The audisp-syslog process started by auditd when configured to send events to syslog does not log events. When it is killed and restarted, it works

The auditd system on an Oracle 8.10 linux system is configured to start the audisp-syslog plugin to send audit events to syslog (rsyslog in this case) for onward processing. The following is the syslog.conf file in /etc/audit/plugins.d/ active = yes direction = out path = /sbin/audisp-syslog type = always args = LOG_LOCAL6 LOG_INFO format = string The process is started but no audit events are logged to syslog. If I kill the audisp-syslog process that is started by the auditd subsystem on startup and restart it as follows: kill -9 /sbin/audisp-syslog LOG_LOCAL6 LOG_INFO It now works fine. I found this bug on bugzilla for redhat https://bugzilla.redhat.com/show_bug.cgi?id=1794666 but it is closed. I tried the fix mentioned by the original poster, to create the syslog.conf file but that did not work. Has anyone else come across this?