Fix merge conflict

docs/en/ingest-management/commands.asciidoc

@@ -209,7 +209,6 @@ elastic-agent enroll --fleet-server-es <string>
                      [--force]
                      [--header <strings>]
                      [--help]
-                     [--non-interactive]
                      [--proxy-disabled]
                      [--proxy-header <strings>]
                      [--proxy-url <string>]
@@ -352,11 +351,6 @@ verified. The content is encrypted, but the certificate is not verified.
 +
 We strongly recommend that you use a secure connection.
 
-`--non-interactive`::
-Install {agent} in a non-interactive mode. This flag is helpful when
-using automation software or scripted deployments. If {agent} is
-already installed on the host, the installation will terminate.
-
 `--proxy-disabled`::
 Disable proxy support including environment variables.
 

docs/en/ingest-management/elastic-agent/configuration/outputs/output-logstash.asciidoc

@@ -32,6 +32,11 @@ To receive the events in {ls}, you also need to create a {ls} configuration pipe
 The {ls} configuration pipeline listens for incoming {agent} connections,
 processes received events, and then sends the events to {es}.
 
+Please be aware that the structure of the documents sent from {agent} to {ls} must not be modified by the pipeline.
+We recommend that the pipeline doesn’t edit or remove the fields and their contents.
+Editing the structure of the documents coming from {agent} can prevent the {es} ingest pipelines associated to the integrations in use to work correctly.
+We cannot guarantee that the {es} ingest pipelines associated to the integrations using {agent} can work with missing or modified fields.
+
 The following {ls} pipeline definition example configures a pipeline that listens on port `5044` for
 incoming {agent} connections and routes received events to {es}.
 

docs/en/ingest-management/fleet-agent-proxy-package-registry.asciidoc

@@ -17,6 +17,10 @@ example:
 xpack.fleet.registryProxyUrl: your-nat-gateway.corp.net
 ----
 
+If your HTTP proxy requires authentication, you can include the 
+credentials in the URI, such as `https://username:password@your-nat-gateway.corp.net`, 
+only when using HTTPS.
+
 == What information is sent to the {package-registry}?
 
 In production environments, {kib}, through the {fleet} plugin, is the only service interacting with the {package-registry}. Communication happens when interacting with the Integrations UI, and when upgrading {kib}. The shared information is about discovery of Elastic packages and their available versions. In general, the only deployment-specific data that is shared is the {kib} version.

docs/en/ingest-management/release-notes/release-notes-8.16.asciidoc

@@ -14,6 +14,7 @@
 
 This section summarizes the changes in each release.
 
+* <<release-notes-8.16.4>>
 * <<release-notes-8.16.3>>
 * <<release-notes-8.16.2>>
 * <<release-notes-8.16.1>>
@@ -24,6 +25,31 @@ Also see:
 * {kibana-ref}/release-notes.html[{kib} release notes]
 * {beats-ref}/release-notes.html[{beats} release notes]
 
+// begin 8.16.4 relnotes
+
+Review important information about the {fleet} and {agent} 8.16.4 release.
+
+[[release-notes-8.16.4]]
+== {fleet} and {agent} 8.16.4
+
+[discrete]
+[[security-updates-8.16.4]]
+=== Security updates
+
+{agent}::
+* Upgrade NodeJS to LTS v18.20.6. {agent-pull}6641[#6641]
+
+[discrete]
+[[bug-fixes-8.16.4]]
+=== Bug fixes
+
+{agent}::
+* Emit vars even if provider data is empty from the start. {agent-pull}6598[#6598]
+* Redact secrets within complex nested paths. {agent-pull}6710[#6710]
+* Improve the CLI output message when `elastic-agent uninstall` runs after the agent has previously been unenrolled. {agent-pull}6735[#6735]
+
+// end 8.16.4 relnotes
+
 // begin 8.16.3 relnotes
 
 [[release-notes-8.16.3]]

docs/en/ingest-management/release-notes/release-notes-8.17.asciidoc

@@ -14,6 +14,7 @@
 
 This section summarizes the changes in each release.
 
+* <<release-notes-8.17.2>>
 * <<release-notes-8.17.1>>
 * <<release-notes-8.17.0>>
 
@@ -22,6 +23,37 @@ Also see:
 * {kibana-ref}/release-notes.html[{kib} release notes]
 * {beats-ref}/release-notes.html[{beats} release notes]
 
+// begin 8.17.2 relnotes
+
+[[release-notes-8.17.2]]
+== {fleet} and {agent} 8.17.2
+
+Review important information about the {fleet} and {agent} 8.17.2 release.
+
+[discrete]
+[[security-updates-8.17.2]]
+=== Security updates
+
+{fleet-server}::
+* Upgrade `golang.org/x/net` to v0.34.0 and `golang.org/x/crypto` to v0.32.0. {fleet-server-pull}4405[#4405]
+
+
+[discrete]
+[[enhancements-8.17.2]]
+=== Enhancements
+
+{agent}::
+* Upgrade NodeJS for Heartbeat to LTS v18.20.6. {agent-pull}6641[#6641]
+
+[discrete]
+[[bug-fixes-8.17.2]]
+=== Bug fixes
+
+{agent}::
+* Emit variables even if provider data is empty from the start. {agent-pull}6598[#6598]
+
+// end 8.17.2 relnotes
+
 // begin 8.17.1 relnotes
 
