diff --git a/tools/config/generic/sysmon.yml b/tools/config/generic/sysmon.yml
index ab9d94d8d..63eab0c16 100644
--- a/tools/config/generic/sysmon.yml
+++ b/tools/config/generic/sysmon.yml
@@ -4,3 +4,6 @@ logsources:
         product: windows
         conditions:
             EventID: 1
+        rewrite:
+            category: null
+            service: sysmon