diff --git a/datasets/attack_techniques/T1071.001/http_user_agents/http_user_agents.yml b/datasets/attack_techniques/T1071.001/http_user_agents/http_user_agents.yml
new file mode 100644
index 00000000..4d279d86
--- /dev/null
+++ b/datasets/attack_techniques/T1071.001/http_user_agents/http_user_agents.yml
@@ -0,0 +1,13 @@
+author: Raven Tait, Splunk
+id: fdc85d57-acaf-4552-a363-1fd59a447f33
+date: '2023-12-16'
+description: Attack data related to various web request user agents
+environment: attack_range
+directory: http_user_agents
+mitre_technique:
+- T1071.001
+datasets:
+- name: suricata_c2
+  path: /datasets/attack_techniques/T1071.001/http_user_agents/suricata_c2.log
+  sourcetype: suricata
+  source: suricata
diff --git a/datasets/attack_techniques/T1071.001/http_user_agents/suricata_c2.log b/datasets/attack_techniques/T1071.001/http_user_agents/suricata_c2.log
new file mode 100644
index 00000000..d79d39c8
--- /dev/null
+++ b/datasets/attack_techniques/T1071.001/http_user_agents/suricata_c2.log
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:8dc429a3e0241657320748f91e3c2ef2e6dd346734111f26b19d8ad0d3e58fb1
+size 62479