diff --git a/builtin/audit/file/backend.go b/builtin/audit/file/backend.go
index f715c20e32..4cc82c15ce 100644
--- a/builtin/audit/file/backend.go
+++ b/builtin/audit/file/backend.go
@@ -391,27 +391,39 @@ func (b *Backend) open() error {
 }
 
 func (b *Backend) Reload(_ context.Context) error {
-	switch b.path {
-	case stdout, discard:
+	// When there are nodes created in the map, use the eventlogger behavior.
+	if len(b.nodeMap) > 0 {
+		for _, n := range b.nodeMap {
+			if n.Type() == eventlogger.NodeTypeSink {
+				return n.Reopen()
+			}
+		}
+
 		return nil
-	}
+	} else {
+		// old non-eventlogger behavior
+		switch b.path {
+		case stdout, discard:
+			return nil
+		}
 
-	b.fileLock.Lock()
-	defer b.fileLock.Unlock()
+		b.fileLock.Lock()
+		defer b.fileLock.Unlock()
+
+		if b.f == nil {
+			return b.open()
+		}
+
+		err := b.f.Close()
+		// Set to nil here so that even if we error out, on the next access open()
+		// will be tried
+		b.f = nil
+		if err != nil {
+			return err
+		}
 
-	if b.f == nil {
 		return b.open()
 	}
-
-	err := b.f.Close()
-	// Set to nil here so that even if we error out, on the next access open()
-	// will be tried
-	b.f = nil
-	if err != nil {
-		return err
-	}
-
-	return b.open()
 }
 
 func (b *Backend) Invalidate(_ context.Context) {
diff --git a/changelog/23598.txt b/changelog/23598.txt
new file mode 100644
index 0000000000..9f260d83ef
--- /dev/null
+++ b/changelog/23598.txt
@@ -0,0 +1,3 @@
+```release-note:bug
+audit: Fix bug reopening 'file' audit devices on SIGHUP.
+```