diff --git a/docs/security/threat-intelligence/upload-formats.md b/docs/security/threat-intelligence/upload-formats.md
index f8c6b39817..b8acc0221a 100644
--- a/docs/security/threat-intelligence/upload-formats.md
+++ b/docs/security/threat-intelligence/upload-formats.md
@@ -77,7 +77,13 @@ The following attributes are required:
          * `domain-name`. Domain name. (Entity type in Cloud SIEM is `_domain`.)
          * `email-addr`. Email address. (Entity type in Cloud SIEM is `_email`.)
          * `file`. File name. (Entity type in Cloud SIEM is `_file`.)
-         * `file:hashes`. File hash. (Entity type in Cloud SIEM is `_hash`.)<br/>If you want to add the hash algorithm, enter `file:hashes.<HASH-TYPE>`. For example, `[file:hashes.MD5 = '5d41402abc4b2a76b9719d911017c592']` or `[file:hashes.'SHA-256' = '50d858e0985ecc7f60418aaf0cc5ab587f42c2570a884095a9e8ccacd0f6545c']`.
+         * `file:hashes.'<HASH-TYPE>'`. File hash. (Entity type in Cloud SIEM is `_hash`.) Examples:
+            * `file:hashes.'MD-5'`
+            * `file:hashes.'SHA-1'`
+            * `file:hashes.'SHA-2'`
+            * `file:hashes.'SHA-3'`
+            * `file:hashes.'SHA-256'`
+            * `file:hashes.'SHA-512'`. <br/>If you want to add the hash algorithm, enter it with `=`. For example, `[file:hashes.'MD5' = '5d41402abc4b2a76b9719d911017c592']` or `[file:hashes.'SHA-256' = '50d858e0985ecc7f60418aaf0cc5ab587f42c2570a884095a9e8ccacd0f6545c']`.
          * `ipv4-addr`. IPv4 IP address. (Entity type in Cloud SIEM is `_ip`.)
          * `ipv6-addr`. IPv6 IP address. (Entity type in Cloud SIEM is `_ip`.)
          * `mac-addr`. Mac address name. (Entity type in Cloud SIEM is `_mac`.)
@@ -137,7 +143,13 @@ Columns for the following attributes are required in the upload file:
          * `domain-name`. Domain name. (Entity type in Cloud SIEM is `_domain`.)
          * `email-addr`. Email address. (Entity type in Cloud SIEM is `_email`.)
          * `file`. File name. (Entity type in Cloud SIEM is `_file`.)
-         * `file:hashes`. File hash. (Entity type in Cloud SIEM is `_hash`.)<br/>If you want to add the hash algorithm, enter `file:hashes.<HASH-TYPE>`. For example, `[file:hashes.MD5 = '5d41402abc4b2a76b9719d911017c592']` or `[file:hashes.'SHA-256' = '50d858e0985ecc7f60418aaf0cc5ab587f42c2570a884095a9e8ccacd0f6545c']`.
+         * `file:hashes.'<HASH-TYPE>'`. File hash. (Entity type in Cloud SIEM is `_hash`.) Examples:
+            * `file:hashes.'MD-5'`
+            * `file:hashes.'SHA-1'`
+            * `file:hashes.'SHA-2'`
+            * `file:hashes.'SHA-3'`
+            * `file:hashes.'SHA-256'`
+            * `file:hashes.'SHA-512'`. <br/>If you want to add the hash algorithm, enter it with `=`. For example, `[file:hashes.'MD5' = '5d41402abc4b2a76b9719d911017c592']` or `[file:hashes.'SHA-256' = '50d858e0985ecc7f60418aaf0cc5ab587f42c2570a884095a9e8ccacd0f6545c']`.
          * `ipv4-addr`. IPv4 IP address. (Entity type in Cloud SIEM is `_ip`.)
          * `ipv6-addr`. IPv6 IP address. (Entity type in Cloud SIEM is `_ip`.)
          * `mac-addr`. Mac address name. (Entity type in Cloud SIEM is `_mac`.)
@@ -269,7 +281,13 @@ The following attributes are required:
        * **pattern** (string). The pattern of this indicator (as defined by [pattern in STIX 2.1](https://docs.oasis-open.org/cti/stix/v2.1/os/stix-v2.1-os.html#_me3pzm77qfnf)). Following are valid values:
          * `domain-name`. Domain name. (Entity type in Cloud SIEM is `_domain`.)
          * `email-addr`. Email address. (Entity type in Cloud SIEM is `_email`.)
-         * `file:hashes`. File hash. (Entity type in Cloud SIEM is `_hash`.)<br/>If you want to add the hash algorithm, enter `file:hashes.<HASH-TYPE>`. For example, `[file:hashes.MD5 = '5d41402abc4b2a76b9719d911017c592']` or `[file:hashes.'SHA-256' = '50d858e0985ecc7f60418aaf0cc5ab587f42c2570a884095a9e8ccacd0f6545c']`.
+         * `file:hashes.'<HASH-TYPE>'`. File hash. (Entity type in Cloud SIEM is `_hash`.) Examples:
+            * `file:hashes.'MD-5'`
+            * `file:hashes.'SHA-1'`
+            * `file:hashes.'SHA-2'`
+            * `file:hashes.'SHA-3'`
+            * `file:hashes.'SHA-256'`
+            * `file:hashes.'SHA-512'`. <br/>If you want to add the hash algorithm, enter it with `=`. For example, `[file:hashes.'MD5' = '5d41402abc4b2a76b9719d911017c592']` or `[file:hashes.'SHA-256' = '50d858e0985ecc7f60418aaf0cc5ab587f42c2570a884095a9e8ccacd0f6545c']`.
          * `file`. File name. (Entity type in Cloud SIEM is `_file`.)
          * `ipv4-addr`. IPv4 IP address. (Entity type in Cloud SIEM is `_ip`.)
          * `ipv6-addr`. IPv6 IP address. (Entity type in Cloud SIEM is `_ip`.)