From 92aedffdda6e0e5722f18af1745d26580589bc4e Mon Sep 17 00:00:00 2001
From: "mergify[bot]" <37929162+mergify[bot]@users.noreply.github.com>
Date: Wed, 19 Jul 2023 11:01:24 -0400
Subject: [PATCH] Add definitions for matches and matches phrase (#3082)
 (#3088)

---
 docs/en/observability/logs-threshold-alert.asciidoc | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/docs/en/observability/logs-threshold-alert.asciidoc b/docs/en/observability/logs-threshold-alert.asciidoc
index 2fbca8009d..a93af8100a 100644
--- a/docs/en/observability/logs-threshold-alert.asciidoc
+++ b/docs/en/observability/logs-threshold-alert.asciidoc
@@ -13,9 +13,11 @@ image::images/log-threshold-alert.png[Log threshold alert configuration]
 
 The comparators available for conditions depend on the chosen field. The combinations available are:
 
-- Numeric fields: *more than*, *more than or equals*, *less than*, or *less than or equals*.
-- Aggregatable fields: *is* and *is not*.
-- Non-aggregatable fields: *matches*, *does not match*, *matches phrase*, *does not match phrase*.
+* Numeric fields: *more than*, *more than or equals*, *less than*, or *less than or equals*.
+* Aggregatable fields: *is* or *is not*.
+* Non-aggregatable fields: *matches*, *does not match*, *matches phrase*, *does not match phrase*.
+** *Matches* queries some or all of the contents of your entered value regardless of order. For example, `WITH message MATCHES your example message` looks for messages containing the words `your` and `example` and `message` and returns results with some or all of those words. 
+** *Matches phrase* queries the exact contents of your entered value. For example, `WITH message MATCHES your example message` looks for the phrase `your example message` and returns results with that exact phrase.
 
 There are several key supported use cases. You can create rules based on fields containing or matching a text pattern,
 rules based on a numeric field and arithmetic operator, or a single rule with multiple conditions.