[BUG]: "Indexes" field in "Create threat detector" flow gives a wrong impression that user can use frontend index patterns as a source for threat detection.

**What is the bug?**
The "Indexes" field in "Create threat detector" flow gives a wrong impression that user can use frontend index patterns as a source for threat detection. 
https://playground.opensearch.org/app/opensearch_security_analytics_dashboards#/create-detector

<img width="419" alt="Screenshot 2024-04-25 at 3 02 30 PM" src="https://github.com/opensearch-project/security-analytics-dashboards-plugin/assets/105245012/81a3f170-f030-4d3d-b215-49cc9eb54c0c">

**What is the expected behavior?**
To clarify the meaning of the field, the field label should be` Select or input source indexes or aliases`, and the helper text underneath the input should clarify that user can enter * as a wildcard pattern to match multiple indexes as `Use * as a wildcard pattern to match multiple sources.` 

<img width="621" alt="Screenshot 2024-04-25 at 3 04 08 PM" src="https://github.com/opensearch-project/security-analytics-dashboards-plugin/assets/105245012/f5b4db81-f4d6-450f-97bb-9d3338688bcf">




Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[BUG]: "Indexes" field in "Create threat detector" flow gives a wrong impression that user can use frontend index patterns as a source for threat detection. #995

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development