diff --git a/.yamllint b/.yamllint
index 2de34c440..d1641eedc 100644
--- a/.yamllint
+++ b/.yamllint
@@ -1,4 +1,12 @@
 ---
 # https://yamllint.readthedocs.io/en/latest/configuration.html
+extends: default
 rules:
+  comments: disable
+  comments-indentation: disable
   document-start: disable
+  empty-lines: {max: 2, max-start: 2, max-end: 2}
+  indentation: disable
+  line-length: disable
+  new-line-at-end-of-file: disable
+  trailing-spaces: disable
diff --git a/rules/windows/builtin/win_susp_commands_recon_activity.yml b/rules/windows/builtin/win_susp_commands_recon_activity.yml
index c1710d867..3710465fd 100644
--- a/rules/windows/builtin/win_susp_commands_recon_activity.yml
+++ b/rules/windows/builtin/win_susp_commands_recon_activity.yml
@@ -7,7 +7,7 @@ references:
     - https://twitter.com/haroonmeer/status/939099379834658817
     - https://twitter.com/c_APT_ure/status/939475433711722497
     - https://www.fireeye.com/blog/threat-research/2016/05/targeted_attacksaga.html
-author:  Florian Roth, Markus Neis
+author: Florian Roth, Markus Neis
 date: 2018/08/22
 modified: 2018/12/11
 tags:
diff --git a/tools/config/arcsight.yml b/tools/config/arcsight.yml
index 7e6a15fff..d66a227f8 100644
--- a/tools/config/arcsight.yml
+++ b/tools/config/arcsight.yml
@@ -85,7 +85,7 @@ logsources:
     conditions:
       deviceProduct: Apache
       categoryDeviceGroup: /Application
-    firewall:
+  firewall:
     product: firewall
     conditions:
       categoryDeviceGroup: /Firewall