Logs generated by auditd may be useful when investigating a security incident as they may help reveal the vulnerable application and the actions taken by a malicious actor.
Solution
Perform the following to implement the prescribed state: Run the following command in Terminal: sudo /bin/launchctl load -w /System/Library/LaunchDaemons/com.apple.auditd.plist