diff --git a/salt/soc/defaults.yaml b/salt/soc/defaults.yaml
index 00c45e5c5..6a9a1bfc6 100644
--- a/salt/soc/defaults.yaml
+++ b/salt/soc/defaults.yaml
@@ -2244,7 +2244,7 @@ soc:
               description: Show all custom detections
             - name: "All Detections - Enabled"
               query: "so_detection.isEnabled:true | groupby so_detection.language | groupby so_detection.ruleset so_detection.severity"
-              description: Show all enalbed Detections
+              description: Show all enabled Detections
             - name: "All Detections - Disabled"
               query: "so_detection.isEnabled:false | groupby so_detection.language | groupby so_detection.ruleset so_detection.severity"
               description: Show all disabled Detections
@@ -2263,6 +2263,16 @@ soc:
             - name: "Detections with Overrides"
               query: "_exists_:so_detection.overrides | groupby so_detection.language | groupby so_detection.ruleset so_detection.isEnabled"
               description: Show Detections that have Overrides
+          detectionEngineStatusQueries: |
+            suricata:
+              default: 'tags:so-soc AND suricata | groupby log.level | groupby event.action | groupby soc.fields.error'
+              IntegrityFailure: 'event.action: "integrity check failed" AND soc.fields.detectionEngine:"suricata" | table event.dataset soc.fields.deployedButNotEnabledCount soc.fields.enabledButNotDeployedCount soc.fields.syncId'
+            elastalert:
+              default: 'tags:so-soc AND elastalert | groupby log.level | groupby event.action | groupby soc.fields.error'
+              IntegrityFailure: 'event.action: "integrity check failed" AND soc.fields.detectionEngine:"elastalert" | table event.dataset soc.fields.deployedButNotEnabledCount soc.fields.enabledButNotDeployedCount soc.fields.syncId'
+            strelka:
+              default: 'tags:so-soc AND strelka | groupby log.level | groupby event.action | groupby soc.fields.error'
+              IntegrityFailure: 'event.action: "integrity check failed" AND soc.fields.detectionEngine:"strelka" | table event.dataset soc.fields.deployedButNotEnabledCount soc.fields.enabledButNotDeployedCount soc.fields.syncId'
         detection:
           showUnreviewedAiSummaries: false
           presets:
diff --git a/salt/soc/soc_soc.yaml b/salt/soc/soc_soc.yaml
index af4668fc2..14296dade 100644
--- a/salt/soc/soc_soc.yaml
+++ b/salt/soc/soc_soc.yaml
@@ -461,7 +461,14 @@ soc:
         alerts: *appSettings
         cases: *appSettings
         dashboards: *appSettings
-        detections: *appSettings
+        detections:
+          <<: *appSettings
+          detectionEngineStatusQueries:
+            description: Queries mapped to the detection engine statuses. Acceptable statuses are "Migrating", "Importing", "MigrationFailure", "IntegrityFailure", "SyncFailure", "ImportPending", "Syncing", and "Healthy" and will fallback to a "default" entry if specified.
+            global: True
+            syntax: yaml
+            multiline: True
+            forcedType: "string"
         detection:
           showUnreviewedAiSummaries:
             description: Show AI summaries in detections even if they have not yet been reviewed by a human.