diff --git a/templates/filebeat.yml.j2 b/templates/filebeat.yml.j2
index bb86d37efbcbd1c211ef8d23836ce48192ae72c1..cea2d1c61ebb579bb289bca15f52f6cf342cf9ed 100644
--- a/templates/filebeat.yml.j2
+++ b/templates/filebeat.yml.j2
@@ -33,7 +33,8 @@ filebeat.inputs:
   paths:
     - /var/log/dpkg.log
   fields:
-    source_app: "dpkg"
+     service_type: "dpkg"
+  fields_under_root: true
 
 # ================================== Outputs ===================================
 # ------------------------------ Logstash Output -------------------------------