diff --git a/install_files/securedrop-ossec-server/var/ossec/rules/local_rules.xml b/install_files/securedrop-ossec-server/var/ossec/rules/local_rules.xml
index 97f0cfe62e..31389374e0 100644
--- a/install_files/securedrop-ossec-server/var/ossec/rules/local_rules.xml
+++ b/install_files/securedrop-ossec-server/var/ossec/rules/local_rules.xml
@@ -200,4 +200,10 @@
   </rule>
 </group>
 
+<group name="Apache logs">
+  <rule id="400700" level="7">
+    <if_sid>30301</if_sid>
+    <description>Apache application error.</description>
+  </rule>
+</group>
 
diff --git a/molecule/testinfra/staging/vars/staging.yml b/molecule/testinfra/staging/vars/staging.yml
index a878b73e12..ca63c236be 100644
--- a/molecule/testinfra/staging/vars/staging.yml
+++ b/molecule/testinfra/staging/vars/staging.yml
@@ -162,5 +162,20 @@ log_events_with_ossec_alerts:
     level: "1"
     rule_id: "400503"
 
+  - name: test_ossec_server_apache_error_log_alert
+    alert: >
+      [Fri Apr 12 14:39:25.596318 2019] [wsgi:error]
+      [pid 1480:tid 4201987876608] ERROR:flask.app:Login for 'user' failed:
+      invalid username 'user'
+    level: "7"
+    rule_id: "400700"
+
+  - name: test_ossec_server_test_notification_alert
+    alert: >
+      [Fri Apr 12 15:45:05.310796 2019] [wsgi:error]
+      [pid 1479:tid 4201988093696] ERROR:flask.app:This is a test OSSEC alert
+    level: "7"
+    rule_id: "400700"
+
 fpf_apt_repo_url: "https://apt-test.freedom.press"
 grsec_version: "4.4.177"