diff --git a/src/warden-client/doc/README b/src/warden-client/doc/README
index cba389a5101174c2fa69672e044e959967aff749..8d1f6f143217c9feaaaf1e9a1683c07e1773d56a 100644
--- a/src/warden-client/doc/README
+++ b/src/warden-client/doc/README
@@ -371,7 +371,7 @@ I. Functions, Arguments and Calls
     
     # SOURCE_TYPE - VARCHAR 64
     # Type of source of reported attack/issue. Currently supported values are:
-    # IP, URL, Reply-To:, null
+    # IP, URL, Reply-To:
     $source_type  = "IP";
     
     # SOURCE - VARCHAR 256
@@ -380,11 +380,11 @@ I. Functions, Arguments and Calls
     
     # TARGET_PROTO - VARCHAR 16
     # Protocol type of reported attack/issue target. Supported are all L3 and L4
-    # protocols and null. 
+    # protocols. 
     $target_proto = "TCP";
     
     # TARGET_PORT - INT 2
-    # Port number of reported attack/issue target or null.
+    # Port number of reported attack/issue target.
     $target_port  = "22";
     
     # ATTACK_SCALE - INT 4
@@ -393,17 +393,17 @@ I. Functions, Arguments and Calls
     $attack_scale = "1234567890";
     
     # NOTE - TEXT
-    # Some important(!) note or comment or null. Also, it may contain virus
+    # Some important(!) note or comment. Also, it may contain virus
     # sample, phishing e-mail with headers and other accordingly to event type.
     $note         = "this threat is dangerous";
     
     # PRIORITY - INT 1
-    # Subjective definition of incident severity. Values 0-255 or null are
+    # Subjective definition of incident severity. Values 0-255 are
     # possible where 0 is the lowest priority.
-    $priority     = "null";
+    $priority     = "1";
     
     # TIMEOUT - INT 2
-    # Subjective time (in minutes) or null. After this time event might be
+    # Subjective time (in minutes). After this time event might be
     # considered timeouted.
     $timeout      = "20";