diff --git a/rules/windows/builtin/win_usb_device_plugged.yml b/rules/windows/builtin/win_usb_device_plugged.yml
index 95ef20e3d..cf9013bb7 100644
--- a/rules/windows/builtin/win_usb_device_plugged.yml
+++ b/rules/windows/builtin/win_usb_device_plugged.yml
@@ -11,7 +11,7 @@ modified: 2021/11/30
 logsource:
   product: windows
   service: driver-framework
-  definition: mapping Provider_Name: 'Microsoft-Windows-DriverFrameworks-UserMode/Operational'
+  definition: mapping Provider_Name 'Microsoft-Windows-DriverFrameworks-UserMode/Operational'
 detection:
   selection:
     EventID: