diff --git a/src/output-json-alert.c b/src/output-json-alert.c
index ed6b3b4373..cd1168aa2d 100644
--- a/src/output-json-alert.c
+++ b/src/output-json-alert.c
@@ -134,8 +134,6 @@ static int AlertJson(ThreadVars *tv, JsonAlertLogThread *aft, const Packet *p)
     if (p->alerts.cnt == 0)
         return TM_ECODE_OK;
 
-    MemBufferReset(aft->json_buffer);
-
     json_t *js = CreateJSONHeader((Packet *)p, 0, "alert");
     if (unlikely(js == NULL))
         return TM_ECODE_OK;
@@ -159,6 +157,8 @@ static int AlertJson(ThreadVars *tv, JsonAlertLogThread *aft, const Packet *p)
             return TM_ECODE_OK;
         }
 
+        MemBufferReset(aft->json_buffer);
+
         json_object_set_new(ajs, "action", json_string(action));
         json_object_set_new(ajs, "gid", json_integer(pa->s->gid));
         json_object_set_new(ajs, "signature_id", json_integer(pa->s->id));
@@ -303,11 +303,11 @@ static int AlertJsonDecoderEvent(ThreadVars *tv, JsonAlertLogThread *aft, const
     if (p->alerts.cnt == 0)
         return TM_ECODE_OK;
 
-    MemBufferReset(buffer);
-
     CreateIsoTimeString(&p->ts, timebuf, sizeof(timebuf));
 
     for (i = 0; i < p->alerts.cnt; i++) {
+        MemBufferReset(buffer);
+
         const PacketAlert *pa = &p->alerts.alerts[i];
         if (unlikely(pa->s == NULL)) {
             continue;