Update rules/cross-platform/command_and_control_socks_fortigate_endpoint.toml

Co-authored-by: Mika Ayenson, PhD <[email protected]>

Author: Samirbous

rules/cross-platform/command_and_control_socks_fortigate_endpoint.toml

@@ -13,7 +13,7 @@ or act as an intermediary for network communications to a command and control se
 infrastructure.
 """
 from = "now-9m"
-index = ["logs-endpoint.events.network-default*", "logs-fortinet_fortigate.log-default-*"]
+index = ["logs-endpoint.events.network-*", "logs-fortinet_fortigate.log-*"]
 language = "eql"
 license = "Elastic License v2"
 name = "SOCKS Traffic from an Unusual Process"