The audit logs record each time a file is read or written or otherwise modified. This can be a security requirement at a site. This requirement is not typical. Disabling audit logging will reduce the traffic to the primary operating system disks and reduce the possibilities of filling the /var filesystem.
Update /etc/audit/audit.rules as root and restart auditd.
Find the section similar to:
-A exit,never -F arch=b64 -F dir=/dev/shm/var/lib/solera
-A exit,never -F arch=b64 -F dir=/pfs
Add the following lines
# Exclude all files in /var/lib/solera
-A exit,never -F arch=b64 -F dir=/var/lib/solera
Restart auditd and syslog-ng with:
service auditd restart;service syslog-ng restart
The /var/log/audit/audit.log will be rotated and start with an empty file.