demisto · eepstain · Feb 20, 2023 · Feb 19, 2023 · Feb 19, 2023 · Feb 19, 2023
diff --git a/Packs/FireEyeNX/ModelingRules/FireEyeNX/FireEyeNX.xif b/Packs/FireEyeNX/ModelingRules/FireEyeNX/FireEyeNX.xif
@@ -1,4 +1,4 @@
-[MODEL: dataset=fireeye_mps_raw, model=Network] 
+[MODEL:model="Network", dataset="fireeye_mps_raw"] 
 alter XDM.Network.event_timestamp = parse_timestamp("%s",arrayindex( regextract(to_string(rt),"(\d+)\d{3}"),0) ),
     XDM.Network.Destination.port = to_number(dpt),
     XDM.Network.Source.port = to_number(spt),

diff --git a/Packs/FireEyeNX/ModelingRules/FireEyeNX/FireEyeNX.yml b/Packs/FireEyeNX/ModelingRules/FireEyeNX/FireEyeNX.yml
@@ -1,6 +1,7 @@
 name: FireEye NX Modeling Rule
 id: fireeye_nx_modeling_rule
 fromversion: 6.8.0
+toversion: 6.9.9
 tags: FireEye NX
 rules: ''
 schema: ''
diff --git a/Packs/FireEyeNX/ModelingRules/FireEyeNX_1_3/FireEyeNX_1_3.xif b/Packs/FireEyeNX/ModelingRules/FireEyeNX_1_3/FireEyeNX_1_3.xif
@@ -1,5 +1,6 @@
 [MODEL: dataset=fireeye_mps_raw]
-alter xdm.target.port = to_number(dpt),
+alter 
+    xdm.target.port = to_number(dpt),
     xdm.source.port = to_number(spt),
     xdm.event.operation_sub_type = act,
     xdm.target.ipv4 = dst,
@@ -15,4 +16,4 @@ alter xdm.target.port = to_number(dpt),
     xdm.source.process.executable.md5 = fileHash,
     xdm.source.process.executable.file_type = fileType,
     xdm.network.http.method = requestMethod,
-    xdm.alert.original_threat_name = cs1;
+    xdm.alert.original_threat_name = cs1;
diff --git a/Packs/FireEyeNX/ParsingRules/FireEyeNX/FireEyeNX.xif b/Packs/FireEyeNX/ParsingRules/FireEyeNX/FireEyeNX.xif
@@ -1,5 +1,2 @@
 [INGEST:vendor="fireeye", product="mps", target_dataset="fireeye_mps_raw", no_hit = keep]
-alter tmp_year_number = format_timestamp("%Y", _insert_time)
-    , tmp_time_extract = arrayindex(regextract(_raw_log ,"\>\s*([a-zA-Z]+\s+\d+\s+\d+\:\d+\:\d+)"),0)
-| alter _time = parse_timestamp("%b %d %H:%M:%S %Y",concat(tmp_time_extract , " " ,tmp_year_number ))
-| fields - tmp_time_extract , tmp_year_number;
+alter _time = to_timestamp(to_integer(RT), "millis");
diff --git a/Packs/FireEyeNX/ReleaseNotes/1_1_16.md b/Packs/FireEyeNX/ReleaseNotes/1_1_16.md
@@ -0,0 +1,6 @@
+
+#### Modeling Rules
+
+##### FireEye NX Modeling Rule
+
+- Updated Modeling Rules
diff --git a/Packs/FireEyeNX/pack_metadata.json b/Packs/FireEyeNX/pack_metadata.json
@@ -2,7 +2,7 @@
     "name": "FireEye Network Security (NX)",
     "description": "FireEye Network Security is an effective cyber threat protection solution that helps organizations minimize the risk of costly breaches by accurately detecting and immediately stopping advanced, targeted, and other evasive attacks hiding in Internet traffic.",
     "support": "xsoar",
-    "currentVersion": "1.1.15",
+    "currentVersion": "1.1.16",
     "author": "Cortex XSOAR",
     "url": "https://www.paloaltonetworks.com/cortex",
     "email": "",