diff --git a/docs/Language.md b/docs/Language.md
index b935a6b26..52833126b 100644
--- a/docs/Language.md
+++ b/docs/Language.md
@@ -587,6 +587,4 @@ But for more useful situations, perhaps stopping if the log filename doesn't mat
 getfilename() !~ /apache.access.log/ {
   stop
 }
-
-...
 ```
diff --git a/examples/dhcpd.mtail b/examples/dhcpd.mtail
index b5ec032eb..800d03ce7 100644
--- a/examples/dhcpd.mtail
+++ b/examples/dhcpd.mtail
@@ -51,7 +51,7 @@ const MATCH_MAC /(?P<mac>([\da-f]{2}:){5}[\da-f]{2})/
 
 @syslog {
     # Request
-    /(balanced|balancing|BOOTREPLY|BOOTREQUEST|DHCPACK|DHCPDECLINE|DHCPDISCOVER|DHCPINFORM|DHCPNAK|DHCPOFFER|DHCPRELEASE|DHCPREQUEST)/ {
+    $message =~ /^(balanced|balancing|BOOTREPLY|BOOTREQUEST|DHCPACK|DHCPDECLINE|DHCPDISCOVER|DHCPINFORM|DHCPNAK|DHCPOFFER|DHCPRELEASE|DHCPREQUEST)/ {
         # The lowercased name of the command matched in the regex is used to
         # count the frequency of each command.  An external collector can use
         # this to compute the rate of each command independently.