diff --git a/salt/elastalert/config.sls b/salt/elastalert/config.sls
index 252aa83c0..1251c9d19 100644
--- a/salt/elastalert/config.sls
+++ b/salt/elastalert/config.sls
@@ -82,6 +82,35 @@ elastasomodulesync:
     - group: 933
     - makedirs: True
 
+elastacustomdir:
+  file.directory:
+    - name: /opt/so/conf/elastalert/custom
+    - user: 933
+    - group: 933
+    - makedirs: True
+
+elastacustomsync:
+  file.recurse:
+    - name: /opt/so/conf/elastalert/custom
+    - source: salt://elastalert/files/custom
+    - user: 933
+    - group: 933
+    - makedirs: True
+    - template: jinja
+    - mode: 660
+    - context:
+        elastalert: {{ ELASTALERTMERGED }}
+    - show_changes: False
+
+elastapredefinedsync:
+  file.recurse:
+    - name: /opt/so/conf/elastalert/predefined
+    - source: salt://elastalert/files/predefined
+    - user: 933
+    - group: 933
+    - makedirs: True
+    - show_changes: False
+
 elastaconf:
   file.managed:
     - name: /opt/so/conf/elastalert/elastalert_config.yaml
diff --git a/salt/elastalert/defaults.yaml b/salt/elastalert/defaults.yaml
index 393932992..8021533ab 100644
--- a/salt/elastalert/defaults.yaml
+++ b/salt/elastalert/defaults.yaml
@@ -40,4 +40,4 @@ elastalert:
           level: INFO
           handlers:
             - file
-          propagate: false
+          propagate: False
\ No newline at end of file
diff --git a/salt/elastalert/enabled.sls b/salt/elastalert/enabled.sls
index e4b3642db..6a1ff1440 100644
--- a/salt/elastalert/enabled.sls
+++ b/salt/elastalert/enabled.sls
@@ -30,6 +30,8 @@ so-elastalert:
       - /opt/so/rules/elastalert:/opt/elastalert/rules/:ro
       - /opt/so/log/elastalert:/var/log/elastalert:rw
       - /opt/so/conf/elastalert/modules/:/opt/elastalert/modules/:ro
+      - /opt/so/conf/elastalert/predefined/:/opt/elastalert/predefined/:ro
+      - /opt/so/conf/elastalert/custom/:/opt/elastalert/custom/:ro
       - /opt/so/conf/elastalert/elastalert_config.yaml:/opt/elastalert/config.yaml:ro
       {% if DOCKER.containers['so-elastalert'].custom_bind_mounts %}
         {% for BIND in DOCKER.containers['so-elastalert'].custom_bind_mounts %}
diff --git a/salt/elastalert/map.jinja b/salt/elastalert/map.jinja
index 3db17d32b..8d4e65652 100644
--- a/salt/elastalert/map.jinja
+++ b/salt/elastalert/map.jinja
@@ -14,7 +14,22 @@
 
 {% set ELASTALERTMERGED = salt['pillar.get']('elastalert', ELASTALERTDEFAULTS.elastalert, merge=True) %}
 
