diff --git a/smart/logger/__init__.py b/smart/logger/__init__.py
index 61c6ddd..bcde3fc 100644
--- a/smart/logger/__init__.py
+++ b/smart/logger/__init__.py
@@ -15,8 +15,8 @@ _date  = "(^[A-Z][a-z]{2}) ([0-9]{2}) ([0-9]{2})\:([0-9]){2}\:([0-9]{2})"
 _ip = "\d+\.\d+\.\d+\.\d+"
 _regex = {
     'login':{'pattern':f'{_date} .*Accepted password for ([a-z]+) from ({_ip})', 'columns':['month','day','hour','minute','second','user','ip']},
-    'attacks':{'pattern':f'{_date} .*Invalid user ([a-z,0-6]+) from ({_ip})','columns':['month','day','hour','minute','second','user','ip']},
-    'risk':{'pattern':f'{_date} .*Failed password for ([a-z,0-6]+) from ({_ip})','columns':['month','day','hour','minute','second','user','ip']} #-- accounts at risk
+    'attacks':{'pattern':f'{_date} .*Invalid user ([a-z,0-9]+) from ({_ip})','columns':['month','day','hour','minute','second','user','ip']},
+    'risk':{'pattern':f'{_date} .*Failed password for ([a-z,0-9]+) from ({_ip})','columns':['month','day','hour','minute','second','user','ip']} #-- accounts at risk
     
 }
 _map = {'Jan':1,'Feb':2,'Mar':3,'Apr':4,'May':5,'Jun':6,'Jul':7,'Aug':8,'Sep':9,'Oct':10,'Nov':11,'Dec':12}
@@ -27,7 +27,7 @@ def risk (_content,_id='user'):
     _df  = pd.DataFrame(_content)
     _g = _df.groupby([_id]).apply(lambda row: {'start_date':row.date.min(),'end_date':row.date.max() ,'count':row[_id].size} )
     _df = pd.DataFrame(_g.tolist())
-    _df['user'] = _g.index
+    _df[_id] = _g.index
     _df.start_date = _df.start_date.astype(str)
     _df.end_date = _df.end_date.astype(str)
     return _df