diff --git a/uncoder-core/app/translator/mappings/platforms/palo_alto_cortex/windows_application.yml b/uncoder-core/app/translator/mappings/platforms/palo_alto_cortex/windows_application.yml
index 472e12a4..71143f9c 100644
--- a/uncoder-core/app/translator/mappings/platforms/palo_alto_cortex/windows_application.yml
+++ b/uncoder-core/app/translator/mappings/platforms/palo_alto_cortex/windows_application.yml
@@ -2,7 +2,7 @@ platform: Palo Alto XSIAM
 source: windows_application
 
 default_log_source:
-  dataset: microsoft_windows_raw
+  preset: xdr_event_log
 
 field_mapping:
   EventID: action_evtlog_event_id
diff --git a/uncoder-core/app/translator/mappings/platforms/palo_alto_cortex/windows_powershell.yml b/uncoder-core/app/translator/mappings/platforms/palo_alto_cortex/windows_powershell.yml
index c328ba15..6af38835 100644
--- a/uncoder-core/app/translator/mappings/platforms/palo_alto_cortex/windows_powershell.yml
+++ b/uncoder-core/app/translator/mappings/platforms/palo_alto_cortex/windows_powershell.yml
@@ -3,7 +3,7 @@ source: windows_powershell
 
 
 default_log_source:
-  dataset: microsoft_windows_raw
+  preset: xdr_event_log
 
 field_mapping:
   EventID: action_evtlog_event_id
diff --git a/uncoder-core/app/translator/mappings/platforms/palo_alto_cortex/windows_security.yml b/uncoder-core/app/translator/mappings/platforms/palo_alto_cortex/windows_security.yml
index 6d53e6ea..a2abf004 100644
--- a/uncoder-core/app/translator/mappings/platforms/palo_alto_cortex/windows_security.yml
+++ b/uncoder-core/app/translator/mappings/platforms/palo_alto_cortex/windows_security.yml
@@ -2,7 +2,7 @@ platform: Palo Alto XSIAM
 source: windows_security
 
 default_log_source:
-  dataset: microsoft_windows_raw
+  preset: xdr_event_log
 
 field_mapping:
   EventID: action_evtlog_event_id
diff --git a/uncoder-core/app/translator/mappings/platforms/palo_alto_cortex/windows_sysmon.yml b/uncoder-core/app/translator/mappings/platforms/palo_alto_cortex/windows_sysmon.yml
index f6a5f7b9..d066d871 100644
--- a/uncoder-core/app/translator/mappings/platforms/palo_alto_cortex/windows_sysmon.yml
+++ b/uncoder-core/app/translator/mappings/platforms/palo_alto_cortex/windows_sysmon.yml
@@ -3,7 +3,7 @@ source: windows_sysmon
 
 
 default_log_source:
-  dataset: microsoft_windows_raw
+  preset: xdr_event_log
 
 field_mapping:
   EventID: action_evtlog_event_id
diff --git a/uncoder-core/app/translator/mappings/platforms/palo_alto_cortex/windows_system.yml b/uncoder-core/app/translator/mappings/platforms/palo_alto_cortex/windows_system.yml
index 0d24082e..d4bcb22a 100644
--- a/uncoder-core/app/translator/mappings/platforms/palo_alto_cortex/windows_system.yml
+++ b/uncoder-core/app/translator/mappings/platforms/palo_alto_cortex/windows_system.yml
@@ -2,7 +2,7 @@ platform: Palo Alto XSIAM
 source: windows_system
 
 default_log_source:
-  dataset: microsoft_windows_raw
+  preset: xdr_event_log
 
 field_mapping:
   EventID: action_evtlog_event_id