[Internal]: Attack Discovery schedule bulk actions docs

### Description

We are adding bulk actions for Attack Discovery schedules.

The primary goal of this enhancement is to make it easier for analysts and administrators to manage multiple Attack Discovery schedules at once. Today, users can enable, disable, or delete schedules one at a time from the schedule table. With this change, users will be able to select multiple schedules and perform these actions in bulk.

The product documentation should be updated in the Attack Discovery scheduling section: https://www.elastic.co/docs/solutions/security/ai/attack-discovery#schedule-discoveries

### API docs impact

This feature introduces new public Attack Discovery schedule bulk action APIs:

- `POST /api/attack_discovery/schedules/_bulk_enable`
- `POST /api/attack_discovery/schedules/_bulk_disable`
- `POST /api/attack_discovery/schedules/_bulk_delete`

### Prerequisites, privileges, feature flags

Users need the same Attack Discovery schedule management privileges currently required to create, edit, enable, disable, or delete schedules.

### Suggested documentation updates

Update the **Schedule discoveries** section to mention that users can manage multiple schedules at once from the **Attack discovery schedule** flyout:

- Select one or more schedules from the schedules table.
- Use **Bulk actions** to enable selected disabled schedules.
- Use **Bulk actions** to disable selected enabled schedules.
- Use **Bulk actions** to delete selected schedules.
- Confirm that bulk delete requires confirmation before schedules are removed.

Also clarify that bulk actions apply only to explicitly selected schedules in the current table selection.

### Screenshots and recording

https://github.com/user-attachments/assets/7ae1c47a-1ca3-4713-b03c-7056566f4f9d

<img width="1840" height="1196" alt="Image" src="https://github.com/user-attachments/assets/9aefb6e5-d9d9-4e88-9cf7-97e5d362dc07" />

<img width="1840" height="1196" alt="Image" src="https://github.com/user-attachments/assets/afd6b274-af1f-440b-8698-dd4a694ab2e7" />



### Resources

- Feature issue: https://github.com/elastic/kibana/issues/266760
- Docs section to update: https://www.elastic.co/docs/solutions/security/ai/attack-discovery#schedule-discoveries

### Which deployment methods does this change impact?

Unknown

### Feature differences

_No response_

### What Elastic Stack release is this request related to?

9.5

### Serverless release

Week of May 18, 2026

### Collaboration model

Unknown

### Point of contact.

**Main contact:** @e40pud 

**Stakeholders:** @cthulhusec 


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Internal]: Attack Discovery schedule bulk actions docs #6376

Description

API docs impact

Prerequisites, privileges, feature flags

Suggested documentation updates

Screenshots and recording

Resources

Which deployment methods does this change impact?

Feature differences

What Elastic Stack release is this request related to?

Serverless release

Collaboration model

Point of contact.

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

[Internal]: Attack Discovery schedule bulk actions docs #6376

Description

Description

API docs impact

Prerequisites, privileges, feature flags

Suggested documentation updates

Screenshots and recording

Resources

Which deployment methods does this change impact?

Feature differences

What Elastic Stack release is this request related to?

Serverless release

Collaboration model

Point of contact.

Metadata

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Issue actions