From ee93942d6b5d409ba6dd9c8a2dceb4adb6b66902 Mon Sep 17 00:00:00 2001
From: Sergey Malinkin <malinkinsa@yandex.ru>
Date: Tue, 24 Oct 2023 23:47:09 +0300
Subject: [PATCH] add description for iris_alert_context field

---
 docs/source/ruletypes.rst | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/source/ruletypes.rst b/docs/source/ruletypes.rst
index 6def678d..75dd377c 100644
--- a/docs/source/ruletypes.rst
+++ b/docs/source/ruletypes.rst
@@ -2634,7 +2634,7 @@ Optional:
     - ``5`` - High
     - ``6`` - Critical.
 
-``iris_alert_context``:
+``iris_alert_context``: Include information from the match into the alert context. Working as key-value, where the key is your custom name and value - data from elasticsearch message.
 
 ``iris_iocs``: Description of the IOC to be added.