diff --git a/salt/common/tools/sbin/so-filebeat-module-setup b/salt/common/tools/sbin/so-filebeat-module-setup
deleted file mode 100755
index 43c816087..000000000
--- a/salt/common/tools/sbin/so-filebeat-module-setup
+++ /dev/null
@@ -1,58 +0,0 @@
-#!/bin/bash
-# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
-# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at 
-# https://securityonion.net/license; you may not use this file except in compliance with the
-# Elastic License 2.0.
-
-
-
-{%- set mainint = salt['pillar.get']('host:mainint') %}
-{%- set MYIP = salt['grains.get']('ip_interfaces:' ~ mainint)[0] %}
-
-default_conf_dir=/opt/so/conf
-ELASTICSEARCH_HOST="{{ MYIP }}"
-ELASTICSEARCH_PORT=9200
-#ELASTICSEARCH_AUTH=""
-
-# Define a default directory to load pipelines from
-FB_MODULE_YML="/usr/share/filebeat/module-setup.yml"
-
-
-# Wait for ElasticSearch to initialize
-echo -n "Waiting for ElasticSearch..."
-COUNT=0
-ELASTICSEARCH_CONNECTED="no"
-while [[ "$COUNT" -le 240 ]]; do
-        curl -K /opt/so/conf/elasticsearch/curl.config -k --output /dev/null --silent --head --fail -L https://"$ELASTICSEARCH_HOST":"$ELASTICSEARCH_PORT"
-        if [ $? -eq 0 ]; then
-                ELASTICSEARCH_CONNECTED="yes"
-                echo "connected!"
-                break
-        else
-                ((COUNT+=1))
-                sleep 1
-                echo -n "."
-        fi
-done
-if [ "$ELASTICSEARCH_CONNECTED" == "no" ]; then
-        echo
-        echo -e "Connection attempt timed out.  Unable to connect to ElasticSearch.  \nPlease try: \n  -checking log(s) in /var/log/elasticsearch/\n  -running 'sudo docker ps' \n  -running 'sudo so-elastic-restart'"
-        echo
-fi
-echo "Testing to see if the pipelines are already applied"
-ESVER=$(curl -K /opt/so/conf/elasticsearch/curl.config -sk https://"$ELASTICSEARCH_HOST":"$ELASTICSEARCH_PORT" |jq .version.number |tr -d \")
-PIPELINES=$(curl -K /opt/so/conf/elasticsearch/curl.config -sk https://"$ELASTICSEARCH_HOST":"$ELASTICSEARCH_PORT"/_ingest/pipeline/filebeat-$ESVER-elasticsearch-server-pipeline | jq . | wc -c)
-
-if [[ "$PIPELINES" -lt 5 ]] || [ "$2" != "--force" ]; then
-  echo "Setting up ingest pipeline(s)"
-{% from 'filebeat/modules.map.jinja' import MODULESMERGED with context %}
-{%- for module in MODULESMERGED.modules.keys() %}
-  {%- for fileset in MODULESMERGED.modules[module] %}
-      echo "{{ module }}.{{ fileset}}"
-      docker exec -i so-filebeat filebeat setup --pipelines --modules {{ module }} -M "{{ module }}.{{ fileset }}.enabled=true" -c $FB_MODULE_YML
-      sleep 0.5
-  {% endfor %}
-{%- endfor %}
-else
-  exit 0
-fi
diff --git a/salt/common/tools/sbin/so-filebeat-restart b/salt/common/tools/sbin/so-filebeat-restart
deleted file mode 100755
index 97ccbb0ee..000000000
--- a/salt/common/tools/sbin/so-filebeat-restart
+++ /dev/null
@@ -1,12 +0,0 @@
-#!/bin/bash
-
-# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
-# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at 
-# https://securityonion.net/license; you may not use this file except in compliance with the
-# Elastic License 2.0.
-
-
-
-. /usr/sbin/so-common
-
-/usr/sbin/so-restart filebeat $1
diff --git a/salt/common/tools/sbin/so-filebeat-start b/salt/common/tools/sbin/so-filebeat-start
deleted file mode 100755
index cf148d49a..000000000
--- a/salt/common/tools/sbin/so-filebeat-start
+++ /dev/null
@@ -1,12 +0,0 @@
-#!/bin/bash
-
-# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
-# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at 
-# https://securityonion.net/license; you may not use this file except in compliance with the
-# Elastic License 2.0.
-
-
-
-. /usr/sbin/so-common
-
-/usr/sbin/so-start filebeat $1
diff --git a/salt/common/tools/sbin/so-filebeat-stop b/salt/common/tools/sbin/so-filebeat-stop
deleted file mode 100755
index d3c50fef0..000000000
--- a/salt/common/tools/sbin/so-filebeat-stop
+++ /dev/null
@@ -1,12 +0,0 @@
-#!/bin/bash
-
-# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
-# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at 
-# https://securityonion.net/license; you may not use this file except in compliance with the
-# Elastic License 2.0.
-
-
-
-. /usr/sbin/so-common
-
-/usr/sbin/so-stop filebeat $1