From 7435ac39d2d69c8c32ee1e2eb84e3609a29d212f Mon Sep 17 00:00:00 2001
From: Karl Godard <karl.godard@elastic.co>
Date: Mon, 1 May 2023 21:05:24 -0700
Subject: [PATCH] [Rule Tuning] added rule name override for cloud_defend
 integration rule (#2767)

---
 .../cloud_defend/container_workload_protection.toml            | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/rules/integrations/cloud_defend/container_workload_protection.toml b/rules/integrations/cloud_defend/container_workload_protection.toml
index e6eeca023..5dfb9226c 100644
--- a/rules/integrations/cloud_defend/container_workload_protection.toml
+++ b/rules/integrations/cloud_defend/container_workload_protection.toml
@@ -4,7 +4,7 @@ integration = ["cloud_defend"]
 maturity = "production"
 min_stack_comments = "Initial version of the Container Workload Protection alerts"
 min_stack_version = "8.8.0"
-updated_date = "2023/04/05"
+updated_date = "2023/04/27"
 
 [rule]
 author = ["Elastic"]
@@ -21,6 +21,7 @@ max_signals = 10000
 name = "Container Workload Protection"
 risk_score = 47
 rule_id = "4b4e9c99-27ea-4621-95c8-82341bc6e512"
+rule_name_override = "message"
 severity = "medium"
 tags = ["Elastic", "Container Workload Protection", "Kubernetes"]
 timestamp_override = "event.ingested"