diff --git a/salt/soc/defaults.yaml b/salt/soc/defaults.yaml
index 8ac49ea2e..ff8b240ec 100644
--- a/salt/soc/defaults.yaml
+++ b/salt/soc/defaults.yaml
@@ -1586,6 +1586,15 @@ soc:
               - rule.uuid
               - rule.category
               - rule.rev
+            ':playbook:':
+              - soc_timestamp
+              - rule.name
+              - event.severity_label
+              - event_data.event.module
+              - event_data.event.category
+              - event_data.process.executable
+              - event_data.process.pid
+              - event_data.winlog.computer_name
           queryBaseFilter: tags:alert
           queryToggleFilters:
             - name: acknowledged