diff --git a/bin/hardening/8.1.4_record_date_time_edit.sh b/bin/hardening/8.1.4_record_date_time_edit.sh
index a5608f6..d5ad406 100755
--- a/bin/hardening/8.1.4_record_date_time_edit.sh
+++ b/bin/hardening/8.1.4_record_date_time_edit.sh
@@ -59,7 +59,7 @@ apply () {
         if [ $FNRET != 0 ]; then
             warn "$AUDIT_VALUE is not in file $FILE, adding it"
             add_end_of_file $FILE $AUDIT_VALUE
-            eval $(pkill -HUP -P 1 auditd)
+			check_audit_is_immutable_mode
         else
             ok "$AUDIT_VALUE is present in $FILE"
         fi
diff --git a/lib/utils.sh b/lib/utils.sh
index a34aa06..5883c8a 100644
--- a/lib/utils.sh
+++ b/lib/utils.sh
@@ -872,3 +872,11 @@ check_ipv6_is_enable()
 	fi
 }
 
+check_audit_is_immutable_mode()
+{
+	if [ $(auditctl -s | head -n 1 | awk '{print $2}') -eq 2 ]; then
+		warn "The audit system is in immutable mode, no rule changes allowed. So must need reboot after adding/modifying the auditd rule!"
+	else
+		eval $(pkill -HUP -P 1 auditd)
+	fi
+}