 [[release-notes-8.17.1]]
@@ -40,9 +72,26 @@ impact to your application.
 {agent}::
 * {agent} Docker images for {ecloud} have been reverted from having been based off of Ubuntu 24.04 to being based off of Ubuntu 20.04. This is to ensure compatibility with {ece}, support for new Wolfi-based images, and for GNU C Library (glibc) compatibility. {agent-pull}6393[#6393]
 
-//*Impact* +
-//<Describe how users should mitigate the change.> For more information, refer to {fleet-guide}/fleet-server.html[Fleet Server].
-//====
+[discrete]
+[[known-issues-8.17.1]]
+=== Known issues
+
+[[known-issue-1671]]
+.{kib} out of memory crashes on 1 GB {ecloud} {kib} instances using {elastic-sec} view
+[%collapsible]
+====
+
+*Details*
+
+{ecloud} deployments that use the smallest available {kib} instance size of 1 GB may crash due to out of memory errors when the Security UI is loaded. 
+
+*Impact* +
+
+The root cause is inefficient memory allocation, and this is exacerbated when the prebuilt security rules package is installed on the initial load of the {elastic-sec} UI.
+
+As a workaround, you can upgrade your deployment to 8.17.1 in which this issue has been resolved by https://github.com/elastic/kibana/pull/208869[#208869] and https://github.com/elastic/kibana/pull/208475[#208475].
+
+====
 
 [discrete]
 [[new-features-8.17.1]]

docs/en/ingest-management/security/fleet-roles-and-privileges.asciidoc

@@ -7,39 +7,57 @@ Assigning the {kib} feature privileges `Fleet` and `Integrations` grants access
 
 `all`:: Grants full read-write access.
 `read`:: Grants read-only access.
+`none`:: No access is granted.
 
+Take advantage of these privilege settings by:
+
+* <<fleet-roles-and-privileges-built-in,Using an {es} built-in role>>
+* <<fleet-roles-and-privileges-create,Creating a new role>>
+
+[discrete]
+[[fleet-roles-and-privileges-built-in]]
+== Built-in roles
+
+{es} comes with built-in roles that include default privileges.
+
+`editor`::
 The built-in `editor` role grants the following privileges, supporting full read-write access to {fleet} and Integrations:
 
-* {Fleet}: `All`
-* Integrations: `All`
+* {Fleet}: `all`
+* Integrations: `all`
 
+`viewer`::
 The built-in `viewer` role grants the following privileges, supporting read-only access to {fleet} and Integrations:
 
-* {Fleet}:: `None`
-* Integrations:: `Read`
+* {Fleet}: `read`
+* Integrations: `read`
 
-You can also create a new role that can be assigned to a user to grant access to {fleet} and Integrations.
+You can also create a new role that can be assigned to a user, in order to grant more specific levels of access to {fleet} and Integrations.
 
 [discrete]
 [[fleet-roles-and-privileges-create]]
 == Create a role for {fleet}
 
-To create a new role with full access to use and manage {fleet} and Integrations:
+To create a new role with access to {fleet} and Integrations:
 
 . In {kib}, go to **Management -> Stack Management**.
 . In the **Security** section, select **Roles**.
 . Select **Create role**.
 . Specify a name for the role.
 . Leave the {es} settings at their defaults, or refer to {ref}/security-privileges.html[Security privileges] for descriptions of the available settings.
-. In the {kib} section, select **Add Kibana privilege**.
-. In the **Spaces** menu, select *** All Spaces**. Since many Integrations assets are shared across spaces, the users needs the {kib} privileges in all spaces.
+. In the {kib} section, select **Assign to space**.
+. In the **Spaces** menu, select *** All Spaces**. Since many Integrations assets are shared across spaces, the users need the {kib} privileges in all spaces.
 . Expand the **Management** section.
-. Set **Fleet** privileges to **All**.
-. Set **Integrations** privileges to **All**.
+. Choose the access level that you'd like the role to have with respect to {fleet} and integrations:
 
+.. To grant the role full access to use and manage {fleet} and integrations, set both the **Fleet** and **Integrations** privileges to `All`.
++
 [role="screenshot"]
-image::images/kibana-fleet-privileges.png[Kibana privileges flyout showing Fleet and Integrations set to All]
+image::images/kibana-fleet-privileges-all.png[Kibana privileges flyout showing Fleet and Integrations set to All]
 
-To create a read-only user for Integrations, follow the same steps as above but set the **Fleet** privileges to **None** and the **Integrations** privileges to **Read**.
+.. Similarly, to create a read-only user for {fleet} and Integrations, set both the **Fleet** and **Integrations** privileges to `Read`.
++
+[role="screenshot"]
+image::images/kibana-fleet-privileges-read.png[Kibana privileges flyout showing Fleet and Integrations set to All]
 
-Read-only access to {fleet} is not currently supported but is planned for development in a later release.
+Once you've created a new role you can assign it to any {es} user. You can edit the role at any time by returning to the **Roles** page in {kib}.