diff --git a/salt/suricata/cron/surirotate b/salt/suricata/cron/surirotate
new file mode 100644
index 000000000..b77c4d635
--- /dev/null
+++ b/salt/suricata/cron/surirotate
@@ -0,0 +1,6 @@
+#!/bin/bash
+
+# Gzip the eve logs
+find /nsm/suricata/eve*.json -type f -printf '%T@\t%p\n' | sort -t $'\t' -g |  head -n -1 |  cut -d $'\t' -f 2- | xargs nice gzip
+
+# TODO Add stats log
\ No newline at end of file
diff --git a/salt/suricata/init.sls b/salt/suricata/init.sls
index e49b59f4f..f8fd13067 100644
--- a/salt/suricata/init.sls
+++ b/salt/suricata/init.sls
@@ -79,6 +79,12 @@ surilogscript:
     - source: salt://suricata/cron/surilogcompress
     - mode: 755
 
+surirotatescript:
+  file.managed:
+    - name: /usr/local/bin/surirotate
+    - source: salt://suricata/cron/surirotate
+    - mode: 755
+
 /usr/local/bin/surilogcompress:
   cron.present:
     - user: suricata
@@ -155,6 +161,15 @@ so-suricata:
 
 surilogrotate:
   file.managed:
-    - name: /etc/logrotate.d/suristats
+    - name: /opt/so/conf/suricata/suri-rotate.conf
     - source: salt://suricata/files/suri-rotate.conf
-    - mode: 644
\ No newline at end of file
+    - mode: 644
+
+/usr/local/bin/surirotate:
+  cron.present:
+    - user: root
+    - minute: '6'
+    - hour: '*'
+    - daymonth: '*'
+    - month: '*'
+    - dayweek: '*'