Update docs/events/timeline-ui-overview.asciidoc

Co-authored-by: Benjamin Ironside Goldstein <91905639+benironside@users.noreply.github.com>
elastic · Jan 10, 2024 · a510e9b · a510e9b
1 parent 19844c2
commit a510e9b
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/docs/events/timeline-ui-overview.asciidoc b/docs/events/timeline-ui-overview.asciidoc
@@ -217,7 +217,7 @@ This query does the following:
 ** Then, the query limits the output to the top 10 results.
 ** Finally, it keeps the default `@timestamp`, `message`, `event.category`, `event.action`, `host.name`, `source.ip`, `destination.ip`, and `user.name` Timeline fields in the output.
 +
-TIP: When querying indices that tend to be large (for example, `logs-*`), performance can be impacted by the number of fields being returned in the output. To optimize performance, we recommend using the {ref}/esql-commands.html#esql-keep[`KEEP`] command to specify fields that you want returned. For example, add the clause `KEEP @timestamp, user.name` to the end of your query to specify that you only want the `@timestamp` and `user.name` fields returned.
+TIP: When querying indices that tend to be large (for example, `logs-*`), performance can be impacted by the number of fields returned in the output. To optimize performance, we recommend using the {ref}/esql-commands.html#esql-keep[`KEEP`] command to specify fields that you want returned. For example, add the clause `KEEP @timestamp, user.name` to the end of your query to specify that you only want the `@timestamp` and `user.name` fields returned.
 
 NOTE: An error message displays when the query bar is empty.