grammar corrections

elastic · Feb 10, 2021 · 56dd657 · 56dd657
1 parent 15e7ac7
commit 56dd657
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/docs/field-values-usage.asciidoc b/docs/field-values-usage.asciidoc
@@ -57,7 +57,7 @@ This event from a firewall describes a successfully blocked network connection:
 
 <1> Classifying as an `event`.
 <2> `event.category` categorizes this event as `network` activity.
-<3> The event was both an attempted network `connection` which was `denied`.
+<3> The event was both an attempted network `connection` and was `denied`.
 <4> The blocking of this connection is expected. The outcome is a `success` from the perspective of the firewall emitting the event.
 <5> The firewall classifies this denied connection as `dropped`, and this value is captured in `event.action`.
 
@@ -172,4 +172,4 @@ An intrusion detection system (IDS) attempts to block a connection but fails. Th
 <1> The IDS emitted this event when a detection rule generated an alert. The `event.kind` is set to `alert`.
 <2> With the event emitted from a network IDS device, the event is categorized both as `network` and `intrusion_detection`.
 <3> The alert event is a `connection` that was `denied` by the IDS' configuration.
-<4> The IDS experience an issue when attempting to deny the connection. Since the action taken by the IDS failed, the outcome is set as `failure`.
+<4> The IDS experienced an issue when attempting to deny the connection. Since the action taken by the IDS failed, the outcome is set as `failure`.