diff --git a/tools/config/helk.yml b/tools/config/helk.yml
index 6a52294c8..196f01dd7 100644
--- a/tools/config/helk.yml
+++ b/tools/config/helk.yml
@@ -48,11 +48,11 @@ fieldmappings:
     Destination:
         EventID=20: wmi_consumer_destination
     DestinationHostname: dst_host_name
-    DestinationIp: dst_ip
+    DestinationIp: dst_ip_addr
     DestinationIsIpv6: dst_is_ipv6
     DestinationPort: dst_port
     DestinationPortName: dst_port_name
-    Details: 
+    Details:
         EventID=13: registry_key_value
     Device: device_name
     EngineVersion: powershell.engine.version
@@ -130,7 +130,7 @@ fieldmappings:
     State:
         EventID=4: service_state
         EventID=16: sysmon_configuration_state
-    SubjectUserName: 
+    SubjectUserName:
         EventID=4624: user_reporter_name
         EventId=4648: user_name
         EventID=5140: user_name