I figured out why:
The ignore_older is only set for the Application log in the config you provided. Use the following if you would like a 72h set for each event log.
event_logs:
- name: Application
ignore_older: 72h
- name: Security
ignore_older: 72h
- name: System
ignore_older: 72h