diff --git a/packages/fireeye/changelog.yml b/packages/fireeye/changelog.yml
index 7c5d56a68be..3e1575fc75b 100644
--- a/packages/fireeye/changelog.yml
+++ b/packages/fireeye/changelog.yml
@@ -1,3 +1,8 @@
+- version: "1.3.1"
+  changes:
+    - description: Move invalid field value in sample event file
+      type: bugfix
+      link: https://github.com/elastic/integrations/pull/3331
 - version: "1.3.0"
   changes:
     - description: Update to ECS 8.2
diff --git a/packages/fireeye/data_stream/nx/sample_event.json b/packages/fireeye/data_stream/nx/sample_event.json
index ba14e797366..272ffcf6212 100644
--- a/packages/fireeye/data_stream/nx/sample_event.json
+++ b/packages/fireeye/data_stream/nx/sample_event.json
@@ -1,11 +1,11 @@
 {
     "@timestamp": "2020-09-22T08:34:44.991Z",
     "agent": {
-        "ephemeral_id": "be283a73-21df-40fd-8483-99dece22034a",
-        "id": "c53ddea2-61ac-4643-8676-0c70ebf51c91",
+        "ephemeral_id": "9c10aabf-b5f2-46d4-af8d-eccd5dfe3597",
+        "id": "2411eb51-1c57-41d1-962f-cd06ac57198b",
         "name": "docker-fleet-agent",
         "type": "filebeat",
-        "version": "8.0.0-beta1"
+        "version": "8.2.0"
     },
     "data_stream": {
         "dataset": "fireeye.nx",
@@ -23,17 +23,22 @@
         "version": "8.2.0"
     },
     "elastic_agent": {
-        "id": "c53ddea2-61ac-4643-8676-0c70ebf51c91",
+        "id": "2411eb51-1c57-41d1-962f-cd06ac57198b",
         "snapshot": false,
-        "version": "8.0.0-beta1"
+        "version": "8.2.0"
     },
     "event": {
         "agent_id_status": "verified",
+        "category": [
+            "network"
+        ],
         "dataset": "fireeye.nx",
-        "ingested": "2021-12-31T02:15:18Z",
-        "original": "{\"rawmsg\":\"{\\\"timestamp\\\":\\\"2020-09-22T08:34:44.991339+0000\\\",\\\"flow_id\\\":721570461162990,\\\"event_type\\\":\\\"flow\\\",\\\"src_ip\\\":\\\"fe80:0000:0000:0000:feec:daff:fe31:b706\\\",\\\"src_port\\\":45944,\\\"dest_ip\\\":\\\"ff02:0000:0000:0000:0000:0000:0000:0001\\\",\\\"dest_port\\\":10001,\\\"proto\\\":\\\"UDP\\\",\\\"proto_number\\\":17,\\\"ip_tc\\\":0,\\\"app_proto\\\":\\\"failed\\\",\\\"flow\\\":{\\\"pkts_toserver\\\":8,\\\"pkts_toclient\\\":0,\\\"bytes_toserver\\\":1680,\\\"bytes_toclient\\\":0,\\\"start\\\":\\\"2020-09-22T08:34:12.761326+0000\\\",\\\"end\\\":\\\"2020-09-22T08:34:12.761348+0000\\\",\\\"age\\\":0,\\\"state\\\":\\\"new\\\",\\\"reason\\\":\\\"timeout\\\",\\\"alerted\\\":false}}\\n\",\"meta_sip4\":\"192.168.1.99\",\"meta_oml\":520,\"deviceid\":\"860665216674\",\"meta_cbname\":\"fireeye-7e0de1\"}\n",
+        "ingested": "2022-05-12T06:20:01Z",
+        "original": "{\"rawmsg\":\"{\\\"timestamp\\\":\\\"2020-09-22T08:34:44.991339+0000\\\",\\\"flow_id\\\":721570461162990,\\\"event_type\\\":\\\"flow\\\",\\\"src_ip\\\":\\\"fe80:0000:0000:0000:feec:daff:fe31:b706\\\",\\\"src_port\\\":45944,\\\"dest_ip\\\":\\\"ff02:0000:0000:0000:0000:0000:0000:0001\\\",\\\"dest_port\\\":10001,\\\"proto\\\":\\\"UDP\\\",\\\"proto_number\\\":17,\\\"ip_tc\\\":0,\\\"app_proto\\\":\\\"failed\\\",\\\"flow\\\":{\\\"pkts_toserver\\\":8,\\\"pkts_toclient\\\":0,\\\"bytes_toserver\\\":1680,\\\"bytes_toclient\\\":0,\\\"start\\\":\\\"2020-09-22T08:34:12.761326+0000\\\",\\\"end\\\":\\\"2020-09-22T08:34:12.761348+0000\\\",\\\"age\\\":0,\\\"state\\\":\\\"new\\\",\\\"reason\\\":\\\"timeout\\\",\\\"alerted\\\":false}}\\n\",\"meta_sip4\":\"192.168.1.99\",\"meta_oml\":520,\"deviceid\":\"860665216674\",\"meta_cbname\":\"fireeye-7e0de1\"}",
         "timezone": "+00:00",
-        "type": "flow"
+        "type": [
+            "info"
+        ]
     },
     "fireeye": {
         "nx": {
@@ -49,19 +54,38 @@
         }
     },
     "host": {
-        "name": "docker-fleet-agent"
+        "architecture": "x86_64",
+        "containerized": false,
+        "hostname": "docker-fleet-agent",
+        "ip": [
+            "192.168.16.7"
+        ],
+        "mac": [
+            "02:42:c0:a8:10:07"
+        ],
+        "name": "docker-fleet-agent",
+        "os": {
+            "codename": "focal",
+            "family": "debian",
+            "kernel": "5.10.104-linuxkit",
+            "name": "Ubuntu",
+            "platform": "ubuntu",
+            "type": "linux",
+            "version": "20.04.4 LTS (Focal Fossa)"
+        }
     },
     "input": {
-        "type": "udp"
+        "type": "log"
     },
     "log": {
-        "source": {
-            "address": "172.22.0.7:49275"
-        }
+        "file": {
+            "path": "/tmp/service_logs/fireeye-nx.log"
+        },
+        "offset": 0
     },
     "network": {
         "community_id": "1:McNAQcsUcKZYOHHZYm0sD8JiBLc=",
-        "iana_number": 17,
+        "iana_number": "17",
         "protocol": "failed",
         "transport": "udp"
     },
@@ -83,7 +107,6 @@
         "port": 45944
     },
     "tags": [
-        "fireeye-nx",
-        "forwarded"
+        "fireeye-nx"
     ]
 }
\ No newline at end of file
diff --git a/packages/fireeye/docs/README.md b/packages/fireeye/docs/README.md
index 7160a3ef4c2..31bbc638b51 100644
--- a/packages/fireeye/docs/README.md
+++ b/packages/fireeye/docs/README.md
@@ -174,11 +174,11 @@ An example event for `nx` looks as following:
 {
     "@timestamp": "2020-09-22T08:34:44.991Z",
     "agent": {
-        "ephemeral_id": "be283a73-21df-40fd-8483-99dece22034a",
-        "id": "c53ddea2-61ac-4643-8676-0c70ebf51c91",
+        "ephemeral_id": "9c10aabf-b5f2-46d4-af8d-eccd5dfe3597",
+        "id": "2411eb51-1c57-41d1-962f-cd06ac57198b",
         "name": "docker-fleet-agent",
         "type": "filebeat",
-        "version": "8.0.0-beta1"
+        "version": "8.2.0"
     },
     "data_stream": {
         "dataset": "fireeye.nx",
@@ -196,17 +196,22 @@ An example event for `nx` looks as following:
         "version": "8.2.0"
     },
     "elastic_agent": {
-        "id": "c53ddea2-61ac-4643-8676-0c70ebf51c91",
+        "id": "2411eb51-1c57-41d1-962f-cd06ac57198b",
         "snapshot": false,
-        "version": "8.0.0-beta1"
+        "version": "8.2.0"
     },
     "event": {
         "agent_id_status": "verified",
+        "category": [
+            "network"
+        ],
         "dataset": "fireeye.nx",
-        "ingested": "2021-12-31T02:15:18Z",
