diff --git a/salt/telegraf/defaults.yaml b/salt/telegraf/defaults.yaml
index a87fa952b..ab8679e57 100644
--- a/salt/telegraf/defaults.yaml
+++ b/salt/telegraf/defaults.yaml
@@ -11,7 +11,6 @@ telegraf:
     quiet: 'false'
   scripts:
     eval:
-      - beatseps.sh
       - checkfiles.sh
       - influxdbsize.sh
       - oldpcap.sh
@@ -23,7 +22,6 @@ telegraf:
       - zeekcaptureloss.sh
       - zeekloss.sh
     standalone:
-      - beatseps.sh
       - checkfiles.sh
       - eps.sh
       - influxdbsize.sh
@@ -36,13 +34,11 @@ telegraf:
       - zeekcaptureloss.sh
       - zeekloss.sh
     manager:
-      - beatseps.sh
       - influxdbsize.sh
       - raid.sh
       - redis.sh
       - sostatus.sh
     managersearch:
-      - beatseps.sh
       - eps.sh
       - influxdbsize.sh
       - raid.sh
@@ -51,7 +47,6 @@ telegraf:
     import:
       - sostatus.sh
     sensor:
-      - beatseps.sh
       - checkfiles.sh
       - oldpcap.sh
       - raid.sh
@@ -61,7 +56,6 @@ telegraf:
       - zeekcaptureloss.sh
       - zeekloss.sh
     heavynode:
-      - beatseps.sh
       - checkfiles.sh
       - eps.sh
       - oldpcap.sh
@@ -75,12 +69,10 @@ telegraf:
     idh:
       - sostatus.sh
     searchnode:
-      - beatseps.sh
       - eps.sh
       - raid.sh
       - sostatus.sh
     receiver:
-      - beatseps.sh
       - eps.sh
       - raid.sh
       - redis.sh
diff --git a/salt/telegraf/scripts/beatseps.sh b/salt/telegraf/scripts/beatseps.sh
deleted file mode 100644
index 5f3db53f8..000000000
--- a/salt/telegraf/scripts/beatseps.sh
+++ /dev/null
@@ -1,38 +0,0 @@
-#!/bin/bash
-#
-# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
-# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at 
-# https://securityonion.net/license; you may not use this file except in compliance with the
-# Elastic License 2.0.
-
-
-
-# if this script isn't already running
-if [[ ! "`pidof -x $(basename $0) -o %PPID`" ]]; then
-
-  PREVCOUNTFILE='/tmp/beatseps.txt'
-  EVENTCOUNTCURRENT="$(curl -s localhost:5066/stats | jq '.libbeat.output.events.acked')"
-  FAILEDEVENTCOUNT="$(curl -s localhost:5066/stats | jq '.libbeat.output.events.failed')"
-
-  if [ ! -z "$EVENTCOUNTCURRENT" ]; then
-
-    if [ -f "$PREVCOUNTFILE" ]; then
-      EVENTCOUNTPREVIOUS=`cat $PREVCOUNTFILE`
-    else
-      echo "${EVENTCOUNTCURRENT}" > $PREVCOUNTFILE
-      exit 0
-    fi
-
-    echo "${EVENTCOUNTCURRENT}" > $PREVCOUNTFILE
-    # the division by 30 is because the agent interval is 30 seconds
-    EVENTS=$(((EVENTCOUNTCURRENT - EVENTCOUNTPREVIOUS)/30))
-    if [ "$EVENTS" -lt 0 ]; then
-      EVENTS=0
-    fi
-
-    echo "fbstats eps=${EVENTS%%.*},failed=$FAILEDEVENTCOUNT"
-  fi
-
-fi
-
-exit 0