From 215cdf0f8f0e61b5bd046ae65e0c4857cd5313cc Mon Sep 17 00:00:00 2001
From: "Mika Ayenson, PhD" <Mikaayenson@users.noreply.github.com>
Date: Tue, 5 Aug 2025 15:48:10 -0500
Subject: [PATCH] [Rule Tuning] Elastic Security External Alerts (#4962)

---
 rules/promotions/elastic_security_external_alerts.toml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/rules/promotions/elastic_security_external_alerts.toml b/rules/promotions/elastic_security_external_alerts.toml
index c73bc3170..9312ad1dc 100644
--- a/rules/promotions/elastic_security_external_alerts.toml
+++ b/rules/promotions/elastic_security_external_alerts.toml
@@ -5,7 +5,7 @@ maturity = "production"
 promotion = true
 min_stack_version = "8.18.0"
 min_stack_comments = "Introduced support for Elastic Security alert promotion"
-updated_date = "2025/08/04"
+updated_date = "2025/08/05"
 
 [rule]
 author = ["Elastic"]
@@ -56,7 +56,7 @@ The Elastic Security integration facilitates transferring security alert data fr
 references = ["https://docs.elastic.co/en/integrations/elastic_security"]
 risk_score = 47
 rule_id = "720fc1aa-e195-4a1d-81d8-04edfe5313ed"
-rule_name_override = "rule.name"
+rule_name_override = "kibana.alert.rule.name"
 setup = """## Setup
 
 ### Elastic Security Alert Integration