diff --git a/pillar/elasticsearch/eval.sls b/pillar/elasticsearch/eval.sls
new file mode 100644
index 000000000..2dbb08f59
--- /dev/null
+++ b/pillar/elasticsearch/eval.sls
@@ -0,0 +1,13 @@
+elasticsearch:
+  templates:
+    - so/so-beats-template.json.jinja
+    - so/so-common-template.json
+    - so/so-firewall-template.json.jinja
+    - so/so-flow-template.json.jinja
+    - so/so-ids-template.json.jinja
+    - so/so-import-template.json.jinja
+    - so/so-osquery-template.json.jinja
+    - so/so-ossec-template.json.jinja
+    - so/so-strelka-template.json.jinja
+    - so/so-syslog-template.json.jinja
+    - so/so-zeek-template.json.jinja
\ No newline at end of file
diff --git a/pillar/top.sls b/pillar/top.sls
index e3ae34f28..9ab170a97 100644
--- a/pillar/top.sls
+++ b/pillar/top.sls
@@ -31,11 +31,12 @@ base:
     - logstash.manager
 
   '*_eval':
-    - static
     - data.*
     - brologs
     - secrets
     - healthcheck.eval
+    - elasticsearch.eval
+    - static
     - minions.{{ grains.id }}
 
   '*_standalone':