diff --git a/x-pack/plugins/fleet/.storybook/context/fixtures/integration.nginx.ts b/x-pack/plugins/fleet/.storybook/context/fixtures/integration.nginx.ts
index 3a2bdc1c00faf..d74d7656ad58e 100644
--- a/x-pack/plugins/fleet/.storybook/context/fixtures/integration.nginx.ts
+++ b/x-pack/plugins/fleet/.storybook/context/fixtures/integration.nginx.ts
@@ -255,6 +255,7 @@ export const item: GetInfoResponse['item'] = {
       csp_rule_template: [],
       tag: [],
       osquery_pack_asset: [],
+      osquery_saved_query: [],
     },
     elasticsearch: {
       ingest_pipeline: [
diff --git a/x-pack/plugins/fleet/.storybook/context/fixtures/integration.okta.ts b/x-pack/plugins/fleet/.storybook/context/fixtures/integration.okta.ts
index 7bba58dcaac7b..1f4b9e85043a6 100644
--- a/x-pack/plugins/fleet/.storybook/context/fixtures/integration.okta.ts
+++ b/x-pack/plugins/fleet/.storybook/context/fixtures/integration.okta.ts
@@ -105,6 +105,7 @@ export const item: GetInfoResponse['item'] = {
       lens: [],
       ml_module: [],
       osquery_pack_asset: [],
+      osquery_saved_query: [],
       security_rule: [],
       csp_rule_template: [],
       tag: [],
diff --git a/x-pack/plugins/fleet/common/services/package_to_package_policy.test.ts b/x-pack/plugins/fleet/common/services/package_to_package_policy.test.ts
index edffbdabc6c4e..79a501140a184 100644
--- a/x-pack/plugins/fleet/common/services/package_to_package_policy.test.ts
+++ b/x-pack/plugins/fleet/common/services/package_to_package_policy.test.ts
@@ -36,6 +36,7 @@ describe('Fleet - packageToPackagePolicy', () => {
         security_rule: [],
         tag: [],
         osquery_pack_asset: [],
+        osquery_saved_query: [],
       },
       elasticsearch: {
         ingest_pipeline: [],
diff --git a/x-pack/plugins/fleet/common/types/models/epm.ts b/x-pack/plugins/fleet/common/types/models/epm.ts
index 2359b979d0a17..c7951e86d7866 100644
--- a/x-pack/plugins/fleet/common/types/models/epm.ts
+++ b/x-pack/plugins/fleet/common/types/models/epm.ts
@@ -72,6 +72,7 @@ export enum KibanaAssetType {
   mlModule = 'ml_module',
   tag = 'tag',
   osqueryPackAsset = 'osquery_pack_asset',
+  osquerySavedQuery = 'osquery_saved_query',
 }
 
 /*
@@ -89,6 +90,7 @@ export enum KibanaSavedObjectType {
   cloudSecurityPostureRuleTemplate = 'csp-rule-template',
   tag = 'tag',
   osqueryPackAsset = 'osquery-pack-asset',
+  osquerySavedQuery = 'osquery-saved-query',
 }
 
 export enum ElasticsearchAssetType {
diff --git a/x-pack/plugins/fleet/public/applications/integrations/sections/epm/components/assets_facet_group.stories.tsx b/x-pack/plugins/fleet/public/applications/integrations/sections/epm/components/assets_facet_group.stories.tsx
index 713d026726926..f76a1f85772be 100644
--- a/x-pack/plugins/fleet/public/applications/integrations/sections/epm/components/assets_facet_group.stories.tsx
+++ b/x-pack/plugins/fleet/public/applications/integrations/sections/epm/components/assets_facet_group.stories.tsx
@@ -39,6 +39,7 @@ export const AssetsFacetGroup = ({ width }: Args) => {
             ml_module: [],
             tag: [],
             osquery_pack_asset: [],
+            osquery_saved_query: [],
           },
           elasticsearch: {
             component_template: [],
diff --git a/x-pack/plugins/fleet/public/applications/integrations/sections/epm/constants.tsx b/x-pack/plugins/fleet/public/applications/integrations/sections/epm/constants.tsx
index 3af6002e014c1..1fe4b7b38434d 100644
--- a/x-pack/plugins/fleet/public/applications/integrations/sections/epm/constants.tsx
+++ b/x-pack/plugins/fleet/public/applications/integrations/sections/epm/constants.tsx
@@ -62,9 +62,12 @@ export const AssetTitleMap: Record<DisplayedAssetType, string> = {
   security_rule: i18n.translate('xpack.fleet.epm.assetTitles.securityRules', {
     defaultMessage: 'Security rules',
   }),
-  osquery_pack_asset: i18n.translate('xpack.fleet.epm.assetTitles.osqueryPackAsset', {
+  osquery_pack_asset: i18n.translate('xpack.fleet.epm.assetTitles.osqueryPackAssets', {
     defaultMessage: 'Osquery packs',
   }),
+  osquery_saved_query: i18n.translate('xpack.fleet.epm.assetTitles.osquerySavedQuery', {
+    defaultMessage: 'Osquery saved queries',
+  }),
   ml_module: i18n.translate('xpack.fleet.epm.assetTitles.mlModules', {
     defaultMessage: 'ML modules',
   }),
@@ -102,6 +105,7 @@ export const AssetIcons: Record<KibanaAssetType, IconType> = {
   ml_module: 'mlApp',
   tag: 'tagApp',
   osquery_pack_asset: 'osqueryApp',
+  osquery_saved_query: 'osqueryApp',
 };
 
