diff --git a/tasks/auditd.yml b/tasks/auditd.yml
index 41c836dc..ec3fb88f 100644
--- a/tasks/auditd.yml
+++ b/tasks/auditd.yml
@@ -243,6 +243,17 @@
     - cat2
     - V-38498
 
+- name: Remove system default audit.rules file
+  file:
+    path: /etc/audit/rules.d/audit.rules
+    state: absent
+  when:
+    - auditd_conf.stat.exists
+  notify:
+    - generate auditd rules
+  tags:
+    - always
+
 - name: Auditd rules (includes several STIGs)
   template:
     src: osas-auditd.j2
diff --git a/templates/osas-auditd.j2 b/templates/osas-auditd.j2
index 5819ccc4..00920d84 100644
--- a/templates/osas-auditd.j2
+++ b/templates/osas-auditd.j2
@@ -1,5 +1,11 @@
 # {{ ansible_managed }}
 
+# Delete all existing auditd rules prior to loading this ruleset.
+-D
+
+# Increase the buffers to survive stress events.
+-b 320
+
 {% if security_audit_clock_settimeofday | bool %}
 # RHEL 6 STIG V-38522
 # Audits changes to system time via settimeofday
diff --git a/tests/test.yml b/tests/test.yml
index 55369396..664b96e2 100644
--- a/tests/test.yml
+++ b/tests/test.yml
@@ -20,6 +20,7 @@
       apt:
         update_cache: yes
       when: ansible_pkg_mgr == 'apt'
+      changed_when: False
     - name: Ensure OpenStack CI image has a logrotate cron job
       file:
         path: /etc/cron.daily/logrotate