diff --git a/man/journald.conf.xml b/man/journald.conf.xml
index 24cee4c8b2f..50c33e47929 100644
--- a/man/journald.conf.xml
+++ b/man/journald.conf.xml
@@ -423,13 +423,18 @@
       <varlistentry>
         <term><varname>Audit=</varname></term>
 
-        <listitem><para>Takes a boolean value. If enabled <command>systemd-journal</command> will turn on
+        <listitem><para>Takes a boolean value. If enabled <command>systemd-journald</command> will turn on
         kernel auditing on start-up. If disabled it will turn it off. If unset it will neither enable nor
-        disable it, leaving the previous state unchanged. Note that this option does not control whether
-        <command>systemd-journald</command> collects generated audit records, it just controls whether it
-        tells the kernel to generate them. This means if another tool turns on auditing even if
-        <command>systemd-journald</command> left it off, it will still collect the generated
-        messages. Defaults to on.</para></listitem>
+        disable it, leaving the previous state unchanged.  This means if another tool turns on auditing even
+        if <command>systemd-journald</command> left it off, it will still collect the generated
+        messages. Defaults to on.</para>
+
+        <para>Note that this option does not control whether <command>systemd-journald</command> collects
+        generated audit records, it just controls whether it tells the kernel to generate them. If you need
+        to prevent <command>systemd-journald</command> from collecting the generated messages, the socket
+        unit <literal>systemd-journald-audit.socket</literal> can be disabled and in this case this setting
+        is without effect.</para>
+        </listitem>
       </varlistentry>
 
       <varlistentry>
diff --git a/man/systemd-journald.service.xml b/man/systemd-journald.service.xml
index 8fa864473d5..6b0fb3137c6 100644
--- a/man/systemd-journald.service.xml
+++ b/man/systemd-journald.service.xml
@@ -332,7 +332,9 @@ systemd-tmpfiles --create --prefix /var/log/journal</programlisting>
         <listitem><para>Sockets and other file node paths that <command>systemd-journald</command> will
         listen on and are visible in the file system. In addition to these,
         <command>systemd-journald</command> can listen for audit events using <citerefentry
-        project='man-pages'><refentrytitle>netlink</refentrytitle><manvolnum>7</manvolnum></citerefentry>.</para></listitem>
+        project='man-pages'><refentrytitle>netlink</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
+        depending on whether <literal>systemd-journald-audit.socket</literal> is enabled or
+        not.</para></listitem>
       </varlistentry>
     </variablelist>
 
diff --git a/presets/90-systemd.preset b/presets/90-systemd.preset
index 25936d8f57e..2b8db9d476f 100644
--- a/presets/90-systemd.preset
+++ b/presets/90-systemd.preset
@@ -24,6 +24,7 @@ enable systemd-homed.service
 enable systemd-userdbd.socket
 enable systemd-pstore.service
 enable systemd-boot-update.service
+enable systemd-journald-audit.socket
 
 disable console-getty.service
 disable debug-shell.service
diff --git a/src/journal/journald-server.c b/src/journal/journald-server.c
index b59f42c4b8d..c1fc5a8da92 100644
--- a/src/journal/journald-server.c
+++ b/src/journal/journald-server.c
@@ -2504,10 +2504,13 @@ int server_init(Server *s, const char *namespace) {
 
         /* Unless we got *some* sockets and not audit, open audit socket */
         if (s->audit_fd >= 0 || no_sockets) {
+                log_info("Collecting audit messages is enabled.");
+
                 r = server_open_audit(s);
                 if (r < 0)
                         return r;
-        }
+        } else
+                log_info("Collecting audit messages is disabled.");
 
         r = server_open_varlink(s, varlink_socket, varlink_fd);
         if (r < 0)
diff --git a/units/meson.build b/units/meson.build
index 79e2935a506..69197f0c47c 100644
--- a/units/meson.build
+++ b/units/meson.build
@@ -123,8 +123,7 @@ units = [
          'sysinit.target.wants/'],
         ['systemd-journal-gatewayd.socket',     'ENABLE_REMOTE HAVE_MICROHTTPD'],
         ['systemd-journal-remote.socket',       'ENABLE_REMOTE HAVE_MICROHTTPD'],
-        ['systemd-journald-audit.socket',       '',
-         'sockets.target.wants/'],
+        ['systemd-journald-audit.socket',       ''],
         ['systemd-journald-dev-log.socket',     '',
          'sockets.target.wants/'],
         ['systemd-journald.socket',             '',
diff --git a/units/systemd-journald-audit.socket b/units/systemd-journald-audit.socket
index f0c0aebc865..cf9b6e8b84d 100644
--- a/units/systemd-journald-audit.socket
+++ b/units/systemd-journald-audit.socket
@@ -20,3 +20,7 @@ Service=systemd-journald.service
 ReceiveBuffer=128M
 ListenNetlink=audit 1
 PassCredentials=yes
+
+[Install]
+WantedBy=sockets.target
+WantedBy=systemd-journald.service
diff --git a/units/systemd-journald.service.in b/units/systemd-journald.service.in
index 38ba3e28563..ece872c7709 100644
--- a/units/systemd-journald.service.in
+++ b/units/systemd-journald.service.in
@@ -38,7 +38,10 @@ RestrictRealtime=yes
 RestrictSUIDSGID=yes
 RuntimeDirectory=systemd/journal
 RuntimeDirectoryPreserve=yes
-Sockets=systemd-journald.socket systemd-journald-dev-log.socket systemd-journald-audit.socket
+# Audit socket is not listed here because this unit can be turned off. However
+# the link between the socket and the service units is still created thanks to
+# the 'Service=' setting specified in the socket unit.
+Sockets=systemd-journald.socket systemd-journald-dev-log.socket
 StandardOutput=null
 SystemCallArchitectures=native
 SystemCallErrorNumber=EPERM