diff --git a/rules/windows/registry_event/sysmon_dns_over_https_enabled.yml b/rules/windows/registry_event/sysmon_dns_over_https_enabled.yml
index 777261b3e..feb47971c 100644
--- a/rules/windows/registry_event/sysmon_dns_over_https_enabled.yml
+++ b/rules/windows/registry_event/sysmon_dns_over_https_enabled.yml
@@ -17,11 +17,11 @@ detection:
     selection1:
         TargetObject:
             - 'HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge\BuiltInDnsClientEnabled'
-		Details: 'DWORD (1)'
+	Details: 'DWORD (1)'
     selection2:
         TargetObject:
             - 'HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\DnsOverHttpsMode'
-		Details: 'DWORD (secure)'
+	Details: 'DWORD (secure)'
     condition: selection1 or selection2
 falsepositives:
 - "Unlikely"