diff --git a/extra/elasticsearch.yml b/extra/elasticsearch.yml
index 6ad7cb0..a4eaf5c 100644
--- a/extra/elasticsearch.yml
+++ b/extra/elasticsearch.yml
@@ -23,31 +23,6 @@ services:
       nofile:
         soft: 65536
         hard: 65536
-  
-  wazuh-kibana:
-    image: wazuh/wazuh-kibana-odfe:4.1.2
-    hostname: wazuh-kibana
-    restart: unless-stopped
-    labels:
-      - "traefik.enable=true"
-      - "traefik.http.routers.wazuhk-http.rule=Host(`wazuh.mistborn`)"
-      - "traefik.http.routers.wazuhk-http.entrypoints=web"
-      - "traefik.http.routers.wazuhk-http.middlewares=mistborn_auth@file"
-      - "traefik.http.routers.wazuhk-https.rule=Host(`wazuh.mistborn`)"
-      - "traefik.http.routers.wazuhk-https.entrypoints=websecure"
-      - "traefik.http.routers.wazuhk-https.middlewares=mistborn_auth@file"
-      - "traefik.http.routers.wazuhk-https.tls.certresolver=basic"
-      - "traefik.http.services.wazuhk-service.loadbalancer.server.port=5601"
-    #ports:
-    #  - "${MISTBORN_BIND_IP}:5601:5601"
-    depends_on:
-      - wazuh-elasticsearch
-    environment:
-      - SERVER_SSL_ENABLED=false
-      - SERVER_SSL_CERTIFICATE=/usr/share/kibana/config/opendistroforelasticsearch.example.org.cert
-      - SERVER_SSL_KEY=/usr/share/kibana/config/opendistroforelasticsearch.example.org.key
-    env_file:
-      - ../.envs/.production/.wazuh
 
 networks:
   default:
diff --git a/extra/wazuh.yml b/extra/wazuh.yml
index b1bd859..778ab2e 100644
--- a/extra/wazuh.yml
+++ b/extra/wazuh.yml
@@ -28,6 +28,31 @@ services:
       - filebeat_etc:/etc/filebeat
       - filebeat_var:/var/lib/filebeat
 
+  wazuh-kibana:
+    image: wazuh/wazuh-kibana-odfe:4.1.2
+    hostname: wazuh-kibana
+    restart: unless-stopped
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.wazuhk-http.rule=Host(`wazuh.mistborn`)"
+      - "traefik.http.routers.wazuhk-http.entrypoints=web"
+      - "traefik.http.routers.wazuhk-http.middlewares=mistborn_auth@file"
+      - "traefik.http.routers.wazuhk-https.rule=Host(`wazuh.mistborn`)"
+      - "traefik.http.routers.wazuhk-https.entrypoints=websecure"
+      - "traefik.http.routers.wazuhk-https.middlewares=mistborn_auth@file"
+      - "traefik.http.routers.wazuhk-https.tls.certresolver=basic"
+      - "traefik.http.services.wazuhk-service.loadbalancer.server.port=5601"
+    #ports:
+    #  - "${MISTBORN_BIND_IP}:5601:5601"
+    depends_on:
+      - wazuh-elasticsearch
+    environment:
+      - SERVER_SSL_ENABLED=false
+      - SERVER_SSL_CERTIFICATE=/usr/share/kibana/config/opendistroforelasticsearch.example.org.cert
+      - SERVER_SSL_KEY=/usr/share/kibana/config/opendistroforelasticsearch.example.org.key
+    env_file:
+      - ../.envs/.production/.wazuh
+
 volumes:
   ossec_api_configuration:
   ossec_etc:
diff --git a/scripts/services/Mistborn-elasticsearch.service b/scripts/services/Mistborn-elasticsearch.service
index 7e23145..63933c7 100644
--- a/scripts/services/Mistborn-elasticsearch.service
+++ b/scripts/services/Mistborn-elasticsearch.service
@@ -12,11 +12,11 @@ Group=docker
 PermissionsStartOnly=true
 # Shutdown container (if running) when unit is stopped
 ExecStartPre=/usr/sbin/sysctl -w vm.max_map_count=262144
-ExecStartPre=/opt/mistborn/scripts/wrappers/mistborn_docker.sh elasticsearch,wazuh docker-compose -f /opt/mistborn/extra/elasticsearch.yml down
+ExecStartPre=/opt/mistborn/scripts/wrappers/mistborn_docker.sh elasticsearch docker-compose -f /opt/mistborn/extra/elasticsearch.yml down
 # Start container when unit is started
-ExecStart=/opt/mistborn/scripts/wrappers/mistborn_docker.sh elasticsearch,wazuh docker-compose -f /opt/mistborn/extra/elasticsearch.yml up --build
+ExecStart=/opt/mistborn/scripts/wrappers/mistborn_docker.sh elasticsearch docker-compose -f /opt/mistborn/extra/elasticsearch.yml up --build
 # Stop container when unit is stopped
-ExecStop=/opt/mistborn/scripts/wrappers/mistborn_docker.sh elasticsearch,wazuh docker-compose -f /opt/mistborn/extra/elasticsearch.yml down
+ExecStop=/opt/mistborn/scripts/wrappers/mistborn_docker.sh elasticsearch docker-compose -f /opt/mistborn/extra/elasticsearch.yml down
 
 [Install]
 WantedBy=multi-user.target
diff --git a/scripts/services/wazuh/agent.sh b/scripts/services/wazuh/agent.sh
index b930ec8..b478fa4 100755
--- a/scripts/services/wazuh/agent.sh
+++ b/scripts/services/wazuh/agent.sh
@@ -24,5 +24,3 @@ done
 echo "Installing Wazuh agent"
 WAZUH_MANAGER="10.2.3.1" apt-get install wazuh-agent
 
-systemctl enable wazuh-agent
-systemctl start wazuh-agent
diff --git a/scripts/services/wazuh/agent_start.sh b/scripts/services/wazuh/agent_start.sh
index e243813..5996970 100755
--- a/scripts/services/wazuh/agent_start.sh
+++ b/scripts/services/wazuh/agent_start.sh
@@ -1,3 +1,4 @@
 #!/bin/bash
 
-systemctl stop wazuh-agent
+systemctl start wazuh-agent
+systemctl enable wazuh-agent
diff --git a/scripts/services/wazuh/agent_stop.sh b/scripts/services/wazuh/agent_stop.sh
index 2c98f40..19cf173 100755
--- a/scripts/services/wazuh/agent_stop.sh
+++ b/scripts/services/wazuh/agent_stop.sh
@@ -1,3 +1,4 @@
 #!/bin/bash
 
-systemctl start wazuh-agent
+systemctl stop wazuh-agent
+systemctl disable wazuh-agent