I have 2 different Vault instances 1 pon v1.5.4 the other on v1.6.0.
On the 1.5.4 cluster audit logging is enabled at the path
/var/log/vault.d/vault_audit.log it was working normally for a while, but now it seems the audit logging stops daily. I can manually disable then enable audit logging which starts it up again.
On the 1.6.0 cluster aduit is enble at the same path, but nothing is getting logged.
Any insights will be helpful.