diff --git a/salt/elasticsearch/defaults.yaml b/salt/elasticsearch/defaults.yaml
index ffb302977..9c3d11c75 100644
--- a/salt/elasticsearch/defaults.yaml
+++ b/salt/elasticsearch/defaults.yaml
@@ -638,12 +638,19 @@ elasticsearch:
               mapping:
                 total_fields:
                   limit: 1500
+              lifecycle:
+                name: so-ip-mappings-logs
               number_of_replicas: 0
               number_of_shards: 1
               refresh_interval: 30s
               sort:
                 field: '@timestamp'
                 order: desc
+      policy:
+        phases:
+          hot:
+            actions: {}
+            min_age: 0ms
     so-items:
       index_sorting: false
       index_template: