diff --git a/salt/filebeat/etc/filebeat.yml b/salt/filebeat/etc/filebeat.yml
index 129223381..7f87c6788 100644
--- a/salt/filebeat/etc/filebeat.yml
+++ b/salt/filebeat/etc/filebeat.yml
@@ -162,7 +162,7 @@ filebeat.inputs:
 
   - type: log
     paths:
-      - /opt/so/log/strelka/strelka.log
+      - /nsm/strelka/log/strelka.log
     fields:
       module: strelka
       dataset: file
diff --git a/salt/strelka/init.sls b/salt/strelka/init.sls
index 3f3191583..ff3b5e95b 100644
--- a/salt/strelka/init.sls
+++ b/salt/strelka/init.sls
@@ -23,14 +23,6 @@ strelkaconfdir:
     - group: 939
     - makedirs: True
 
-# Strelka logs 
-strelkalogdir:
-  file.directory:
-    - name: /opt/so/log/strelka
-    - user: 939
-    - group: 939
-    - makedirs: True
-
 # Sync dynamic config to conf dir
 strelkasync:
   file.recurse:
@@ -47,6 +39,13 @@ strelkadatadir:
     - group: 939
     - makedirs: True
 
+strelkalogdir:
+  file.directory:
+    - name: /nsm/strelka/log
+    - user: 939
+    - group: 939
+    - makedirs: True
+
 strelkastagedir:
    file.directory:
     - name: /nsm/strelka/processed
@@ -75,7 +74,7 @@ strelka_frontend:
     - image: soshybridhunter/so-strelka-frontend:HH1.2.1
     - binds:
       - /opt/so/conf/strelka/frontend/:/etc/strelka/:ro
-      - /opt/so/log/strelka/:/var/log/strelka/:rw
+      - /nsm/strelka/log/:/var/log/strelka/:rw
     - privileged: True
     - name: so-strelka-frontend
     - command: strelka-frontend