From 8bb7218e381affc9763d42bb848c218698ab55f3 Mon Sep 17 00:00:00 2001
From: Apoorva Joshi <30438249+ajosh0504@users.noreply.github.com>
Date: Thu, 3 Jun 2021 12:47:00 -0700
Subject: [PATCH] Update problem-child.md (#1253)

---
 docs/experimental-machine-learning/problem-child.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/experimental-machine-learning/problem-child.md b/docs/experimental-machine-learning/problem-child.md
index 26e943d05..ddb62fb60 100644
--- a/docs/experimental-machine-learning/problem-child.md
+++ b/docs/experimental-machine-learning/problem-child.md
@@ -61,4 +61,4 @@ You can optionally choose to refresh your index mapping from within Kibana:
 
 #### 4. Verify enrichment fields
 
-Any documents corresponding to Windows process events should now be enriched with `problemchild.*`
\ No newline at end of file
+Any documents corresponding to Windows process events should now be enriched with `problemchild.*`. By default, the enrichment pipeline also consists of a script processor for a blocklist, so you might also see the field `blocklist_label` appear in documents that match the blocklist.