diff --git a/bin/hardening/8.1.13_record_successful_mount.sh b/bin/hardening/8.1.13_record_successful_mount.sh
index 1ddf5e5..b553176 100755
--- a/bin/hardening/8.1.13_record_successful_mount.sh
+++ b/bin/hardening/8.1.13_record_successful_mount.sh
@@ -14,7 +14,10 @@ set -u # One variable unset, it's over
 HARDENING_LEVEL=4
 
 AUDIT_PARAMS='-a always,exit -F arch=b64 -S mount -F auid>=1000 -F auid!=4294967295 -k mounts
--a always,exit -F arch=b32 -S mount -F auid>=1000 -F auid!=4294967295 -k mounts'
+-a always,exit -F arch=b32 -S mount -F auid>=1000 -F auid!=4294967295 -k mounts
+-a always,exit -F arch=b64 -S umount -F auid>=1000 -F auid!=4294967295 -k mounts
+-a always,exit -F arch=b32 -S umount -F auid>=1000 -F auid!=4294967295 -k mounts'
+
 FILE='/etc/audit/audit.rules'
 
 # This function will be called if the script status is on enabled / audit mode