 export const ServiceIcons: Record<ServiceName, IconType> = {
diff --git a/x-pack/plugins/fleet/server/services/epm/kibana/assets/install.ts b/x-pack/plugins/fleet/server/services/epm/kibana/assets/install.ts
index b9582ce1cf148..110fb4535ef92 100644
--- a/x-pack/plugins/fleet/server/services/epm/kibana/assets/install.ts
+++ b/x-pack/plugins/fleet/server/services/epm/kibana/assets/install.ts
@@ -58,6 +58,7 @@ const KibanaSavedObjectTypeMapping: Record<KibanaAssetType, KibanaSavedObjectTyp
     KibanaSavedObjectType.cloudSecurityPostureRuleTemplate,
   [KibanaAssetType.tag]: KibanaSavedObjectType.tag,
   [KibanaAssetType.osqueryPackAsset]: KibanaSavedObjectType.osqueryPackAsset,
+  [KibanaAssetType.osquerySavedQuery]: KibanaSavedObjectType.osquerySavedQuery,
 };
 
 const AssetFilters: Record<string, (kibanaAssets: ArchiveAsset[]) => ArchiveAsset[]> = {
diff --git a/x-pack/plugins/fleet/server/services/package_policies_to_agent_permissions.test.ts b/x-pack/plugins/fleet/server/services/package_policies_to_agent_permissions.test.ts
index 120520db780a5..6bc56e8316da6 100644
--- a/x-pack/plugins/fleet/server/services/package_policies_to_agent_permissions.test.ts
+++ b/x-pack/plugins/fleet/server/services/package_policies_to_agent_permissions.test.ts
@@ -70,6 +70,7 @@ describe('storedPackagePoliciesToAgentPermissions()', () => {
           ml_module: [],
           tag: [],
           osquery_pack_asset: [],
+          osquery_saved_query: [],
         },
         elasticsearch: {
           component_template: [],
@@ -184,6 +185,7 @@ describe('storedPackagePoliciesToAgentPermissions()', () => {
           ml_module: [],
           tag: [],
           osquery_pack_asset: [],
+          osquery_saved_query: [],
         },
         elasticsearch: {
           component_template: [],
@@ -278,6 +280,7 @@ describe('storedPackagePoliciesToAgentPermissions()', () => {
           ml_module: [],
           tag: [],
           osquery_pack_asset: [],
+          osquery_saved_query: [],
         },
         elasticsearch: {
           component_template: [],
@@ -404,6 +407,7 @@ describe('storedPackagePoliciesToAgentPermissions()', () => {
           ml_module: [],
           tag: [],
           osquery_pack_asset: [],
+          osquery_saved_query: [],
         },
         elasticsearch: {
           component_template: [],
diff --git a/x-pack/plugins/osquery/cypress/integration/all/add_integration.spec.ts b/x-pack/plugins/osquery/cypress/integration/all/add_integration.spec.ts
index 673ff082a606c..d6f8e14381bc2 100644
--- a/x-pack/plugins/osquery/cypress/integration/all/add_integration.spec.ts
+++ b/x-pack/plugins/osquery/cypress/integration/all/add_integration.spec.ts
@@ -5,11 +5,11 @@
  * 2.0.
  */
 
