diff --git a/salt/idstools/defaults.yaml b/salt/idstools/defaults.yaml
index 2d81c80e5..d23f23dd9 100644
--- a/salt/idstools/defaults.yaml
+++ b/salt/idstools/defaults.yaml
@@ -2,4 +2,8 @@ idstools:
   config:
     urls: []
     ruleset: ETOPEN
-    oinkcode: ""
\ No newline at end of file
+    oinkcode: ""
+  sids:
+	  enabled: []
+		isabled: []
+		modify: []
\ No newline at end of file
diff --git a/salt/idstools/etc/rulecat.conf b/salt/idstools/etc/rulecat.conf
index 8a6840267..fad421243 100644
--- a/salt/idstools/etc/rulecat.conf
+++ b/salt/idstools/etc/rulecat.conf
@@ -1,6 +1,6 @@
 {%- from 'vars/globals.map.jinja' import GLOBALS %}
 {%- import_yaml 'idstools/defaults.yaml' as IDSTOOLSDEFAULTS %}
-{%- set IDSTOOLSMERGED = salt['pillar.get']('idstools', IDSTOOLSDEFAULTS, merge=True) %}
+{%- set IDSTOOLSMERGED = salt['pillar.get']('idstools', IDSTOOLSDEFAULTS.idstools, merge=True) %}
 {%- if GLOBALS.airgap is sameas true -%}
 --merged=/opt/so/rules/nids/all.rules
 --local=/opt/so/rules/nids/local.rules
diff --git a/setup/so-functions b/setup/so-functions
index e11542639..2f5c8e1a0 100755
--- a/setup/so-functions
+++ b/setup/so-functions
@@ -1359,17 +1359,6 @@ ls_heapsize() {
 idstools_pillar() {
 	title "Ading IDSTOOLS pillar options"
 	touch $adv_idstools_pillar_file
-	printf '%s\n'\
-		"idstools:"\
-		"  config:"\
-		"    oinkcode: ''"\
-		"    urls: []"\
-		"  sids:"\
-		"    enabled: []"\
-		"    disabled: []"\
-		"    modify: []"\
-		"" > "$idstools_pillar_file"
-
 }
 
 soc_pillar() {