On ReadHat Linux, by default, security-relevant system logs are written to /var/log/secure and /var/log/audit/audit.log. And like other system logs, they need to be maintained (aka rotated) to make sure you don't see a disk space issue. For audit log, it is managed differently. It has a configuration file /etc/audit/auditd.conf which determines how audit log is managed. For example: … Continue reading RedHat Linux audit log rotation →