diff --git a/libraries/libapparmor/testsuite/test_multi/testcase_network_send_receive.err b/libraries/libapparmor/testsuite/test_multi/testcase_network_send_receive.err
new file mode 100644
index 000000000..e69de29bb
diff --git a/libraries/libapparmor/testsuite/test_multi/testcase_network_send_receive.in b/libraries/libapparmor/testsuite/test_multi/testcase_network_send_receive.in
new file mode 100644
index 000000000..87f0943cd
--- /dev/null
+++ b/libraries/libapparmor/testsuite/test_multi/testcase_network_send_receive.in
@@ -0,0 +1 @@
+Jul 29 11:42:05 files kernel: [483212.877816] audit: type=1400 audit(1469785325.122:21021): apparmor="ALLOWED" operation="file_inherit" profile="/usr/bin/nginx-amplify-agent.py//null-/bin/dash" pid=18239 comm="sh" laddr=192.168.10.3 lport=50758 faddr=54.153.70.241 fport=443 family="inet" sock_type="stream" protocol=6 requested_mask="send receive" denied_mask="send receive"
diff --git a/libraries/libapparmor/testsuite/test_multi/testcase_network_send_receive.out b/libraries/libapparmor/testsuite/test_multi/testcase_network_send_receive.out
new file mode 100644
index 000000000..93c4ef652
--- /dev/null
+++ b/libraries/libapparmor/testsuite/test_multi/testcase_network_send_receive.out
@@ -0,0 +1,19 @@
+START
+File: testcase_network_send_receive.in
+Event type: AA_RECORD_ALLOWED
+Audit ID: 1469785325.122:21021
+Operation: file_inherit
+Mask: send receive
+Denied Mask: send receive
+Profile: /usr/bin/nginx-amplify-agent.py//null-/bin/dash
+Command: sh
+PID: 18239
+Network family: inet
+Socket type: stream
+Protocol: tcp
+Local addr: 192.168.10.3
+Foreign addr: 54.153.70.241
+Local port: 50758
+Foreign port: 443
+Epoch: 1469785325
+Audit subid: 21021
diff --git a/utils/apparmor/logparser.py b/utils/apparmor/logparser.py
index efc16829a..f29a52496 100644
--- a/utils/apparmor/logparser.py
+++ b/utils/apparmor/logparser.py
@@ -304,7 +304,7 @@ class ReadLog:
             # sometimes network events come with an e['operation'] that matches the list of file operations
             # see https://bugs.launchpad.net/apparmor/+bug/1577051 and https://bugs.launchpad.net/apparmor/+bug/1582374
             # XXX these events are network events, so we should map them as such
-            if e['request_mask'] in ('send', 'receive'):
+            if 'send' in e['request_mask'] or 'receive' in e['request_mask']:
                 self.debug_logger.debug('UNHANDLED (request_mask is send or receive): %s' % e)
                 return None