Rotate auth.log and messages at the beginning of a year. Otherwise, daily security checks 800.loginfail and 900.tcpwrap may produce false positive alerts.
head/etc/newsyslog.conf