diff --git a/src/opnsense/scripts/suricata/queryAlertLog.py b/src/opnsense/scripts/suricata/queryAlertLog.py
index 04c599014..2fe9c6828 100755
--- a/src/opnsense/scripts/suricata/queryAlertLog.py
+++ b/src/opnsense/scripts/suricata/queryAlertLog.py
@@ -37,7 +37,7 @@ import ujson
 from lib.log import reverse_log_reader
 from lib.params import updateParams
 
-suricata_log = '/tmp/eve.json'
+suricata_log = '/var/log/suricata/eve.json'
 
 # handle parameters
 parameters = {'limit':'0','offset':'0', 'filter':''}
diff --git a/src/opnsense/service/conf/actions.d/actions_ids.conf b/src/opnsense/service/conf/actions.d/actions_ids.conf
index 40ff665c1..71c3b9124 100644
--- a/src/opnsense/service/conf/actions.d/actions_ids.conf
+++ b/src/opnsense/service/conf/actions.d/actions_ids.conf
@@ -16,6 +16,12 @@ parameters:
 type:script
 message:install suricata rules
 
+[query.alerts]
+command:/usr/local/opnsense/scripts/suricata/queryAlertLog.py
+parameters:/limit %s /offset %s /filter %s
+type:script_output
+message:query suricata alerts
+
 [stop]
 command:/usr/local/etc/rc.d/suricata stop
 parameters:
@@ -39,3 +45,4 @@ command:/usr/local/etc/rc.d/suricata status
 parameters:
 type:script_output
 message:get suricata daemon status
+