-import { FLEET_AGENT_POLICIES, OLD_OSQUERY_MANAGER } from '../../tasks/navigation';
+import { FLEET_AGENT_POLICIES, navigateTo, OLD_OSQUERY_MANAGER } from '../../tasks/navigation';
 import { addIntegration, closeModalIfVisible } from '../../tasks/integrations';
 
 import { login } from '../../tasks/login';
-// import { findAndClickButton, findFormFieldByRowsLabelAndType } from '../../tasks/live_query';
+import { findAndClickButton, findFormFieldByRowsLabelAndType } from '../../tasks/live_query';
 import { ArchiverMethod, runKbnArchiverScript } from '../../tasks/archiver';
 import { DEFAULT_POLICY } from '../../screens/fleet';
 
@@ -76,53 +76,58 @@ describe('ALL - Add Integration', () => {
     addIntegration();
     cy.contains('osquery_manager-');
   });
-  // it('should have integration and packs copied when upgrading integration', () => {
-  //   const packageName = 'osquery_manager';
-  //   const oldVersion = '0.7.4';
-  //   const newVersion = '0.8.1';
-  //
-  //   cy.visit(`app/integrations/detail/${packageName}-${oldVersion}/overview`);
-  //   cy.contains('Add Osquery Manager').click();
-  //   cy.contains('Save and continue').click();
-  //   cy.contains('Add Elastic Agent later').click();
-  //   cy.contains('Upgrade');
-  //   cy.contains('Default policy').click();
-  //   cy.get('tr')
-  //     .should('contain', 'osquery_manager-2')
-  //     .and('contain', 'Osquery Manager')
-  //     .and('contain', `v${oldVersion}`);
-  //   cy.contains('Actions').click();
-  //   cy.contains('View policy').click();
-  //   cy.contains('name: osquery_manager-2');
-  //   cy.contains(`version: ${oldVersion}`);
-  //   cy.contains('Close').click();
-  //   navigateTo('app/osquery/packs');
-  //   findAndClickButton('Add pack');
-  //   findFormFieldByRowsLabelAndType('Name', 'Integration');
-  //   findFormFieldByRowsLabelAndType('Scheduled agent policies (optional)', '{downArrow} {enter}');
-  //   findAndClickButton('Add query');
-  //   cy.react('EuiComboBox', { props: { placeholder: 'Search for saved queries' } })
-  //     .click()
-  //     .type('{downArrow} {enter}');
-  //   cy.contains(/^Save$/).click();
-  //   cy.contains(/^Save pack$/).click();
-  //   cy.visit('app/fleet/policies');
-  //   cy.contains('Default policy').click();
-  //   cy.contains('Upgrade').click();
-  //   cy.contains(/^Advanced$/).click();
-  //   cy.contains('"Integration":');
-  //   cy.contains(/^Upgrade integration$/).click();
-  //   cy.contains(/^osquery_manager-2$/).click();
-  //   cy.contains(/^Advanced$/).click();
-  //   cy.contains('"Integration":');
-  //   cy.contains('Cancel').click();
-  //   cy.get('tr')
-  //     .should('contain', 'osquery_manager-2')
-  //     .and('contain', 'Osquery Manager')
-  //     .and('contain', `v${newVersion}`);
-  //   cy.contains('Actions').click();
-  //   cy.contains('View policy').click();
-  //   cy.contains('name: osquery_manager-2');
-  //   cy.contains(`version: ${newVersion}`);
-  // });
+  it('should have integration and packs copied when upgrading integration', () => {
+    const packageName = 'osquery_manager';
+    const oldVersion = '1.2.0';
+    const newVersion = '1.3.0';
+
+    cy.visit(`app/integrations/detail/${packageName}-${oldVersion}/overview`);
+    cy.contains('Add Osquery Manager').click();
+    cy.contains('Save and continue').click();
+    cy.contains('Add Elastic Agent later').click();
+    cy.contains('Upgrade');
+    cy.contains('Agent policy 1').click();
+    cy.get('tr')
+      .should('contain', 'osquery_manager-2')
+      .and('contain', 'Osquery Manager')
+      .and('contain', `v${oldVersion}`);
+    cy.contains('Actions').click();
+    cy.contains('View policy').click();
+    cy.contains('name: osquery_manager-2');
+    cy.contains(`version: ${oldVersion}`);
+    cy.contains('Close').click();
+    navigateTo('app/osquery/packs');
+    findAndClickButton('Add pack');
+    findFormFieldByRowsLabelAndType('Name', 'Integration');
+    findFormFieldByRowsLabelAndType('Scheduled agent policies (optional)', '{downArrow} {enter}');
+    findAndClickButton('Add query');
+    cy.react('EuiComboBox', { props: { placeholder: 'Search for saved queries' } })
+      .click()
+      .type('{downArrow} {enter}');
+    cy.contains(/^Save$/).click();
+    cy.contains(/^Save pack$/).click();
+    cy.visit('app/fleet/policies');
+    cy.contains('Agent policy 1').click();
+    cy.contains('Upgrade').click();
+    cy.contains(/^Advanced$/).click();
+    cy.contains('"Integration":');
+    cy.contains(/^Upgrade integration$/).click();
+    cy.contains(/^osquery_manager-2$/).click();
+    cy.contains(/^Advanced$/).click();
+    cy.contains('"Integration":');
+    cy.contains('Cancel').click();
+    cy.get('tr')
+      .should('contain', 'osquery_manager-2')
+      .and('contain', 'Osquery Manager')
+      .and('contain', `v${newVersion}`);
+    cy.contains('Actions').click();
+    cy.contains('View policy').click();
+    cy.contains('name: osquery_manager-2');
+    cy.contains(`version: ${newVersion}`);
+
+    // test list of prebuilt queries
+    navigateTo('/app/osquery/saved_queries');
+    cy.waitForReact();
+    cy.react('EuiTableRow').should('have.length.above', 5);
+  });
 });
diff --git a/x-pack/plugins/osquery/public/routes/saved_queries/edit/index.tsx b/x-pack/plugins/osquery/public/routes/saved_queries/edit/index.tsx
index 555a9ce973407..94b1f092e1ede 100644
--- a/x-pack/plugins/osquery/public/routes/saved_queries/edit/index.tsx
+++ b/x-pack/plugins/osquery/public/routes/saved_queries/edit/index.tsx
@@ -12,18 +12,24 @@ import {
   EuiFlexItem,
   EuiConfirmModal,
   EuiText,
+  EuiCallOut,
 } from '@elastic/eui';
 import { isEmpty } from 'lodash/fp';
 import React, { useCallback, useMemo, useState } from 'react';
 import { FormattedMessage } from '@kbn/i18n-react';
 import { useParams } from 'react-router-dom';
 
+import styled from 'styled-components';
 import { useKibana, useRouterNavigate } from '../../../common/lib/kibana';
 import { WithHeaderLayout } from '../../../components/layouts';
 import { useBreadcrumbs } from '../../../common/hooks/use_breadcrumbs';
 import { EditSavedQueryForm } from './form';
 import { useDeleteSavedQuery, useUpdateSavedQuery, useSavedQuery } from '../../../saved_queries';
 
+const StyledEuiCallOut = styled(EuiCallOut)`
+  margin: 10px;
+`;
+
 const EditSavedQueryPageComponent = () => {
   const permissions = useKibana().services.application.capabilities.osquery;
 
@@ -37,7 +43,14 @@ const EditSavedQueryPageComponent = () => {
 
   useBreadcrumbs('saved_query_edit', { savedQueryName: savedQueryDetails?.attributes?.id ?? '' });
 
-  const viewMode = useMemo(() => !permissions.writeSavedQueries, [permissions.writeSavedQueries]);
+  const elasticPrebuiltQuery = useMemo(
+    () => savedQueryDetails?.attributes?.version,
+    [savedQueryDetails]
+  );
+  const viewMode = useMemo(
+    () => !permissions.writeSavedQueries || elasticPrebuiltQuery,
+    [permissions.writeSavedQueries, elasticPrebuiltQuery]
+  );
 
