diff --git a/src/main/java/org/opensearch/securityanalytics/resthandler/RestSearchRuleAction.java b/src/main/java/org/opensearch/securityanalytics/resthandler/RestSearchRuleAction.java
index 83e092f5c..03003ca3f 100644
--- a/src/main/java/org/opensearch/securityanalytics/resthandler/RestSearchRuleAction.java
+++ b/src/main/java/org/opensearch/securityanalytics/resthandler/RestSearchRuleAction.java
@@ -60,7 +60,6 @@ protected RestChannelConsumer prepareRequest(RestRequest request, NodeClient cli
         Boolean isPrepackaged = request.paramAsBoolean("pre_packaged", true);
         SearchSourceBuilder searchSourceBuilder = new SearchSourceBuilder();
         searchSourceBuilder.parseXContent(request.contentOrSourceParamParser());
-        searchSourceBuilder.fetchSource(null);
 
         QueryBuilder queryBuilder = QueryBuilders.boolQuery().must(searchSourceBuilder.query());
 
diff --git a/src/test/java/org/opensearch/securityanalytics/resthandler/RuleRestApiIT.java b/src/test/java/org/opensearch/securityanalytics/resthandler/RuleRestApiIT.java
index 932ba9dac..33fa772de 100644
--- a/src/test/java/org/opensearch/securityanalytics/resthandler/RuleRestApiIT.java
+++ b/src/test/java/org/opensearch/securityanalytics/resthandler/RuleRestApiIT.java
@@ -212,7 +212,8 @@ public void testSearchingPrepackagedRulesByMitreAttackID() throws IOException {
                 "        }\n" +
                 "      }\n" +
                 "    }\n" +
-                "  }\n" +
+                "  },\n" +
+                " \"_source\": [\"rule.query_field_names\"]" +
                 "}";
 
         Response searchResponse = makeRequest(client(), "POST", String.format(Locale.getDefault(), "%s/_search", SecurityAnalyticsPlugin.RULE_BASE_URI), Collections.singletonMap("pre_packaged", "true"),
@@ -221,6 +222,12 @@ public void testSearchingPrepackagedRulesByMitreAttackID() throws IOException {
 
         Map<String, Object> responseBody = asMap(searchResponse);
         Assert.assertEquals(9, ((Map<String, Object>) ((Map<String, Object>) responseBody.get("hits")).get("total")).get("value"));
+        // Verify that _source filtering is working
+        List<Map<String, Object>> hits = ((List<Map<String, Object>>)((Map<String, Object>) responseBody.get("hits")).get("hits"));
+        Map<String, Object> sourceOfDoc0 = (Map<String, Object>)hits.get(0).get("_source");
+        Map<String, Object> rule = (Map<String, Object>) sourceOfDoc0.get("rule");
+        assertEquals(1, rule.size());
+        assertTrue(rule.containsKey("query_field_names"));
     }
 
     @SuppressWarnings("unchecked")