diff --git a/roles/base/files/selinux/rsyslog-audit.pp b/roles/base/files/selinux/rsyslog-audit.pp
index 24cdec2c00..b6612bfb11 100644
Binary files a/roles/base/files/selinux/rsyslog-audit.pp and b/roles/base/files/selinux/rsyslog-audit.pp differ
diff --git a/roles/base/files/selinux/rsyslog-audit.te b/roles/base/files/selinux/rsyslog-audit.te
index 76121d42f0..daf535ee2e 100644
--- a/roles/base/files/selinux/rsyslog-audit.te
+++ b/roles/base/files/selinux/rsyslog-audit.te
@@ -1,8 +1,9 @@
-module rsyslog-audit 1.1;
+module rsyslog-audit 1.2;
 
 require {
 	type auditd_log_t;
 	type syslogd_t;
+	type var_t;
 	class file { getattr ioctl open read };
 	class dir { getattr open read search };
 }
@@ -10,3 +11,4 @@ require {
 #============= syslogd_t ==============
 allow syslogd_t auditd_log_t:dir { getattr open read search };
 allow syslogd_t auditd_log_t:file { getattr ioctl open read };
+allow syslogd_t var_t:dir read;