diff --git a/scripts/install.sh b/scripts/install.sh
index d9211f6..103148c 100755
--- a/scripts/install.sh
+++ b/scripts/install.sh
@@ -161,14 +161,15 @@ configure_snort_logging_macos() {
 update_ossec_conf_macos() {
     info_message "Updating $OSSEC_CONF_PATH"
 
-    content_to_add="<!-- snort -->
+    if [[ $ARCH == "arm64" ]]; then
+        # ARM (M1) specific Snort configuration
+        content_to_add="<!-- snort -->
 <localfile>
     <log_format>snort-full</log_format>
     <location>/var/log/snort/alert_fast.txt</location>
 </localfile>"
 
-    if [[ $ARCH == "arm64" ]]; then
-        # ARM (M1) specific Snort configuration
+        # Check and add Snort config if not present
         if ! sudo grep -q "$content_to_add" "$OSSEC_CONF_PATH"; then
             sudo sed -i '' -e "/<\/ossec_config>/i\\
 <!-- snort -->\\
@@ -182,13 +183,16 @@ update_ossec_conf_macos() {
         fi
     else
         # Intel specific Snort configuration
+        content_to_add="<!-- snort -->
+<localfile>
+    <log_format>snort-full<\/log_format>
+    <location>/var\/log\/snort\/alert_fast.txt<\/location>
+<\/localfile>"
+
+        # Check and add Snort config if not present
         if ! grep -q "$content_to_add" "$OSSEC_CONF_PATH"; then
             maybe_sudo sed -i '' "/<\/ossec_config>/i\\
-<!-- snort -->\\
-<localfile>\\
-    <log_format>snort-full</log_format>\\
-    <location>/var/log/snort/alert_fast.txt</location>\\
-</localfile>" "$OSSEC_CONF_PATH"
+    $content_to_add" "$OSSEC_CONF_PATH"
             success_message "ossec.conf updated on macOS Intel"
         else
             info_message "The content already exists in $OSSEC_CONF_PATH"
@@ -197,7 +201,6 @@ update_ossec_conf_macos() {
 }
 
 
-
 # Function to start Snort on macOS
 start_snort_macos() {
     info_message "Starting Snort"