diff --git a/docker/elk/logstash/dist/logstash.conf b/docker/elk/logstash/dist/logstash.conf
index 38a247ac..8d577415 100644
--- a/docker/elk/logstash/dist/logstash.conf
+++ b/docker/elk/logstash/dist/logstash.conf
@@ -309,14 +309,9 @@ filter {
         "dest_port" => "2575"
         "dest_ip" => "${MY_EXTIP}"
       }
-      rename => {
-        "port" => "src_port"
-        "ip" => "src_ip"
-      }
     }
     date {
-      match => [ "time", "yyyy.MM.dd HH:mm:ss" ]
-      remove_field => ["time"]
+      match => [ "timestamp", "ISO8601" ]
     }
   }
 
diff --git a/docker/medpot/Dockerfile b/docker/medpot/Dockerfile
index 635e0569..b92d58b7 100644
--- a/docker/medpot/Dockerfile
+++ b/docker/medpot/Dockerfile
@@ -11,7 +11,7 @@ RUN apk -U --no-cache add \
     export GOPATH=/opt/go/ && \
     mkdir -p /opt/go/src && \
     cd /opt/go/src && \
-    git clone https://github.com/schmalle/medpot.git && \
+    git clone https://github.com/schmalle/medpot && \
     go get -d -v github.com/davecgh/go-spew/spew && \
     go get -d -v github.com/go-ini/ini && \
     go get -d -v github.com/mozillazg/request && \
@@ -21,15 +21,14 @@ RUN apk -U --no-cache add \
 
 # Setup medpot
     mkdir -p /opt/medpot \
-             /var/log/ && \
-    touch /var/log/medpot.log && \
+             /var/log/medpot && \
     cp medpot /opt/medpot && \
     cp /opt/go/src/medpot/template/*.xml /opt/medpot/ && \
 
 # Setup user, groups and configs
     addgroup -g 2000 medpot && \
     adduser -S -s /bin/ash -u 2000 -D -g 2000 medpot && \
-    chown -R medpot:medpot /var/log/medpot.log && \ 
+    chown -R medpot:medpot /var/log/medpot && \
 
 # Clean up
     apk del --purge build-base \
diff --git a/docker/medpot/docker-compose.yml b/docker/medpot/docker-compose.yml
index 0c03e1a6..3ed5ea1e 100644
--- a/docker/medpot/docker-compose.yml
+++ b/docker/medpot/docker-compose.yml
@@ -17,4 +17,4 @@ services:
     image: "dtagdevsec/medpot:1804"
     read_only: true
     volumes:
-     - /data/medpot/log/:/var/log/
+     - /data/medpot/log/:/var/log/medpot
diff --git a/etc/compose/experimental.yml b/etc/compose/experimental.yml
index 3e338dd6..0bfe2225 100644
--- a/etc/compose/experimental.yml
+++ b/etc/compose/experimental.yml
@@ -276,7 +276,7 @@ services:
     image: "dtagdevsec/medpot:1804"
     read_only: true
     volumes:
-     - /data/medpot/log/:/var/log/
+     - /data/medpot/log/:/var/log/medpot
 
 # Rdpy service
   rdpy:
diff --git a/etc/compose/industrial.yml b/etc/compose/industrial.yml
index ad8d7972..a3a2636d 100644
--- a/etc/compose/industrial.yml
+++ b/etc/compose/industrial.yml
@@ -190,7 +190,7 @@ services:
     image: "dtagdevsec/medpot:1804"
     read_only: true
     volumes:
-     - /data/medpot/log/:/var/log/
+     - /data/medpot/log/:/var/log/medpot
 
 # Rdpy service
   rdpy:
diff --git a/etc/compose/sensor.yml b/etc/compose/sensor.yml
index ee8377a6..f89214c8 100644
--- a/etc/compose/sensor.yml
+++ b/etc/compose/sensor.yml
@@ -274,7 +274,7 @@ services:
     image: "dtagdevsec/medpot:1804"
     read_only: true
     volumes:
-     - /data/medpot/log/:/var/log/
+     - /data/medpot/log/:/var/log/medpot
 
 # Rdpy service
   rdpy:
diff --git a/etc/compose/standard.yml b/etc/compose/standard.yml
index cc55e817..34345188 100644
--- a/etc/compose/standard.yml
+++ b/etc/compose/standard.yml
@@ -275,7 +275,7 @@ services:
     image: "dtagdevsec/medpot:1804"
     read_only: true
     volumes:
-     - /data/medpot/log/:/var/log/
+     - /data/medpot/log/:/var/log/medpot
 
 # Rdpy service
   rdpy: