diff --git a/salt/strelka/init.sls b/salt/strelka/init.sls
index 61926265f..ffb6b7380 100644
--- a/salt/strelka/init.sls
+++ b/salt/strelka/init.sls
@@ -26,13 +26,10 @@
 
 {% if ENGINE == "SURICATA" %}
   {% set filecheck_runas = 'suricata' %}
-  {% set filecheck_groupid = 940 %}
 {% else %}
   {% set filecheck_runas = 'socore' %}
-  {% set filecheck_groupid = 939 %}
 {% endif %}
 
-
 {% if grains['os'] != 'CentOS' %}     
 strelkapkgs:
   pkg.installed:
@@ -133,7 +130,7 @@ strelkaunprocessed:
   file.directory:
     - name: /nsm/strelka/unprocessed
     - user: 939
-    - group: {{ filecheck_groupid }}
+    - group: 939
     - mode: 775
     - makedirs: True
 
@@ -147,14 +144,16 @@ filecheck_logdir:
   file.directory:
     - name: /opt/so/log/strelka
     - user: 939
-    - group: {{ filecheck_groupid }}
+    - group: 939
+    - mode: 775
     - makedirs: True
     
 filecheck_history:
   file.directory:
     - name: /nsm/strelka/history
     - user: 939
-    - group: {{ filecheck_groupid }}
+    - group: 939
+    - mode: 775
     - makedirs: True
 
 filecheck_conf:
@@ -165,10 +164,10 @@ filecheck_conf:
 
 filecheck_script:
   file.managed:
-    - name: /opt/so/conf/strelka/filecheck
+    - name: /usr/sbin/filecheck
     - source: salt://strelka/filecheck/filecheck
     - user: 939
-    - group: {{ filecheck_groupid }}
+    - group: 939
     - mode: 755
 
 filecheck_run:
diff --git a/salt/suricata/init.sls b/salt/suricata/init.sls
index d6333c65a..4bdee1550 100644
--- a/salt/suricata/init.sls
+++ b/salt/suricata/init.sls
@@ -44,6 +44,12 @@ suricata:
     - home: /nsm/suricata
     - createhome: False
 
+suricatasocoregroup:
+  group.present:
+    - gid: 939
+    - addusers:
+      - suricata
+
 suridir:
   file.directory:
     - name: /opt/so/conf/suricata