diff --git a/install/wazuh-install.sh b/install/wazuh-install.sh
index 4d63d7d30..97698b8ea 100644
--- a/install/wazuh-install.sh
+++ b/install/wazuh-install.sh
@@ -39,6 +39,14 @@ rm -f wazuh-*.sh
 rm -f ~/wazuh-install.output
 msg_ok "Setup Wazuh"
 
+# Fix LXC container false positives in rootcheck
+# When running Wazuh in an LXC container, /dev/.lxc/* paths trigger false alerts
+if [ -d /dev/.lxc ]; then
+  msg_info "Adding LXC rootcheck exclusion"
+  sed -i '/<\/rootcheck>/i \    <ignore>/dev/.lxc</ignore>' /var/ossec/etc/ossec.conf
+  msg_ok "Added LXC rootcheck exclusion"
+fi
+
 motd_ssh
 customize
 cleanup_lxc