diff --git a/salt/common/tools/sbin/so-import-pcap b/salt/common/tools/sbin/so-import-pcap
old mode 100644
new mode 100755
diff --git a/salt/filebeat/etc/filebeat.yml b/salt/filebeat/etc/filebeat.yml
index 9dd00503c..9d0889a34 100644
--- a/salt/filebeat/etc/filebeat.yml
+++ b/salt/filebeat/etc/filebeat.yml
@@ -127,11 +127,11 @@ filebeat.inputs:
         category: network
         imported: true
     processors:
-      - dissect:
-          tokenizer: "/nsm/import/%{import_id}/zeek/logs/%{import_source}"
-          field: "source"
-          target_prefix: ""
-      - drop_fields:
+    - dissect:
+        tokenizer: "/nsm/import/%{import_id}/zeek/logs/%{import_source}"
+        field: "source"
+        target_prefix: ""
+    - drop_fields:
         fields: ["source", "prospector", "input", "offset", "beat"]
  
     fields_under_root: true