[8.8] Visualizations & Lens embeddables being added throughout Security app (backport #3298)

docs/dashboards/overview-dashboard.asciidoc

@@ -19,7 +19,7 @@ image::images/live-feed-ov-page.png[Overview dashboard with live feed section hi
 
 Time-based histograms show the number of detections, alerts, and events that have occurred within the selected time range. To focus on a particular time, click and drag to select a time range, or choose a preset value. The *Stack by* menu lets you select which field is used to organize the data. For example, in the Alert trend histogram, stack by `kibana.alert.rule.name` to display alert counts by rule name within the specified time frame.
 
-TIP: Many {elastic-sec} histograms, graphs, and tables contain an *Inspect* button so you can examine the {es} queries used to retrieve data throughout the app.
+Hover over histograms, graphs, and tables to display an *Inspect* button (image:images/inspect-icon.png[Inspect icon,19,19]) or options menu (image:images/three-dot-icon.png[Three-dot menu icon,18,18]). Click to inspect the visualization's {es} queries, add it to a new or existing case, or open it in Lens for customization.
 
 [discrete]
 == Host and network events

docs/detections/alerts-visualizations.asciidoc

@@ -15,7 +15,9 @@ For example, you can group first by rule name (`Group by: kibana.alert.rule.name
 
 NOTE: Some view types don't have the *Group by top* option. You can also leave *Group by top* blank to group by only the primary field in *Group by*.
 
-To reset a view to default settings, click the settings menu (image:images/three-dot-icon.png[Settings menu icon,18,18]) in the upper-right and select *Reset group by fields* (the settings menu appears when you hover over the area).
+To reset a view to default settings, hover over it and click the options menu (image:images/three-dot-icon.png[Settings menu icon,18,18]) that appears, then select *Reset group by fields*. 
+
+TIP: The options menu also lets you inspect the visualization's queries. For the trend and counts views, you can add the visualization to a new or existing case, or open it in Lens.
 
 Click the collapse icon (image:images/collapse-icon-horiz-down.png[Collapse icon,16,15]) to minimize the visualization section and display a summary of key information instead.
 

docs/getting-started/security-ui.asciidoc

@@ -32,6 +32,20 @@ The navigation menu contains direct links and expandable groups, identified by t
 [role="screenshot"]
 image::images/nav-overview.gif[Overview of the navigation menu]
 
+[[visualization-actions]]
+[float]
+== Visualization actions
+
+Many {elastic-sec} histograms, graphs, and tables display an *Inspect* button (image:images/inspect-icon.png[Inspect icon,19,19]) when you hover over them. Click to examine the {es} queries used to retrieve data throughout the app. 
+
+[role="screenshot"]
+image::images/inspect-icon-context.png[Inspect icon,40%]
+
+Other visualizations display an options menu (image:images/three-dot-icon.png[Three-dot menu icon,18,18]), which allows you to inspect the visualization's queries, add it to a new or existing case, or open it in Lens for customization.
+
+[role="screenshot"]
+image::images/viz-options-menu-open.png[Options menu opened,85%]
+
 [float]
 == {security-app} pages