diff --git a/salt/logstash/pipelines/config/so/9000_output_zeek.conf.jinja b/salt/logstash/pipelines/config/so/9000_output_zeek.conf.jinja
index 486d22bfe..d17dc2b22 100644
--- a/salt/logstash/pipelines/config/so/9000_output_zeek.conf.jinja
+++ b/salt/logstash/pipelines/config/so/9000_output_zeek.conf.jinja
@@ -4,17 +4,16 @@
 {%- set ES = salt['pillar.get']('elasticsearch:mainip', '') -%}
 {%- endif %}
 output {
- if [event][module] == 'zeek' {
-   elasticsearch {
-     id => "zeek_logs"
-     pipeline => "filebeat-%{[agent][version]}-zeek-%{[fileset][name]}-pipeline"
-     hosts => "{{ ES }}"
-     index => "so-zeek-%{+YYYY.MM.dd}"
-     template_name => "so-common"
-     template => "/templates/so-common-template.json"
-     template_overwrite => true
-     ssl => true
-     ssl_certificate_verification => false
-   }
- }
+  if [module] =~ "zeek" and "import" not in [tags] {
+    elasticsearch {
+      pipeline => "%{module}.%{dataset}"
+      hosts => "{{ ES }}"
+      index => "so-zeek"
+      template_name => "so-zeek"
+      template => "/templates/so-zeek-template.json"
+      template_overwrite => true
+      ssl => true
+      ssl_certificate_verification => false
+    }
+  }
 }
diff --git a/salt/logstash/pipelines/config/so/9050_output_elasticsearch.jinja b/salt/logstash/pipelines/config/so/9050_output_elasticsearch.jinja
index eb0d8ef0c..5013bafc1 100644
--- a/salt/logstash/pipelines/config/so/9050_output_elasticsearch.jinja
+++ b/salt/logstash/pipelines/config/so/9050_output_elasticsearch.jinja
@@ -4,17 +4,15 @@
 {%- set ES = salt['pillar.get']('elasticsearch:mainip', '') -%}
 {%- endif %}
 output {
- if [event][module] == 'elasticsearch' {
-   elasticsearch {
-     id => "elastic_logs"
-     pipeline => "filebeat-%{[agent][version]}-elasticsearch-%{[fileset][name]}-pipeline"
-     hosts => "{{ ES }}"
-     index => "so-grid-%{+YYYY.MM.dd}"
-     template_name => "so-common"
-     template => "/templates/so-common-template.json"
-     template_overwrite => true
-     ssl => true
-     ssl_certificate_verification => false
-   }
- }
+  if [module] =~ "suricata" and "import" not in [tags] {
+    elasticsearch {
+      pipeline => "%{module}.%{dataset}"
+      hosts => "{{ ES }}"
+      index => "so-ids"
+      template_name => "so-ids" 
+      template => "/templates/so-ids-template.json"
+      ssl => true
+      ssl_certificate_verification => false
+    }
+  }
 }