From 78a2244e52d9ca8769297d12d6343d4e8ebb39ab Mon Sep 17 00:00:00 2001
From: natasha-moore-elastic
 <137783811+natasha-moore-elastic@users.noreply.github.com>
Date: Thu, 27 Mar 2025 13:43:06 +0000
Subject: [PATCH] Updates risk scoring requirements (#6674)

(cherry picked from commit 5dff666d94fb8ebafafba25738760c64dc812828)
---
 docs/advanced-entity-analytics/ers-req.asciidoc | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)

diff --git a/docs/advanced-entity-analytics/ers-req.asciidoc b/docs/advanced-entity-analytics/ers-req.asciidoc
index 7d17030596..530eaa2fbb 100644
--- a/docs/advanced-entity-analytics/ers-req.asciidoc
+++ b/docs/advanced-entity-analytics/ers-req.asciidoc
@@ -11,21 +11,33 @@ This page covers the requirements and guidelines for using the entity risk scori
 [discrete]
 === Privileges
 
-To turn on the risk scoring engine, you need the following privileges:
+To install or run the risk scoring engine, you need the following privileges:
 
 [discrete]
 [width="100%",options="header"]
 |==============================================
 
-| Cluster      | Index | {kib} 
+| Action | Cluster privileges | Index privileges | {kib} privileges
+
+| Install the risk engine
+
 a| 
 * `manage_index_templates`
 * `manage_transform`
+* `manage_ingest_pipelines`
 
 | `all` privilege for `risk-score.risk-score-*`
 
 | **Read** for the **Security** feature 
 
+| Run the risk engine
+
+| `manage_transform`
+
+| N/A
+
+| **Read** for the **Security** feature
+
 |==============================================
 
 [discrete]