diff --git a/salt/common/tools/sbin/so-common b/salt/common/tools/sbin/so-common
index 5419b17b2..ddb85f654 100755
--- a/salt/common/tools/sbin/so-common
+++ b/salt/common/tools/sbin/so-common
@@ -172,12 +172,14 @@ elastic_fleet_policy_create() {
     NAME=$1
     DESC=$2
     FLEETSERVER=$3
+	TIMEOUT=$4
 
     JSON_STRING=$( jq -n \
                     --arg NAME "$NAME" \
                     --arg DESC "$DESC" \
+                    --arg TIMEOUT $TIMEOUT \
                     --arg FLEETSERVER "$FLEETSERVER" \
-                    '{"name": $NAME,"id":$NAME,"description":$DESC,"namespace":"default","monitoring_enabled":["logs"],"inactivity_timeout":1209600,"has_fleet_server":$FLEETSERVER}'
+                    '{"name": $NAME,"id":$NAME,"description":$DESC,"namespace":"default","monitoring_enabled":["logs"],"inactivity_timeout":$TIMEOUT,"has_fleet_server":$FLEETSERVER}'
                     )
     # Create Fleet Policy
     curl -K /opt/so/conf/elasticsearch/curl.config -L -X POST "localhost:5601/api/fleet/agent_policies" -H 'kbn-xsrf: true' -H 'Content-Type: application/json' -d "$JSON_STRING" 
diff --git a/salt/common/tools/sbin/so-restart b/salt/common/tools/sbin/so-restart
index dfedf290b..8f73faee1 100755
--- a/salt/common/tools/sbin/so-restart
+++ b/salt/common/tools/sbin/so-restart
@@ -24,6 +24,7 @@ if [ $# -ge 1 ]; then
 
         case $1 in
                 "steno") docker stop so-steno && docker rm so-steno && salt-call state.apply pcap queue=True;;
+                "elastic-fleet") docker stop so-elastic-fleet && docker rm so-elastic-fleet && salt-call state.apply elasticfleet queue=True;;
                 *)  docker stop so-$1 ; docker rm so-$1 ; salt-call state.apply $1 queue=True;;
         esac
 else
diff --git a/salt/common/tools/sbin/so-start b/salt/common/tools/sbin/so-start
index fbf3e4300..b0d5780e2 100755
--- a/salt/common/tools/sbin/so-start
+++ b/salt/common/tools/sbin/so-start
@@ -24,6 +24,7 @@ if [ $# -ge 1 ]; then
 	case $1 in
    		"all") salt-call state.highstate queue=True;;
    		"steno") if docker ps | grep -q so-$1; then printf "\n$1 is already running!\n\n"; else docker rm so-$1 >/dev/null 2>&1 ; salt-call state.apply pcap queue=True; fi ;; 
+   		"elastic-fleet") if docker ps | grep -q so-$1; then printf "\n$1 is already running!\n\n"; else docker rm so-$1 >/dev/null 2>&1 ; salt-call state.apply elasticfleet queue=True; fi ;; 
    		*) if docker ps | grep -E -q '^so-$1$'; then printf "\n$1 is already running\n\n"; else docker rm so-$1 >/dev/null 2>&1 ; salt-call state.apply $1 queue=True; fi ;; 
 	esac
 else
diff --git a/salt/elasticfleet/tools/sbin/so-elastic-fleet-restart b/salt/elasticfleet/tools/sbin/so-elastic-fleet-restart
index 6d4ac36c6..e3c38b409 100755
--- a/salt/elasticfleet/tools/sbin/so-elastic-fleet-restart
+++ b/salt/elasticfleet/tools/sbin/so-elastic-fleet-restart
@@ -9,4 +9,4 @@
 
