diff --git a/Vagrant/resources/splunk_server/transforms.conf b/Vagrant/resources/splunk_server/transforms.conf
index abdd80a..e88932a 100644
--- a/Vagrant/resources/splunk_server/transforms.conf
+++ b/Vagrant/resources/splunk_server/transforms.conf
@@ -20,7 +20,7 @@ DEST_KEY = queue
 FORMAT = nullQueue
 
 [osqueryd_wineventlog_null]
-REGEX = "Process\sName:\s+C:\\Program Files\\osquery\\osqueryd\\osqueryd.exe""
+REGEX = "Process\sName:\s+C:\\Program Files\\osquery\\osqueryd\\osqueryd.exe"
 DEST_KEY = queue
 FORMAT = nullQueue