diff --git a/.github/workflows/rule-parse-error-check.yaml b/.github/workflows/rule-parse-error-check.yaml
new file mode 100644
index 000000000..fa565a266
--- /dev/null
+++ b/.github/workflows/rule-parse-error-check.yaml
@@ -0,0 +1,34 @@
+name: Rule parse error check
+
+on:
+  pull_request:
+    types: opened
+
+jobs:
+  rule-check:
+    runs-on: ubuntu-latest
+    steps:
+      - name: clone hayabusa rule repo
+        uses: actions/checkout@v3
+        with:
+          path: hayabusa-rules
+
+      - name: clone hayabusa
+        uses: actions/checkout@v3
+        with:
+          repository: Yamato-Security/hayabusa
+          submodules: recursive
+          path: hayabusa
+
+      - name: clone hayabusa-sample-evtx
+        uses: actions/checkout@v3
+        with:
+          repository: Yamato-Security/hayabusa-sample-evtx
+          path: hayabusa-sample-evtx
+
+      - name: Set up Rust toolchain
+        if: ${{ steps.skip_check.outputs.should_skip != 'true' }}
+        uses: dtolnay/rust-toolchain@stable
+
+      - name: run csv-timeline
+        run: cd hayabusa && cargo run --release -- csv-timeline -d ../hayabusa-sample-evtx -r ../hayabusa-rules -w -o timeline.csv  | grep "Rule parsing error" | wc -l | grep 0
\ No newline at end of file
diff --git a/hayabusa/builtin/BitsClient_Op/BitsCli_59_Info_BitsJobCreated.yml b/hayabusa/builtin/BitsClient_Op/BitsCli_59_Info_BitsJobCreated.yml
index aba4af409..5c2fa9387 100644
--- a/hayabusa/builtin/BitsClient_Op/BitsCli_59_Info_BitsJobCreated.yml
+++ b/hayabusa/builtin/BitsClient_Op/BitsCli_59_Info_BitsJobCreated.yml
@@ -16,7 +16,7 @@ detection:
     selection:
         Channel: Microsoft-Windows-Bits-Client/Operational
         EventID: 59
-    condition: selection
+    condition: selection broken 2
 falsepositives:
     - normal system usage
 tags: