diff --git a/resources/providers/config.rb b/resources/providers/config.rb
index d0d0adb..6a00efb 100644
--- a/resources/providers/config.rb
+++ b/resources/providers/config.rb
@@ -32,6 +32,7 @@
     redis_secrets = new_resource.redis_secrets
     redis_password = redis_secrets['pass'] unless redis_secrets.empty?
     s3_malware_secrets = new_resource.s3_malware_secrets
+    cdomain = new_resource.cdomain
 
     memcached_servers = node['redborder']['memcached']['hosts']
 
@@ -1206,7 +1207,8 @@
           cookbook 'logstash'
           variables(apikey: node['redborder']['manager']['loaders']['virustotal_api_key'],
                     access_key_id: s3_malware_secrets['s3_malware_access_key_id'],
-                    secret_access_key: s3_malware_secrets['s3_malware_secret_key_id'])
+                    secret_access_key: s3_malware_secrets['s3_malware_secret_key_id'],
+                    cdomain: cdomain)
           notifies :restart, 'service[logstash]', :delayed unless node['redborder']['leader_configuring']
         end
       elsif ::File.exist?("#{pipelines_dir}/malware/10_virustotal.conf")
@@ -1228,7 +1230,8 @@
           cookbook 'logstash'
           variables(apikey: node['redborder']['loaders']['metadefender_api_key'],
                     access_key_id: s3_malware_secrets['s3_malware_access_key_id'],
-                    secret_access_key: s3_malware_secrets['s3_malware_secret_key_id'])
+                    secret_access_key: s3_malware_secrets['s3_malware_secret_key_id'],
+                    cdomain: cdomain)
           notifies :restart, 'service[logstash]', :delayed unless node['redborder']['leader_configuring']
         end
       elsif ::File.exist?("#{pipelines_dir}/malware/20_metadefender.conf")
@@ -1246,7 +1249,8 @@
         ignore_failure true
         cookbook 'logstash'
         variables(access_key_id: s3_malware_secrets['s3_malware_access_key_id'],
-                  secret_access_key: s3_malware_secrets['s3_malware_secret_key_id'])
+                  secret_access_key: s3_malware_secrets['s3_malware_secret_key_id'],
+                  cdomain: cdomain)
         notifies :restart, 'service[logstash]', :delayed unless node['redborder']['leader_configuring']
       end
 
@@ -1259,7 +1263,8 @@
       #   ignore_failure true
       #   cookbook 'logstash'
       #   variables(access_key_id: s3_malware_secrets['s3_malware_access_key_id'],
-      #             secret_access_key: s3_malware_secrets['s3_malware_secret_key_id'])
+      #             secret_access_key: s3_malware_secrets['s3_malware_secret_key_id'],
+      #             cdomain: cdomain)
       #   notifies :restart, 'service[logstash]', :delayed unless node['redborder']['leader_configuring']
       # end
 
@@ -1272,8 +1277,9 @@
       #   mode '0644
       #   ignore_failure true
       #   cookbook 'logstash''
-      #   variables(:access_key_id => s3_malware_secrets["s3_malware_access_key_id"],
-      #             :secret_access_key => s3_malware_secrets["s3_malware_secret_key_id"])
+      #   variables(access_key_id: s3_malware_secrets["s3_malware_access_key_id"],
+      #             secret_access_key: s3_malware_secrets["s3_malware_secret_key_id"],
+      #             cdomain: cdomain)
       #   notifies :restart, 'service[logstash]', :delayed unless node['redborder']['leader_configuring']
       # end
 
diff --git a/resources/templates/default/malware_10_virustotal.conf.erb b/resources/templates/default/malware_10_virustotal.conf.erb
index 9153406..210cde3 100644
--- a/resources/templates/default/malware_10_virustotal.conf.erb
+++ b/resources/templates/default/malware_10_virustotal.conf.erb
@@ -17,5 +17,6 @@ filter {
     loader => 'virustotal'
     access_key_id => "<%=@access_key_id%>"
     secret_access_key => "<%=@secret_access_key%>"
+    cdomain => "<%=@cdomain%>"
   }
 }
diff --git a/resources/templates/default/malware_20_metadefender.conf.erb b/resources/templates/default/malware_20_metadefender.conf.erb
index 0080482..83663c1 100644
--- a/resources/templates/default/malware_20_metadefender.conf.erb
+++ b/resources/templates/default/malware_20_metadefender.conf.erb
@@ -17,5 +17,6 @@ filter {
     loader => 'metadefender'
     access_key_id => "<%=@access_key_id%>"
     secret_access_key => "<%=@secret_access_key%>"
+    cdomain => "<%=@cdomain%>"
   }
 }
diff --git a/resources/templates/default/malware_30_clamscan.conf.erb b/resources/templates/default/malware_30_clamscan.conf.erb
index 329a82a..b84f320 100644
--- a/resources/templates/default/malware_30_clamscan.conf.erb
+++ b/resources/templates/default/malware_30_clamscan.conf.erb
@@ -16,5 +16,6 @@ filter {
     loader => 'clamscan'
     access_key_id => "<%=@access_key_id%>"
     secret_access_key => "<%=@secret_access_key%>"
+    cdomain => "<%=@cdomain%>"
   }
 }
diff --git a/resources/templates/default/malware_40_yara.conf.erb b/resources/templates/default/malware_40_yara.conf.erb
index 21a1651..cb1ec25 100644
--- a/resources/templates/default/malware_40_yara.conf.erb
+++ b/resources/templates/default/malware_40_yara.conf.erb
@@ -17,5 +17,6 @@ filter {
     loader => 'yara'
     access_key_id => "<%=@access_key_id%>"
     secret_access_key => "<%=@secret_access_key%>"
+    cdomain => "<%=@cdomain%>"
   }
 }
diff --git a/resources/templates/default/malware_50_fuzzy.conf.erb b/resources/templates/default/malware_50_fuzzy.conf.erb
index 4fb3e35..9200262 100644
--- a/resources/templates/default/malware_50_fuzzy.conf.erb
+++ b/resources/templates/default/malware_50_fuzzy.conf.erb
@@ -17,5 +17,6 @@ filter {
     loader => 'fuzzy'
     access_key_id => "<%=@access_key_id%>"
     secret_access_key => "<%=@secret_access_key%>"
+    cdomain => "<%=@cdomain%>"
   }
 }