diff --git a/salt/elasticsearch/templates/component/so/so-rule-mappings.json b/salt/elasticsearch/templates/component/so/so-rule-mappings.json
new file mode 100644
index 000000000..00cea1bfe
--- /dev/null
+++ b/salt/elasticsearch/templates/component/so/so-rule-mappings.json
@@ -0,0 +1,19 @@
+{
+  "_meta": {
+    "documentation": "https://www.elastic.co/guide/en/ecs/current/ecs-file.html",
+    "ecs_version": "1.12.2"
+  },
+  "template": {
+    "mappings": {
+      "properties": {
+        "rule":{
+  	  "properties":{
+    	    "score":{
+      	      "type":"long"
+    	    }
+  	  }
+	}
+      }
+    }
+  }
+}
diff --git a/salt/elasticsearch/templates/component/so/so-scan-mappings.json b/salt/elasticsearch/templates/component/so/so-scan-mappings.json
new file mode 100644
index 000000000..00d10f73b
--- /dev/null
+++ b/salt/elasticsearch/templates/component/so/so-scan-mappings.json
@@ -0,0 +1,31 @@
+{
+  "_meta": {
+    "documentation": "https://www.elastic.co/guide/en/ecs/current/ecs-file.html",
+    "ecs_version": "1.12.2"
+  },
+  "template": {
+    "mappings": {
+      "properties": {
+        "scan":{
+  	  "type":"object",
+  	  "properties":{
+    	    "exiftool":{
+      	      "type":"text"
+    	    },
+    	    "pe":{
+              "properties":{
+                "sections":{
+                  "properties":{
+                    "entropy":{
+                      "type": "float"
+            	    }
+          	  }
+        	}
+      	      }
+    	    }
+  	  }
+	}
+      }
+    }
+  }
+}