-        "original": "{\"rawmsg\":\"{\\\"timestamp\\\":\\\"2020-09-22T08:34:44.991339+0000\\\",\\\"flow_id\\\":721570461162990,\\\"event_type\\\":\\\"flow\\\",\\\"src_ip\\\":\\\"fe80:0000:0000:0000:feec:daff:fe31:b706\\\",\\\"src_port\\\":45944,\\\"dest_ip\\\":\\\"ff02:0000:0000:0000:0000:0000:0000:0001\\\",\\\"dest_port\\\":10001,\\\"proto\\\":\\\"UDP\\\",\\\"proto_number\\\":17,\\\"ip_tc\\\":0,\\\"app_proto\\\":\\\"failed\\\",\\\"flow\\\":{\\\"pkts_toserver\\\":8,\\\"pkts_toclient\\\":0,\\\"bytes_toserver\\\":1680,\\\"bytes_toclient\\\":0,\\\"start\\\":\\\"2020-09-22T08:34:12.761326+0000\\\",\\\"end\\\":\\\"2020-09-22T08:34:12.761348+0000\\\",\\\"age\\\":0,\\\"state\\\":\\\"new\\\",\\\"reason\\\":\\\"timeout\\\",\\\"alerted\\\":false}}\\n\",\"meta_sip4\":\"192.168.1.99\",\"meta_oml\":520,\"deviceid\":\"860665216674\",\"meta_cbname\":\"fireeye-7e0de1\"}\n",
+        "ingested": "2022-05-12T06:20:01Z",
+        "original": "{\"rawmsg\":\"{\\\"timestamp\\\":\\\"2020-09-22T08:34:44.991339+0000\\\",\\\"flow_id\\\":721570461162990,\\\"event_type\\\":\\\"flow\\\",\\\"src_ip\\\":\\\"fe80:0000:0000:0000:feec:daff:fe31:b706\\\",\\\"src_port\\\":45944,\\\"dest_ip\\\":\\\"ff02:0000:0000:0000:0000:0000:0000:0001\\\",\\\"dest_port\\\":10001,\\\"proto\\\":\\\"UDP\\\",\\\"proto_number\\\":17,\\\"ip_tc\\\":0,\\\"app_proto\\\":\\\"failed\\\",\\\"flow\\\":{\\\"pkts_toserver\\\":8,\\\"pkts_toclient\\\":0,\\\"bytes_toserver\\\":1680,\\\"bytes_toclient\\\":0,\\\"start\\\":\\\"2020-09-22T08:34:12.761326+0000\\\",\\\"end\\\":\\\"2020-09-22T08:34:12.761348+0000\\\",\\\"age\\\":0,\\\"state\\\":\\\"new\\\",\\\"reason\\\":\\\"timeout\\\",\\\"alerted\\\":false}}\\n\",\"meta_sip4\":\"192.168.1.99\",\"meta_oml\":520,\"deviceid\":\"860665216674\",\"meta_cbname\":\"fireeye-7e0de1\"}",
         "timezone": "+00:00",
-        "type": "flow"
+        "type": [
+            "info"
+        ]
     },
     "fireeye": {
         "nx": {
@@ -222,19 +227,38 @@ An example event for `nx` looks as following:
         }
     },
     "host": {
-        "name": "docker-fleet-agent"
+        "architecture": "x86_64",
+        "containerized": false,
+        "hostname": "docker-fleet-agent",
+        "ip": [
+            "192.168.16.7"
+        ],
+        "mac": [
+            "02:42:c0:a8:10:07"
+        ],
+        "name": "docker-fleet-agent",
+        "os": {
+            "codename": "focal",
+            "family": "debian",
+            "kernel": "5.10.104-linuxkit",
+            "name": "Ubuntu",
+            "platform": "ubuntu",
+            "type": "linux",
+            "version": "20.04.4 LTS (Focal Fossa)"
+        }
     },
     "input": {
-        "type": "udp"
+        "type": "log"
     },
     "log": {
-        "source": {
-            "address": "172.22.0.7:49275"
-        }
+        "file": {
+            "path": "/tmp/service_logs/fireeye-nx.log"
+        },
+        "offset": 0
     },
     "network": {
         "community_id": "1:McNAQcsUcKZYOHHZYm0sD8JiBLc=",
-        "iana_number": 17,
+        "iana_number": "17",
         "protocol": "failed",
         "transport": "udp"
     },
@@ -256,8 +280,7 @@ An example event for `nx` looks as following:
         "port": 45944
     },
     "tags": [
-        "fireeye-nx",
-        "forwarded"
+        "fireeye-nx"
     ]
 }
 ```
\ No newline at end of file
diff --git a/packages/fireeye/manifest.yml b/packages/fireeye/manifest.yml
index 382b78c79ce..e8c250355fb 100644
--- a/packages/fireeye/manifest.yml
+++ b/packages/fireeye/manifest.yml
@@ -1,7 +1,7 @@
 format_version: 1.0.0
 name: fireeye
 title: "Fireeye"
-version: 1.3.0
+version: 1.3.1
 license: basic
 description: "This Elastic integration collects Fireeye NX logs."
 type: integration