diff --git a/_data/rules.yml b/_data/rules.yml
index 4d0d9f4c8..bf8ee7055 100644
--- a/_data/rules.yml
+++ b/_data/rules.yml
@@ -1135,12 +1135,12 @@ groups:
                 for: 10m       
               - name: Elasticsearch High Indexing Rate
                 description: "The indexing rate on Elasticsearch cluster is higher than the threshold."
-                query: "elasticsearch_indices_indexing_index_total > 100000"
+                query: "sum(rate(elasticsearch_indices_indexing_index_total[1m]))> 100000"
                 severity: warning
                 for: 5m     
               - name: Elasticsearch High Query Rate
                 description: "The query rate on Elasticsearch cluster is higher than the threshold."
-                query: "elasticsearch_indices_search_query_total > 100000"
+                query: "sum(rate(elasticsearch_indices_search_query_total[1m])) > 100000"
                 severity: warning
                 for: 5m
               - name: Elasticsearch High Query Latency