diff --git a/nixos/tests/audit.nix b/nixos/tests/audit.nix
index b99a0f98f0ad..6f32a004e635 100644
--- a/nixos/tests/audit.nix
+++ b/nixos/tests/audit.nix
@@ -12,7 +12,13 @@
             "-a always,exit -F exe=${lib.getExe pkgs.hello} -k nixos-test"
           ];
         };
-        security.auditd.enable = true;
+        security.auditd = {
+          enable = true;
+          plugins.af_unix.active = true;
+          plugins.syslog.active = true;
+          # plugins.remote.active = true; # needs configuring a remote server for logging
+          # plugins.filter.active = true; # needs configuring allowlist/denylist
+        };
 
         environment.systemPackages = [ pkgs.hello ];
       };
@@ -25,6 +31,9 @@
     with subtest("Audit subsystem gets enabled"):
       assert "enabled 1" in machine.succeed("auditctl -s")
 
+    with subtest("unix socket plugin activated"):
+      machine.succeed("stat /var/run/audispd_events")
+
     with subtest("Custom rule produces audit traces"):
       machine.succeed("hello")
       print(machine.succeed("ausearch -k nixos-test -sc exit_group"))