[BUG][7.17-8.5]Fix note that describes how exceptions work with EQL rules (backport #4759) (#4770)

mergify[bot] · nastasha-solomon · web-flow · commit 89cfee50122a · 2024-02-07T11:45:08.000-05:00
* [BUG][7.17-8.5]Fix note that describes how exceptions work with EQL rules (#4759) (cherry picked from commit 7d74705) # Conflicts: # docs/detections/detections-ui-exceptions.asciidoc * Fixed! --------- Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com> Co-authored-by: nastasha.solomon <nastasha.solomon@elastic.co>
diff --git a/docs/detections/detections-ui-exceptions.asciidoc b/docs/detections/detections-ui-exceptions.asciidoc
@@ -81,10 +81,9 @@ IMPORTANT:  To ensure an exception is successfully applied, make sure that the f
 
 [IMPORTANT]
 ==============
-Be careful when adding exceptions to event correlation rules. Exceptions are evaluated against every event in the sequence, and when the exception matches _all_ event(s) in the sequence, alerts _are not_ generated. If the exception only matches _some_ of the events in the sequence, alerts _are_ generated. 
+Be careful when adding exceptions to <<create-eql-rule,event correlation>> rules. Exceptions are evaluated against every event in the sequence, and if an exception matches any events that are necessary to complete the sequence, alerts are not created.
 
-To exclude values from a
-specific event in the sequence, update the rule's EQL statement. For example:
+To exclude values from a specific event in the sequence, update the rule's EQL statement. For example:
 
 [source,eql]
 ----