   const handleCloseDeleteConfirmationModal = useCallback(() => {
     setIsDeleteModalVisible(false);
@@ -68,14 +81,24 @@ const EditSavedQueryPageComponent = () => {
           <EuiText>
             <h1>
               {viewMode ? (
-                <FormattedMessage
-                  id="xpack.osquery.viewSavedQuery.pageTitle"
-                  defaultMessage='"{savedQueryId}" details'
-                  // eslint-disable-next-line react-perf/jsx-no-new-object-as-prop
-                  values={{
-                    savedQueryId: savedQueryDetails?.attributes?.id ?? '',
-                  }}
-                />
+                <>
+                  <FormattedMessage
+                    id="xpack.osquery.viewSavedQuery.pageTitle"
+                    defaultMessage='"{savedQueryId}" details'
+                    // eslint-disable-next-line react-perf/jsx-no-new-object-as-prop
+                    values={{
+                      savedQueryId: savedQueryDetails?.attributes?.id ?? '',
+                    }}
+                  />
+                  {elasticPrebuiltQuery && (
+                    <StyledEuiCallOut size="s">
+                      <FormattedMessage
+                        id="xpack.osquery.viewSavedQuery.prebuiltInfo"
+                        defaultMessage="This is a prebuilt Elastic query, and it cannot be edited."
+                      />
+                    </StyledEuiCallOut>
+                  )}
+                </>
               ) : (
                 <FormattedMessage
                   id="xpack.osquery.editSavedQuery.pageTitle"
@@ -91,7 +114,7 @@ const EditSavedQueryPageComponent = () => {
         </EuiFlexItem>
       </EuiFlexGroup>
     ),
-    [savedQueryDetails?.attributes?.id, savedQueryListProps, viewMode]
+    [elasticPrebuiltQuery, savedQueryDetails?.attributes?.id, savedQueryListProps, viewMode]
   );
 
   const RightColumn = useMemo(
diff --git a/x-pack/plugins/osquery/public/routes/saved_queries/list/index.tsx b/x-pack/plugins/osquery/public/routes/saved_queries/list/index.tsx
index e742958b989f0..2fe33261e69d9 100644
--- a/x-pack/plugins/osquery/public/routes/saved_queries/list/index.tsx
+++ b/x-pack/plugins/osquery/public/routes/saved_queries/list/index.tsx
@@ -14,6 +14,7 @@ import {
   EuiFlexItem,
   EuiText,
   EuiBasicTableColumn,
+  EuiToolTip,
 } from '@elastic/eui';
 import React, { useCallback, useMemo, useState } from 'react';
 import { i18n } from '@kbn/i18n';
@@ -145,6 +146,16 @@ const SavedQueriesPageComponent = () => {
     return updatedAt ? `${moment(updatedAt).fromNow()}${updatedBy}` : '-';
   }, []);
 
+  const renderDescriptionColumn = useCallback((description?: string) => {
+    const content =
+      description && description.length > 80 ? `${description?.substring(0, 80)}...` : description;
+
+    return (
+      <EuiToolTip content={<EuiFlexItem>{description}</EuiFlexItem>}>
+        <EuiFlexItem grow={false}>{content}</EuiFlexItem>
+      </EuiToolTip>
+    );
+  }, []);
   const columns: Array<EuiBasicTableColumn<SavedQuerySO>> = useMemo(
     () => [
       {
@@ -154,19 +165,22 @@ const SavedQueriesPageComponent = () => {
         }),
         sortable: (item) => item.attributes.id.toLowerCase(),
         truncateText: true,
+        width: '15%',
       },
       {
         field: 'attributes.description',
         name: i18n.translate('xpack.osquery.savedQueries.table.descriptionColumnTitle', {
           defaultMessage: 'Description',
         }),
-        truncateText: true,
+        render: renderDescriptionColumn,
+        width: '50%',
       },
       {
         field: 'attributes.created_by',
         name: i18n.translate('xpack.osquery.savedQueries.table.createdByColumnTitle', {
           defaultMessage: 'Created by',
         }),
+        width: '15%',
         sortable: true,
         truncateText: true,
       },
@@ -175,6 +189,7 @@ const SavedQueriesPageComponent = () => {
         name: i18n.translate('xpack.osquery.savedQueries.table.updatedAtColumnTitle', {
           defaultMessage: 'Last updated at',
         }),
+        width: '10%',
         sortable: (item) =>
           item.attributes.updated_at ? Date.parse(item.attributes.updated_at) : 0,
         truncateText: true,
@@ -187,7 +202,7 @@ const SavedQueriesPageComponent = () => {
         actions: [{ render: renderPlayAction }, { render: renderEditAction }],
       },
     ],
-    [renderEditAction, renderPlayAction, renderUpdatedAt]
+    [renderDescriptionColumn, renderEditAction, renderPlayAction, renderUpdatedAt]
   );
 
