diff --git a/packages/cisco_secure_email_gateway/changelog.yml b/packages/cisco_secure_email_gateway/changelog.yml
index f2d3448d3ad..d442992954d 100644
--- a/packages/cisco_secure_email_gateway/changelog.yml
+++ b/packages/cisco_secure_email_gateway/changelog.yml
@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "1.11.1"
+  changes:
+    - description: Match both Unix and Windows-style paths
+      type: bugfix
+      link: https://github.com/elastic/integrations/pull/7452
 - version: "1.11.0"
   changes:
     - description: Update package to ECS 8.9.0.
diff --git a/packages/cisco_secure_email_gateway/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/cisco_secure_email_gateway/data_stream/log/elasticsearch/ingest_pipeline/default.yml
index 988fccfd65a..dd04311510f 100644
--- a/packages/cisco_secure_email_gateway/data_stream/log/elasticsearch/ingest_pipeline/default.yml
+++ b/packages/cisco_secure_email_gateway/data_stream/log/elasticsearch/ingest_pipeline/default.yml
@@ -12,7 +12,7 @@ processors:
       field: _tmp.filepath
       if: ctx.log?.file?.path != null
       patterns:
-        - "^%{DATA}/%{WORD:cisco_secure_email_gateway.log.category.name}.@%{GREEDYDATA}.s$"
+        - "^%{DATA}[\\/]%{WORD:cisco_secure_email_gateway.log.category.name}.@%{GREEDYDATA}.s$"
   - rename:
       field: message
       target_field: event.original
diff --git a/packages/cisco_secure_email_gateway/manifest.yml b/packages/cisco_secure_email_gateway/manifest.yml
index d123002f677..ba257f772bd 100644
--- a/packages/cisco_secure_email_gateway/manifest.yml
+++ b/packages/cisco_secure_email_gateway/manifest.yml
@@ -1,7 +1,7 @@
 format_version: 1.0.0
 name: cisco_secure_email_gateway
 title: Cisco Secure Email Gateway
-version: "1.11.0"
+version: "1.11.1"
 license: basic
 description: Collect logs from Cisco Secure Email Gateway with Elastic Agent.
 type: integration