diff --git a/salt/common/tools/sbin/soup b/salt/common/tools/sbin/soup
index 49ccc2538..d53dcd73c 100755
--- a/salt/common/tools/sbin/soup
+++ b/salt/common/tools/sbin/soup
@@ -27,6 +27,7 @@ SOUP_LOG=/root/soup.log
 INFLUXDB_MIGRATION_LOG=/opt/so/log/influxdb/soup_migration.log
 WHATWOULDYOUSAYYAHDOHERE=soup
 whiptail_title='Security Onion UPdater'
+NOTIFYCUSTOMELASTICCONFIG=false
 
 check_err() {
   local exit_code=$1
@@ -655,6 +656,11 @@ up_2.3.5X_to_2.3.80() {
     done
   fi
 
+  # check for local es config to inform user that the config in local is now ignored and those options need to be placed in the pillar
+  if [ -f "/opt/so/saltstack/local/salt/elasticsearch/files/elasticsearch.yml" ]; then
+    NOTIFYCUSTOMELASTICCONFIG=true
+  fi
+
   INSTALLEDVERSION=2.3.80
 }
 
@@ -1059,6 +1065,19 @@ EOF
     fi
   fi
 
+  if [ "$NOTIFYCUSTOMELASTICCONFIG" = true ] ; then
+
+    cat << EOF
+
+
+A custom Elasticsearch configuration has been found at /opt/so/saltstack/local/elasticsearch/files/elasticsearch.yml. This file is no longer referenced in Security Onion versions >= 2.3.80.
+
+If you still need those customizations, you'll need to manually migrate them to the new Elasticsearch config as shown at https://docs.securityonion.net/en/2.3/elasticsearch.html.
+
+EOF
+
+  fi
+
   echo "### soup has been served at $(date) ###"
 }