diff --git a/dftimewolf/lib/collectors/grr_hosts.py b/dftimewolf/lib/collectors/grr_hosts.py
index 239e3d916..bd85aa0ef 100644
--- a/dftimewolf/lib/collectors/grr_hosts.py
+++ b/dftimewolf/lib/collectors/grr_hosts.py
@@ -125,7 +125,7 @@ def _FilterSelectionCriteria(
     for client in search_result:
       fqdn_match = selector in client.data.os_info.fqdn.lower()
       client_id_match = selector in client.data.client_id.lower()
-      usernames = [user.username for user in client.data.users]
+      usernames = [user.username for user in client.data.knowledge_base.users]
       username_match = selector in usernames and len(usernames) == 1
       if fqdn_match or client_id_match or username_match:
         result.append((client.data.last_seen_at, client))
diff --git a/tests/lib/collectors/test_data/mock_grr_hosts.py b/tests/lib/collectors/test_data/mock_grr_hosts.py
index f4b739cb0..af71d6dea 100644
--- a/tests/lib/collectors/test_data/mock_grr_hosts.py
+++ b/tests/lib/collectors/test_data/mock_grr_hosts.py
@@ -32,8 +32,10 @@
   last_clock: 1511174989272124
   age: 1510710503319681
   client_id: "C.0000000000000000"
-  users {{
-      username: "tomchop_username1"
+  knowledge_base {{
+      users {{
+          username: "tomchop_username1"
+      }}
   }}
 """.format(int(
     (datetime.datetime.utcnow() - datetime.timedelta(20)).timestamp(
@@ -58,8 +60,10 @@
   last_clock: 1511174989272124
   age: 1510710503319681
   client_id: "C.0000000000000001"
-  users {{
-      username: "tomchop_username2"
+  knowledge_base {{
+      users {{
+          username: "tomchop_username2"
+      }}
   }}
 """.format(int(
     (datetime.datetime.utcnow() - datetime.timedelta(25)).timestamp(
@@ -83,8 +87,10 @@
   last_clock: 1511174989272124
   age: 1510710503319681
   client_id: "C.0000000000000002"
-  users {{
-      username: "tomchop_username1"
+  knowledge_base {{
+      users {{
+          username: "tomchop_username1"
+      }}
   }}
 """.format(int(
     (datetime.datetime.utcnow() - datetime.timedelta(20)).timestamp(