diff --git a/rules/web/web_cve_2021_40539_manageengine_adselfservice_exploit.yml b/rules/web/web_cve_2021_40539_manageengine_adselfservice_exploit.yml
index 1f049dbf4..a0ff44c94 100644
--- a/rules/web/web_cve_2021_40539_manageengine_adselfservice_exploit.yml
+++ b/rules/web/web_cve_2021_40539_manageengine_adselfservice_exploit.yml
@@ -11,6 +11,7 @@ tags:
     - attack.initial_access
     - attack.t1190
 logsource:
+    product: zoho_manageengine
     category: webserver
     definition: 'Must be collect log from \ManageEngine\ADSelfService Plus\logs'
 detection: