4.1.2.1 Ensure audit log storage size is configured
Audit
Run the following command and ensure output is in compliance with site policy:
# grep -Po -- '^\h*max_log_file\h*=\h*\d+\b' /etc/audit/auditd.conf
max_log_file = <MB>
Set the following parameter in /etc/audit/auditd.conf in accordance with site policy:
Default Value:
max_log_file = 8