diff --git a/rules/ml/ml_auth_spike_in_logon_events_from_a_source_ip.toml b/rules/ml/ml_auth_spike_in_logon_events_from_a_source_ip.toml
index bdca7a4bb..fe173f762 100644
--- a/rules/ml/ml_auth_spike_in_logon_events_from_a_source_ip.toml
+++ b/rules/ml/ml_auth_spike_in_logon_events_from_a_source_ip.toml
@@ -1,14 +1,14 @@
 [metadata]
 creation_date = "2021/06/10"
 maturity = "production"
-updated_date = "2021/06/10"
+updated_date = "2021/09/14"
 min_stack_version = "7.14.0"
 
 [rule]
 anomaly_threshold = 75
 author = ["Elastic"]
 description = """
-A machine learning job found an unusually large spike in successful authentication events events from a particular
+A machine learning job found an unusually large spike in successful authentication events from a particular
 source IP address. This can be due to password spraying, user enumeration or brute force activity.
 """
 false_positives = [