diff --git a/salt/soc/files/soc/soc.json b/salt/soc/files/soc/soc.json
index 126577edc..ae28183fd 100644
--- a/salt/soc/files/soc/soc.json
+++ b/salt/soc/files/soc/soc.json
@@ -167,7 +167,7 @@
         "eventFields": {{ hunt_eventfields | json }},
         "queryBaseFilter": "",
         "queryToggleFilters": [
-          { "name": "caseExcludeToggle", "filter": "NOT _index:so-case*", "enabled": true }
+          { "name": "caseExcludeToggle", "filter": "NOT _index:\"*:so-case*\"", "enabled": true }
         ],
         "queries": {{ hunt_queries | json }},
         "actions": {{ menu_actions | json }}