diff --git a/bin/clean.sh b/bin/clean.sh
index c6beee0b..4934688b 100755
--- a/bin/clean.sh
+++ b/bin/clean.sh
@@ -132,6 +132,14 @@ fuGLASTOPF () {
   chown tpot:tpot /data/glastopf -R
 }
 
+# Let's create a function to clean up and prepare glastopf data
+fuGLUTTON () {
+  if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/glutton/*; fi
+  mkdir -p /data/glutton/log
+  chmod 760 /data/glutton -R
+  chown tpot:tpot /data/glutton -R
+}
+
 # Let's create a function to clean up and prepare heralding data
 fuHERALDING () {
   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/heralding/*; fi
@@ -234,6 +242,7 @@ if [ "$myPERSISTENCE" = "on" ];
     fuELK
     fuEMOBILITY
     fuGLASTOPF
+    fuGLUTTON
     fuHERALDING
     fuHONEYTRAP
     fuMAILONEY
diff --git a/docker/elk/logstash/Dockerfile b/docker/elk/logstash/Dockerfile
index 6ebdd823..f17c73b0 100644
--- a/docker/elk/logstash/Dockerfile
+++ b/docker/elk/logstash/Dockerfile
@@ -49,4 +49,4 @@ HEALTHCHECK --retries=10 CMD curl -s -XGET 'http://127.0.0.1:9600'
 
 # Start logstash
 USER logstash:logstash
-CMD update.sh && /usr/share/logstash/bin/logstash -f /etc/logstash/conf.d/logstash.conf
+CMD update.sh && exec /usr/share/logstash/bin/logstash -f /etc/logstash/conf.d/logstash.conf
diff --git a/docker/elk/logstash/dist/logstash.conf b/docker/elk/logstash/dist/logstash.conf
index 0aab7c8d..8f021961 100644
--- a/docker/elk/logstash/dist/logstash.conf
+++ b/docker/elk/logstash/dist/logstash.conf
@@ -55,6 +55,13 @@ input {
     type => "Glastopf"
   }
 
+# Glutton
+  file {
+    path => ["/data/glutton/log/glutton.log"]
+    codec => json
+    type => "Glutton"
+  }
+
 # Heralding
   file {
     path => ["/data/heralding/log/auth.csv"]
@@ -207,6 +214,14 @@ filter {
     }
   }
 
+# Glutton
+  if [type] == "Glutton" {
+    date {
+      match => [ "ts", "UNIX" ]
+      remove_field => ["ts"]
+    }
+  }
+
 # Heralding
   if [type] == "Heralding" {
     csv { 
@@ -395,7 +410,7 @@ if "_grokparsefailure" in [tags] { drop {} }
   }
 
 # Add T-Pot hostname and external IP
-  if [type] == "ConPot" or [type] == "Cowrie" or [type] == "Dionaea" or [type] == "ElasticPot" or [type] == "eMobility" or [type] == "Glastopf" or [type] == "Honeytrap" or [type] == "Mailoney" or [type] == "Rdpy" or [type] == "Suricata" or [type] == "Vnclowpot" {
+  if [type] == "ConPot" or [type] == "Cowrie" or [type] == "Dionaea" or [type] == "ElasticPot" or [type] == "eMobility" or [type] == "Glastopf" or [type] == "Honeytrap" or [type] == "Heralding" or [type] == "Mailoney" or [type] == "Rdpy" or [type] == "Suricata" or [type] == "Vnclowpot" {
     mutate {
       add_field => {
         "t-pot_ip_ext" => "${MY_EXTIP}"
diff --git a/docker/glutton/Dockerfile b/docker/glutton/Dockerfile
index 49218ca3..496f8cea 100644
--- a/docker/glutton/Dockerfile
+++ b/docker/glutton/Dockerfile
@@ -45,4 +45,4 @@ RUN apk -U --no-cache add bash \
 
 # Run supervisor upon container start
 WORKDIR /opt/glutton
-CMD exec bin/server -i $(/sbin/ip address | grep '^2: ' | awk '{ print $2 }' | tr -d [:punct:]) -l /var/log/glutton/glutton.log -d true
+CMD exec bin/server -i $(/sbin/ip address | grep '^2: ' | awk '{ print $2 }' | tr -d [:punct:]) -l /var/log/glutton/glutton.log
diff --git a/docker/glutton/dist/rules.yaml b/docker/glutton/dist/rules.yaml
index 54e03f58..11b4b957 100644
--- a/docker/glutton/dist/rules.yaml
+++ b/docker/glutton/dist/rules.yaml
@@ -1,11 +1,4 @@
 rules:
-  - match: tcp dst port 5001
-    type: passthrough
-    name: ssh
-  - match: tcp dst port 22 or port 2222
-    type: conn_handler
-    name: proxy_ssh
-    target: tcp://172.17.0.2:22
   - match: tcp dst port 23 or port 2323 or port 23231
     type: conn_handler
     target: telnet
@@ -24,15 +17,6 @@ rules:
   - match: tcp dst port 5060
     type: conn_handler
     target: sip
-  - match: tcp dst port 1080
-    type: passthrough
-    name: http
-  - match: tcp dst port 6000 or port 7000
-    type: conn_handler
-    name: proxy_tcp
-    target: tcp://172.17.0.2:22
   - match: tcp
     type: conn_handler
     target: default
-  - match: udp
-    type: drop
\ No newline at end of file
diff --git a/docker/glutton/docker-compose.yml b/docker/glutton/docker-compose.yml
index 1b260dc4..4451bc98 100644
--- a/docker/glutton/docker-compose.yml
+++ b/docker/glutton/docker-compose.yml
@@ -5,14 +5,10 @@ services:
 
 # glutton service
   glutton:
+    build: .
     container_name: glutton
     restart: always
     network_mode: "host"
-    #networks:
-    # - glutton_local
-    #ports:
-    # - "5000:5000"
-    # - "22:5000"
     cap_add:
      - NET_ADMIN
     image: "dtagdevsec/glutton:1804"
diff --git a/docker/nginx/Dockerfile b/docker/nginx/Dockerfile
index b5693c9e..c7009032 100644
--- a/docker/nginx/Dockerfile
+++ b/docker/nginx/Dockerfile
@@ -23,4 +23,4 @@ RUN apk -U upgrade && \
     rm -rf /var/cache/apk/*
 
 # Start nginx
-CMD nginx -g 'daemon off;'
+CMD exec nginx -g 'daemon off;'
diff --git a/etc/logrotate/logrotate.conf b/etc/logrotate/logrotate.conf
index 7a8b91df..02046457 100644
--- a/etc/logrotate/logrotate.conf
+++ b/etc/logrotate/logrotate.conf
@@ -17,6 +17,8 @@
 /data/emobility/log/centralsystemEWS.log
 /data/glastopf/log/glastopf.log
 /data/glastopf/db/glastopf.db
+/data/glutton/log/*.log
+/data/glutton/log/*.err
 /data/heralding/log/*.log
 /data/heralding/log/*.csv
 /data/honeytrap/log/*.log
diff --git a/iso/installer/install.sh b/iso/installer/install.sh
index 44854232..37526e54 100755
--- a/iso/installer/install.sh
+++ b/iso/installer/install.sh
@@ -446,6 +446,7 @@ mkdir -p /data/ciscoasa/log \
          /data/elasticpot/log \
          /data/elk/data /data/elk/log \
          /data/glastopf /data/honeytrap/log/ /data/honeytrap/attacks/ /data/honeytrap/downloads/ \
+	 /data/glutton/log \
 	 /data/heralding/log \
          /data/mailoney/log \
 	 /data/nginx/log \