diff --git a/tools/config/splunk-windows.yml b/tools/config/splunk-windows.yml
index 584fdfbf4..06b0c7306 100644
--- a/tools/config/splunk-windows.yml
+++ b/tools/config/splunk-windows.yml
@@ -32,7 +32,7 @@ logsources:
     # Optimized search for process creation, being dramatically faster in Lispy than just EventCode=1 search, as 'ParentProcessGuid' is more unique than '1' in the raw data.
     # This also supports custom splunk macros, just like they are written in splunk (i.e. as `macro`), minding that it has to be written inside the string quotes here.
     search: 'ParentProcessGuid EventCode=1'
-  windows-process-creation:
+  windows-file-creation:
     product: windows
     service: sysmon
     category: file_creation