diff --git a/core/lib/rules.py b/core/lib/rules.py
index 0362f9e..fae7724 100644
--- a/core/lib/rules.py
+++ b/core/lib/rules.py
@@ -17,14 +17,14 @@ from core.util import logs
 log = logs.get_logger("rules")
 
 
-def rule_matched(rule, message, matched_fields):
+def rule_matched(rule, message, matched):
     title = f"Rule {rule.name} matched"
 
     # Dump the message in YAML for readability
     message = dump(message, Dumper=Dumper, default_flow_style=False)
-    matched_fields = ", ".join(matched_fields)
+    matched = ", ".join([f"{k}: {v}" for k, v in matched.items()])
 
-    notify_message = f"{rule.name} matched on {matched_fields}\n{message}"
+    notify_message = f"{rule.name} match: {matched}\n{message}"
     notify_message = notify_message.encode("utf-8", "replace")
 
     cast = {
@@ -43,6 +43,7 @@ def process_rules(data):
         for message in index_messages:
             for rule in all_rules:
                 parsed_rule = rule.parse()
+                matched = {}
                 if "index" not in parsed_rule:
                     continue
                 if "source" not in parsed_rule:
@@ -58,9 +59,11 @@ def process_rules(data):
                 if message["src"] not in rule_source:
                     continue
 
+                matched["index"] = index
+                matched["source"] = message["src"]
+
                 rule_field_length = len(parsed_rule.keys())
                 matched_field_number = 0
-                matched_fields = []
                 for field, value in parsed_rule.items():
                     if not type(value) == list:
                         value = [value]
@@ -71,7 +74,7 @@ def process_rules(data):
                             if "tokens" in message:
                                 if token in message["tokens"]:
                                     matched_field_number += 1
-                                    matched_fields.append(field)
+                                    matched[field] = token
                                     # Break out of the token matching loop
                                     break
                         # Continue to next field
@@ -83,16 +86,16 @@ def process_rules(data):
                             if "msg" in message:
                                 if msg.lower() in message["msg"].lower():
                                     matched_field_number += 1
-                                    matched_fields.append(field)
+                                    matched[field] = msg
                                     # Break out of the msg matching loop
                                     break
                         # Continue to next field
                         continue
                     if field in message and message[field] in value:
                         matched_field_number += 1
-                        matched_fields.append(field)
+                        matched[field] = message[field]
                 if matched_field_number == rule_field_length - 2:
-                    rule_matched(rule, message, matched_fields)
+                    rule_matched(rule, message, matched)
 
 
 class NotificationRuleData(object):