From 434ad7733dd1c42d88c34740d82b9d7991b1359f Mon Sep 17 00:00:00 2001
From: David Panofsky <dpanofsky@singleplatform.com>
Date: Thu, 29 Dec 2016 17:25:34 -0500
Subject: [PATCH] fix for rule 2.4

---
 prowler | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/prowler b/prowler
index df2616be..5bbf4f7c 100755
--- a/prowler
+++ b/prowler
@@ -674,7 +674,7 @@ check24(){
   LIST_OF_TRAILS=$($AWSCLI cloudtrail describe-trails --profile $PROFILE --region $REGION --query 'trailList[*].Name' --output text)
   if [[ $LIST_OF_TRAILS ]];then
     for trail in $LIST_OF_TRAILS;do
-      TRAIL_REGION=$($AWSCLI cloudtrail describe-trails --profile $PROFILE --region $REGION --query 'trailList[*]' --output text | grep $trail | awk '{ print $3}')
+      TRAIL_REGION=$($AWSCLI cloudtrail describe-trails --profile $PROFILE --region $REGION --query 'trailList[*]' --output text | grep $trail | awk '{ print $4}')
       LATESTDELIVERY_TIMESTAMP=$($AWSCLI cloudtrail get-trail-status --name $trail --profile $PROFILE --region $TRAIL_REGION --query 'LatestCloudWatchLogsDeliveryTime' --output text|grep -v None)
       if [[ ! $LATESTDELIVERY_TIMESTAMP ]];then
         echo -e "     $RED $trail trail is not logging in the last 24h or not configured (it is in $TRAIL_REGION)$NORMAL"