diff --git a/src/detections/print.rs b/src/detections/print.rs
index ef0ada71..d74875d7 100644
--- a/src/detections/print.rs
+++ b/src/detections/print.rs
@@ -742,8 +742,8 @@ mod tests {
     #[test]
     fn _get_default_defails() {
         let expected: HashMap<String, String> = HashMap::from([
-            ("Microsoft-Windows-PowerShell/Operational_4104".to_string(),"%ScriptBlockText%".to_string()),("Microsoft-Windows-Security-Auditing_4624".to_string(), "User: %TargetUserName% | Comp: %WorkstationName% | IP Addr: %IpAddress% | LID: %TargetLogonId% | Process: %ProcessName%".to_string()),
-            ("Microsoft-Windows-Sysmon/Operational_1".to_string(), "Cmd: %CommandLine% | Process: %Image% | User: %User% | Parent Cmd: %ParentCommandLine% | LID: %LogonId% | PID: %ProcessId% | PGUID: %ProcessGuid%".to_string()),
+            ("Microsoft-Windows-PowerShell_4104".to_string(),"%ScriptBlockText%".to_string()),("Microsoft-Windows-Security-Auditing_4624".to_string(), "User: %TargetUserName% | Comp: %WorkstationName% | IP Addr: %IpAddress% | LID: %TargetLogonId% | Process: %ProcessName%".to_string()),
+            ("Microsoft-Windows-Sysmon_1".to_string(), "Cmd: %CommandLine% | Process: %Image% | User: %User% | Parent Cmd: %ParentCommandLine% | LID: %LogonId% | PID: %ProcessId% | PGUID: %ProcessGuid%".to_string()),
             ("Service Control Manager_7031".to_string(), "Svc: %param1% | Crash Count: %param2% | Action: %param5%".to_string()),
         ]);
         let actual = Message::get_default_details("test_files/config/default_details.txt");
diff --git a/test_files/config/default_details.txt b/test_files/config/default_details.txt
index 3c3e77cd..bfa80b65 100644
--- a/test_files/config/default_details.txt
+++ b/test_files/config/default_details.txt
@@ -1,5 +1,5 @@
 Provider, EID, Details
-Microsoft-Windows-PowerShell/Operational, 4104, %ScriptBlockText%
+Microsoft-Windows-PowerShell, 4104, %ScriptBlockText%
 Microsoft-Windows-Security-Auditing, 4624, User: %TargetUserName% | Comp: %WorkstationName% | IP Addr: %IpAddress% | LID: %TargetLogonId% | Process: %ProcessName%
-Microsoft-Windows-Sysmon/Operational, 1, Cmd: %CommandLine% | Process: %Image% | User: %User% | Parent Cmd: %ParentCommandLine% | LID: %LogonId% | PID: %ProcessId% | PGUID: %ProcessGuid%
+Microsoft-Windows-Sysmon, 1, Cmd: %CommandLine% | Process: %Image% | User: %User% | Parent Cmd: %ParentCommandLine% | LID: %LogonId% | PID: %ProcessId% | PGUID: %ProcessGuid%
 Service Control Manager, 7031, Svc: %param1% | Crash Count: %param2% | Action: %param5%
\ No newline at end of file