From f67fcecc6e2f539fddbbddedc5b090cd75ce2168 Mon Sep 17 00:00:00 2001
From: Corey Ogburn <corey.ogburn@securityonionsolutions.com>
Date: Mon, 21 Oct 2024 09:47:58 -0600
Subject: [PATCH] Clean up StatusQueries String

---
 salt/soc/defaults.yaml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/salt/soc/defaults.yaml b/salt/soc/defaults.yaml
index a9ab09e47..00468e7a0 100644
--- a/salt/soc/defaults.yaml
+++ b/salt/soc/defaults.yaml
@@ -2265,7 +2265,6 @@ soc:
               description: Show Detections that have Overrides
           detectionEngineStatusQueries: |
             suricata:
-              default:
               IntegrityFailure: 'event.action: "integrity check failed" AND soc.fields.detectionEngine:"suricata" | table event.dataset soc.fields.deployedButNotEnabledCount soc.fields.enabledButNotDeployedCount soc.fields.syncId'
             elastalert:
               IntegrityFailure: 'event.action: "integrity check failed" AND soc.fields.detectionEngine:"elastalert" | table event.dataset soc.fields.deployedButNotEnabledCount soc.fields.enabledButNotDeployedCount soc.fields.syncId'