diff --git a/conf.d/15-others.conf b/conf.d/15-others.conf
index 5ba47a8b255fc853c144e56ec3619d9acecb246b..202b1689fbb8f92a75b1828b5e42a3e871bb28e4 100644
--- a/conf.d/15-others.conf
+++ b/conf.d/15-others.conf
@@ -7,7 +7,7 @@ filter {
       }
       grok {
         patterns_dir => ["/etc/logstash/conf.d/patterns"]
-        match => [ "message", "%{DHCPD}"]
+        match => [ "syslog_message", "%{DHCPD}"]
       }
     } 
     if [syslog_program] =~ /^charon$/ {
@@ -26,7 +26,7 @@ filter {
       }
       grok {
         patterns_dir => ["/etc/logstash/conf.d/patterns"]
-        match => [ "message", "%{OPENVPN}"]
+        match => [ "syslog_message", "%{OPENVPN}"]
       }
     }
     if [syslog_program] =~ /^ntpd/ {
@@ -40,7 +40,7 @@ filter {
       }
       grok {
         patterns_dir => ["/etc/logstash/conf.d/patterns"]
-        match => [ "message", "%{PF_APP}%{PF_APP_DATA}"]
+        match => [ "syslog_message", "%{PF_APP}%{PF_APP_DATA}"]
       }
       mutate {
         lowercase => [ 'pf_ACTION' ]