diff --git a/scripts/install.sh b/scripts/install.sh
index 9572564..d9211f6 100755
--- a/scripts/install.sh
+++ b/scripts/install.sh
@@ -161,15 +161,14 @@ configure_snort_logging_macos() {
 update_ossec_conf_macos() {
     info_message "Updating $OSSEC_CONF_PATH"
 
-    if [[ $ARCH == "arm64" ]]; then
-        # ARM (M1) specific Snort configuration
-        content_to_add="<!-- snort -->
+    content_to_add="<!-- snort -->
 <localfile>
     <log_format>snort-full</log_format>
     <location>/var/log/snort/alert_fast.txt</location>
 </localfile>"
 
-        # Check and add Snort config if not present
+    if [[ $ARCH == "arm64" ]]; then
+        # ARM (M1) specific Snort configuration
         if ! sudo grep -q "$content_to_add" "$OSSEC_CONF_PATH"; then
             sudo sed -i '' -e "/<\/ossec_config>/i\\
 <!-- snort -->\\
@@ -183,16 +182,13 @@ update_ossec_conf_macos() {
         fi
     else
         # Intel specific Snort configuration
-        content_to_add="<!-- snort -->
-<localfile>
-    <log_format>snort-full<\/log_format>
-    <location>\/usr\/local\/var\/log\/snort\/alert_fast.txt<\/location>
-<\/localfile>"
-
-        # Check and add Snort config if not present
         if ! grep -q "$content_to_add" "$OSSEC_CONF_PATH"; then
             maybe_sudo sed -i '' "/<\/ossec_config>/i\\
-    $content_to_add" "$OSSEC_CONF_PATH"
+<!-- snort -->\\
+<localfile>\\
+    <log_format>snort-full</log_format>\\
+    <location>/var/log/snort/alert_fast.txt</location>\\
+</localfile>" "$OSSEC_CONF_PATH"
             success_message "ossec.conf updated on macOS Intel"
         else
             info_message "The content already exists in $OSSEC_CONF_PATH"
@@ -201,6 +197,7 @@ update_ossec_conf_macos() {
 }
 
 
+
 # Function to start Snort on macOS
 start_snort_macos() {
     info_message "Starting Snort"