From 482eb4ab77e91672f23a80c416fa24c54c5887ce Mon Sep 17 00:00:00 2001
From: v-jayakal <v-jayakal@microsoft.com>
Date: Mon, 28 Jun 2021 15:54:21 -0700
Subject: [PATCH] Update McAfeeNSPEvent.txt

---
 .../McAfee Network Security Platform/Parsers/McAfeeNSPEvent.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Solutions/McAfee Network Security Platform/Parsers/McAfeeNSPEvent.txt b/Solutions/McAfee Network Security Platform/Parsers/McAfeeNSPEvent.txt
index 8ba6f263f3..5b0f6ad8cf 100644
--- a/Solutions/McAfee Network Security Platform/Parsers/McAfeeNSPEvent.txt	
+++ b/Solutions/McAfee Network Security Platform/Parsers/McAfeeNSPEvent.txt	
@@ -3,7 +3,7 @@
 // Function usually takes 10-15 minutes to activate. You can then use function alias from any other queries (e.g. McAfeeNSPEvent | take 10).
 // Reference : Using functions in Azure monitor log queries : https://docs.microsoft.com/azure/azure-monitor/log-query/functions
 Syslog
-| where ProcessName == "SyslogAlertForwarderNSPTest"
+| where ProcessName == "SyslogAlertForwarderNSP"
 | extend EventVendor = 'McAfee'
 | extend EventProduct = 'Network Security Manager'
 | extend EventData = split(SyslogMessage, "|")