I turned on the cifs.audit.liveview.enable feature so that NetApp logs were written to security log so that later my SIEM could take them. But NetApp creates a large number of adtlog.YEAR_MONTH_DAY_NUMBER.evt files with a volume not exceeding 1000kb. This is very bad for handling such logs. Is it possible for NetApp to insist on log files exceeding 1000 kb with the cifs.audit.liveview.enable feature enabled?
Here are my settings:
> options cifs.audit