Security Analytics stores system messages in the audit log. Often these audit logs grow to very large numbers. How these audit logs are rotated is explained below to avoid the system disks from filling up.
The Audit Log:
The GUI Audit Log:
Rotation schemes:
Example:
/var/log/audit/audit.log
/var/log/audit/audit.log.1.gz
GUI Audit Log aka: PostgreSQL ds_log:
/var/log/messages:
Example:
/var/log/messages
/var/log/messages.1.gz
For more general information on using the audit log, see Auditing and monitoring system changes in Security Analytics