diff --git a/salt/common/tools/sbin/so-minion b/salt/common/tools/sbin/so-minion
index 24544940c..58f04ab77 100755
--- a/salt/common/tools/sbin/so-minion
+++ b/salt/common/tools/sbin/so-minion
@@ -168,13 +168,6 @@ function add_sensor_to_minion() {
 	echo "    config:" >> $PILLARFILE
 	echo "        af-packet:" >> $PILLARFILE
 	echo "            threads: $CORECOUNT" >> $PILLARFILE
-	echo "steno:" >> $PILLARFILE
-	echo "  stenopin: False" >> $PILLARFILE
-	echo "  stenopins:" >> $PILLARFILE
-	echo "    - 3" >> $PILLARFILE
-	echo "  enabled: True" >> $PILLARFILE
-	echo "  disks:" >> $PILLARFILE
-	echo "    - '/some/path'" >> $PILLARFILE
 }
 
 function createSTANDALONE() {
diff --git a/salt/pcap/defaults.yaml b/salt/pcap/defaults.yaml
new file mode 100644
index 000000000..bb93ec6cc
--- /dev/null
+++ b/salt/pcap/defaults.yaml
@@ -0,0 +1,11 @@
+pcap:
+    enabled: True
+    config:
+        maxdirectoryfiles: 30000
+        diskfreepercentage: 10
+        blocks: 2048
+        preallocate_file_mb: 4096
+        aiops: 128
+        stenopin: False
+        stenopins: []
+        disks: []
\ No newline at end of file
diff --git a/salt/pcap/soc_pcap.yaml b/salt/pcap/soc_pcap.yaml
index 515dd346b..68eb0f083 100644
--- a/salt/pcap/soc_pcap.yaml
+++ b/salt/pcap/soc_pcap.yaml
@@ -1,9 +1,9 @@
 pcap:
+  enabled: 
+  description: Enable or Disable Stenographer on all sensors or a single sensor
   config:
-    enabled: 
-      description: Enable or Disable Stenographer on all sensors or a single sensor
-    maxfiles:
-      description: The maximum number of packet/index files to create before cleaning old ones up. 
+    maxdirectoryfiles:
+      description: The maximum number of packet/index files to create before deleting old files. The default is about 8 days regardless of free space. 
     diskfreepercentage:
       description: The disk space percent to always keep free for pcap
     blocks: