diff --git a/modules/services/unix/logging/analysis_alert_action_server/analysis_alert_action_server.pp b/modules/services/unix/logging/analysis_alert_action_server/analysis_alert_action_server.pp
index 6319ebd0b..30118cc2c 100644
--- a/modules/services/unix/logging/analysis_alert_action_server/analysis_alert_action_server.pp
+++ b/modules/services/unix/logging/analysis_alert_action_server/analysis_alert_action_server.pp
@@ -6,32 +6,22 @@ $logstash_port = 0 + $aaa_config['logstash_port']
 $kibana_ip = $aaa_config['server_ip']
 $kibana_port = 0 + $aaa_config['kibana_port']
 
-class { 'elasticsearch':
+class { 'elasticsearch_7':
   api_host => $elasticsearch_ip,
   api_port => $elasticsearch_port,
-  version => '6.3.1',
 }~>
-elasticsearch::instance { 'es-01':
-  config => {
-    'network.host' => $elasticsearch_ip,
-    'http.port' => $elasticsearch_port,
-  },
-}~>
-class { 'logstash':
-  settings => {
-    'http.host' => $elasticsearch_ip,
-  }
+class { 'logstash_7':
+  elasticsearch_ip => $elasticsearch_ip,
+  elasticsearch_port => $elasticsearch_port,
+  logstash_port => $logstash_port
 }
 logstash::configfile { 'my_ls_config':
   content => template('logstash/configfile-template.erb'),
 }~>
-class { 'kibana':
-  ensure => '6.3.1',
-  config => {
-    'server.host'       => $kibana_ip,
-    'elasticsearch.url' => "http://$elasticsearch_ip:$elasticsearch_port",
-    'server.port'       => $kibana_port,
-  }
+class { 'kibana_7':
+  elasticsearch_ip => $elasticsearch_ip,
+  elasticsearch_port => $elasticsearch_port,
+  kibana_port => $kibana_port
 }~>
 class { 'elastalert':
   elasticsearch_ip => $elasticsearch_ip,
diff --git a/modules/services/unix/logging/analysis_alert_action_server/secgen_metadata.xml b/modules/services/unix/logging/analysis_alert_action_server/secgen_metadata.xml
index 1f1c7611b..3a4e6ad07 100644
--- a/modules/services/unix/logging/analysis_alert_action_server/secgen_metadata.xml
+++ b/modules/services/unix/logging/analysis_alert_action_server/secgen_metadata.xml
@@ -21,16 +21,16 @@
   </default_input>
 
   <requires>
-    <name>Elasticsearch</name>
+    <module_path>.*elasticsearch_7</module_path>
   </requires>
   <requires>
-    <name>Logstash</name>
+    <module_path>.*logstash_7</module_path>
   </requires>
   <requires>
-    <name>Kibana</name>
+    <module_path>.*kibana_7</module_path>
   </requires>
   <requires>
-    <name>Elastalert</name>
+    <module_path>.*elastalert</module_path>
   </requires>
 
 </service>
diff --git a/modules/utilities/unix/logging/analysis_alert_action_client/analysis_alert_action_client.pp b/modules/utilities/unix/logging/analysis_alert_action_client/analysis_alert_action_client.pp
index 09e12d132..251e986b1 100644
--- a/modules/utilities/unix/logging/analysis_alert_action_client/analysis_alert_action_client.pp
+++ b/modules/utilities/unix/logging/analysis_alert_action_client/analysis_alert_action_client.pp
@@ -8,8 +8,6 @@ $kibana_ip = $aaa_config['server_ip']
 $kibana_port = 0 + $aaa_config['kibana_port']
 
 class { 'auditbeat':
-  ensure => 'present',
-  manage_repo => true,
   modules => [
     {
       'module'  => 'auditd',
@@ -25,7 +23,7 @@ class { 'auditbeat':
 }
 
 class { 'filebeat':
-  major_version => '6',
+  major_version => '7',
   outputs => {
     'logstash' => {
       'hosts' => [