[Bug][ESS][8.12] Screenshot needs to be updated for the missing ES|QL…

… tab in timeline (#4499) * Updating one indicator image * Refreshing last image * Updated hash value in example
elastic · Dec 21, 2023 · 560ce5f · 560ce5f
1 parent ff28e9d
commit 560ce5f
Show file tree

Hide file tree

Showing 3 changed files with 2 additions and 2 deletions.
diff --git a/docs/cases/images/indicator-in-timeline.png b/docs/cases/images/indicator-in-timeline.png
diff --git a/docs/cases/images/indicator-query-timeline.png b/docs/cases/images/indicator-query-timeline.png
diff --git a/docs/cases/indicators-of-compromise.asciidoc b/docs/cases/indicators-of-compromise.asciidoc
@@ -92,14 +92,14 @@ When you add an indicator to Timeline, a new Timeline opens with an auto-generat
 
 The following image shows a file hash indictor being investigated in Timeline. The indicator field-value pair is:
 
-`threat.indicator.file.hash.sha256 : c207213257a63589b1e1bd2f459b47becd000c1af8ea7983dd9541aff145c3ba`
+`threat.indicator.file.hash.sha256 : 116dd9071887611c19c24aedde270285a4cf97157b846e6343407cf3bcec115a`
 
 [role="screenshot"]
 image::images/indicator-in-timeline.png[Shows the results of an indicator being investigated in Timeline]
 
 The auto-generated query contains the indicator field-value pair (mentioned previously) and the auto-mapped source event field-value pair, which is:
 
-`file.hash.sha256 : c207213257a63589b1e1bd2f459b47becd000c1af8ea7983dd9541aff145c3ba`
+`file.hash.sha256 : 116dd9071887611c19c24aedde270285a4cf97157b846e6343407cf3bcec115a`
 
 The query results show an alert with a matching `file.hash.sha256` field value, which may indicate suspicious or malicious activity in the environment.