Updating note after review.

sunilarjun · sunilarjun · commit 70ba1d10bfd7 · 2025-06-17T15:26:02.000-07:00
Signed-off-by: Sunil Singh &lt;sunil.singh@suse.com&gt;
diff --git a/docs/05.policy/05.networkrules/05.networkrules.md b/docs/05.policy/05.networkrules/05.networkrules.md
@@ -59,7 +59,7 @@ Don’t forget to Deploy/Update if you make any changes!
 The Network Rules have a `Match Counter` that increments every time an added rule is used, and displays the last date and time for each used rule. Below is an example which creates an `Allow` Network Rule for a specified container. Once container traffic is sent, the `Match Counter` and `Last used at` timestamp are verified against the created Network Rule and updated if hit.
 
 :::note
-The `Match Counter` is not calculated based on the number of data packets. When a Network Rule is hit by traffic, the NeuVector controller generates one `UpdateConnections` log for each connection, and the counter of this Network Policy is then increased based on the number of `UpdateConnections`.
+The Controller receives a connection update message from the Enforcer. The `UpdateConnections` logic examines the contents of this message to determine which network rule was matched and when it was last used. Based on this, it updates both the rule’s `Match Counter` and `Last used at` timestamp.
 :::
 
 1. Define an `Allow` Network Rule for a specified container(s). When defined initially the `Match Counter` displays as `0`, and the `Last used at` timestamp is empty for this Network Rule:
diff --git a/versioned_docs/version-5.4/05.policy/05.networkrules/05.networkrules.md b/versioned_docs/version-5.4/05.policy/05.networkrules/05.networkrules.md
@@ -59,7 +59,7 @@ Don’t forget to Deploy/Update if you make any changes!
 Available as of NeuVector v5.4.4, the Network Rules have a `Match Counter` that increments every time an added rule is used, and displays the last date and time for each used rule. Below is an example which creates an `Allow` Network Rule for a specified container. Once container traffic is sent, the `Match Counter` and `Last used at` timestamp are verified against the created Network Rule and updated if hit.
 
 :::note
-The `Match Counter` is not calculated based on the number of data packets. When a Network Rule is hit by traffic, the NeuVector controller generates one `UpdateConnections` log for each connection, and the counter of this Network Policy is then increased based on the number of `UpdateConnections`.
+The Controller receives a connection update message from the Enforcer. The `UpdateConnections` logic examines the contents of this message to determine which network rule was matched and when it was last used. Based on this, it updates both the rule’s `Match Counter` and `Last used at` timestamp.
 :::
 
 1. Define an `Allow` Network Rule for a specified container(s). When defined initially the `Match Counter` displays as `0`, and the `Last used at` timestamp is empty for this Network Rule:
