diff --git a/src/opnsense/service/templates/OPNsense/IDS/newsyslog.conf b/src/opnsense/service/templates/OPNsense/IDS/newsyslog.conf
index b3c9e3ab2..fc7f9c99b 100644
--- a/src/opnsense/service/templates/OPNsense/IDS/newsyslog.conf
+++ b/src/opnsense/service/templates/OPNsense/IDS/newsyslog.conf
@@ -2,7 +2,7 @@
 {% if helpers.exists('OPNsense.IDS.general') and OPNsense.IDS.general.enabled|default("0") == "1" %}
 /var/log/suricata/stats.log	root:wheel	640	7	*	$D0	B	/var/run/suricata.pid	1
 /var/log/suricata.log		root:wheel	640	7	*	$D0	B	/var/run/suricata.pid	1
-/var/log/suricata/eve.json	root:wheel	640	{{ OPNsense.IDS.general.AlertSaveLogs|default("4") }}	*	${{
+/var/log/suricata/eve.json	root:wheel	640	{{ OPNsense.IDS.general.AlertSaveLogs|default("4") }}	500000	${{
     OPNsense.IDS.general.AlertLogrotate|default("W0D23")
 }}	B	/var/run/suricata.pid	1
 {% endif %}