auoms constantly kill rsyslog in azure Linux vm Ubuntu 18.04

[bruceWangMS]

We find our rsyslog constantly killed in our Azure Linux VM Ubuntu 18.04, we turn on the debug log for rsyslog and the auditd in Linux, seems the kill signal is triggered by auoms in our azure Linux vm.

Could you please check why this signal was send, it might relate to some local cache logs corrupt we are current investing in our service.

Rsyslog debug log as below
8541.631741231:main Q:Reg/w0 : queue.c: regular consumer finished, iret=0, szlog 0 sz phys 1
8541.631746631:main Q:Reg/w0 : queue.c: DeleteProcessedBatch: we deleted 1 objects and enqueued 0 objects
8541.631751031:main Q:Reg/w0 : queue.c: doDeleteBatch: delete batch from store, new sizes: log 0, phys 0
8541.631755631:main Q:Reg/w0 : queue.c: regular consumer finished, iret=4, szlog 0 sz phys 0
8541.631759731:main Q:Reg/w0 : wti.c: main Q:Reg/w0: worker IDLE, waiting for work.
8557.234979185:main thread : rsyslogd.c: DoDie called.
8557.235014985:main thread : rsyslogd.c: exiting on signal 15
8557.235020585:main thread : rsyslogd.c: Terminating input threads...

and the auditd log

type=SYSCALL msg=audit(1660041601.409:37202445): arch=c000003e syscall=59 success=yes exit=0 a0=28ad438 a1=28adb50 a2=7ffea53c1c08 a3=8 items=2 ppid=30639 pid=30641 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=383650 comm="systemctl" exe="/bin/systemctl" key="auoms"
type=EXECVE msg=audit(1660041601.409:37202445): argc=3 a0="systemctl" a1="restart" a2="rsyslog"