Enable Threat Monitoring page by default

This enables the Threat Monitoring feature by default (and can be
disabled by explicitly disabling the `threat_monitoring` feature flag).

This also adds some basic documentation for Threat Monitoring.

Part of [WAF statistics reporting][1].

[1]: https://gitlab.com/gitlab-org/gitlab/issues/14707

doc/user/clusters/applications.md

@@ -297,6 +297,25 @@ Ingress with the recent changes.
 
 ![Disabling WAF](../../topics/web_application_firewall/img/guide_waf_ingress_save_changes_v12_9.png)
 
+##### Viewing Web Application Firewall traffic
+
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/14707) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.9.
+
+You can view Web Application Firewall traffic by navigating to your project's
+**Security & Compliance > Threat Monitoring** page.
+
+From there, you can see tracked over time:
+
+- The total amount of traffic to your application.
+- The proportion of traffic that is considered anomalous by the Web Application
+  Firewall's default [OWASP ruleset](https://www.modsecurity.org/CRS/Documentation/).
+
+If a significant percentage of traffic is anomalous, it should be investigated
+for potential threats, which can be done by
+[examining the application logs](#web-application-firewall-modsecurity).
+
+![Threat Monitoring](img/threat_monitoring_v12_9.png)
+
 ### JupyterHub
 
 > - Introduced in GitLab 11.0 for project-level clusters.

ee/app/policies/ee/project_policy.rb

@@ -106,7 +106,7 @@ module EE
 
       with_scope :subject
       condition(:threat_monitoring_enabled) do
-        @subject.beta_feature_available?(:threat_monitoring)
+        @subject.feature_available?(:threat_monitoring)
       end
 
       with_scope :subject

ee/changelogs/unreleased/14707-threat-monitoring-docs-ee.yml

+---
+title: Add Threat Monitoring page
+merge_request: 22911
+author:
+type: added