 . /usr/sbin/so-common
 
-/usr/sbin/so-restart elasticfleet $1
+/usr/sbin/so-restart elastic-fleet $1
diff --git a/salt/elasticfleet/tools/sbin/so-elastic-fleet-start b/salt/elasticfleet/tools/sbin/so-elastic-fleet-start
index 2f58307a6..5ae7d21a1 100755
--- a/salt/elasticfleet/tools/sbin/so-elastic-fleet-start
+++ b/salt/elasticfleet/tools/sbin/so-elastic-fleet-start
@@ -9,4 +9,4 @@
 
 . /usr/sbin/so-common
 
-/usr/sbin/so-start elasticfleet $1
+/usr/sbin/so-start elastic-fleet $1
diff --git a/salt/elasticfleet/tools/sbin/so-elastic-fleet-stop b/salt/elasticfleet/tools/sbin/so-elastic-fleet-stop
index 234706bc9..f3fc3b923 100755
--- a/salt/elasticfleet/tools/sbin/so-elastic-fleet-stop
+++ b/salt/elasticfleet/tools/sbin/so-elastic-fleet-stop
@@ -9,4 +9,4 @@
 
 . /usr/sbin/so-common
 
-/usr/sbin/so-stop elasticfleet $1
+/usr/sbin/so-stop elastic-fleet $1
diff --git a/salt/elasticfleet/tools/sbin_jinja/so-elastic-fleet-setup b/salt/elasticfleet/tools/sbin_jinja/so-elastic-fleet-setup
index 7c5db70f7..6ad97a223 100755
--- a/salt/elasticfleet/tools/sbin_jinja/so-elastic-fleet-setup
+++ b/salt/elasticfleet/tools/sbin_jinja/so-elastic-fleet-setup
@@ -44,7 +44,7 @@ printf "\n\n"
 ### Create Policies & Associated Integration Configuration ###
 
 # Manager Fleet Server Host
-elastic_fleet_policy_create "FleetServer_{{ GLOBALS.hostname }}" "Fleet Server - {{ GLOBALS.hostname }}" "true" | jq
+elastic_fleet_policy_create "FleetServer_{{ GLOBALS.hostname }}" "Fleet Server - {{ GLOBALS.hostname }}" "true" "120"
 
 #Temp Fixup for ES Output bug
 JSON_STRING=$( jq -n \
@@ -54,10 +54,10 @@ JSON_STRING=$( jq -n \
 curl -K /opt/so/conf/elasticsearch/curl.config -L -X PUT "localhost:5601/api/fleet/agent_policies/FleetServer_{{ GLOBALS.hostname }}" -H 'kbn-xsrf: true' -H 'Content-Type: application/json' -d "$JSON_STRING"
 
 # Initial Endpoints Policy
-elastic_fleet_policy_create "endpoints-initial" "Initial Endpoint Policy" "false"
+elastic_fleet_policy_create "endpoints-initial" "Initial Endpoint Policy" "false" "1209600"
 
 # Grid Nodes Policy
-elastic_fleet_policy_create "so-grid-nodes" "SO Grid Node Policy" "false"
+elastic_fleet_policy_create "so-grid-nodes" "SO Grid Node Policy" "false" "1209600"
 
