diff --git a/parsedmarc/splunk.py b/parsedmarc/splunk.py
index 82174ac..b9d2c0d 100644
--- a/parsedmarc/splunk.py
+++ b/parsedmarc/splunk.py
@@ -157,7 +157,7 @@ class HECClient(object):
         json_str = ""
         for report in failure_reports:
             data = self._common_data.copy()
-            data["sourcetype"] = "dmarc_failure"
+            data["sourcetype"] = "dmarc:failure"
             timestamp = human_timestamp_to_unix_timestamp(report["arrival_date_utc"])
             data["time"] = timestamp
             data["event"] = report.copy()