diff --git a/salt/filebeat/etc/filebeat.yml b/salt/filebeat/etc/filebeat.yml
index 7089f85ea..51a751105 100644
--- a/salt/filebeat/etc/filebeat.yml
+++ b/salt/filebeat/etc/filebeat.yml
@@ -40,7 +40,7 @@ logging.to_files: true
 logging.files:
   # Configure the path where the logs are written. The default is the logs directory
   # under the home path (the binary location).
-  path: /var/log/filebeat
+  #path: /var/log/filebeat
 
   # The name of the files where the logs are written to.
   name: filebeat.log
diff --git a/salt/filebeat/init.sls b/salt/filebeat/init.sls
index e7c707bc7..b7597730c 100644
--- a/salt/filebeat/init.sls
+++ b/salt/filebeat/init.sls
@@ -69,7 +69,7 @@ so-filebeat:
     - user: root
     - extra_hosts: {{ MASTER }}:{{ MASTERIP }}
     - binds:
-      - /opt/so/log/filebeat:/var/log/filebeat:rw
+      - /opt/so/log/filebeat:/usr/share/filebeat/logs:rw
       - /opt/so/conf/filebeat/etc/filebeat.yml:/usr/share/filebeat/filebeat.yml:ro
       - /nsm/bro:/nsm/bro:ro
       - /opt/so/log/suricata:/suricata:ro