diff --git a/detection_rules/etc/non-ecs-schema.json b/detection_rules/etc/non-ecs-schema.json
index db6b7f23d..c3980bf32 100644
--- a/detection_rules/etc/non-ecs-schema.json
+++ b/detection_rules/etc/non-ecs-schema.json
@@ -33,16 +33,17 @@
         "ShareName": "keyword",
         "SubjectLogonId": "keyword",
         "SubjectUserName": "keyword", 
-	"TargetUserName": "keyword",
+        "TargetUserName": "keyword",
         "TargetImage": "keyword",
         "TargetLogonId": "keyword",
         "TargetProcessGUID": "keyword",
         "TargetSid": "keyword", 
-	"PrivilegeList": "keyword", 
-	"AuthenticationPackageName" : "keyword", 
-	"TargetUserSid" : "keyword", 
-	"DnsHostName" : "keyword",
-	"winlog.event_data.Status": "keyword"
+        "PrivilegeList": "keyword", 
+        "AuthenticationPackageName" : "keyword", 
+        "TargetUserSid" : "keyword", 
+        "DnsHostName" : "keyword", 
+        "TaskName": "keyword", 
+        "Status": "keyword"
       }
     },
     "winlog.logon.type": "keyword",