diff --git a/salt/common/maps/sensor.map.jinja b/salt/common/maps/sensor.map.jinja
index e77352692..f172dd55d 100644
--- a/salt/common/maps/sensor.map.jinja
+++ b/salt/common/maps/sensor.map.jinja
@@ -1,6 +1,5 @@
 {% set docker = {
   'containers': [
-    'so-nginx',
     'so-telegraf',
     'so-steno',
     'so-suricata',
diff --git a/salt/common/maps/so-status.map.jinja b/salt/common/maps/so-status.map.jinja
index 0a5d951b0..f67f4bcd6 100644
--- a/salt/common/maps/so-status.map.jinja
+++ b/salt/common/maps/so-status.map.jinja
@@ -28,6 +28,10 @@
   {{ append_containers('master', 'domainstats', 0) }}
 {% endif %}
 
+{% if role in ['eval', 'heavynode', 'sensor', 'standalone'] %}
+  {{ append_containers('static', 'strelka', 0) }}
+{% endif %}
+
 {% if role in ['heavynode', 'standalone'] %}
   {{ append_containers('static', 'broversion', 'SURICATA') }}
 {% endif %}
diff --git a/salt/common/maps/strelka.map.jinja b/salt/common/maps/strelka.map.jinja
new file mode 100644
index 000000000..b26a1241b
--- /dev/null
+++ b/salt/common/maps/strelka.map.jinja
@@ -0,0 +1,9 @@
+{% set docker = {
+  'containers': [
+    'so-strelka-coordinator',
+    'so-strelka-gatekeeper',
+    'so-strelka-manager',
+    'so-strelka-frontend',
+    'so-strelka-filestream'
+  ]
+} %}
\ No newline at end of file
diff --git a/salt/firewall/init.sls b/salt/firewall/init.sls
index 6440ef4e2..b6c928eba 100644
--- a/salt/firewall/init.sls
+++ b/salt/firewall/init.sls
@@ -683,7 +683,14 @@ enable_cluster_ES_9300_{{ip}}:
 
 # Rules if you are a Sensor
 {% if grains['role'] == 'so-sensor' %}
-
+iptables_allow_sensor_docker:
+  iptables.insert:
+    - table: filter
+    - chain: INPUT
+    - jump: ACCEPT
+    - source: 172.17.0.0/24
+    - position: 1
+    - save: True
 {% endif %}
 
 # Rules if you are a Hot Node
diff --git a/salt/soc/files/soc/changes.json b/salt/soc/files/soc/changes.json
index 95f934f72..b7ffa4733 100644
--- a/salt/soc/files/soc/changes.json
+++ b/salt/soc/files/soc/changes.json
@@ -25,6 +25,7 @@
     { "summary": "Mastersearch previously used the same Grafana dashboard as a Search node. It now has its own dashboard that incorporates panels from the Master node and Search node dashboards." },
     { "summary": "KNOWN ISSUE: The Hunt feature is currently considered \"Preview\" and although very useful in its current state, not everything works. We wanted to get this out as soon as possible to get the feedback from you! Let us know what you want to see! Let us know what you think we should call it!" },
     { "summary": "KNOWN ISSUE: You cannot pivot to PCAP from Suricata alerts in Kibana or Hunt." },
+    { "summary": "KNOWN ISSUE: Navigator is currently not working when using hostname to access SOC. IP mode works correctly." },
     { "summary": "KNOWN ISSUE: Updating users via the SOC ui is known to fail. To change a user, delete the user and re-add them." },
     { "summary": "KNOWN ISSUE: Due to the move to ECS, the current Playbook plays may not alert correctly at this time." },
     { "summary": "KNOWN ISSUE: The osquery MacOS package does not install correctly." }
diff --git a/salt/soc/files/soc/soc.json b/salt/soc/files/soc/soc.json
index fdead6459..6193e7343 100644
--- a/salt/soc/files/soc/soc.json
+++ b/salt/soc/files/soc/soc.json
@@ -100,7 +100,7 @@
           { "name": "Connections", "description": "Connections grouped by source country", "query": "event.module:zeek AND event.dataset:conn | groupby source.geo.country_name"},
           { "name": "DCE_RPC", "description": "DCE_RPC grouped by operation", "query": "event.module:zeek AND event.dataset:dce_rpc | groupby operation"},
           { "name": "DHCP", "description": "DHCP leases", "query": "event.module:zeek AND event.dataset:dhcp | groupby host.hostname host.domain dhcp.requested_address"},
-          { "name": "DHCP", "description": "DHCP grouped by message type", "query": "event.module:zeek AND event.dataset:dhcp | groupby message_types"},
+          { "name": "DHCP", "description": "DHCP grouped by message type", "query": "event.module:zeek AND event.dataset:dhcp | groupby dhcp.message_types"},
           { "name": "DNP3", "description": "DNP3 grouped by reply", "query": "event.module:zeek AND event.dataset:dnp3 | groupby dnp3.fc_reply"},
           { "name": "DNS", "description": "DNS queries grouped by port ", "query": "event.module:zeek AND event.dataset:dns | groupby dns.query.name destination.port"},
           { "name": "DNS", "description": "DNS queries grouped by type", "query": "event.module:zeek AND event.dataset:dns | groupby dns.query.type_name destination.port"},