Update the public docs for Network Beaconing Identification package

[sodhikirti07]

Description

Since we've introduced Network Beaconing Identification as part of our integration packages, we aim to revise the public documentation page of this package. We'll eliminate the previous links that direct users to install the package through detections-rules repo and instead guide them to the updated integration documentation for the package.

Related docs

Old Links:

• https://github.com/elastic/detection-rules/blob/main/docs/experimental-machine-learning/beaconing.md
• https://www.elastic.co/guide/en/security/current/network-beaconing-framework.html

New documentation:

• https://docs.elastic.co/integrations/beaconing

[jmikell821]

@sodhikirti07 @SourinPaul do we need to delete the .md file? https://github.com/elastic/detection-rules/blob/main/docs/experimental-machine-learning/beaconing.md. We usually don't touch the files in the detection-rules repo unless we have to, but I can create a separate task issue if it needs to be deleted from here. cc: @ajosh0504

[natasha-moore-elastic]

@sodhikirti07, @SourinPaul is this update for both classic and serverless docs?

[sodhikirti07]

@sodhikirti07, @SourinPaul is this update for both classic and serverless docs?

The update is applicable to both.

@sodhikirti07 @SourinPaul do we need to delete the .md file? https://github.com/elastic/detection-rules/blob/main/docs/experimental-machine-learning/beaconing.md. We usually don't touch the files in the detection-rules repo unless we have to, but I can create a separate task issue if it needs to be deleted from here

I'll defer it to Sourin, but I suggest retaining it for the potential users who are using an older version and wish to install this package.

[ajosh0504]

My two cents: Agree w/ @sodhikirti07 regarding keeping old docs. This is if users run into installation issues with the integration at any point and need to install things manually. So we can maybe make it clear that integrations are the preferred installation mechanism, and the README in the detection-rules repo is more of a backup/if folks want to install assets manually for some reason (eg: tuning the transform before installation).

[SourinPaul]

I agree with both the recommendations above:

• Retain the .md file in the detection rules repo
• Append the .md file with a Note: section (before the Detailed Steps section) to state

On this note, @sodhikirti07 can you please help append the below to the .md?

Integration package [link to fleet integration page] now provides a user-friendly experience to implement this detection package. If you wish to fine-tune any of the package components, you may install the package manually by following these steps.

Lastly, we should delete the existing doc-page, once the references are updated.

Thanks!

[sodhikirti07]

Reopening this issue: Going to work on consolidating information from this HTML page to the integration docs of Network Beaconing Identification.
Related comment and PR: #4192 (comment)

[natasha-moore-elastic]

Reopening this issue: Going to work on consolidating information from this HTML page to the integration docs of Network Beaconing Identification. Related comment and PR: #4192 (comment)

Hi @sodhikirti07, thanks for your help with this! We actually have a different issue for this, which is still open (and is also tied to the PR you linked to). I've added a task to that issue for your consolidation work.

[sodhikirti07]

@natasha-moore-elastic Thank you! This PR consolidates the beaconing related information from the HTML page to the integration packages's README. With that, you can go ahead and merge #4192 to delete beaconing from Technical review and add Network Beaconing Identification integration under this page.