diff --git a/docs/management/admin/host-isolation-ov.asciidoc b/docs/management/admin/host-isolation-ov.asciidoc
index f199ee7e33..567e1f6e82 100644
--- a/docs/management/admin/host-isolation-ov.asciidoc
+++ b/docs/management/admin/host-isolation-ov.asciidoc
@@ -41,10 +41,11 @@ All actions executed on a host are tracked in the host’s response actions hist
 [[isolate-a-host]]
 == Isolate a host
 
-.Isolate a host from a detection alert
+.Isolate a host from an event or a detection alert
 [%collapsible]
 ====
-. Open a detection alert:
+. Open an event or a detection alert:
+* From the event analyzer view: Click an event.
 * From the Alerts table or Timeline: Click *View details* (image:images/view-details-icon.png[View details icon,16,15]).
 * From a case with an attached alert: Click *Show alert details* (*>*).
 . Click *Take action -> Isolate host*.
@@ -98,10 +99,11 @@ image::images/host-isolated-notif.png[Host isolated notification message,350]
 [[release-a-host]]
 == Release a host
 
-.Release a host from a detection alert
+.Release a host from an event or a detection alert
 [%collapsible]
 ====
-. Open a detection alert:
+. Open an event or detection alert:
+* From the event analyzer view: Click an event.
 * From the Alerts table or Timeline: Click *View details* (image:images/view-details-icon.png[View details icon,16,15]).
 * From a case with an attached alert: Click *Show alert details* (*>*).
 . From the alert details flyout, click *Take action -> Release host*.
diff --git a/docs/management/admin/response-actions.asciidoc b/docs/management/admin/response-actions.asciidoc
index ba8aa62700..c41edb13ca 100644
--- a/docs/management/admin/response-actions.asciidoc
+++ b/docs/management/admin/response-actions.asciidoc
@@ -29,7 +29,7 @@ Launch the response console from any of the following places in {elastic-sec}:
 
 * *Endpoints* page -> *Actions* menu (*...*) -> *Respond*
 * Endpoint details flyout -> *Take action* -> *Respond*
-* Alert details flyout -> *Take action* -> *Respond*
+* Alert or event details flyout -> *Take action* -> *Respond*
 * Host details page → *Respond*
 
 To perform an action on the endpoint, enter a <<response-action-commands,response action command>> in the input area at the bottom of the console, then press *Return*. Output from the action is displayed in the console.