[Entity Analytics] Add legacy risk engine breaking change to upgrade notes

docs/upgrade-notes.asciidoc

@@ -151,6 +151,41 @@ We would love to discuss your use case.
 
 ====
 
+[discrete]
+[[breaking-201810]]
+.Remove original user and host risk scoring and all associated UIs (9.0.0)
+[%collapsible]
+====
+*Details* +
+--
+The original host and risk score modules have been superseded since v8.10.0 by the Risk Engine.
+
+In 9.0.0 these modules are no longer supported, the scores no longer display in the UI 
+and all UI controls associated with managing or upgrading the legacy modules have been removed.
+--
+*Impact* +
+As well as the legacy risk scores not being shown in the UI, alerts no longer have the legacy risk score added to them in the `<host|user>.risk.calculated_level`
+and `<host|user>.risk.calculated_score_norm` fields.
+
+The legacy risk scores are stored in the `ml_host_risk_score_<space_id>` and `ml_user_risk_score_<space_id>`
+indices, these indices will not be deleted if the user chooses not to upgrade.
+
+Legacy risk scores are generated by the following transforms:
+
+- `ml_hostriskscore_pivot_transform_<space_id>`
+- `ml_hostriskscore_latest_transform_<space_id>`
+- `ml_userriskscore_pivot_transform_<space_id>`
+- `ml_userriskscore_latest_transform_<space_id>`
+
+If a user does not upgrade to use the Risk Engine, these transforms will continue to run in 9.0.0, but it will be up to the user to manage them.
+
+*Action* +
+Upgrade to use the Risk Engine in all spaces which use the legacy risk scoring modules:
+
+- In the main menu, go to *Security > Manage > Entity Risk Score*.
+- If the original user and host risk score modules are enabled, you'll see a button to "Start update". Click the button, and follow the instructions.
+====
+
 [float]
 === Deprecation notices