diff --git a/CHANGELOG.md b/CHANGELOG.md
index f389f1330..78614e3ec 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -17,6 +17,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 - [#947](https://github.com/XenitAB/terraform-modules/pull/947) Bump git-auth-proxy to v0.8.2.
 - [#946](https://github.com/XenitAB/terraform-modules/pull/946) [Breaking] Enable configuration for private and public ingress controllers.
 - [#949](https://github.com/XenitAB/terraform-modules/pull/949) Update audit log alert criteria.
+- [#954](https://github.com/XenitAB/terraform-modules/pull/954) Make audit log alert have bigger window_size and frequency.
 
 ## 2023.02.3
 
diff --git a/modules/azure/core/log.tf b/modules/azure/core/log.tf
index eb34156dd..b417651e8 100644
--- a/modules/azure/core/log.tf
+++ b/modules/azure/core/log.tf
@@ -41,7 +41,8 @@ resource "azurerm_monitor_metric_alert" "log" {
   resource_group_name = data.azurerm_resource_group.log.name
   scopes              = [azurerm_storage_account.log.id]
   description         = "No data being written to the storage account, check the AKS audit logs"
-  frequency           = "PT5M"
+  frequency           = "PT15M"
+  window_size         = "PT1H"
 
   criteria {
     aggregation            = "Average"
@@ -55,5 +56,5 @@ resource "azurerm_monitor_metric_alert" "log" {
   action {
     action_group_id = azurerm_monitor_action_group.this["alerts"].id
   }
-  severity = 1
+  severity = 2
 }