From ff3f66cacf192c8261f5f7e4330bfce5dec12c03 Mon Sep 17 00:00:00 2001
From: Jonhnathan <26856693+w0rk3r@users.noreply.github.com>
Date: Fri, 2 Aug 2024 13:36:11 -0300
Subject: [PATCH] [Rule Tuning] AWS S3 Object Versioning Suspended (#3953)

---
 .../integrations/aws/impact_s3_object_versioning_disabled.toml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/rules/integrations/aws/impact_s3_object_versioning_disabled.toml b/rules/integrations/aws/impact_s3_object_versioning_disabled.toml
index fa4a60320..3e5550fa6 100644
--- a/rules/integrations/aws/impact_s3_object_versioning_disabled.toml
+++ b/rules/integrations/aws/impact_s3_object_versioning_disabled.toml
@@ -2,7 +2,7 @@
 creation_date = "2024/07/12"
 integration = ["aws"]
 maturity = "production"
-updated_date = "2024/07/12"
+updated_date = "2024/08/02"
 
 [rule]
 author = ["Elastic"]
@@ -15,6 +15,7 @@ false_positives = [
     """,
 ]
 from = "now-6m"
+index = ["filebeat-*", "logs-aws.cloudtrail-*"]
 language = "eql"
 license = "Elastic License v2"
 name = "AWS S3 Object Versioning Suspended"