From 31202bf4f65bae9f6acf47b19f2dc1e4a84b3228 Mon Sep 17 00:00:00 2001
From: Justin Ibarra <brokensound77@users.noreply.github.com>
Date: Tue, 14 Sep 2021 08:37:01 -0800
Subject: [PATCH] [Rule tuning] Fix typo in ML rule descriptions (#1484)

(cherry picked from commit 51a2bc815b96e64fb43a97080627a57a73a1699d)
---
 rules/ml/ml_auth_spike_in_logon_events_from_a_source_ip.toml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/rules/ml/ml_auth_spike_in_logon_events_from_a_source_ip.toml b/rules/ml/ml_auth_spike_in_logon_events_from_a_source_ip.toml
index bdca7a4bb..fe173f762 100644
--- a/rules/ml/ml_auth_spike_in_logon_events_from_a_source_ip.toml
+++ b/rules/ml/ml_auth_spike_in_logon_events_from_a_source_ip.toml
@@ -1,14 +1,14 @@
 [metadata]
 creation_date = "2021/06/10"
 maturity = "production"
-updated_date = "2021/06/10"
+updated_date = "2021/09/14"
 min_stack_version = "7.14.0"
 
 [rule]
 anomaly_threshold = 75
 author = ["Elastic"]
 description = """
-A machine learning job found an unusually large spike in successful authentication events events from a particular
+A machine learning job found an unusually large spike in successful authentication events from a particular
 source IP address. This can be due to password spraying, user enumeration or brute force activity.
 """
 false_positives = [