diff --git a/scripts/services/wazuh/suricata/suricata_init.sh b/scripts/services/wazuh/suricata/suricata_init.sh
index 9d14af9..97cda65 100755
--- a/scripts/services/wazuh/suricata/suricata_init.sh
+++ b/scripts/services/wazuh/suricata/suricata_init.sh
@@ -55,6 +55,16 @@ fi
 # sudo chown root:root /etc/rsyslog.d/20-suricata.conf
 # sudo systemctl restart rsyslog
 
+# rules
+pushd .
+cd /tmp
+wget https://rules.emergingthreats.net/open/suricata-4.0/emerging.rules.tar.gz
+tar zxvf emerging.rules.tar.gz
+sudo -E rm /etc/suricata/rules/* -f
+sudo -E mv rules/*.rules /etc/suricata/rules/
+popd
+
+# suricata yaml
 sudo -E rm -f /etc/suricata/suricata.yaml
 sudo -E wget -O /etc/suricata/suricata.yaml http://www.branchnetconsulting.com/wazuh/suricata.yaml