diff --git a/rules/linux/auditd/lnx_auditd_keylogging_with_pam_d.yml b/rules/linux/auditd/lnx_auditd_keylogging_with_pam_d.yml
index b053d302a..0af760ef4 100644
--- a/rules/linux/auditd/lnx_auditd_keylogging_with_pam_d.yml
+++ b/rules/linux/auditd/lnx_auditd_keylogging_with_pam_d.yml
@@ -1,5 +1,5 @@
 title: Linux Keylogging with Pam.d
-id: 
+id: 49aae26c-450e-448b-911d-b3c13d178dfc
 description: Detect attempt to enable auditing of TTY input
     # -w /etc/pam.d/ -p wa -k pam - this rule will help you detect changes to the pam.d files-  https://github.com/Neo23x0/auditd/blob/master/audit.rules 
     # - the TTY events detection asumes that you do not expect them in your environment or add filtering on those users that you configured it for