diff --git a/src/opnsense/service/templates/OPNsense/IDS/suricata.yaml b/src/opnsense/service/templates/OPNsense/IDS/suricata.yaml
index 996f37c6d..06519c06a 100644
--- a/src/opnsense/service/templates/OPNsense/IDS/suricata.yaml
+++ b/src/opnsense/service/templates/OPNsense/IDS/suricata.yaml
@@ -117,7 +117,10 @@ outputs:
 #        - files:
 #            force-magic: no   # force logging magic on all logged files
 #            force-md5: no     # force logging of md5 checksums
-#        #- drop
+        - drop:
+            alerts: yes      # log alerts that caused drops
+            flows: start     # start or all: 'start' logs only a single drop
+                             # per flow direction. All logs each dropped pkt.
 #        - ssh
 
   # alert output for use with Barnyard2