diff --git a/templates/audit/99_auditd.rules.j2 b/templates/audit/99_auditd.rules.j2
index 4c888da..0f7af4b 100644
--- a/templates/audit/99_auditd.rules.j2
+++ b/templates/audit/99_auditd.rules.j2
@@ -43,8 +43,8 @@
 {{ arch_syscalls.append( syscall) }}
 {% endif %}
 {% endfor %}
--a always,exit -F arch=b64 -S {{ arch_syscalls|join(',') }}  -k system-locale
--a always,exit -F arch=b32 -S {{ arch_syscalls|join(',') }}  -k system-locale
+-a always,exit -F arch=b64 -S {{ arch_syscalls|join(',') }} -k system-locale
+-a always,exit -F arch=b32 -S {{ arch_syscalls|join(',') }} -k system-locale
 -w /etc/issue -p wa -k system-locale
 -w /etc/issue.net -p wa -k system-locale
 -w /etc/hosts -p wa -k system-locale
@@ -99,7 +99,7 @@
 {% endif %}
 {% endfor %}
 -a always,exit -F arch=b64 -S {{ arch_syscalls|join(',') }} -F auid>=1000 -F auid!=unset -k perm_mod
-{% set syscalls = ["etxattr","lsetxattr","fsetxattr","removexattr","lremovexattr","fremovexattr"] %}
+{% set syscalls = ["setxattr","lsetxattr","fsetxattr","removexattr","lremovexattr","fremovexattr"] %}
 {% set arch_syscalls = [] %}
 {% for syscall in syscalls  %}
 {% if syscall in supported_syscalls %}