diff --git a/roles/nifi/tasks/main.yml b/roles/nifi/tasks/main.yml
index 72232dbe53962c4290ec64122716ce75bb7676b2..8174bca29736d064122f71ce141e39f10b41a9e7 100644
--- a/roles/nifi/tasks/main.yml
+++ b/roles/nifi/tasks/main.yml
@@ -36,6 +36,8 @@
     path: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/flow.xml"
     dest: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/flow.xml.gz"
     format: gz
+  tags:
+    - start
 
 - name: Get openid authkey
   set_fact:
@@ -81,18 +83,38 @@
 - name: Copy empty GeoLite2-City database
   copy:
     src: GeoLite2-City.mmdb
-    dest: conf/enrich/
+    dest: conf/enrich/GeoLite2-City.mmdb
   tags:
     - start
 
-- name: Create empty enrichment files
-  copy:
-    content: ""
-    dest: conf/enrich/{{ item }}
-  with_items:
-    - "tornodes.csv"
-    - "umbrella-top-1m.csv"
-    - "alexa-top-1m.csv"
+- name: Download list of Tor exist nodes
+  get_url:
+    url: https://check.torproject.org/torbulkexitlist
+    dest: conf/enrich/tornodes.csv
+  tags:
+   - start
+
+- name: Add header to tornodes.csv
+  lineinfile:
+    path: conf/enrich/tornodes.csv
+    line: 'ip_addr'
+    insertbefore: BOF
+  tags:
+   - start
+
+- name: Download umbrella-top-1m.csv
+  get_url:
+    url: http://s3-us-west-1.amazonaws.com/umbrella-static/top-1m.csv.zip
+    dest: conf/enrich/umbrella-top-1m.csv
+  tags:
+   - start
+
+- name: Download alexa-top-1m.csv
+  get_url:
+    url: http://s3.amazonaws.com/alexa-static/top-1m.csv.zip
+    dest: conf/enrich/alexa-top-1m.csv
+  tags:
+   - start
 
 - name: Start NiFi
   command: "./bin/nifi.sh start"
diff --git a/roles/nifi/templates/flow.xml.j2 b/roles/nifi/templates/flow.xml.j2
index 1e988eca9099a5e60a882bc696b702e6380b7268..90a80bf31a3dbf8fac77f1fdbcba118cb72a173f 100644
--- a/roles/nifi/templates/flow.xml.j2
+++ b/roles/nifi/templates/flow.xml.j2
@@ -14808,7 +14808,7 @@
     <variable name="misp_token" value="{{ misp_token }}"/>
     <variable name="misp_url" value="{{ misp_url }}"/>
     <variable name="maxmind_key" value="{{ maxmind_key }}"/>
-    <variable name="elastic_url" value="https://{{ dslproxy }};9200"/>
+    <variable name="elastic_url" value="https://{{ dslproxy }}:9200"/>
     <variable name="elastic_username" value="{{ elastic_username }}"/>
     <variable name="elastic_password" value="{{ odfees_adminpass }}"/>
     <variable name="misp_ip_first_interval" value="60d"/>