The SecAst log file or its parent directory has world write permissions, and newer versions of logrotate do not allow this to rotate. Manually running logrotate shows the results below:
$logrotate -d -v secast
reading config file secast
Handling 1 logs
rotating pattern: /var/log/secast after 1 days (7 rotations)
empty log files are rotated, old logs are removed
considering log /var/log/secast
error: skipping “/var/log/secast” because parent directory has insecure permissions
The solution is to uncomment the line in the /etc/logrotate.d/secast file to allow rotating regardless of permission:
su root root
