diff --git a/suricata_/conf/suricata.yaml b/suricata_/conf/suricata.yaml
index 7af2c69..a7bd8c6 100644
--- a/suricata_/conf/suricata.yaml
+++ b/suricata_/conf/suricata.yaml
@@ -1927,8 +1927,8 @@ __RULE_FILES__
 ## Auxiliary configuration files.
 ##
 
-classification-file: /etc/suricata/classification.config
-reference-config-file: /etc/suricata/reference.config
+classification-file: /usr/local/etc/suricata/classification.config
+reference-config-file: /usr/local/etc/suricata/reference.config
 # threshold-file: /etc/suricata/threshold.config
 
 ##
diff --git a/suricata_/helper.py b/suricata_/helper.py
index 6a9dcef..b54c4d8 100644
--- a/suricata_/helper.py
+++ b/suricata_/helper.py
@@ -109,7 +109,7 @@ def attach_network_connection(data: dict):
 
         network_data = {
             "objectid": {
-                "tag": ext_hostname + f"{f':{dest_port}' if dest_port else ''}",
+                "tag": f"{dest_ip if dest_ip else ext_hostname}" + f"{f':{dest_port}' if dest_port else ''}",
                 "time_observed": timestamp,
             },
             "source_ip": src_ip,