linux using Microsoft Dism utility. Adversaries may enable and use WSL for Linux to avoid detection. | new | 1 
 
-|<<prebuilt-rule-8-4-3-host-files-system-changes-via-windows-subsystem-for-linux, Host Files System Changes via Windows Subsystem for Linux>> | Detects files creation and modification on the host system from the the Windows Subsystem for Linux. Adversaries may enable and use WSL for Linux to avoid detection. | new | 1 
+|<<prebuilt-rule-8-4-3-host-files-system-changes-via-windows-subsystem-for-linux, Host Files System Changes via Windows Subsystem for Linux>> | Detects files creation and modification on the host system from the Windows Subsystem for Linux. Adversaries may enable and use WSL for Linux to avoid detection. | new | 1 
 
 |<<prebuilt-rule-8-4-3-attempt-to-install-kali-linux-via-wsl, Attempt to Install Kali Linux via WSL>> | Detects attempts to install or use Kali Linux via Windows Subsystem for Linux. Adversaries may enable and use WSL for Linux to avoid detection. | new | 1 
 

docs/detections/prebuilt-rules/downloadable-packages/8-4-3/prebuilt-rules-8-4-3-summary.asciidoc

@@ -1,7 +1,7 @@
 [[prebuilt-rule-8-5-1-host-files-system-changes-via-windows-subsystem-for-linux]]
 === Host Files System Changes via Windows Subsystem for Linux
 
-Detects files creation and modification on the host system from the the Windows Subsystem for Linux. Adversaries may enable and use WSL for Linux to avoid detection.
+Detects files creation and modification on the host system from the Windows Subsystem for Linux. Adversaries may enable and use WSL for Linux to avoid detection.
 
 *Rule type*: eql
 

docs/detections/prebuilt-rules/downloadable-packages/8-5-1/prebuilt-rule-8-5-1-host-files-system-changes-via-windows-subsystem-for-linux.asciidoc

@@ -1,7 +1,7 @@
 [[prebuilt-rule-8-5-1-suspicious-execution-via-windows-subsystem-for-linux]]
 === Suspicious Execution via Windows Subsystem for Linux
 
-Detects Linux Bash commands from the the Windows Subsystem for Linux. Adversaries may enable and use WSL for Linux to avoid detection.
+Detects Linux Bash commands from the Windows Subsystem for Linux. Adversaries may enable and use WSL for Linux to avoid detection.
 
 *Rule type*: eql
 

docs/detections/prebuilt-rules/downloadable-packages/8-5-1/prebuilt-rule-8-5-1-suspicious-execution-via-windows-subsystem-for-linux.asciidoc

@@ -41,13 +41,13 @@ This section lists all updates associated with version 8.5.1 of the Fleet integr
 
 |<<prebuilt-rule-8-5-1-untrusted-driver-loaded, Untrusted Driver Loaded>> | Identifies attempt to load an untrusted driver. Adversaries may modify code signing policies to enable execution of unsigned or self-signed code. | new | 1 
 
-|<<prebuilt-rule-8-5-1-suspicious-execution-via-windows-subsystem-for-linux, Suspicious Execution via Windows Subsystem for Linux>> | Detects Linux Bash commands from the the Windows Subsystem for Linux. Adversaries may enable and use WSL for Linux to avoid detection. | new | 1 
+|<<prebuilt-rule-8-5-1-suspicious-execution-via-windows-subsystem-for-linux, Suspicious Execution via Windows Subsystem for Linux>> | Detects Linux Bash commands from the Windows Subsystem for Linux. Adversaries may enable and use WSL for Linux to avoid detection. | new | 1 
 
 |<<prebuilt-rule-8-5-1-execution-via-windows-subsystem-for-linux, Execution via Windows Subsystem for Linux>> | Detects attempts to execute a program on the host from the Windows Subsystem for Linux. Adversaries may enable and use WSL for Linux to avoid detection. | new | 1 
 
 |<<prebuilt-rule-8-5-1-windows-subsystem-for-linux-enabled-via-dism-utility, Windows Subsystem for Linux Enabled via Dism Utility>> | Detects attempts to enable the Windows Subsystem for Linux using Microsoft Dism utility. Adversaries may enable and use WSL for Linux to avoid detection. | new | 1 
 
-|<<prebuilt-rule-8-5-1-host-files-system-changes-via-windows-subsystem-for-linux, Host Files System Changes via Windows Subsystem for Linux>> | Detects files creation and modification on the host system from the the Windows Subsystem for Linux. Adversaries may enable and use WSL for Linux to avoid detection. | new | 1 
+|<<prebuilt-rule-8-5-1-host-files-system-changes-via-windows-subsystem-for-linux, Host Files System Changes via Windows Subsystem for Linux>> | Detects files creation and modification on the host system from the Windows Subsystem for Linux. Adversaries may enable and use WSL for Linux to avoid detection. | new | 1 
 
 |<<prebuilt-rule-8-5-1-attempt-to-install-kali-linux-via-wsl, Attempt to Install Kali Linux via WSL>> | Detects attempts to install or use Kali Linux via Windows Subsystem for Linux. Adversaries may enable and use WSL for Linux to avoid detection. | new | 1 
 

docs/detections/prebuilt-rules/downloadable-packages/8-5-1/prebuilt-rules-8-5-1-summary.asciidoc

@@ -1,7 +1,7 @@
 [[prebuilt-rule-8-6-1-host-files-system-changes-via-windows-subsystem-for-linux]]
 === Host Files System Changes via Windows Subsystem for Linux
 
-Detects files creation and modification on the host system from the the Windows Subsystem for Linux. Adversaries may enable and use WSL for Linux to avoid detection.
+Detects files creation and modification on the host system from the Windows Subsystem for Linux. Adversaries may enable and use WSL for Linux to avoid detection.
 
 *Rule type*: eql
 

docs/detections/prebuilt-rules/downloadable-packages/8-6-1/prebuilt-rule-8-6-1-host-files-system-changes-via-windows-subsystem-for-linux.asciidoc

@@ -1,7 +1,7 @@
 [[prebuilt-rule-8-6-1-suspicious-execution-via-windows-subsystem-for-linux]]
 === Suspicious Execution via Windows Subsystem for Linux
 
-Detects Linux Bash commands from the the Windows Subsystem for Linux. Adversaries may enable and use WSL for Linux to avoid detection.
+Detects Linux Bash commands from the Windows Subsystem for Linux. Adversaries may enable and use WSL for Linux to avoid detection.
 
 *Rule type*: eql