diff --git a/userspace/engine/rule_loader_compiler.cpp b/userspace/engine/rule_loader_compiler.cpp
index d56b964b..b1647968 100644
--- a/userspace/engine/rule_loader_compiler.cpp
+++ b/userspace/engine/rule_loader_compiler.cpp
@@ -36,9 +36,12 @@ limitations under the License.
 	}
 
 static std::string s_container_info_fmt = "%container.info";
-static std::string s_default_extra_fmt =
-        "container_id=%container.id container_name=%container.name";
-
+// We were previously expanding %container.info to "container_id=%container.id
+// container_name=%container.name". Since the container plugin is now in use, and it exposes
+// container.id and container.name as suggested output fields, we don't need to expand
+// container.info anymore. We kept container.info in the ruleset to avoid a major breaking change.
+// TODO: drop `container.info` magic once we make a major breaking change in the ruleset.
+static std::string s_default_extra_fmt = "";
 using namespace libsinsp::filter;
 
 // todo(jasondellaluce): this breaks string escaping in lists and exceptions
diff --git a/userspace/falco/app/actions/init_falco_engine.cpp b/userspace/falco/app/actions/init_falco_engine.cpp
index 0f91fc93..710b1a69 100644
--- a/userspace/falco/app/actions/init_falco_engine.cpp
+++ b/userspace/falco/app/actions/init_falco_engine.cpp
@@ -95,8 +95,8 @@ void configure_output_format(falco::app::state& s) {
 
 	// See https://falco.org/docs/rules/style-guide/
 	const std::string container_info =
-	        "container_id=%container.id container_image=%container.image.repository "
-	        "container_image_tag=%container.image.tag container_name=%container.name";
+	        "container_image=%container.image.repository "
+	        "container_image_tag=%container.image.tag";
 	const std::string k8s_info = "k8s_ns=%k8s.ns.name k8s_pod_name=%k8s.pod.name";
 	const std::string gvisor_info = "vpid=%proc.vpid vtid=%thread.vtid";