[8.1] [main] [DOCS] Update configure-integration-policy.asciidoc (#3141…

…) (backport #3163) (#3168)

* [DOCS] Update configure-integration-policy.asciidoc (#3141) (#3163)

* [DOCS] Update configure-integration-policy.asciidoc

It is unclear that Notify User pushes notification to host OS's notification system.  To make it clear suggest adding the tip

TIP: **Notify User** option pushes a notification to the host OS's notification system.

Otherwise it is confusing and expectation might be to look at kibana alert notifcations from a rule or something different then host OS notification

* Update explanation of "Notify user" option

* Update screenshot

---------

Co-authored-by: Joe Peeples <joe.peeples@elastic.co>
(cherry picked from commit 2508e1d)

Co-authored-by: Jennie Soria <predogma@users.noreply.github.com>
(cherry picked from commit 9f1e586)

# Conflicts:
#	docs/getting-started/configure-integration-policy.asciidoc

* Fix conflict

---------

Co-authored-by: Joe Peeples <joe.peeples@elastic.co>

docs/getting-started/configure-integration-policy.asciidoc

@@ -37,9 +37,12 @@ By default, malware protection is enabled on Windows, macOS, and Linux hosts. To
 
 Malware protection levels are:
 
-* **Detect**: Detects malware on the host and generates an alert. The agent will **not** block malware. You must pay attention to and analyze any malware alerts that are generated. Notifications do not appear by default. Select the **Notify User** option to enable them.
-* **Prevent** (Default): Detects malware on the host, blocks it from executing, and generates an alert. Notifications appear by default. Deselect the **Notify User** option to disable them.
-+
+* **Detect**: Detects malware on the host and generates an alert. The agent will **not** block malware.
+You must pay attention to and analyze any malware alerts that are generated.
+* **Prevent** (Default): Detects malware on the host, blocks it from executing, and generates an alert.
+
+Select **Notify user** to send a push notification in the host operating system when activity is detected or prevented. Notifications are enabled by default for the *Prevent* option.
+
 TIP: Platinum and Enterprise customers can customize these notifications using the `Elastic Security {action} {filename}` syntax.
 
 [role="screenshot"]
@@ -55,9 +58,13 @@ Ransomware protection is a paid feature and is enabled by default if you have a
 
 Ransomware protection levels are:
 
-* **Detect**: Detects ransomware on the host and generates an alert. The {agent} will **not** block ransomware. Select the **Notify User** option to enable user notifications.
-* **Prevent** (Default): Detects ransomware on the host, blocks it from executing, and generates an alert. User notifications are enabled by default. Deselect the **Notify User** option to disable them.
-+
+* **Detect**: Detects ransomware on the host and generates an alert. The {agent}
+will **not** block ransomware. You must pay attention to and analyze any ransomware alerts that are generated.
+* **Prevent** (Default): Detects ransomware on the host, blocks it from executing,
+and generates an alert.
+
+Select **Notify user** to send a push notification in the host operating system when activity is detected or prevented. Notifications are enabled by default for the *Prevent* option.
+
 TIP: Platinum and Enterprise customers can customize these notifications using the `Elastic Security {action} {filename}` syntax.
 
 [role="screenshot"]
@@ -73,9 +80,13 @@ Memory threat protection is a paid feature and is enabled by default if you have
 
 Memory threat protection levels are:
 
-* **Detect**: Detects memory threat activity on the host and generates an alert. The {agent} will **not** block the in-memory activity. Select the **Notify User** option to enable user notifications.
-* **Prevent** (Default): Detects memory threat activity on the host, forces the process or thread to stop, and generates an alert. User notifications are enabled by default. Deselect the **Notify User** option to disable them.
-+
+* **Detect**: Detects memory threat activity on the host and generates an alert.
+The {agent} will **not** block the in-memory activity. You must pay attention to and analyze any alerts that are generated.
+* **Prevent** (Default): Detects memory threat activity on the host, forces the process
+or thread to stop, and generates an alert.
+
+Select **Notify user** to send a push notification in the host operating system when activity is detected or prevented. Notifications are enabled by default for the *Prevent* option.
+
 TIP: Platinum and Enterprise customers can customize these notifications using the `Elastic Security {action} {rule}` syntax.
 
 [role="screenshot"]
@@ -91,9 +102,13 @@ Malicious behavior protection is a paid feature and is enabled by default if you
 
 Malicious behavior protection levels are:
 
-* **Detect**: Detects malicious behavior on the host and generates an alert. The {agent} will **not** block the malicious behavior. Select the **Notify User** option to enable user notifications.
-* **Prevent** (Default): Detects malicious behavior on the host, forces the process to stop, and generates an alert. User notifications are enabled by default. Deselect the **Notify User** option to disable them.
-+
+* **Detect**: Detects malicious behavior on the host and generates an alert.
+The {agent} will **not** block the malicious behavior. You must pay attention to and analyze any alerts that are generated.
+* **Prevent** (Default): Detects malicious behavior on the host, forces the process to stop,
+and generates an alert.
+
+Select **Notify user** to send a push notification in the host operating system when activity is detected or prevented. Notifications are enabled by default for the *Prevent* option.
+
 TIP: Platinum and Enterprise customers can customize these notifications using the `Elastic Security {action} {rule}` syntax.
 
 [role="screenshot"]