diff --git a/salt/logstash/conf/pipelines/eval/7200_strelka.conf b/salt/logstash/conf/pipelines/eval/7200_strelka.conf
new file mode 100644
index 000000000..b2b57bf05
--- /dev/null
+++ b/salt/logstash/conf/pipelines/eval/7200_strelka.conf
@@ -0,0 +1,8 @@
+filter {
+  if [type] =~ "strelka" {
+    json {
+      source => "message"
+    }
+  }
+}
+
diff --git a/salt/logstash/conf/pipelines/search/7200_strelka.conf b/salt/logstash/conf/pipelines/search/7200_strelka.conf
new file mode 100644
index 000000000..b2b57bf05
--- /dev/null
+++ b/salt/logstash/conf/pipelines/search/7200_strelka.conf
@@ -0,0 +1,8 @@
+filter {
+  if [type] =~ "strelka" {
+    json {
+      source => "message"
+    }
+  }
+}
+