From fd3d96ba69a25e82359b844abe36ea7f3c476a49 Mon Sep 17 00:00:00 2001
From: Yara Tercero <yara.tercero@elastic.co>
Date: Thu, 16 Apr 2020 21:04:02 -0400
Subject: [PATCH] update scripts

---
 .../lib/detection_engine/scripts/rules/patches/update_list.json | 2 +-
 .../detection_engine/scripts/rules/queries/query_with_list.json | 2 +-
 .../lib/detection_engine/scripts/rules/updates/update_list.json | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/patches/update_list.json b/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/patches/update_list.json
index 4db8724db4e13..8d831f3a961d8 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/patches/update_list.json
+++ b/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/patches/update_list.json
@@ -1,6 +1,6 @@
 {
   "rule_id": "query-with-list",
-  "lists": [
+  "exceptions_list": [
     {
       "field": "source.ip",
       "values_operator": "excluded",
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_with_list.json b/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_with_list.json
index 997d03369a699..9072a8a7b26fb 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_with_list.json
+++ b/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_with_list.json
@@ -6,7 +6,7 @@
   "severity": "high",
   "type": "query",
   "query": "user.name: root or user.name: admin",
-  "lists": [
+  "exceptions_list": [
     {
       "field": "source.ip",
       "values_operator": "included",
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/updates/update_list.json b/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/updates/update_list.json
index 66b198974f574..df22dff5c046e 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/updates/update_list.json
+++ b/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/updates/update_list.json
@@ -6,7 +6,7 @@
   "severity": "high",
   "type": "query",
   "query": "user.name: root or user.name: admin",
-  "lists": [
+  "exceptions_list": [
     {
       "field": "source.ip",
       "values_operator": "excluded",