Details
Configure the maximum size of the audit log file. Once the log reaches the maximum size, it will be rotated and a new log file will be started. It is important that an appropriate size is determined for log files so that they do not impact the system and audit data is not lost.
Solution
Set the following parameter in /etc/audit/auditd.conf in accordance with site policy: max_log_file =
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Audit and Accountability.This control applies to the following type of system Unix.