diff --git a/salt/soc/defaults.yaml b/salt/soc/defaults.yaml
index 987011c991..4ecf1713d7 100644
--- a/salt/soc/defaults.yaml
+++ b/salt/soc/defaults.yaml
@@ -1993,6 +1993,13 @@ soc:
           mostRecentlyUsedLimit: 5
           safeStringMaxLength: 100
           queryBaseFilter: '_index:"*:so-detection" AND so_kind:detection'
+          presets:
+            manualSync:
+              customEnabled:false
+              labels:
+                - Suricata
+                - Strelka
+                - ElastAlert
           eventFields:
             default:
               - so_detection.title