diff --git a/salt/common/tools/sbin/so-allow b/salt/common/tools/sbin/so-allow
index 769dcc1e9..6aa20df1e 100755
--- a/salt/common/tools/sbin/so-allow
+++ b/salt/common/tools/sbin/so-allow
@@ -23,7 +23,6 @@ import sys
 import argparse
 import re
 from lxml import etree as ET
-from xml.dom import minidom
 from datetime import datetime as dt
 from datetime import timezone as tz
 
@@ -79,20 +78,15 @@ def ip_prompt() -> str:
 
 
 def wazuh_enabled() -> bool:
-  for file in os.listdir(f'{LOCAL_SALT_DIR}/pillar'):
-    with open(file, 'r') as pillar:
-      if 'wazuh: 1' in pillar.read():
-        return True
+  file = f'{LOCAL_SALT_DIR}/pillar/global.sls'
+  with open(file, 'r') as pillar:
+    if 'wazuh: 1' in pillar.read():
+      return True
   return False
 
 
 def root_to_str(root: ET.ElementTree) -> str:
-    xml_str = ET.tostring(root, encoding='unicode', method='xml').replace('\n', '')
-    xml_str = re.sub(r'(?:(?<=>) *)', '', xml_str)
-    xml_str = re.sub(r'       -', '', xml_str)
-    xml_str = re.sub(r'      -->', ' -->', xml_str)
-    dom = minidom.parseString(xml_str)
-    return dom.toprettyxml(indent="  ")
+    return ET.tostring(root, encoding='unicode', method='xml', xml_declaration=False, pretty_print=True)
 
 
 def add_wl(ip):
@@ -124,7 +118,7 @@ def apply(role: str, ip: str) -> int:
   else:
     return cmd.returncode
   if cmd.returncode == 0:
-    if wazuh_enabled and role=='analyst':
+    if wazuh_enabled() and role=='analyst':
       try:
         add_wl(ip)
         print(f'Added whitelist entry for {ip} from {WAZUH_CONF}', file=sys.stderr)
diff --git a/salt/common/tools/sbin/soup b/salt/common/tools/sbin/soup
index 55efde5a9..b497d9c24 100755
--- a/salt/common/tools/sbin/soup
+++ b/salt/common/tools/sbin/soup
@@ -933,21 +933,21 @@ main() {
       echo "Upgrading Salt"
       # Update the repo files so it can actually upgrade
       upgrade_salt
-    fi
-
-    echo "Checking if Salt was upgraded."
-    echo ""
-    # Check that Salt was upgraded
-    SALTVERSIONPOSTUPGRADE=$(salt --versions-report | grep Salt: | awk '{print $2}')
-    if [[ "$SALTVERSIONPOSTUPGRADE" != "$NEWSALTVERSION" ]]; then
-      echo "Salt upgrade failed. Check of indicators of failure in $SOUP_LOG."
-      echo "Once the issue is resolved, run soup again."
-      echo "Exiting."
-      echo ""
-      exit 0
-    else
-      echo "Salt upgrade success."
+    
+      echo "Checking if Salt was upgraded."
       echo ""
+      # Check that Salt was upgraded
+      SALTVERSIONPOSTUPGRADE=$(salt --versions-report | grep Salt: | awk '{print $2}')
+      if [[ "$SALTVERSIONPOSTUPGRADE" != "$NEWSALTVERSION" ]]; then
+        echo "Salt upgrade failed. Check of indicators of failure in $SOUP_LOG."
+        echo "Once the issue is resolved, run soup again."
+        echo "Exiting."
+        echo ""
+        exit 0
+      else
+        echo "Salt upgrade success."
+        echo ""
+      fi
     fi
 
     preupgrade_changes
diff --git a/setup/so-whiptail b/setup/so-whiptail
index 5a0b7a819..c49e7396a 100755
--- a/setup/so-whiptail
+++ b/setup/so-whiptail
@@ -753,7 +753,7 @@ whiptail_install_type_dist() {
 
 	dist_option=$(whiptail --title "$whiptail_title" --menu "Do you want to start a new deployment or join this box to \nan existing deployment?" 11 75 2 \
 		"New Deployment         " "Create a new Security Onion deployment" \
-		"Existing Deployment    " "Join to an exisiting Security Onion deployment " \
+		"Existing Deployment    " "Join to an existing Security Onion deployment " \
 		 3>&1 1>&2 2>&3
 	)
 	local exitstatus=$?