diff --git a/tools/config/hawk.yml b/tools/config/hawk.yml
index b5c5d5840..4d81e1a27 100644
--- a/tools/config/hawk.yml
+++ b/tools/config/hawk.yml
@@ -896,12 +896,13 @@ fieldmappings:
   cs-User-Agent: http_user_agent
   r-dns: http_host
   id.orig_h: ip_src
-  id.orig_p: ip_src_port
+  id.orig_p: ip_sport
   id.resp_h: ip_dst
-  id.resp_p: ip_dst_port
+  id.resp_p: ip_dport
   host: ip_src
   hostname: ip_src_host
-  port_num: ip_dst_port
+  port_num: ip_dport
+  dst_port: ip_dport
   query: dns_query
   orig_ip_bytes: net_if_out_bytes
   resp_ip_bytes: net_if_in_bytes