diff --git a/src/main/config/secor.common.properties b/src/main/config/secor.common.properties
index ea8eeb30b..bf07b84e2 100644
--- a/src/main/config/secor.common.properties
+++ b/src/main/config/secor.common.properties
@@ -180,24 +180,24 @@ kafka.new.consumer.topic.list=
 
 kafka.new.consumer.poll.timeout.seconds=10
 kafka.new.consumer.request.timeout.ms=
+kafka.new.consumer.sasl.jaas.config=org.apache.kafka.common.security.scram.ScramLoginModule required username="KUSERNAME" password="KPASSWORD";
+kafka.new.consumer.ssl.truststore.location=/usr/local/openjdk-8/jre/lib/security/cacerts
+kafka.new.consumer.ssl.truststore.password=changeit
+kafka.new.consumer.ssl.protocol=PLAINTEXT
+kafka.new.consumer.sasl.mechanism=SCRAM-SHA-512
+kafka.new.consumer.security.protocol=SASL_PLAINTEXT
 kafka.new.consumer.ssl.key.password=
 kafka.new.consumer.ssl.keystore.location=
 kafka.new.consumer.ssl.keystore.password=
-kafka.new.consumer.ssl.truststore.location=
-kafka.new.consumer.ssl.truststore.password=
 kafka.new.consumer.isolation.level=
 kafka.new.consumer.max.poll.interval.ms=
 kafka.new.consumer.max.poll.records=
 kafka.new.consumer.sasl.client.callback.handler.class=
-kafka.new.consumer.sasl.jaas.config=
 kafka.new.consumer.sasl.kerberos.service.name=
 kafka.new.consumer.sasl.login.callback.handler.class=
 kafka.new.consumer.sasl.login.class=
-kafka.new.consumer.sasl.mechanism=
-kafka.new.consumer.security.protocol=
 kafka.new.consumer.ssl.enabled.protocols=
 kafka.new.consumer.ssl.keystore.type=
-kafka.new.consumer.ssl.protocol=
 kafka.new.consumer.ssl.provider=
 kafka.new.consumer.ssl.truststore.type=
 kafka.new.consumer.partition.assignment.strategy.class=
diff --git a/src/main/scripts/docker-entrypoint.sh b/src/main/scripts/docker-entrypoint.sh
index aeab5aa9e..b0542279e 100644
--- a/src/main/scripts/docker-entrypoint.sh
+++ b/src/main/scripts/docker-entrypoint.sh
@@ -121,6 +121,11 @@ if [ ! -z "$SECOR_MESSAGE_PARSER" ]; then
     SECOR_CONFIG="$SECOR_CONFIG -Dsecor.message.parser.class=$SECOR_MESSAGE_PARSER"
     echo "secor.message.parser.class=$SECOR_MESSAGE_PARSER"
 fi
+
+if [ ! -z "$KAFKA_AUTH_ENABLED" ]; then
+    sed -i -r "s/KUSERNAME/${KAFKA_AUTH_SASL_USERNAME}/g" /opt/secor/secor.common.properties
+    sed -i -r "s/KPASSWORD/${KAFKA_AUTH_SASL_PASSWORD}/g" /opt/secor/secor.common.properties
+fi
 SECOR_CONFIG="$SECOR_CONFIG $SECOR_EXTRA_OPTS"