diff --git a/salt/soc/soc_soc.yaml b/salt/soc/soc_soc.yaml
index 03fd47e80..b2ed893f6 100644
--- a/salt/soc/soc_soc.yaml
+++ b/salt/soc/soc_soc.yaml
@@ -48,7 +48,7 @@ soc:
       forcedType: "[]{}"
     eventFields:
       default:
-        description: Event fields mappings are defined by the format ":event.module:event.dataset", so if you would like to customize which fields show for syslog events of originating from zeek you will find that entry in the left panel that looks like :zeek:syslog. This default entry is used for all events that do not match an existing mapping defined on the left side of this configuration screen.
+        description: Event fields mappings are defined by the format ":event.module:event.dataset". For example, to customize which fields show for 'syslog' events originating from 'zeek', find the eventField item in the left panel that looks like ':zeek:syslog'. This 'default' entry is used for all events that do not match an existing mapping defined in the list to the left.
         global: True
         advanced: True
     server: