diff --git a/salt/soc/defaults.yaml b/salt/soc/defaults.yaml
index f89d9e99f..d847d1d1b 100644
--- a/salt/soc/defaults.yaml
+++ b/salt/soc/defaults.yaml
@@ -1493,7 +1493,6 @@ soc:
                 folder: securityonion-normalized
         assistant:
           apiUrl: https://onionai-dev.securityonion.net
-          investigationPrompt:
         salt:
           queueDir: /opt/sensoroni/queue
           timeoutMs: 45000
@@ -2544,3 +2543,6 @@ soc:
                           - ' -priv'
                   condition: all of selection_*
               level: 'high'  # info | low | medium | high | critical
+        assistant:
+          enabledInSoc: false
+          investigationPrompt: Investigate Alert ID {socid}
\ No newline at end of file