Audit logging is turned off at site collection level. Still there are records being inserted into the AuditData Table. Is there a way to identify the source?
Audit logs will be inserted from Retention policies as well. That is the place you need to check if none are enabled.,