diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/rules/legacy_rule_status/legacy_migrations.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/rules/legacy_rule_status/legacy_migrations.ts
index 92d7487be0cdb..72ab4a2237ba1 100644
--- a/x-pack/plugins/security_solution/server/lib/detection_engine/rules/legacy_rule_status/legacy_migrations.ts
+++ b/x-pack/plugins/security_solution/server/lib/detection_engine/rules/legacy_rule_status/legacy_migrations.ts
@@ -18,34 +18,19 @@ import { IRuleSavedAttributesSavedObjectAttributes } from '../types';
 import { legacyGetRuleReference } from './legacy_utils';
 
 export const truncateMessageFields: SavedObjectMigrationFn<Record<string, unknown>> = (doc) => {
-  const { lastFailureMessage, lastSuccessMessage, ...restAttributes } = doc.attributes;
+  const { lastFailureMessage, lastSuccessMessage, ...otherAttributes } = doc.attributes;
 
   return {
     ...doc,
     attributes: {
+      ...otherAttributes,
       lastFailureMessage: truncateMessage(lastFailureMessage),
       lastSuccessMessage: truncateMessage(lastSuccessMessage),
-      ...restAttributes,
     },
     references: doc.references ?? [],
   };
 };
 
-/**
- * This side-car rule status SO is deprecated and is to be replaced by the RuleExecutionLog on Event-Log and
- * additional fields on the Alerting Framework Rule SO.
- *
- * @deprecated Remove this once we've fully migrated to event-log and no longer require addition status SO (8.x)
- */
-export const legacyRuleStatusSavedObjectMigration = {
-  '7.15.2': truncateMessageFields,
-  '7.16.0': (
-    doc: SavedObjectUnsanitizedDoc<IRuleSavedAttributesSavedObjectAttributes>
-  ): SavedObjectSanitizedDoc<IRuleSavedAttributesSavedObjectAttributes> => {
-    return legacyMigrateRuleAlertIdSOReferences(doc);
-  },
-};
-
 /**
  * This migrates alertId within legacy `siem-detection-engine-rule-status` to saved object references on an upgrade.
  * We only migrate alertId if we find these conditions:
@@ -62,29 +47,24 @@ export const legacyRuleStatusSavedObjectMigration = {
 export const legacyMigrateRuleAlertIdSOReferences = (
   doc: SavedObjectUnsanitizedDoc<IRuleSavedAttributesSavedObjectAttributes>
 ): SavedObjectSanitizedDoc<IRuleSavedAttributesSavedObjectAttributes> => {
-  const { references } = doc;
-
-  // Isolate alertId from the doc
-  const { alertId, ...attributesWithoutAlertId } = doc.attributes;
-  const existingReferences = references ?? [];
+  const { alertId, ...otherAttributes } = doc.attributes;
+  const existingReferences = doc.references ?? [];
 
+  // early return if alertId is not a string as expected
   if (!isString(alertId)) {
-    // early return if alertId is not a string as expected
     return { ...doc, references: existingReferences };
-  } else {
-    const alertReferences = legacyMigrateAlertId({
-      alertId,
-      existingReferences,
-    });
-
-    return {
-      ...doc,
-      attributes: {
-        ...attributesWithoutAlertId.attributes,
-      },
-      references: [...existingReferences, ...alertReferences],
-    };
   }
+
+  const alertReferences = legacyMigrateAlertId({
+    alertId,
+    existingReferences,
+  });
+
+  return {
+    ...doc,
+    attributes: otherAttributes,
+    references: [...existingReferences, ...alertReferences],
+  };
 };
 
 /**
@@ -113,3 +93,14 @@ export const legacyMigrateAlertId = ({
     return [legacyGetRuleReference(alertId)];
   }
 };
+
+/**
+ * This side-car rule status SO is deprecated and is to be replaced by the RuleExecutionLog on Event-Log and
+ * additional fields on the Alerting Framework Rule SO.
+ *
+ * @deprecated Remove this once we've fully migrated to event-log and no longer require addition status SO (8.x)
+ */
+export const legacyRuleStatusSavedObjectMigration = {
+  '7.15.2': truncateMessageFields,
+  '7.16.0': legacyMigrateRuleAlertIdSOReferences,
+};
diff --git a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/migrations.ts b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/migrations.ts
index 6d1d64a04cd93..cfae7532ba496 100644
--- a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/migrations.ts
+++ b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/migrations.ts
@@ -6,6 +6,7 @@
  */
 
 import expect from '@kbn/expect';
+import { IRuleStatusSOAttributes } from '../../../../plugins/security_solution/server/lib/detection_engine/rules/types';
 import { FtrProviderContext } from '../../common/ftr_provider_context';
 
 // eslint-disable-next-line import/no-default-export
@@ -113,6 +114,30 @@ export default ({ getService }: FtrProviderContext): void => {
           undefined
         );
       });
+
+      it('migrates legacy siem-detection-engine-rule-status and retains other attributes as the same attributes as before', async () => {
+        const response = await es.get<{
+          'siem-detection-engine-rule-status': IRuleStatusSOAttributes;
+        }>({
+          index: '.kibana',
+          id: 'siem-detection-engine-rule-status:d62d2980-27c4-11ec-92b0-f7b47106bb35',
+        });
+        expect(response.statusCode).to.eql(200);
+
+        expect(response.body._source?.['siem-detection-engine-rule-status']).to.eql({
+          statusDate: '2021-10-11T20:51:26.622Z',
+          status: 'succeeded',
+          lastFailureAt: '2021-10-11T18:10:08.982Z',
+          lastSuccessAt: '2021-10-11T20:51:26.622Z',
+          lastFailureMessage:
+            '4 days (323690920ms) were not queried between this rule execution and the last execution, so signals may have been missed. Consider increasing your look behind time or adding more Kibana instances. name: "Threshy" id: "fb1046a0-0452-11ec-9b15-d13d79d162f3" rule id: "b789c80f-f6d8-41f1-8b4f-b4a23342cde2" signals index: ".siem-signals-spong-default"',
+          lastSuccessMessage: 'succeeded',
+          gap: '4 days',
+          bulkCreateTimeDurations: ['34.49'],
+          searchAfterTimeDurations: ['62.58'],
+          lastLookBackDate: null,
+        });
+      });
     });
   });
 };