diff --git a/section_5/cis_5.2/cis_5.2.3.yml b/section_5/cis_5.2/cis_5.2.3.yml
index 08b49fa..b643bf9 100644
--- a/section_5/cis_5.2/cis_5.2.3.yml
+++ b/section_5/cis_5.2/cis_5.2.3.yml
@@ -5,11 +5,11 @@
 command:
   log_sudoers_d:
     title: 5.2.3 | Ensure sudo log file exists | sudoers.d
-    exec: "grep -Ec '^Defaults logfile=/var/log/*.log' /etc/sudoers /etc/sudoers.d/.*/"
+    exec: 'grep -Ec "^Defaults.*logfile=(\"|)/var/log/.*\.log(\"|)" /etc/sudoers /etc/sudoers.d/*'
     exit-status:
       lt: 3
     stdout:
-    - '/[1:99]/'
+    - '/.*:[1:99]/'
     meta:
       server: 1
       workstation: 1