   const onTableChange = useCallback(({ page = {}, sort = {} }) => {
diff --git a/x-pack/plugins/osquery/public/saved_queries/form/code_editor_field.tsx b/x-pack/plugins/osquery/public/saved_queries/form/code_editor_field.tsx
index cc64e539e399f..441960e1c2c98 100644
--- a/x-pack/plugins/osquery/public/saved_queries/form/code_editor_field.tsx
+++ b/x-pack/plugins/osquery/public/saved_queries/form/code_editor_field.tsx
@@ -36,7 +36,7 @@ const CodeEditorFieldComponent: React.FC<CodeEditorFieldProps> = ({ euiFieldProp
       error={error}
       fullWidth
     >
-      {euiFieldProps?.disabled ? (
+      {euiFieldProps?.isDisabled ? (
         <StyledEuiCodeBlock
           language="sql"
           fontSize="m"
diff --git a/x-pack/plugins/osquery/public/saved_queries/form/index.tsx b/x-pack/plugins/osquery/public/saved_queries/form/index.tsx
index 44fae4efd3608..ec87f430eea92 100644
--- a/x-pack/plugins/osquery/public/saved_queries/form/index.tsx
+++ b/x-pack/plugins/osquery/public/saved_queries/form/index.tsx
@@ -85,7 +85,7 @@ const SavedQueryFormComponent: React.FC<SavedQueryFormProps> = ({
       <EuiSpacer size="xl" />
       <EuiFlexGroup>
         <EuiFlexItem>
-          <ECSMappingEditorField />
+          <ECSMappingEditorField euiFieldProps={euiFieldProps} />
         </EuiFlexItem>
       </EuiFlexGroup>
       {!viewMode && hasPlayground && (
@@ -124,7 +124,11 @@ const SavedQueryFormComponent: React.FC<SavedQueryFormProps> = ({
           <CommonUseField path="version" euiFieldProps={versionEuiFieldProps} />
         </EuiFlexItem>
         <EuiFlexItem>
-          <CommonUseField path="platform" component={PlatformCheckBoxGroupField} />
+          <CommonUseField
+            path="platform"
+            component={PlatformCheckBoxGroupField}
+            euiFieldProps={euiFieldProps}
+          />
         </EuiFlexItem>
       </EuiFlexGroup>
       {playgroundVisible && (
diff --git a/x-pack/plugins/security_solution/public/management/pages/policy/view/ingest_manager_integration/mocks.tsx b/x-pack/plugins/security_solution/public/management/pages/policy/view/ingest_manager_integration/mocks.tsx
index daa44f01dbffd..21aa203a36f53 100644
--- a/x-pack/plugins/security_solution/public/management/pages/policy/view/ingest_manager_integration/mocks.tsx
+++ b/x-pack/plugins/security_solution/public/management/pages/policy/view/ingest_manager_integration/mocks.tsx
@@ -181,6 +181,7 @@ export const generateFleetPackageInfo = (): PackageInfo => {
         security_rule: [],
         tag: [],
         osquery_pack_asset: [],
+        osquery_saved_query: [],
       },
       elasticsearch: {
         ingest_pipeline: [],
diff --git a/x-pack/plugins/translations/translations/fr-FR.json b/x-pack/plugins/translations/translations/fr-FR.json
index 093c8828b7642..7193f8640b6ac 100644
--- a/x-pack/plugins/translations/translations/fr-FR.json
+++ b/x-pack/plugins/translations/translations/fr-FR.json
@@ -12656,7 +12656,7 @@
     "xpack.fleet.epm.assetTitles.maps": "Cartes",
     "xpack.fleet.epm.assetTitles.mlModels": "Modèles ML",
     "xpack.fleet.epm.assetTitles.mlModules": "Modules ML",
-    "xpack.fleet.epm.assetTitles.osqueryPackAsset": "Packs Osquery",
+    "xpack.fleet.epm.assetTitles.osqueryPackAssets": "Packs Osquery",
     "xpack.fleet.epm.assetTitles.savedSearches": "Recherches enregistrées",
     "xpack.fleet.epm.assetTitles.securityRules": "Règles de sécurité",
     "xpack.fleet.epm.assetTitles.tag": "Balise",
diff --git a/x-pack/plugins/translations/translations/ja-JP.json b/x-pack/plugins/translations/translations/ja-JP.json
index 71f752480d644..e1f7fa018a7b0 100644
--- a/x-pack/plugins/translations/translations/ja-JP.json
