diff --git a/main.go b/main.go
index b8b4682..7047b7d 100644
--- a/main.go
+++ b/main.go
@@ -3553,7 +3553,7 @@ INSERT INTO event_logs (
 	target_user, target_domain, subject_user, subject_domain,
 	workstation, src_ip, src_port, logon_type, process_name,
 	authentication_package, logon_process, status_text, sub_status_text,
-	failure_reason, ts, msg, msg_sha256
+	failure_reason, ts, received_at, msg, msg_sha256
 ) VALUES
 `)
 
@@ -3561,7 +3561,7 @@ INSERT INTO event_logs (
 		if i > 0 {
 			sb.WriteString(",")
 		}
-		sb.WriteString("(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)")
+		sb.WriteString("(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,UTC_TIMESTAMP(6),?,?)")
 
 		norm := NormalizeEventXML(item.Message)
 
@@ -5499,7 +5499,6 @@ WHERE enabled = 1
 }
 
 func (d *detector) insertDetection(ctx context.Context, det Detection) (bool, error) {
-
 	suppressed, err := d.isDetectionSuppressed(ctx, det)
 	if err != nil {
 		return false, err
@@ -5510,9 +5509,10 @@ func (d *detector) insertDetection(ctx context.Context, det Detection) (bool, er
 
 	const q = `
 INSERT IGNORE INTO detections
-(rule_name, severity, hostname, channel_name, event_id, score, window_start, window_end, summary, details_json)
-VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
+(rule_name, severity, hostname, channel_name, event_id, score, window_start, window_end, summary, details_json, created_at)
+VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, UTC_TIMESTAMP(6))
 `
+
 	res, err := d.db.ExecContext(ctx, q,
 		det.RuleName,
 		det.Severity,
@@ -5528,10 +5528,12 @@ VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
 	if err != nil {
 		return false, err
 	}
+
 	affected, err := res.RowsAffected()
 	if err != nil {
 		return false, err
 	}
+
 	return affected > 0, nil
 }