Describe the Issue

e.g. Vars like:

• max_log_file_action
• max_log_file_size
  are usually configured in the same place, as their functionality is strictly chained. Defining them should be done using the same mechanism.

Expected Behavior
In defaults/main.yml:

## Section4 vars
### 4.1 Configure System Accounting
#### 4.1.2 Configure Data Retention
rhel9cis_auditd:
    space_left_action: email
    action_mail_acct: root
    admin_space_left_action: halt
    max_log_file_action: keep_logs
    # The max_log_file parameter should be based on your sites policy
    rhel9cis_max_log_file_size: 10

Actual Behavior
In defaults/main.yml:

## Section4 vars
### 4.1 Configure System Accounting
#### 4.1.2 Configure Data Retention
rhel9cis_auditd:
    space_left_action: email
    action_mail_acct: root
    admin_space_left_action: halt
    max_log_file_action: keep_logs

# The max_log_file parameter should be based on your sites policy
rhel9cis_max_log_file_size: 10

Control(s) Affected
4.1.2.x

Environment (please complete the following information):

• branch being used: [e.g. devel]

Possible Solution
Discovered this together with @raabf. PR will follow.

hi @ipruteanu-sie

This Issue has been merged to devel and into main branch. I will therefore close this issue.
Please feel free to reopen if you feel its not as expected.

Many thanks again for your time

uk-bolly