Merge pull request #286359 from batamig/patch-442

Update connect-common-event-format.md

Author: prmerger-automator[bot]

articles/sentinel/connect-common-event-format.md

@@ -119,10 +119,10 @@ If you're not seeing any data, see the [CEF troubleshooting](./troubleshooting-c
 
 By default, the Log Analytics agent populates the *TimeGenerated* field in the schema with the time the agent received the event from the Syslog daemon. As a result, the time at which the event was generated on the source system is not recorded in Microsoft Sentinel.
 
-You can, however, run the following command, which will download and run the `TimeGenerated.py` script. This script configures the Log Analytics agent to populate the *TimeGenerated* field with the event's original time on its source system, instead of the time it was received by the agent.
+You can, however, run the following command, which will download and run the `TimeGenerated.py` script. This script configures the Log Analytics agent to populate the *TimeGenerated* field with the event's original time on its source system, instead of the time it was received by the agent. In the following command, replace `{WORKSPACE_ID}` with your own workspace ID.
 
 ```bash
-wget -O TimeGenerated.py https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/DataConnectors/CEF/TimeGenerated.py && python TimeGenerated.py {ws_id}
+wget -O TimeGenerated.py https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/DataConnectors/CEF/TimeGenerated.py && python TimeGenerated.py {WORKSPACE_ID}
 ```
 
 ## Next steps