Update command_and_control_suricata_elastic_defend_c2.toml

Author: Samirbous

rules/cross-platform/command_and_control_suricata_elastic_defend_c2.toml

@@ -11,13 +11,13 @@ This detection correlates Suricata alerts and events with Elastic Defend network
 performing the network activity.
 """
 from = "now-9m"
-index = ["logs-endpoint.events.network-*", "logs-panw.panos-*"]
+index = ["logs-endpoint.events.network-*", "filebeat-*"]
 language = "eql"
 license = "Elastic License v2"
 name = "Suricata and Elastic Defend Network Correlation"
 references = [
     "https://attack.mitre.org/tactics/TA0011/",
-    "https://www.elastic.co/docs/reference/integrations/panw",
+    "https://www.elastic.co/docs/reference/integrations/suricata",
     "https://www.elastic.co/docs/reference/integrations/endpoint"
 ]
 risk_score = 47