-{% set params = ELASTALERTMERGED.alerter_parameters | load_yaml %}
-{% if params != None %}
-  {% do ELASTALERTMERGED.config.update(params) %}
+{% if 'ntf' in salt['pillar.get']('features', []) %}
+   {% set params = ELASTALERTMERGED.alerter_parameters | load_yaml %}
+   {% if params != None %}
+      {% do ELASTALERTMERGED.config.update(params) %}
+   {% endif %}
+
+   {% if ELASTALERTMERGED.smtp_user | length > 0 %}
+      {% do ELASTALERTMERGED.config.update({'smtp_auth_file': '/opt/elastalert/predefined/smtp_auth.yaml'}) %}
+   {% endif %}
+
+   {% if ELASTALERTMERGED.smtp_user | length > 0 %}
+      {% do ELASTALERTMERGED.config.update({'smtp_auth_file': '/opt/elastalert/predefined/smtp_auth.yaml'}) %}
+   {% endif %}
+
+   {% if ELASTALERTMERGED.jira_user | length > 0 or ELASTALERTMERGED.jira_key | length > 0 %}
+      {% do ELASTALERTMERGED.config.update({'jira_account_file': '/opt/elastalert/predefined/jira_auth.yaml'}) %}
+   {% endif %}
+
 {% endif %}
diff --git a/salt/elastalert/soc_elastalert.yaml b/salt/elastalert/soc_elastalert.yaml
index eec3f3866..81df0541f 100644
--- a/salt/elastalert/soc_elastalert.yaml
+++ b/salt/elastalert/soc_elastalert.yaml
@@ -4,12 +4,61 @@ elastalert:
     helpLink: elastalert.html
   alerter_parameters:
     title: Alerter Parameters
-    description: Custom configuration parameters for additional, optional alerters that can be enabled for all Sigma rules. Filter for 'Additional Alerters' in this Configuration screen to find the setting that allows these alerters to be enabled within the SOC ElastAlert module. Use YAML format for these parameters, and reference the ElastAlert 2 documentation, located at https://elastalert2.readthedocs.io, for available alerters and their required configuration parameters.
+    description: Optional configuration parameters for additional alerters that can be enabled for all Sigma rules. Filter for 'Alerter' in this Configuration screen to find the setting that allows these alerters to be enabled within the SOC ElastAlert module. Use YAML format for these parameters, and reference the ElastAlert 2 documentation, located at https://elastalert2.readthedocs.io, for available alerters and their required configuration parameters. A full update of the ElastAlert rule engine, via the Detections screen, is required in order to apply these changes. Requires a valid Security Onion license key.
     global: True
     multiline: True
     syntax: yaml
     helpLink: elastalert.html
     forcedType: string
+  jira_api_key:
+    title: Jira API Key
+    description: Optional configuration parameter for Jira API Key, used instead of the Jira username and password. Requires a valid Security Onion license key.
+    global: True
+    sensitive: True
+    helpLink: elastalert.html
+    forcedType: string
+  jira_pass:
+    title: Jira Password
+    description: Optional configuration parameter for Jira password. Requires a valid Security Onion license key.
+    global: True
+    sensitive: True
+    helpLink: elastalert.html
+    forcedType: string
+  jira_user:
+    title: Jira Username
+    description: Optional configuration parameter for Jira username. Requires a valid Security Onion license key.
+    global: True
+    helpLink: elastalert.html
+    forcedType: string
+  smtp_pass:
+    title: SMTP Password
+    description: Optional configuration parameter for SMTP password, required for authenticating email servers. Requires a valid Security Onion license key.
+    global: True
+    sensitive: True
+    helpLink: elastalert.html
+    forcedType: string
+  smtp_user:
+    title: SMTP Username
+    description: Optional configuration parameter for SMTP username, required for authenticating email servers. Requires a valid Security Onion license key.
+    global: True
+    helpLink: elastalert.html
+    forcedType: string
+  opsgenie_key:
+    title: OpsGenie API Key
+    description: Optional configuration parameter for OpsGenie API Key. Requires a valid Security Onion license key.
+    global: True
+    sensitive: True
+    helpLink: elastalert.html
+    forcedType: string
+  files:
+    custom:
+      filename__ext:
+        title: Custom Parameter File
+        description: Optional configuration file that can be used to specify custom file contents, such as a SMTP certificate file. When used, the corresponding parameter must be set to this setting's filename.ext path inside the custom subdirectory. For example, if specifying the SMTP cert file, the smtp_cert_file key must be set to /opt/elastalert/custom/smtp.crt in the Alerter Parameters setting for this certificate to be enabled, and assumes this duplicated setting has been named smtp__crt. Note that double underscores will be replaced with a period in the filename.
+        global: True
+        duplicating: True
+        file: True
+        helpLink: elastalert.html
   config:
     disable_rules_on_error:
       description: Disable rules on failure.
diff --git a/salt/soc/soc_soc.yaml b/salt/soc/soc_soc.yaml
index bc1c49185..7367c030d 100644
--- a/salt/soc/soc_soc.yaml
+++ b/salt/soc/soc_soc.yaml
@@ -85,7 +85,7 @@ soc:
         elastalertengine:
           additionalAlerters:
             title: Additional Alerters
-            description: Specify additional alerters to enable for all Sigma rules, one alerter name per line. Alerters refers to ElastAlert 2 alerters, as documented at https://elastalert2.readthedocs.io. Note that the configuration parameters for these alerters must be provided in the ElastAlert configuration section. Filter for 'Alerter Parameters' to find this related setting.
+            description: Specify additional alerters to enable for all Sigma rules, one alerter name per line. Alerters refers to ElastAlert 2 alerters, as documented at https://elastalert2.readthedocs.io. Note that the configuration parameters for these alerters must be provided in the ElastAlert configuration section. Filter for 'Alerter' to find this related setting. A full update of the ElastAlert rule engine, via the Detections screen, is required in order to apply these changes. Requires a valid Security Onion license key.
             global: True
             helpLink: sigma.html
             forcedType: "[]string"
diff --git a/salt/stig/soc_stig.yaml b/salt/stig/soc_stig.yaml
index 1fb030c31..597aab809 100644
--- a/salt/stig/soc_stig.yaml
+++ b/salt/stig/soc_stig.yaml
@@ -1,6 +1,6 @@
 stig:
   enabled:
-    description: You can enable or disable the application of STIGS using oscap. Note that the actions performed by OSCAP are not automatically reversible.
+    description: You can enable or disable the application of STIGS using oscap. Note that the actions performed by OSCAP are not automatically reversible. Requires a valid Security Onion license key.
     forcedType: bool
     advanced: True
   run_interval: