diff --git a/salt/ca/init.sls b/salt/ca/init.sls
index 850550b7d..84c74ef3d 100644
--- a/salt/ca/init.sls
+++ b/salt/ca/init.sls
@@ -58,4 +58,10 @@ cakeyperms:
     - mode: 640
     - group: 939
 
+{% else %}
+
+ca_state_not_allowed:
+  test.fail_without_changes:
+    - name: ca_state_not_allowed
+
 {% endif %}
\ No newline at end of file
diff --git a/salt/common/init.sls b/salt/common/init.sls
index c840eca26..896e0f025 100644
--- a/salt/common/init.sls
+++ b/salt/common/init.sls
@@ -197,4 +197,10 @@ docker:
   service.running:
     - enable: True
 
+{% else %}
+
+common_state_not_allowed:
+  test.fail_without_changes:
+    - name: common_state_not_allowed
+
 {% endif %}
\ No newline at end of file
diff --git a/salt/curator/init.sls b/salt/curator/init.sls
index 73b4fa0fa..31f738349 100644
--- a/salt/curator/init.sls
+++ b/salt/curator/init.sls
@@ -137,4 +137,10 @@ so-curator:
 # End Curator Cron Jobs
 {% endif %}
 
+{% else %}
+
+curator_state_not_allowed:
+  test.fail_without_changes:
+    - name: curator_state_not_allowed
+
 {% endif %}
\ No newline at end of file
diff --git a/salt/docker/init.sls b/salt/docker/init.sls
index 8e92a1b19..273dbae91 100644
--- a/salt/docker/init.sls
+++ b/salt/docker/init.sls
@@ -10,6 +10,12 @@ installdocker:
 # Make sure Docker is running!
 docker:
   service.running:
-    - enable: TrueA
+    - enable: True
+
+{% else %}
+
+docker_state_not_allowed:
+  test.fail_without_changes:
+    - name: docker_state_not_allowed
 
 {% endif %}
\ No newline at end of file
diff --git a/salt/domainstats/init.sls b/salt/domainstats/init.sls
index 445861b26..daac87387 100644
--- a/salt/domainstats/init.sls
+++ b/salt/domainstats/init.sls
@@ -56,4 +56,10 @@ so-domainstats:
     - binds:
       - /opt/so/log/domainstats:/var/log/domain_stats
 
+{% else %}
+
+domainstats_state_not_allowed:
+  test.fail_without_changes:
+    - name: domainstats_state_not_allowed
+
 {% endif %}
\ No newline at end of file
diff --git a/salt/elastalert/init.sls b/salt/elastalert/init.sls
index 75da480ac..a97a3f512 100644
--- a/salt/elastalert/init.sls
+++ b/salt/elastalert/init.sls
@@ -131,4 +131,10 @@ so-elastalert:
       - module: wait_for_elasticsearch
 {% endif %}
 
+{% else %}
+
+elastalert_state_not_allowed:
+  test.fail_without_changes:
+    - name: elastalert_state_not_allowed
+
 {% endif %}
\ No newline at end of file
diff --git a/salt/elasticsearch/init.sls b/salt/elasticsearch/init.sls
index 357895b23..c87afc65c 100644
--- a/salt/elasticsearch/init.sls
+++ b/salt/elasticsearch/init.sls
@@ -244,4 +244,10 @@ so-elasticsearch-templates:
     - cwd: /opt/so
 {% endif %}
 
+{% else %}
+
+elasticsearch_state_not_allowed:
+  test.fail_without_changes:
+    - name: elasticsearch_state_not_allowed
+
 {% endif %}
\ No newline at end of file
diff --git a/salt/filebeat/init.sls b/salt/filebeat/init.sls
index 31acc63b2..8937d8e13 100644
--- a/salt/filebeat/init.sls
+++ b/salt/filebeat/init.sls
@@ -75,4 +75,10 @@ so-filebeat:
     - watch:
       - file: /opt/so/conf/filebeat/etc/filebeat.yml
 
+{% else %}
+
+filebeat_state_not_allowed:
+  test.fail_without_changes:
+    - name: filebeat_state_not_allowed
+
 {% endif %}
\ No newline at end of file
diff --git a/salt/firewall/init.sls b/salt/firewall/init.sls
index 3a943874d..07871fa74 100644
--- a/salt/firewall/init.sls
+++ b/salt/firewall/init.sls
@@ -134,4 +134,10 @@ iptables_drop_all_the_things:
     - jump: DROP
     - save: True
 
+{% else %}
+
+firewall_state_not_allowed:
+  test.fail_without_changes:
+    - name: firewall_state_not_allowed
+
 {% endif %}
\ No newline at end of file
diff --git a/salt/fleet/init.sls b/salt/fleet/init.sls
index aded11fb3..92926ac8f 100644
--- a/salt/fleet/init.sls
+++ b/salt/fleet/init.sls
@@ -139,4 +139,10 @@ so-fleet:
 
 {% endif %}
 
+{% else %}
+
+fleet_state_not_allowed:
+  test.fail_without_changes:
+    - name: fleet_state_not_allowed
+
 {% endif %}
\ No newline at end of file
diff --git a/salt/freqserver/init.sls b/salt/freqserver/init.sls
index 06e25c87c..668e33079 100644
--- a/salt/freqserver/init.sls
+++ b/salt/freqserver/init.sls
@@ -56,5 +56,11 @@ so-freq:
     - binds:
       - /opt/so/log/freq_server:/var/log/freq_server:rw
 
+{% else %}
+
+freqserver_state_not_allowed:
+  test.fail_without_changes:
+    - name: freqserver_state_not_allowed
+
 {% endif %}
 
diff --git a/salt/grafana/init.sls b/salt/grafana/init.sls
index 7f760daa2..401d2d7d7 100644
--- a/salt/grafana/init.sls
+++ b/salt/grafana/init.sls
@@ -237,4 +237,10 @@ so-grafana:
 
 {% endif %}
 
+{% else %}
+
+grafana_state_not_allowed:
+  test.fail_without_changes:
+    - name: grafana_state_not_allowed
+
 {% endif %}
\ No newline at end of file
diff --git a/salt/healthcheck/init.sls b/salt/healthcheck/init.sls
index b2a9121e2..af1de6d83 100644
--- a/salt/healthcheck/init.sls
+++ b/salt/healthcheck/init.sls
@@ -29,4 +29,10 @@ healthcheck_schedule_{{ STATUS[1] }}:
   schedule.{{ STATUS[1] }}:
     - name: healthcheck
 
+{% else %}
+
+healthcheck_state_not_allowed:
+  test.fail_without_changes:
+    - name: healthcheck_state_not_allowed
+
 {% endif %}
\ No newline at end of file
diff --git a/salt/idstools/init.sls b/salt/idstools/init.sls
index c125444e1..87f35777d 100644
--- a/salt/idstools/init.sls
+++ b/salt/idstools/init.sls
@@ -75,4 +75,10 @@ so-idstools:
     - watch:
       - file: idstoolsetcsync
 
+{% else %}
+
+idstools_state_not_allowed:
+  test.fail_without_changes:
+    - name: idstools_state_not_allowed
+
 {% endif%}
\ No newline at end of file
diff --git a/salt/influxdb/init.sls b/salt/influxdb/init.sls
index ab17e8e62..6f95cfec2 100644
--- a/salt/influxdb/init.sls
+++ b/salt/influxdb/init.sls
@@ -47,4 +47,10 @@ so-influxdb:
 
 {% endif %}
 
+{% else %}
+
+influxdb_state_not_allowed:
+  test.fail_without_changes:
+    - name: influxdb_state_not_allowed
+
 {% endif %}
\ No newline at end of file
diff --git a/salt/kibana/init.sls b/salt/kibana/init.sls
index a499ea70e..7f91719d4 100644
--- a/salt/kibana/init.sls
+++ b/salt/kibana/init.sls
@@ -121,4 +121,10 @@ so-kibana-config-load:
 #    - source: salt://kibana/bin/keepkibanahappy.sh
 #    - template: jinja
 
+{% else %}
+
+kibana_state_not_allowed:
+  test.fail_without_changes:
+    - name: kibana_state_not_allowed
+
 {% endif %}
\ No newline at end of file
diff --git a/salt/logstash/init.sls b/salt/logstash/init.sls
index 24257aa93..ad11bf567 100644
--- a/salt/logstash/init.sls
+++ b/salt/logstash/init.sls
@@ -201,4 +201,10 @@ so-logstash:
       - file: es_template_{{TEMPLATE.split('.')[0] | replace("/","_") }}
 {% endfor %}
 
+{% else %}
+
+logstash_state_not_allowed:
+  test.fail_without_changes:
+    - name: logstash_state_not_allowed
+
 {% endif %}
\ No newline at end of file
diff --git a/salt/manager/init.sls b/salt/manager/init.sls
index f48ebb496..372f680fe 100644
--- a/salt/manager/init.sls
+++ b/salt/manager/init.sls
@@ -82,4 +82,10 @@ so-aptcacherng:
 
 {% endif %}
 
+{% else %}
+
+manager_state_not_allowed:
+  test.fail_without_changes:
+    - name: manager_state_not_allowed
+
 {% endif %}
\ No newline at end of file
diff --git a/salt/minio/init.sls b/salt/minio/init.sls
index 6fc383f4e..c1a681747 100644
--- a/salt/minio/init.sls
+++ b/salt/minio/init.sls
@@ -62,4 +62,10 @@ so-minio:
       - /etc/pki/minio.crt:/.minio/certs/public.crt:ro
     - entrypoint: "/usr/bin/docker-entrypoint.sh server --certs-dir /.minio/certs --address :9595 /data"
 
+{% else %}
+
+minio_state_not_allowed:
+  test.fail_without_changes:
+    - name: minio_state_not_allowed
+
 {% endif %}
\ No newline at end of file
diff --git a/salt/motd/init.sls b/salt/motd/init.sls
index a689d1707..bf9d276a6 100644
--- a/salt/motd/init.sls
+++ b/salt/motd/init.sls
@@ -9,4 +9,10 @@ so_motd:
     - source: salt://motd/files/so_motd.jinja
     - template: jinja
 
+{% else %}
+
+motd_state_not_allowed:
+  test.fail_without_changes:
+    - name: motd_state_not_allowed
+
 {% endif %}
\ No newline at end of file
diff --git a/salt/mysql/init.sls b/salt/mysql/init.sls
index ff694227b..818b5c303 100644
--- a/salt/mysql/init.sls
+++ b/salt/mysql/init.sls
@@ -99,4 +99,10 @@ so-mysql:
       - docker_container: so-mysql
 {% endif %}
 
+{% else %}
+
+mysql_state_not_allowed:
+  test.fail_without_changes:
+    - name: mysql_state_not_allowed
+
 {% endif %}
\ No newline at end of file
diff --git a/salt/nginx/init.sls b/salt/nginx/init.sls
index 4266980d7..98843b720 100644
--- a/salt/nginx/init.sls
+++ b/salt/nginx/init.sls
@@ -95,4 +95,10 @@ so-nginx:
       - file: nginxconf
       - file: nginxconfdir
 
+{% else %}
+
+nginx_state_not_allowed:
+  test.fail_without_changes:
+    - name: nginx_state_not_allowed
+
 {% endif %}
\ No newline at end of file
diff --git a/salt/nodered/init.sls b/salt/nodered/init.sls
index 6d2e75aa6..ac886a6b7 100644
--- a/salt/nodered/init.sls
+++ b/salt/nodered/init.sls
@@ -79,4 +79,10 @@ so-nodered-flows:
     - name: /usr/sbin/so-nodered-load-flows
     - cwd: /
 
+{% else %}
+
+nodered_state_not_allowed:
+  test.fail_without_changes:
+    - name: nodered_state_not_allowed
+
 {% endif %}
\ No newline at end of file
diff --git a/salt/pcap/init.sls b/salt/pcap/init.sls
index cf0a978aa..a82e0fb8d 100644
--- a/salt/pcap/init.sls
+++ b/salt/pcap/init.sls
@@ -166,4 +166,10 @@ so-sensoroni:
     - watch:
       - file: /opt/so/conf/sensoroni/sensoroni.json
 
+{% else %}
+
+pcap_state_not_allowed:
+  test.fail_without_changes:
+    - name: pcap_state_not_allowed
+
 {% endif %}
\ No newline at end of file
diff --git a/salt/playbook/init.sls b/salt/playbook/init.sls
index 8f3076faa..9d02dfce2 100644
--- a/salt/playbook/init.sls
+++ b/salt/playbook/init.sls
@@ -103,4 +103,10 @@ so-playbookruleupdatecron:
     - minute: '1'
     - hour: '6'
 
+{% else %}
+
+playbook_state_not_allowed:
+  test.fail_without_changes:
+    - name: playbook_state_not_allowed
+
 {% endif %}
\ No newline at end of file
diff --git a/salt/redis/init.sls b/salt/redis/init.sls
index b0f663671..1b7611eab 100644
--- a/salt/redis/init.sls
+++ b/salt/redis/init.sls
@@ -70,4 +70,10 @@ so-redis:
     - watch:
       - file: /opt/so/conf/redis/etc
 
+{% else %}
+
+redis_state_not_allowed:
+  test.fail_without_changes:
+    - name: redis_state_not_allowed
+
 {% endif %}
\ No newline at end of file
diff --git a/salt/registry/init.sls b/salt/registry/init.sls
index d366404fc..c98577ca2 100644
--- a/salt/registry/init.sls
+++ b/salt/registry/init.sls
@@ -57,4 +57,10 @@ so-dockerregistry:
       - /etc/pki/registry.crt:/etc/pki/registry.crt:ro
       - /etc/pki/registry.key:/etc/pki/registry.key:ro
 
+{% else %}
+
+registry_state_not_allowed:
+  test.fail_without_changes:
+    - name: registry_state_not_allowed
+
 {% endif %}
\ No newline at end of file
diff --git a/salt/salt/master.sls b/salt/salt/master.sls
index 72ca75cb0..20a204909 100644
--- a/salt/salt/master.sls
+++ b/salt/salt/master.sls
@@ -33,4 +33,10 @@ engines_config:
     - watch_in:
         - service: salt_minion_service
 
+{% else %}
+
+salt_master_state_not_allowed:
+  test.fail_without_changes:
+    - name: salt_master_state_not_allowed
+
 {% endif %}
\ No newline at end of file
diff --git a/salt/soc/init.sls b/salt/soc/init.sls
index a9d428b8a..ca40eb4f3 100644
--- a/salt/soc/init.sls
+++ b/salt/soc/init.sls
@@ -104,4 +104,10 @@ so-kratos:
     - watch:
       - file: /opt/so/conf/kratos
 
+{% else %}
+
+soc_state_not_allowed:
+  test.fail_without_changes:
+    - name: soc_state_not_allowed
+
 {% endif %}
\ No newline at end of file
diff --git a/salt/soctopus/init.sls b/salt/soctopus/init.sls
index 90a654e95..4c04f3fd1 100644
--- a/salt/soctopus/init.sls
+++ b/salt/soctopus/init.sls
@@ -69,4 +69,10 @@ so-soctopus:
     - extra_hosts:
       - {{MANAGER_URL}}:{{MANAGER_IP}}
 
+{% else %}
+
+soctopus_state_not_allowed:
+  test.fail_without_changes:
+    - name: soctopus_state_not_allowed
+
 {% endif %}
\ No newline at end of file
diff --git a/salt/ssl/init.sls b/salt/ssl/init.sls
index 550770488..1283c581d 100644
--- a/salt/ssl/init.sls
+++ b/salt/ssl/init.sls
@@ -576,4 +576,10 @@ elastickeyperms:
 
 {%- endif %}
 
+{% else %}
+
+ssl_state_not_allowed:
+  test.fail_without_changes:
+    - name: ssl_state_not_allowed
+
 {% endif %}
\ No newline at end of file
diff --git a/salt/strelka/init.sls b/salt/strelka/init.sls
index d670ab440..980b1e808 100644
--- a/salt/strelka/init.sls
+++ b/salt/strelka/init.sls
@@ -145,4 +145,10 @@ strelka_zeek_extracted_sync:
     - name: '[ -d /nsm/zeek/extracted/complete/ ] && mv /nsm/zeek/extracted/complete/* /nsm/strelka/ > /dev/null 2>&1'
     - minute: '*'
 
+{% else %}
+
+strelka_state_not_allowed:
+  test.fail_without_changes:
+    - name: strelka_state_not_allowed
+
 {% endif %}
\ No newline at end of file
diff --git a/salt/suricata/init.sls b/salt/suricata/init.sls
index 30757d617..45b99586c 100644
--- a/salt/suricata/init.sls
+++ b/salt/suricata/init.sls
@@ -178,4 +178,10 @@ surilogrotate:
     - month: '*'
     - dayweek: '*'
 
+{% else %}
+
+suricata_state_not_allowed:
+  test.fail_without_changes:
+    - name: suricata_state_not_allowed
+
 {% endif %}
\ No newline at end of file
diff --git a/salt/tcpreplay/init.sls b/salt/tcpreplay/init.sls
index a828c72f1..2634e6c15 100644
--- a/salt/tcpreplay/init.sls
+++ b/salt/tcpreplay/init.sls
@@ -12,4 +12,10 @@ so-tcpreplay:
     - interactive: True
     - tty: True
 
+{% else %}
+
+tcpreplay_state_not_allowed:
+  test.fail_without_changes:
+    - name: tcpreplay_state_not_allowed
+
 {% endif %}
diff --git a/salt/telegraf/init.sls b/salt/telegraf/init.sls
index e8665cd87..0bbf131f7 100644
--- a/salt/telegraf/init.sls
+++ b/salt/telegraf/init.sls
@@ -73,4 +73,10 @@ so-telegraf:
       - file: tgrafconf
       - file: tgrafsyncscripts
 
+{% else %}
+
+telegraf_state_not_allowed:
+  test.fail_without_changes:
+    - name: telegraf_state_not_allowed
+
 {% endif %}
\ No newline at end of file
diff --git a/salt/thehive/init.sls b/salt/thehive/init.sls
index ae3407a69..443ac9a8f 100644
--- a/salt/thehive/init.sls
+++ b/salt/thehive/init.sls
@@ -143,4 +143,10 @@ thehivescript:
     - template: jinja
     - hide_output: True
 
+{% else %}
+
+thehive_state_not_allowed:
+  test.fail_without_changes:
+    - name: thehive_state_not_allowed
+
 {% endif %}
\ No newline at end of file
diff --git a/salt/utility/init.sls b/salt/utility/init.sls
index 4f0ffaa77..d18ad5e1c 100644
--- a/salt/utility/init.sls
+++ b/salt/utility/init.sls
@@ -25,4 +25,10 @@ fixsearch:
     - template: jinja
 {% endif %}
 
+{% else %}
+
+utility_state_not_allowed:
+  test.fail_without_changes:
+    - name: utility_state_not_allowed
+
 {% endif %}
diff --git a/salt/wazuh/init.sls b/salt/wazuh/init.sls
index 6b22db8c6..f2a4ae05b 100644
--- a/salt/wazuh/init.sls
+++ b/salt/wazuh/init.sls
@@ -147,4 +147,10 @@ hidsruledir:
   file.symlink:
     - target: /nsm/wazuh/ruleset
 
+{% else %}
+
+wazuh_state_not_allowed:
+  test.fail_without_changes:
+    - name: wazuh_state_not_allowed
+
 {% endif %}
\ No newline at end of file
diff --git a/salt/yum/init.sls b/salt/yum/init.sls
index 70cc003ed..b8a4df9ee 100644
--- a/salt/yum/init.sls
+++ b/salt/yum/init.sls
@@ -10,4 +10,10 @@ yumconf:
     - mode: 644
     - template: jinja
 
+{% else %}
+
+yum_state_not_allowed:
+  test.fail_without_changes:
+    - name: yum_state_not_allowed
+
 {% endif %}
\ No newline at end of file
diff --git a/salt/zeek/init.sls b/salt/zeek/init.sls
index d27290f98..712ca53fd 100644
--- a/salt/zeek/init.sls
+++ b/salt/zeek/init.sls
@@ -196,4 +196,10 @@ so-zeek:
       - file: /opt/so/conf/zeek/policy
       - file: /opt/so/conf/zeek/bpf
 
+{% else %}
+
+zeek_state_not_allowed:
+  test.fail_without_changes:
+    - name: zeek_state_not_allowed
+
 {% endif %}
\ No newline at end of file