Description

Back in 8.7 (I think?) we'd made the decision not to explain the details of the different containers for exception items applied to a rule and exception items that are considered "shared". In the community slack, one of our heavy API users was asking about how to differentiate between the two and if there was any documentation. I still feel that the UI docs should stay as they are since for none API users, I don't think they need to know the underlying details and more information could just add confusion. However, it could be worth updating the API side docs to dive into a bit more detail so that users know how to fetch the different types.

Here is the convo with the community member for context.

We could update this section to do the following:

• Add the rule_default list type as an option
• Add section explaining what the rule_default vs detection (shared) is
• Document this route as Create rule exception
  • Probably needs a better title there since they're technically all rule exceptions