diff --git a/stx-audit-helm/centos/stx-audit-helm.spec b/stx-audit-helm/centos/stx-audit-helm.spec
index 23c161f..1c8b40c 100644
--- a/stx-audit-helm/centos/stx-audit-helm.spec
+++ b/stx-audit-helm/centos/stx-audit-helm.spec
@@ -71,7 +71,11 @@ rm -fr %{app_staging}
 %install
 install -d -m 755 %{buildroot}/%{app_folder}
 install -p -D -m 755 %{_builddir}/%{app_tarball} %{buildroot}/%{app_folder}
+install -m 644 -p -D files/auditd.logrotate %{buildroot}%{_sysconfdir}/logrotate.d/auditd.logrotate
 
 %files
 %defattr(-,root,root,-)
 %{app_folder}/*
+
+# logfile config files
+%{_sysconfdir}/logrotate.d/auditd.logrotate
diff --git a/stx-audit-helm/stx-audit-helm/files/auditd.logrotate b/stx-audit-helm/stx-audit-helm/files/auditd.logrotate
new file mode 100644
index 0000000..573a896
--- /dev/null
+++ b/stx-audit-helm/stx-audit-helm/files/auditd.logrotate
@@ -0,0 +1,15 @@
+/var/log/audit/audit.log {
+maxsize 10M
+start 1
+compress
+dateext
+rotate 20
+daily
+missingok
+notifempty
+create 600 root root
+sharedscripts
+postrotate
+  /bin/kill -9 $(pidof auditd) 2> /dev/null > /dev/null || true
+endscript
+}
\ No newline at end of file
diff --git a/stx-audit-helm/stx-audit-helm/helm-charts/audit/values.yaml b/stx-audit-helm/stx-audit-helm/helm-charts/audit/values.yaml
index 5c53280..6a1e8c0 100755
--- a/stx-audit-helm/stx-audit-helm/helm-charts/audit/values.yaml
+++ b/stx-audit-helm/stx-audit-helm/helm-charts/audit/values.yaml
@@ -35,7 +35,7 @@ auditdconf: |-
   dispatcher = /sbin/audispd
   name_format = NONE
   ##name = mydomain
-  max_log_file_action = ROTATE
+  max_log_file_action = IGNORE
   space_left = 75
   space_left_action = SYSLOG
   ##verify_email = yes