From 29c28fcb5e811703ef1a273bd850453a6fbb5a82 Mon Sep 17 00:00:00 2001
From: Josh Brower <josh@defensivedepth.com>
Date: Wed, 15 Jul 2020 19:06:36 -0400
Subject: [PATCH] Update README.md

---
 README.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index fea8247c5..e5f3f8b27 100644
--- a/README.md
+++ b/README.md
@@ -18,7 +18,8 @@ Security Onion 2.0.0 RC1 is here! This will require a fresh install but there is
 - Elastic ingest parsing improvements.
 - Elastic nodes are now "hot" by default. This will allow adding a warm node easier.
 - so-allow will now run at the end of an install so you can enable access right away.
-- Alert severities across Wazuh, Suricata and Playbook (Sigma) have been standardised and copied to `event.severity` (1-Low/2-Medium/3-High/4-Critical)
+- Alert severities across Wazuh, Suricata and Playbook (Sigma) have been standardised and copied to `event.severity`:
+  - 1-Low / 2-Medium / 3-High / 4-Critical
 - Initial implementation of alerting queues:
   - Low & Medium alerts are accessible through Kibana & SOC Hunt
   - High & Critical alerts are accessible through Kibana, SOC Hunt and sent to TheHive for immediate viewing