diff --git a/templates/kolide.flags.j2 b/templates/kolide.flags.j2
index 58df1047b274e73e2e070134c9cd2df4dd383205..f5b85808ceac169d191a1a0d0e0c311b5c893a65 100644
--- a/templates/kolide.flags.j2
+++ b/templates/kolide.flags.j2
@@ -1,19 +1,27 @@
+# Server
+tls_hostname={{ vault_fleet_host }}:{{ vault_fleet_port}}
+--tls_server_certs=/etc/osquery/fleet.pem
+# Enrollment
+--host_identifier=instance
 --enroll_secret_path=/etc/osquery/enroll_secret
---tls_server_certs=/etc/osquery/{{ vault_fleet_cert_name }}
---tls_hostname={{ vault_fleet_host }}:{{ vault_fleet_port}}
---host_identifier=uuid
---enroll_tls_endpoint=/api/v1/osquery/enroll
+--enroll_tls_endpoint=/api/osquery/enroll
+# Configuration
 --config_plugin=tls
 --config_tls_endpoint=/api/v1/osquery/config
 --config_refresh=10
+# Live query
 --disable_distributed=false
---disable_events=false
---disable_logging=false
 --distributed_plugin=tls
 --distributed_interval=10
 --distributed_tls_max_attempts=3
 --distributed_tls_read_endpoint=/api/v1/osquery/distributed/read
 --distributed_tls_write_endpoint=/api/v1/osquery/distributed/write
+# Logging
 --logger_plugin=tls
 --logger_tls_endpoint=/api/v1/osquery/log
 --logger_tls_period=10
+# File carving
+--disable_carver=false
+--carver_start_endpoint=/api/v1/osquery/carve/begin
+--carver_continue_endpoint=/api/v1/osquery/carve/block
+--carver_block_size=2000000