+++ b/x-pack/plugins/translations/translations/ja-JP.json
@@ -12775,7 +12775,7 @@
     "xpack.fleet.epm.assetTitles.maps": "マップ",
     "xpack.fleet.epm.assetTitles.mlModels": "MLモデル",
     "xpack.fleet.epm.assetTitles.mlModules": "機械学習モジュール",
-    "xpack.fleet.epm.assetTitles.osqueryPackAsset": "Osqueryパック",
+    "xpack.fleet.epm.assetTitles.osqueryPackAssets": "Osqueryパック",
     "xpack.fleet.epm.assetTitles.savedSearches": "保存された検索",
     "xpack.fleet.epm.assetTitles.securityRules": "セキュリティルール",
     "xpack.fleet.epm.assetTitles.tag": "タグ",
diff --git a/x-pack/plugins/translations/translations/zh-CN.json b/x-pack/plugins/translations/translations/zh-CN.json
index 3d391ce40f8c4..d8aa4205aae61 100644
--- a/x-pack/plugins/translations/translations/zh-CN.json
+++ b/x-pack/plugins/translations/translations/zh-CN.json
@@ -12800,7 +12800,7 @@
     "xpack.fleet.epm.assetTitles.maps": "Maps",
     "xpack.fleet.epm.assetTitles.mlModels": "ML 模型",
     "xpack.fleet.epm.assetTitles.mlModules": "ML 模块",
-    "xpack.fleet.epm.assetTitles.osqueryPackAsset": "Osquery 包",
+    "xpack.fleet.epm.assetTitles.osqueryPackAssets": "Osquery 包",
     "xpack.fleet.epm.assetTitles.savedSearches": "已保存的搜索",
     "xpack.fleet.epm.assetTitles.securityRules": "安全规则",
     "xpack.fleet.epm.assetTitles.tag": "标签",
diff --git a/x-pack/test/fleet_api_integration/apis/epm/install_remove_assets.ts b/x-pack/test/fleet_api_integration/apis/epm/install_remove_assets.ts
index 16f8fc04aa92f..b206e584b94b3 100644
--- a/x-pack/test/fleet_api_integration/apis/epm/install_remove_assets.ts
+++ b/x-pack/test/fleet_api_integration/apis/epm/install_remove_assets.ts
@@ -251,6 +251,16 @@ export default function (providerContext: FtrProviderContext) {
           resOsqueryPackAsset = err;
         }
         expect(resOsqueryPackAsset.response.data.statusCode).equal(404);
+        let resOsquerySavedQuery;
+        try {
+          resOsquerySavedQuery = await kibanaServer.savedObjects.get({
+            type: 'osquery-saved-query',
+            id: 'sample_osquery_saved_query',
+          });
+        } catch (err) {
+          resOsquerySavedQuery = err;
+        }
+        expect(resOsquerySavedQuery.response.data.statusCode).equal(404);
       });
       it('should have removed the saved object', async function () {
         let res;
@@ -443,6 +453,11 @@ const expectAssetsInstalled = ({
       id: 'sample_osquery_pack_asset',
     });
     expect(resOsqueryPackAsset.id).equal('sample_osquery_pack_asset');
+    const resOsquerySavedObject = await kibanaServer.savedObjects.get({
+      type: 'osquery-saved-query',
+      id: 'sample_osquery_saved_query',
+    });
+    expect(resOsquerySavedObject.id).equal('sample_osquery_saved_query');
     const resCloudSecurityPostureRuleTemplate = await kibanaServer.savedObjects.get({
       type: 'csp-rule-template',
       id: 'sample_csp_rule_template',
@@ -526,6 +541,10 @@ const expectAssetsInstalled = ({
           id: 'sample_osquery_pack_asset',
           type: 'osquery-pack-asset',
         },
+        {
+          id: 'sample_osquery_saved_query',
+          type: 'osquery-saved-query',
+        },
         {
           id: 'sample_search',
           type: 'search',
@@ -687,6 +706,10 @@ const expectAssetsInstalled = ({
           id: '313ddb31-e70a-59e8-8287-310d4652a9b7',
           type: 'epm-packages-assets',
         },
+        {
+          id: '24a74223-5fdb-52ca-9cb5-b2cdd2a42b07',
+          type: 'epm-packages-assets',
+        },
         {
           id: 'e786cbd9-0f3b-5a0b-82a6-db25145ebf58',
           type: 'epm-packages-assets',
diff --git a/x-pack/test/fleet_api_integration/apis/epm/update_assets.ts b/x-pack/test/fleet_api_integration/apis/epm/update_assets.ts
