diff --git a/docs/sources.md b/docs/sources.md index 3a1d72f..5b912bc 100644 --- a/docs/sources.md +++ b/docs/sources.md @@ -61,7 +61,7 @@ MSG Parse: This filter parses message content Use the following search to validate events are present ``` -index= sourcetype=cisco:asa +index= sourcetype=cp_log ``` Verify timestamp, and host values match as expected