diff --git a/so-zeek/Dockerfile b/so-zeek/Dockerfile
index 5376217..5fbaef0 100644
--- a/so-zeek/Dockerfile
+++ b/so-zeek/Dockerfile
@@ -84,21 +84,15 @@ FROM ghcr.io/security-onion-solutions/oraclelinux:9
 LABEL maintainer "Security Onion Solutions, LLC"
 LABEL description="Zeek running in docker for use with Security Onion"
 
-# Common Oracle layer
+# Common Oracle layer, Packages specific to container, User configuration
 RUN dnf update -y && dnf -y install epel-release bash libpcap iproute && \
-    dnf clean all && rm -rf /var/cache/dnf/* 
-
-# Zeek http2
-RUN dnf config-manager --enable ol9_codeready_builder && \
+    dnf clean all && rm -rf /var/cache/dnf/* && \
+    dnf -y install findutils jemalloc numactl libnl3 libdnet gdb libunwind-devel && \
+    dnf -y erase epel-release && dnf clean all && rm -rf /var/cache/dnf/* && \
+    dnf config-manager --enable ol9_codeready_builder && \
     dnf -y install libnghttp2-devel brotli-devel && \
-    dnf config-manager --disable ol9_codeready_builder
-
-# Packages Specific to this Container
-RUN dnf -y install findutils jemalloc numactl libnl3 libdnet gdb libunwind-devel && \
-    dnf -y erase epel-release && dnf clean all && rm -rf /var/cache/dnf/* 
-
-# User configuration
-RUN groupadd --gid 937 zeek  && \
+    dnf config-manager --disable ol9_codeready_builder && \
+    groupadd --gid 937 zeek  && \
     adduser --uid 937 --gid 937 --home-dir /opt/zeek --no-create-home zeek
 
 COPY --from=builder /nsm/zeek /nsm/zeek