diff --git a/salt/soc/defaults.yaml b/salt/soc/defaults.yaml
index d96e41a70..fe131ca58 100644
--- a/salt/soc/defaults.yaml
+++ b/salt/soc/defaults.yaml
@@ -2263,13 +2263,14 @@ soc:
             - name: "Detections with Overrides"
               query: "_exists_:so_detection.overrides | groupby so_detection.language | groupby so_detection.ruleset so_detection.isEnabled"
               description: Show Detections that have Overrides
-          detectionEngineStatusQueries:
+          detectionEngineStatusQueries: |
             suricata:
-              IntegrityFailure: 'tags:so-soc AND soc.fields.error: "integrity check failed; discrepancies found" AND soc.fields.detectionEngine:"suricata"'
+              default:
+              IntegrityFailure: 'event.action: "integrity check failed" AND soc.fields.detectionEngine:"suricata" | table event.dataset soc.fields.deployedButNotEnabledCount soc.fields.enabledButNotDeployedCount soc.fields.syncId'
             elastalert:
-              IntegrityFailure: 'tags:so-soc AND soc.fields.error: "integrity check failed; discrepancies found" AND soc.fields.detectionEngine:"elastalert"'
+              IntegrityFailure: 'event.action: "integrity check failed" AND soc.fields.detectionEngine:"elastalert" | table event.dataset soc.fields.deployedButNotEnabledCount soc.fields.enabledButNotDeployedCount soc.fields.syncId'
             strelka:
-              IntegrityFailure: 'tags:so-soc AND soc.fields.error: "integrity check failed; discrepancies found" AND soc.fields.detectionEngine:"strelka"'
+              IntegrityFailure: 'event.action: "integrity check failed" AND soc.fields.detectionEngine:"strelka" | table event.dataset soc.fields.deployedButNotEnabledCount soc.fields.enabledButNotDeployedCount soc.fields.syncId'
         detection:
           showUnreviewedAiSummaries: false
           presets:
diff --git a/salt/soc/soc_soc.yaml b/salt/soc/soc_soc.yaml
index 06f562a6a..14296dade 100644
--- a/salt/soc/soc_soc.yaml
+++ b/salt/soc/soc_soc.yaml
@@ -464,9 +464,11 @@ soc:
         detections:
           <<: *appSettings
           detectionEngineStatusQueries:
-            description: Queries mapped to the detection engine status.
+            description: Queries mapped to the detection engine statuses. Acceptable statuses are "Migrating", "Importing", "MigrationFailure", "IntegrityFailure", "SyncFailure", "ImportPending", "Syncing", and "Healthy" and will fallback to a "default" entry if specified.
             global: True
-            forcedType: "{}"
+            syntax: yaml
+            multiline: True
+            forcedType: "string"
         detection:
           showUnreviewedAiSummaries:
             description: Show AI summaries in detections even if they have not yet been reviewed by a human.