diff --git a/resources/providers/config.rb b/resources/providers/config.rb
index bd094b1..c79dc5d 100644
--- a/resources/providers/config.rb
+++ b/resources/providers/config.rb
@@ -363,8 +363,6 @@
         notifies :restart, 'service[logstash]', :delayed unless node['redborder']['leader_configuring']
       end
 
-      memcached_servers = node['redborder']['memcached']['hosts']
-
       template "#{pipelines_dir}/netflow/05_threat_intelligence.conf" do
         source 'netflow_threat_intelligence.conf.erb'
         owner user
@@ -372,7 +370,7 @@
         mode '0644'
         ignore_failure true
         cookbook 'logstash'
-        variables(memcached_servers: memcached_servers)
+        variables(memcached_server: memcached_server)
         notifies :restart, 'service[logstash]', :delayed unless node['redborder']['leader_configuring']
       end
 
@@ -932,7 +930,7 @@
         mode '0644'
         ignore_failure true
         cookbook 'logstash'
-        variables(memcached_servers: memcached_servers)
+        variables(memcached_server: memcached_server)
         notifies :restart, 'service[logstash]', :delayed unless node['redborder']['leader_configuring']
       end
 
diff --git a/resources/templates/default/intrusion_threat_intelligence.conf.erb b/resources/templates/default/intrusion_threat_intelligence.conf.erb
index 4c35d70..9527f6d 100644
--- a/resources/templates/default/intrusion_threat_intelligence.conf.erb
+++ b/resources/templates/default/intrusion_threat_intelligence.conf.erb
@@ -1,6 +1,6 @@
 filter {
   threatintelligence {
-    memcached_servers => <%=@memcached_servers%>
+    memcached_server => <%= @memcached_server %>
     key_mapping => {
       "src" => "src_is_malicious"
       "dst" => "dst_is_malicious"
diff --git a/resources/templates/default/netflow_threat_intelligence.conf.erb b/resources/templates/default/netflow_threat_intelligence.conf.erb
index d0f7c1f..627a1ff 100644
--- a/resources/templates/default/netflow_threat_intelligence.conf.erb
+++ b/resources/templates/default/netflow_threat_intelligence.conf.erb
@@ -1,6 +1,6 @@
 filter {
   threatintelligence {
-    memcached_servers => <%=@memcached_servers%>
+    memcached_server => <%= @memcached_server %>
     key_mapping => {
       "lan_ip" => "lan_ip_is_malicious"
       "wan_ip" => "wan_ip_is_malicious"