[Alerting V2] [DOCS] [M2] Write ES|QL rules in Alerting v2 using base and blocks query schema

[nastasha-solomon]

Summary

Alerting v2 M2 milestone introduces an ES|QL rule type with a structured API and saved-object schema comprising a base query and optional blocks. Users can now define rules using ES|QL syntax directly within Alerting v2. Documentation should explain the ES|QL rule API schema (base query + blocks), how to create these rules, and the relationship to the ES|QL query sandbox available in Discover. Stack only, from 9.5.0 (technical preview).

Why this needs docs: A new rule type with a new API schema is a first-class feature requiring conceptual and how-to documentation for users who want to create ES|QL-based alert rules.

Resources

• PR #271758 — [AlertingV2][M2] Implement ES|QL rule API/storage schema for base + blocks query model

Availability

Channel	Details
Stack	v9.5.0
Serverless	Jun 22–Jun 26
Feature status	technical-preview
Feature flag	xpack.alerting_v2.enabled

---

Created with Docs Quest Scanner by @nastasha-solomon

Suggested edits

Alerting (Kibana) > ES|QL rules in Alerting v2

• What the docs say: No ES|QL rule type docs exist for Alerting v2; existing alerting docs cover legacy rule types only.
• What to add: Add a new section documenting the ES|QL rule type in Alerting v2: describe the base query + blocks schema, how to create and configure an ES|QL rule via the API or rule form, and the supported ?param placeholder syntax. This rolls up into the broader Alerting v2 overview page. Stack only, from 9.5.0 (technical preview).

[github-actions]

Elastic Docs AI Menu

Check one box to run an AI workflow for this issue.

• Triage (docs-triage). Status: not started.
• Scope the docs work (docs-issue-scope). Status: not started.

Powered by GitHub Agentic Workflows and docs-actions. For more information, reach out to the docs team.

[nastasha-solomon]

Addressed in #7077.