diff --git a/tables/authdb/authdb.go b/tables/authdb/authdb.go
index 5ec9064..eb746e4 100644
--- a/tables/authdb/authdb.go
+++ b/tables/authdb/authdb.go
@@ -23,6 +23,7 @@ type AuthDBRight struct {
 	Mechanisms         []string `json:"mechanisms,omitempty" plist:"mechanisms,omitempty"`
 	Modified           float64  `json:"modified" plist:"modified"`
 	RequireAppleSigned bool     `json:"require-apple-signed,omitempty" plist:"require-apple-signed,omitempty"`
+	Rule               []string `json:"rule,omitempty" plist:"rule,omitempty"`
 	SessionOwner       bool     `json:"session-owner" plist:"session-owner"`
 	Shared             bool     `json:"shared" plist:"shared"`
 	Timeout            int      `json:"timeout" plist:"timeout"`
@@ -42,6 +43,7 @@ func AuthDBColumns() []table.ColumnDefinition {
 		table.TextColumn("mechanisms"),
 		table.TextColumn("modified"),
 		table.TextColumn("require_apple_signed"),
+		table.TextColumn("rule"),
 		table.TextColumn("session_owner"),
 		table.TextColumn("shared"),
 		table.TextColumn("timeout"),
@@ -117,6 +119,7 @@ func buildOutput(rights []AuthDBRight) []map[string]string {
 			"mechanisms":           strings.Join(right.Mechanisms, ","),
 			"modified":             fmt.Sprintf("%f", right.Modified),
 			"require_apple_signed": utils.BoolToString(right.RequireAppleSigned),
+			"rule":                 strings.Join(right.Rule, ","),
 			"session_owner":        utils.BoolToString(right.SessionOwner),
 			"shared":               utils.BoolToString(right.Shared),
 			"timeout":              strconv.Itoa(right.Timeout),
diff --git a/tables/authdb/authdb_test.go b/tables/authdb/authdb_test.go
index 1aa141e..c217c0e 100644
--- a/tables/authdb/authdb_test.go
+++ b/tables/authdb/authdb_test.go
@@ -292,3 +292,42 @@ func TestBuildOutput(t *testing.T) {
 
 	assert.Equal(t, expectedOutput, actualOutput, "Expected output to match")
 }
+
+func TestGetRuleWithRules(t *testing.T) {
+	runner := utils.MockCmdRunner{
+		Output: `<?xml version="1.0" encoding="UTF-8"?>
+		<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+		<plist version="1.0">
+		<dict>
+			<key>class</key>
+			<string>rule</string>
+			<key>created</key>
+			<real>730353220.36463201</real>
+			<key>modified</key>
+			<real>738604357.04363894</real>
+			<key>rule</key>
+			<array>
+				<string>allow</string>
+			</array>
+			<key>version</key>
+			<integer>0</integer>
+		</dict>
+		</plist>`,
+		Err: nil,
+	}
+
+	expected := AuthDBRight{
+		Name:     "system.preferences.datetime",
+		Class:    "rule",
+		Created:  730353220.36463201,
+		Modified: 738604357.04363894,
+		Rule:     []string{"allow"},
+		Version:  0,
+	}
+
+	r := utils.Runner{}
+	r.Runner = runner
+	out, err := getRule(r, "system.preferences.datetime")
+	assert.NoError(t, err)
+	assert.Equal(t, expected, out)
+}