Kubernetes automatically rotates the log files. Retaining old log files ensures that you would have sufficient log data available for carrying out any investigation or correlation. the '--audit-log-maxsize' determines the size of old log files. Orca has detected that the '--audit-log-maxsize' parameter is set to less then 100, which could lead to lost logs in case a log analysis is required.
Recommended Mitigation
It is recommended to set the 'audit-log-maxbackup' parameter in the configuration file to at least 100 MB.
Best practices
