[DOCS] Replace CONFIG_DIR with ES_PATH_CONF

docs/reference/settings/security-settings.asciidoc

@@ -328,7 +328,7 @@ role mappings are not considered. Defaults to `false`.
 `files.role_mapping`::
 The {xpack-ref}/security-files.html[location] for the {xpack-ref}/mapping-roles.html#mapping-roles[
 YAML role mapping configuration file]. Defaults to
-`CONFIG_DIR/role_mapping.yml`.
+`ES_PATH_CONF/role_mapping.yml`.
 
 `follow_referrals`::
 Specifies whether {security} should follow referrals returned
@@ -494,7 +494,7 @@ considered. Defaults to `false`.
 
 `files.role_mapping`::
 The {xpack-ref}/security-files.html[location] for the YAML
-role mapping configuration file. Defaults to `CONFIG_DIR/role_mapping.yml`.
+role mapping configuration file. Defaults to `ES_PATH_CONF/role_mapping.yml`.
 
 `user_search.base_dn`::
 The context to search for a user. Defaults to the root
@@ -719,7 +719,7 @@ for SSL. This setting cannot be used with `certificate_authorities`.
 `files.role_mapping`::
 Specifies the {xpack-ref}/security-files.html[location] of the
 {xpack-ref}/mapping-roles.html[YAML role  mapping configuration file].
-Defaults to `CONFIG_DIR/role_mapping.yml`.
+Defaults to `ES_PATH_CONF/role_mapping.yml`.
 
 `cache.ttl`::
 Specifies the time-to-live for cached user entries. A user and a hash of its 

x-pack/docs/en/security/auditing/output-logfile.asciidoc

@@ -47,7 +47,7 @@ audited in plain text when including the request body in audit events.
 
 [[logging-file]]
 You can also configure how the logfile is written in the `log4j2.properties`
-file located in `CONFIG_DIR`. By default, audit information is appended to the
+file located in `ES_PATH_CONF`. By default, audit information is appended to the
 `<clustername>_access.log` file located in the standard Elasticsearch `logs` directory
 (typically located at `$ES_HOME/logs`). The file rolls over on a daily basis.
 

x-pack/docs/en/security/authentication/configuring-file-realm.asciidoc

@@ -5,7 +5,7 @@
 You can manage and authenticate users with the built-in `file` internal realm. 
 All the data about the users for the `file` realm is stored in two files on each 
 node in the cluster: `users` and `users_roles`. Both files are located in 
-`CONFIG_DIR/` and are read on startup.
+`ES_PATH_CONF` and are read on startup.
 
 [IMPORTANT]
 ==============================
@@ -50,7 +50,7 @@ xpack:
 
 . Restart {es}.
 
-. Add user information to the `CONFIG_DIR/users` file on each node in the 
+. Add user information to the `ES_PATH_CONF/users` file on each node in the 
 cluster. 
 +
 --
@@ -76,7 +76,7 @@ IMPORTANT:  As the administrator of the cluster, it is your responsibility to
 
 --
 
-. Add role information to the `CONFIG_DIR/users_roles` file on each node 
+. Add role information to the `ES_PATH_CONF/users_roles` file on each node 
 in the cluster. 
 +
 --

x-pack/docs/en/security/authentication/configuring-ldap-realm.asciidoc

@@ -56,7 +56,7 @@ xpack:
           group_search:
             base_dn: "dc=example,dc=com"
           files:
-            role_mapping: "CONFIG_DIR/role_mapping.yml"
+            role_mapping: "ES_PATH_CONF/role_mapping.yml"
           unmapped_groups_as_roles: false
 ------------------------------------------------------------
 

x-pack/docs/en/security/authorization/managing-roles.asciidoc

@@ -137,7 +137,7 @@ see {ref}/security-api-roles.html[Role Management APIs].
 === File-based role management
 
 Apart from the _Role Management APIs_, roles can also be defined in local
-`roles.yml` file located in `CONFIG_DIR`. This is a YAML file where each
+`roles.yml` file located in `ES_PATH_CONF`. This is a YAML file where each
 role definition is keyed by its name.
 
 [IMPORTANT]

x-pack/docs/en/security/reference/files.asciidoc

@@ -1,23 +1,23 @@
 [[security-files]]
 === Security Files
 
-The {security} uses the following files:
+{security} uses the following files:
 
-* `CONFIG_DIR/roles.yml` defines the roles in use on the cluster
+* `ES_PATH_CONF/roles.yml` defines the roles in use on the cluster
   (read more <<roles-management-file, here>>).
 
-* `CONFIG_DIR/elasticsearch-users` defines the users and their hashed passwords for
+* `ES_PATH_CONF/elasticsearch-users` defines the users and their hashed passwords for
   the <<file-realm,`file` realm>>.
 
-* `CONFIG_DIR/elasticsearch-users_roles` defines the user roles assignment for the
+* `ES_PATH_CONF/elasticsearch-users_roles` defines the user roles assignment for the
   the <<file-realm, `file` realm>>.
 
-* `CONFIG_DIR/role_mapping.yml` defines the role assignments for a
+* `ES_PATH_CONF/role_mapping.yml` defines the role assignments for a
   Distinguished Name (DN) to a role. This allows for LDAP and Active Directory
   groups and users and PKI users to be mapped to roles (read more
   <<mapping-roles, here>>).
 
-* `CONFIG_DIR/log4j2.properties` contains audit information (read more
+* `ES_PATH_CONF/log4j2.properties` contains audit information (read more
   <<logging-file, here>>).
 
 [[security-files-location]]

x-pack/docs/en/security/securing-communications/tls-ad.asciidoc

@@ -37,7 +37,7 @@ xpack:
           domain_name: ad.example.com
           url: ldaps://ad.example.com:636
           ssl:
-            certificate_authorities: [ "CONFIG_DIR/cacert.pem" ]
+            certificate_authorities: [ "ES_PATH_CONF/cacert.pem" ]
 --------------------------------------------------
 
 The CA cert must be a PEM encoded certificate.

x-pack/docs/en/security/securing-communications/tls-ldap.asciidoc

@@ -29,7 +29,7 @@ xpack:
           order: 0
           url: "ldaps://ldap.example.com:636"
           ssl:
-            certificate_authorities: [ "CONFIG_DIR/cacert.pem" ]
+            certificate_authorities: [ "ES_PATH_CONF/cacert.pem" ]
 --------------------------------------------------
 
 The CA certificate must be a PEM encoded.

x-pack/docs/en/security/troubleshooting.asciidoc

@@ -101,7 +101,7 @@ The role definition might be missing or invalid.
 |======================
 
 To help track down these possibilities, add the following lines to the end of
-the `log4j2.properties` configuration file in the `CONFIG_DIR`:
+the `log4j2.properties` configuration file in the `ES_PATH_CONF`:
 
 [source,properties]
 ----------------