diff --git a/salt/curator/defaults.yaml b/salt/curator/defaults.yaml
index 3eda48d81..8e791b0d5 100644
--- a/salt/curator/defaults.yaml
+++ b/salt/curator/defaults.yaml
@@ -1,182 +1,47 @@
 elasticsearch:
   index_settings:
-    so-aws:
-      warm: 7
-      close: 30
-      delete: 365
-    so-azure:
-      warm: 7
-      close: 30
-      delete: 365
-    so-barracuda:
-      warm: 7
-      close: 30
-      delete: 365
     so-beats:
-      warm: 7
-      close: 30
-      delete: 365
-    so-bluecoat:
-      warm: 7
-      close: 30
-      delete: 365
-    so-cef:
-      warm: 7
-      close: 30
-      delete: 365
-    so-checkpoint:
-      warm: 7
-      close: 30
-      delete: 365
-    so-cisco:
-      warm: 7
-      close: 30
-      delete: 365
-    so-cyberark:
-      warm: 7
-      close: 30
-      delete: 365
-    so-cylance:
-      warm: 7
       close: 30
       delete: 365
     so-elasticsearch:
-      warm: 7
-      close: 30
-      delete: 365
-    so-endgame:
-      warm: 7
-      close: 30
-      delete: 365
-    so-f5:
-      warm: 7
       close: 30
       delete: 365
     so-firewall:
-      warm: 7
-      close: 30
-      delete: 365
-    so-fortinet:
-      warm: 7
-      close: 30
-      delete: 365
-    so-gcp:
-      warm: 7
-      close: 30
-      delete: 365
-    so-google_workspace:
-      warm: 7
       close: 30
       delete: 365
     so-ids:
-      warm: 7
-      close: 30
-      delete: 365
-    so-imperva:
-      warm: 7
       close: 30
       delete: 365
     so-import:
-      warm: 7
       close: 73000
       delete: 73001
-    so-infoblox:
-      warm: 7
-      close: 30
-      delete: 365
-    so-juniper:
-      warm: 7
-      close: 30
-      delete: 365
     so-kratos:
-      warm: 7
       close: 30
       delete: 365
     so-kibana:
-      warm: 7
       close: 30
       delete: 365
     so-logstash:
-      warm: 7
-      close: 30
-      delete: 365
-    so-microsoft:
-      warm: 7
-      close: 30
-      delete: 365
-    so-misp:
-      warm: 7
       close: 30
       delete: 365
     so-netflow:
-      warm: 7
-      close: 30
-      delete: 365
-    so-netscout:
-      warm: 7
-      close: 30
-      delete: 365
-    so-o365:
-      warm: 7
-      close: 30
-      delete: 365
-    so-okta:
-      warm: 7
       close: 30
       delete: 365
     so-osquery:
-      warm: 7
       close: 30
       delete: 365
     so-ossec:
-      warm: 7
-      close: 30
-      delete: 365
-    so-proofpoint:
-      warm: 7
-      close: 30
-      delete: 365
-    so-radware:
-      warm: 7
       close: 30
       delete: 365
     so-redis:
-      warm: 7
-      close: 30
-      delete: 365
-    so-snort:
-      warm: 7
-      close: 30
-      delete: 365
-    so-snyk:
-      warm: 7
-      close: 30
-      delete: 365
-    so-sonicwall:
-      warm: 7
-      close: 30
-      delete: 365
-    so-sophos:
-      warm: 7
       close: 30
       delete: 365
     so-strelka:
-      warm: 7
       close: 30
       delete: 365
     so-syslog:
-      warm: 7
-      close: 30
-      delete: 365
-    so-tomcat:
-      warm: 7
       close: 30
       delete: 365
     so-zeek:
-      warm: 7
-      close: 30
-      delete: 365
-    so-zscaler:
-      warm: 7
       close: 30
       delete: 365
diff --git a/salt/curator/files/bin/so-curator-cluster-warm b/salt/curator/files/bin/so-curator-cluster-warm
deleted file mode 100644
index f868caf0d..000000000
--- a/salt/curator/files/bin/so-curator-cluster-warm
+++ /dev/null
@@ -1,26 +0,0 @@
-#!/bin/bash
-# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
-# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at 
-# https://securityonion.net/license; you may not use this file except in compliance with the
-# Elastic License 2.0.
-
-
-APP=warm
-lf=/tmp/$APP-pidLockFile
-# create empty lock file if none exists
-cat /dev/null >> $lf
-read lastPID < $lf
-# if lastPID is not null and a process with that pid exists , exit
-[ ! -z "$lastPID" -a -d /proc/$lastPID ] && exit
-echo $$ > $lf
-
-docker exec so-curator curator --config /etc/curator/config/curator.yml /etc/curator/action/so-zeek-warm.yml > /dev/null 2>&1; 
-docker exec so-curator curator --config /etc/curator/config/curator.yml /etc/curator/action/so-beats-warm.yml > /dev/null 2>&1; 
-docker exec so-curator curator --config /etc/curator/config/curator.yml /etc/curator/action/so-firewall-warm.yml > /dev/null 2>&1; 
-docker exec so-curator curator --config /etc/curator/config/curator.yml /etc/curator/action/so-ids-warm.yml > /dev/null 2>&1; 
-docker exec so-curator curator --config /etc/curator/config/curator.yml /etc/curator/action/so-import-warm.yml > /dev/null 2>&1;
-docker exec so-curator curator --config /etc/curator/config/curator.yml /etc/curator/action/so-kratos-warm.yml > /dev/null 2>&1; 
-docker exec so-curator curator --config /etc/curator/config/curator.yml /etc/curator/action/so-osquery-warm.yml > /dev/null 2>&1; 
-docker exec so-curator curator --config /etc/curator/config/curator.yml /etc/curator/action/so-ossec-warm.yml > /dev/null 2>&1; 
-docker exec so-curator curator --config /etc/curator/config/curator.yml /etc/curator/action/so-strelka-warm.yml > /dev/null 2>&1; 
-docker exec so-curator curator --config /etc/curator/config/curator.yml /etc/curator/action/so-syslog-warm.yml > /dev/null 2>&1;
diff --git a/salt/curator/init.sls b/salt/curator/init.sls
index 27c8d10c8..4a828beb6 100644
--- a/salt/curator/init.sls
+++ b/salt/curator/init.sls
@@ -182,16 +182,6 @@ so-curatorclusterdelete:
     - month: '*'
     - dayweek: '*'
 
-so-curatorclusterwarm:
-  cron.present:
-    - name: /usr/sbin/so-curator-cluster-warm > /opt/so/log/curator/cron-warm.log 2>&1
-    - user: root
-    - minute: '2'
-    - hour: '*/1'
-    - daymonth: '*'
-    - month: '*'
-    - dayweek: '*'
-
 {% else %}
 
 {{sls}}_state_not_allowed: