From bcb68c860c0c8e332acd9dcacf59dc019087a886 Mon Sep 17 00:00:00 2001
From: James Rodewig <james.rodewig@elastic.co>
Date: Tue, 3 Mar 2020 06:59:17 -0500
Subject: [PATCH] [DOCS] Reorganize EQL requirements page

---
 docs/reference/eql/requirements.asciidoc | 19 +++++++++----------
 1 file changed, 9 insertions(+), 10 deletions(-)

diff --git a/docs/reference/eql/requirements.asciidoc b/docs/reference/eql/requirements.asciidoc
index 233a29d661f..62e217df9c3 100644
--- a/docs/reference/eql/requirements.asciidoc
+++ b/docs/reference/eql/requirements.asciidoc
@@ -8,9 +8,15 @@
 
 experimental::[]
 
-EQL is schemaless and works out-of-the-box with most common log formats. If you
-use a standard log format and already know what fields in your index contain
-event type and timestamp information, you can skip this page.
+EQL is schema-less and works well with most common log formats.
+
+
+[TIP]
+====
+While no schema is required to use EQL in {es}, we recommend the
+{ecs-ref}[Elastic Common Schema (ECS)]. The EQL search API is designed to work
+with core ECS fields by default.
+====
 
 [discrete]
 [[eql-required-fields]]
@@ -28,10 +34,3 @@ A field containing the event classification, such as `process`, `file`, or
 Timestamp::
 A field containing the date and/or time the event occurred. This is typically
 mapped as a <<date,`date`>> field.
-
-[TIP]
-====
-While no schema is required to use EQL in {es}, we recommend the
-{ecs-ref}[Elastic Common Schema (ECS)]. {es}'s EQL search is designed to work
-with core ECS fields by default.
-====
\ No newline at end of file