diff --git a/salt/filebeat/etc/filebeat.yml b/salt/filebeat/etc/filebeat.yml
index 62a45e9c4..498f38390 100644
--- a/salt/filebeat/etc/filebeat.yml
+++ b/salt/filebeat/etc/filebeat.yml
@@ -267,6 +267,7 @@ filebeat.inputs:
 
 {%- if RITAENABLED %}
 - type: filestream
+  id: rita-beacon
   paths:
     - /nsm/rita/beacons.csv
   exclude_lines: ['^Score', '^Source', '^Domain', '^No results']
@@ -282,6 +283,7 @@ filebeat.inputs:
   index: "so-rita"
 
 - type: filestream
+  id: rita-connection
   paths:
     - /nsm/rita/long-connections.csv
     - /nsm/rita/open-connections.csv
@@ -298,6 +300,7 @@ filebeat.inputs:
   index: "so-rita"
 
 - type: filestream
+  id: rita-dns
   paths:
     - /nsm/rita/exploded-dns.csv
   exclude_lines: ['^Domain', '^No results']