diff --git a/pkg/audit/fileaccess/manager.go b/pkg/audit/fileaccess/manager.go
index cab7827ad1b3c3865e08d267add746f829eb9c84..5d3d91725bf01ab3705892b6d8e19ddd3298e4e9 100644
--- a/pkg/audit/fileaccess/manager.go
+++ b/pkg/audit/fileaccess/manager.go
@@ -53,6 +53,7 @@ func (m *Manager) Close() {
 func (m *Manager) Attach() error {
 	for _, prog_name := range []string{"restricted_file_open",
 		"restricted_path_unlink",
+		"restricted_file_truncate",
 		"restricted_path_rmdir",
 		"restricted_path_rename",
 		"restricted_file_receive"} { //, "restricted_mmap_file", "restricted_file_ioctl"} {
diff --git a/pkg/bpf/c/restricted-file.bpf.c b/pkg/bpf/c/restricted-file.bpf.c
index b14787ed0cc3b943d70a25d5937822c8d8450a5d..f4fba819e5d89efe86124c6a6a7f0bc14148c3ae 100644
--- a/pkg/bpf/c/restricted-file.bpf.c
+++ b/pkg/bpf/c/restricted-file.bpf.c
@@ -180,6 +180,12 @@ int BPF_PROG(restricted_file_open, struct file *file)
 	PROG_CODE
 }
 
+SEC("lsm/file_truncate")
+int BPF_PROG(restricted_file_truncate, struct file *file)
+{
+	PROG_CODE
+}
+
 SEC("lsm/path_unlink")
 int BPF_PROG(restricted_path_unlink, const struct path *dir, struct dentry *dentry)
 {