 # Load Integrations for default policies
 so-elastic-fleet-integration-policy-load
diff --git a/salt/firewall/defaults.yaml b/salt/firewall/defaults.yaml
index ee54f0c1f..176d12ec2 100644
--- a/salt/firewall/defaults.yaml
+++ b/salt/firewall/defaults.yaml
@@ -370,6 +370,19 @@ firewall:
                 - elastic_agent_data
                 - elastic_agent_update
                 - localrules
+            fleet:
+              portgroups:
+                - elasticsearch_rest
+                - docker_registry
+                - influxdb
+                - sensoroni
+                - yum
+                - beats_5044
+                - beats_5644
+                - beats_5056
+                - elastic_agent_control
+                - elastic_agent_data
+                - elastic_agent_update
             sensor:
               portgroups:
                 - beats_5044
@@ -458,6 +471,9 @@ firewall:
             dockernet:
               portgroups:
                 - all
+            fleet:
+              portgroups:
+                - salt_manager
             localhost:
               portgroups:
                 - all
@@ -508,6 +524,19 @@ firewall:
                 - elastic_agent_data
                 - elastic_agent_update
                 - localrules
+            fleet:
+              portgroups:
+                - elasticsearch_rest
+                - docker_registry
+                - influxdb
+                - sensoroni
+                - yum
+                - beats_5044
+                - beats_5644
+                - beats_5056
+                - elastic_agent_control
+                - elastic_agent_data
+                - elastic_agent_update
             sensor:
               portgroups:
                 - beats_5044
@@ -594,6 +623,9 @@ firewall:
             dockernet:
               portgroups:
                 - all
+            fleet:
+              portgroups:
+                - salt_manager
             localhost:
               portgroups:
                 - all
diff --git a/salt/logstash/defaults.yaml b/salt/logstash/defaults.yaml
index 790ab0f3b..a273476e1 100644
--- a/salt/logstash/defaults.yaml
+++ b/salt/logstash/defaults.yaml
@@ -21,11 +21,11 @@ logstash:
   defined_pipelines:
     fleet:
       - so/0012_input_elastic_agent.conf     
-      - so/9806_output_lumberjack_fleet.conf.jinja
+      - so/9806_output_http_fleet.conf.jinja
     manager:
       - so/0011_input_endgame.conf
       - so/0012_input_elastic_agent.conf
-      - so/0013_input_lumberjack_fleet.conf
+      - so/0013_input_http_fleet.conf
       - so/9999_output_redis.conf.jinja        
     receiver:
       - so/0011_input_endgame.conf
diff --git a/salt/logstash/pipelines/config/so/0013_input_lumberjack_fleet.conf b/salt/logstash/pipelines/config/so/0013_input_http_fleet.conf
similarity index 74%
rename from salt/logstash/pipelines/config/so/0013_input_lumberjack_fleet.conf
rename to salt/logstash/pipelines/config/so/0013_input_http_fleet.conf
index 894ecddb2..f3257eb20 100644
--- a/salt/logstash/pipelines/config/so/0013_input_lumberjack_fleet.conf
+++ b/salt/logstash/pipelines/config/so/0013_input_http_fleet.conf
@@ -10,4 +10,12 @@ input {
     ssl_verify_mode => "peer"
     ecs_compatibility => v8
   }
+}
+
+filter {
+   if "elastic-agent" in [tags] {
+  mutate {
+    remove_field => ["http","[metadata][input]","url","user_agent"]
+}
+   }
 }
\ No newline at end of file
diff --git a/salt/logstash/pipelines/config/so/9806_output_lumberjack_fleet.conf.jinja b/salt/logstash/pipelines/config/so/9806_output_http_fleet.conf.jinja
similarity index 100%
rename from salt/logstash/pipelines/config/so/9806_output_lumberjack_fleet.conf.jinja
rename to salt/logstash/pipelines/config/so/9806_output_http_fleet.conf.jinja
diff --git a/salt/manager/tools/sbin/so-minion b/salt/manager/tools/sbin/so-minion
index 3342f3c15..7d0703653 100755
--- a/salt/manager/tools/sbin/so-minion
+++ b/salt/manager/tools/sbin/so-minion
@@ -375,7 +375,7 @@ function create_fleet_policy() {
 	JSON_STRING_UPDATE=$( jq -n \
 					--arg NAME "FleetServer_$LSHOSTNAME" \
 					--arg DESC "Fleet Server - $LSHOSTNAME" \
-					'{"name":$NAME,"description":$DESC,"namespace":"default","monitoring_enabled":["logs"],"inactivity_timeout":1209600,"data_output_id":"so-manager_elasticsearch"}'
+					'{"name":$NAME,"description":$DESC,"namespace":"default","monitoring_enabled":["logs"],"inactivity_timeout":120,"data_output_id":"so-manager_elasticsearch"}'
 					)
 
 	# Update Fleet Policy - ES Output