Update multiple_alerts_from_different_modules_by_dstip.toml

Samirbous · web-flow · commit 63b3ca2098f8 · 2025-12-17T22:54:50.000Z
diff --git a/rules/cross-platform/multiple_alerts_from_different_modules_by_dstip.toml b/rules/cross-platform/multiple_alerts_from_different_modules_by_dstip.toml
@@ -6,9 +6,9 @@ updated_date = "2025/12/15"
 [rule]
 author = ["Elastic"]
 description = """
-This rule uses alert data to determine when multiple alerts from different integrations with unique event categories and
-involving the same destination.ip are triggered. Analysts can use this to prioritize triage and response, as these IP address
-is more likely to be related to a compromise.
+This rule uses alert data to determine when multiple alerts from different integrations with unique event categories and involving 
+the same destination.ip are triggered. Analysts can use this to prioritize triage and response, as these IP address is more likely 
+to be related to a compromise.
 """
 from = "now-60m"
 interval = "30m"
