diff --git a/x-pack/plugins/security_solution/public/detection_engine/rule_creation_ui/components/step_define_rule/schema.tsx b/x-pack/plugins/security_solution/public/detection_engine/rule_creation_ui/components/step_define_rule/schema.tsx
index bdf14f4b6fd4a7..5c8d8d89c46d0d 100644
--- a/x-pack/plugins/security_solution/public/detection_engine/rule_creation_ui/components/step_define_rule/schema.tsx
+++ b/x-pack/plugins/security_solution/public/detection_engine/rule_creation_ui/components/step_define_rule/schema.tsx
@@ -643,6 +643,35 @@ export const schema: FormSchema<DefineStepRule> = {
         defaultMessage: "New terms rules only alert if terms don't appear in historical data.",
       }
     ),
+    validations: [
+      {
+        validator: (
+          ...args: Parameters<ValidationFunc>
+        ): ReturnType<ValidationFunc<{}, ERROR_CODE>> | undefined => {
+          const [{ path, formData }] = args;
+          const needsValidation = isNewTermsRule(formData.ruleType);
+
+          if (!needsValidation) {
+            return;
+          }
+
+          const filterTimeVal = formData.historyWindowSize.match(/\d+/g);
+
+          if (filterTimeVal <= 0) {
+            return {
+              code: 'ERR_MIN_LENGTH',
+              path,
+              message: i18n.translate(
+                'xpack.securitySolution.detectionEngine.validations.stepDefineRule.historyWindowSize.errMin',
+                {
+                  defaultMessage: 'History window size must be greater than 0.',
+                }
+              ),
+            };
+          }
+        },
+      },
+    ],
   },
   groupByFields: {
     type: FIELD_TYPES.COMBO_BOX,