diff --git a/roles/os_hardening/handlers/main.yml b/roles/os_hardening/handlers/main.yml
index 864a7531b..37e5dcddf 100644
--- a/roles/os_hardening/handlers/main.yml
+++ b/roles/os_hardening/handlers/main.yml
@@ -27,3 +27,8 @@
     path: "{{ item }}"
     state: remounted
   loop: "{{ mountpoints_changed }}"
+
+- name: Restart journald
+  ansible.builtin.systemd:
+    name: systemd-journald.service
+    state: restarted
diff --git a/roles/os_hardening/tasks/auditd.yml b/roles/os_hardening/tasks/auditd.yml
index 82357570a..418fdbcef 100644
--- a/roles/os_hardening/tasks/auditd.yml
+++ b/roles/os_hardening/tasks/auditd.yml
@@ -16,3 +16,15 @@
     - Restart auditd via service
     - Restart auditd via systemd
   tags: auditd
+
+- name: Disable systemd-journald.audit
+  when:
+    - ansible_facts.os_family != 'Suse'  # socket doesn't seem to exist on suse
+  ansible.builtin.systemd:
+    name: systemd-journald-audit.socket
+    state: stopped
+    enabled: false
+    masked: true
+  notify:
+    - Restart journald
+  tags: auditd