index 9758107cee83d..6cbedf68da567 100644
--- a/x-pack/test/fleet_api_integration/apis/epm/update_assets.ts
+++ b/x-pack/test/fleet_api_integration/apis/epm/update_assets.ts
@@ -361,6 +361,7 @@ export default function (providerContext: FtrProviderContext) {
         type: 'epm-packages',
         id: 'all_assets',
       });
+
       expect(res.attributes).eql({
         installed_kibana_space_id: 'default',
         installed_kibana: [
@@ -400,6 +401,10 @@ export default function (providerContext: FtrProviderContext) {
             id: 'sample_osquery_pack_asset',
             type: 'osquery-pack-asset',
           },
+          {
+            id: 'sample_osquery_saved_query',
+            type: 'osquery-saved-query',
+          },
         ],
         installed_es: [
           {
@@ -484,6 +489,7 @@ export default function (providerContext: FtrProviderContext) {
           { id: '7f4c5aca-b4f5-5f0a-95af-051da37513fc', type: 'epm-packages-assets' },
           { id: '4281a436-45a8-54ab-9724-fda6849f789d', type: 'epm-packages-assets' },
           { id: 'cb0bbdd7-e043-508b-91c0-09e4cc0f5a3c', type: 'epm-packages-assets' },
+          { id: '6a87d1a5-adf8-5a30-82c4-4c3b8298272b', type: 'epm-packages-assets' },
           { id: '2e56f08b-1d06-55ed-abee-4708e1ccf0aa', type: 'epm-packages-assets' },
           { id: '4035007b-9c33-5227-9803-2de8a17523b5', type: 'epm-packages-assets' },
           { id: 'e6ae7d31-6920-5408-9219-91ef1662044b', type: 'epm-packages-assets' },
diff --git a/x-pack/test/fleet_api_integration/apis/fixtures/test_packages/all_assets/0.1.0/kibana/osquery_saved_query/sample_osquery_saved_query.json b/x-pack/test/fleet_api_integration/apis/fixtures/test_packages/all_assets/0.1.0/kibana/osquery_saved_query/sample_osquery_saved_query.json
new file mode 100644
index 0000000000000..d0a647ff5e0cf
--- /dev/null
+++ b/x-pack/test/fleet_api_integration/apis/fixtures/test_packages/all_assets/0.1.0/kibana/osquery_saved_query/sample_osquery_saved_query.json
@@ -0,0 +1,24 @@
+{
+  "attributes": {
+    "created_at": "2021-12-21T08:54:07.802Z",
+    "created_by": "elastic",
+    "description": "Test saved query description",
+    "ecs_mapping": [
+      {
+        "key": "labels",
+        "value": {
+          "field": "hours"
+        }
+      }
+    ],
+    "id": "Saved-Query-Id",
+    "interval": "3600",
+    "query": "select * from uptime;",
+    "platform": "linux,darwin",
+    "version": 1
+  },
+  "coreMigrationVersion": "8.1.0",
+  "references": [],
+  "id": "sample_osquery_saved_query",
+  "type": "osquery-saved-query"
+}
diff --git a/x-pack/test/fleet_api_integration/apis/fixtures/test_packages/all_assets/0.2.0/kibana/osquery_saved_query/sample_osquery_saved_query.json b/x-pack/test/fleet_api_integration/apis/fixtures/test_packages/all_assets/0.2.0/kibana/osquery_saved_query/sample_osquery_saved_query.json
new file mode 100644
index 0000000000000..d0a647ff5e0cf
--- /dev/null
+++ b/x-pack/test/fleet_api_integration/apis/fixtures/test_packages/all_assets/0.2.0/kibana/osquery_saved_query/sample_osquery_saved_query.json
@@ -0,0 +1,24 @@
+{
+  "attributes": {
+    "created_at": "2021-12-21T08:54:07.802Z",
+    "created_by": "elastic",
+    "description": "Test saved query description",
+    "ecs_mapping": [
+      {
+        "key": "labels",
+        "value": {
+          "field": "hours"
+        }
+      }
+    ],
+    "id": "Saved-Query-Id",
+    "interval": "3600",
+    "query": "select * from uptime;",
+    "platform": "linux,darwin",
+    "version": 1
+  },
+  "coreMigrationVersion": "8.1.0",
+  "references": [],
+  "id": "sample_osquery_saved_query",
+  "type": "osquery-saved-query"
+}