diff --git a/src/opnsense/scripts/suricata/setup.sh b/src/opnsense/scripts/suricata/setup.sh
new file mode 100755
index 000000000..a6e061576
--- /dev/null
+++ b/src/opnsense/scripts/suricata/setup.sh
@@ -0,0 +1,9 @@
+#!/bin/sh
+
+SURICATA_DIRS="/var/log/suricata"
+
+for SURICATA_DIR in ${SURICATA_DIRS}; do
+	mkdir -p ${SURICATA_DIR}
+	chown -R root:wheel ${SURICATA_DIR}
+	chmod -R 0700 ${SURICATA_DIR}
+done
diff --git a/src/opnsense/service/conf/actions.d/actions_ids.conf b/src/opnsense/service/conf/actions.d/actions_ids.conf
index bc434f663..483ecac45 100644
--- a/src/opnsense/service/conf/actions.d/actions_ids.conf
+++ b/src/opnsense/service/conf/actions.d/actions_ids.conf
@@ -41,7 +41,7 @@ type:script
 message:stop suricata daemon
 
 [start]
-command:/usr/local/etc/rc.d/suricata start
+command:/usr/local/opnsense/scripts/suricata/setup.sh;/usr/local/etc/rc.d/suricata start
 parameters:
 type:script
 message:start suricata daemon