diff --git a/splunk/dmarc_aggregate_dashboard.xml b/splunk/dmarc_aggregate_dashboard.xml
index 40cdea1..5f3995c 100644
--- a/splunk/dmarc_aggregate_dashboard.xml
+++ b/splunk/dmarc_aggregate_dashboard.xml
@@ -74,7 +74,7 @@
       <fieldForLabel>source_type</fieldForLabel>
       <fieldForValue>source_type</fieldForValue>
       <search>
-        <query>index="email_ess" sourcetype="dmarc:aggregate"
+        <query>index="email" sourcetype="dmarc:aggregate"
         | stats count by source_type</query>
       </search>
     </input>
@@ -86,7 +86,7 @@
       <fieldForLabel>source_name</fieldForLabel>
       <fieldForValue>source_name</fieldForValue>
       <search>
-        <query>index="email_ess" sourcetype="dmarc:aggregate" source_type=$source_type$
+        <query>index="email" sourcetype="dmarc:aggregate" source_type="$source_type$"
         | stats count by source_name</query>
       </search>
     </input>
@@ -307,4 +307,4 @@
       </table>
     </panel>
   </row>
-</form>
\ No newline at end of file
+</form>