diff --git a/rules/integrations/google_workspace/google_workspace_alert_center_promotion.toml b/rules/integrations/google_workspace/google_workspace_alert_center_promotion.toml
index e35ab4594d8..c7115cd3961 100644
--- a/rules/integrations/google_workspace/google_workspace_alert_center_promotion.toml
+++ b/rules/integrations/google_workspace/google_workspace_alert_center_promotion.toml
@@ -3,7 +3,7 @@ creation_date = "2023/01/15"
 integration = ["google_workspace"]
 maturity = "production"
 promotion = true
-updated_date = "2026/04/10"
+updated_date = "2026/05/19"
 
 [rule]
 author = ["Elastic"]
@@ -14,13 +14,13 @@ of a potential security issue that Google has detected.
 """
 false_positives = [
     """
-    To tune this rule, add exceptions to exclude any google_workspace.alert.type which should not trigger this rule.
+    To tune this rule, add exceptions to exclude any google_workspace.alert.type or rule.name which should not trigger this rule.
     """,
     "For additional tuning, severity exceptions for google_workspace.alert.metadata.severity can be added.",
 ]
 from = "now-130m"
-index = ["filebeat-*", "logs-google_workspace*"]
-interval = "10m"
+index = ["logs-google_workspace.alert-*"]
+interval = "5m"
 language = "kuery"
 license = "Elastic License v2"
 name = "Forwarded Google Workspace Security Alert"