Ubuntu's default action for ``security_max_log_file_action`` is to rotate the
logs. This meets the STIG requirements and the Ansible task will ensure that
the secure default is maintained.

Use caution when changing this option. Certain values, like ``SUSPEND`` will
cause the audit daemon to lock the machine when the maximum size for a log
file is reached. Review the audit documentation carefully before making
adjustments.