diff --git a/datasets/attack_techniques/T1071.001/http_user_agents/http_user_agents.yml b/datasets/attack_techniques/T1071.001/http_user_agents/http_user_agents.yml
index 4d279d86..22cf4c27 100644
--- a/datasets/attack_techniques/T1071.001/http_user_agents/http_user_agents.yml
+++ b/datasets/attack_techniques/T1071.001/http_user_agents/http_user_agents.yml
@@ -1,7 +1,7 @@
 author: Raven Tait, Splunk
 id: fdc85d57-acaf-4552-a363-1fd59a447f33
 date: '2023-12-16'
-description: Attack data related to various web request user agents
+description: Attack data related to various http user agents
 environment: attack_range
 directory: http_user_agents
 mitre_technique:
@@ -11,3 +11,15 @@ datasets:
   path: /datasets/attack_techniques/T1071.001/http_user_agents/suricata_c2.log
   sourcetype: suricata
   source: suricata
+- name: suricata_malware
+  path: /datasets/attack_techniques/T1071.001/http_user_agents/suricata_malware.log
+  sourcetype: suricata
+  source: suricata
+- name: suricata_pua
+  path: /datasets/attack_techniques/T1071.001/http_user_agents/suricata_pua.log
+  sourcetype: suricata
+  source: suricata
+- name: suricata_rmm
+  path: /datasets/attack_techniques/T1071.001/http_user_agents/suricata_rmm.log
+  sourcetype: suricata
+  source: suricata
diff --git a/datasets/attack_techniques/T1071.001/http_user_agents/suricata_malware.log b/datasets/attack_techniques/T1071.001/http_user_agents/suricata_malware.log
new file mode 100644
index 00000000..c0594b0d
--- /dev/null
+++ b/datasets/attack_techniques/T1071.001/http_user_agents/suricata_malware.log
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:2f8c6eeb09893ec58228f9578a61b4e6f0b36277420b58f7c8a36c7ea4c01e79
+size 7222
diff --git a/datasets/attack_techniques/T1071.001/http_user_agents/suricata_pua.log b/datasets/attack_techniques/T1071.001/http_user_agents/suricata_pua.log
new file mode 100644
index 00000000..b7c3a9ec
--- /dev/null
+++ b/datasets/attack_techniques/T1071.001/http_user_agents/suricata_pua.log
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:a4e6904a2ad806985f244c1583cd4ffc50cc7198a744adcdde16f707ecab0305
+size 3214
diff --git a/datasets/attack_techniques/T1071.001/http_user_agents/suricata_rmm.log b/datasets/attack_techniques/T1071.001/http_user_agents/suricata_rmm.log
new file mode 100644
index 00000000..61bb8045
--- /dev/null
+++ b/datasets/attack_techniques/T1071.001/http_user_agents/suricata_rmm.log
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:4faeaab2d5031c7186bdccfe857a3c3f1c22da66ca36438ba58e86a2e646b21f
+size 3633