From 299a931e4924f5e2cb6a94fe470fc98fec44166c Mon Sep 17 00:00:00 2001
From: jason taylor <jtfas90@gmail.com>
Date: Thu, 14 Jul 2022 20:05:03 +0000
Subject: [PATCH] doc: update example rule list

Signed-off-by: jason taylor <jtfas90@gmail.com>
---
 doc/userguide/rules/meta.rst | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/userguide/rules/meta.rst b/doc/userguide/rules/meta.rst
index dd09559831..dc1fbd0116 100644
--- a/doc/userguide/rules/meta.rst
+++ b/doc/userguide/rules/meta.rst
@@ -15,7 +15,7 @@ The format of msg is::
 
 Examples::
 
-  msg:"ATTACK-RESPONSES 403 Forbidden";
+  msg:"ET MALWARE Win32/RecordBreaker CnC Checkin";
   msg:"ET EXPLOIT SMB-DS DCERPC PnP bind attempt";
 
 To continue the example of the previous chapter, this is the keyword in action in an actual rule: