From 63aa854b4a9711d9a8d4c7908bb15ece09d0b709 Mon Sep 17 00:00:00 2001
From: MehaSal <87989881+MehaSal@users.noreply.github.com>
Date: Fri, 8 Mar 2024 13:56:07 -0600
Subject: [PATCH] Fix wef_audit_windows.events.conf

---
 config/processors/wef_audit_windows.events.conf | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/config/processors/wef_audit_windows.events.conf b/config/processors/wef_audit_windows.events.conf
index 75262cfb..b09f2903 100644
--- a/config/processors/wef_audit_windows.events.conf
+++ b/config/processors/wef_audit_windows.events.conf
@@ -32,9 +32,9 @@ filter {
     rename => {"[winlog][event_data][OriginalFileName]" => "[file][path]"}
     rename => {"[winlog][event_data][Path]" => "[file][path]"}
     rename => {"[winlog][event_data][ShareLocalPath]" => "[file][target_path]"}
-    rename => {"[winlog][event_data][ShareName]" => "[file][sharename]"
-    rename => {"[winlog][event_data][NewSD]" => "[file][new_acl]"
-    rename => {"[winlog][event_data][OldSD]" => "[file][old_acl]"
+    rename => {"[winlog][event_data][ShareName]" => "[file][sharename]"}
+    rename => {"[winlog][event_data][NewSD]" => "[file][new_acl]"}
+    rename => {"[winlog][event_data][OldSD]" => "[file][old_acl]"}
     rename => {"[winlog][event_data][ObjectName]" => "[file][path]"}
     rename => { "[winlog][event_data][ServiceFileName]" => "[file][path]" }
     # Process fields