I am using mod_security
What is the difference between and audit log (audit trail) and a normal log?
I read on wikipedia that an audit log is a log of user activity, if this is the case what would you need another log for – is it for system based issues?
Best Answer
An audit log contains all the information necessary to follow a user's interaction with a system. It will usually contain more information and detail than what is necessary to have in day-to-day operations.
You can think of it in terms of a phone system. You can record every call that passes through the phone system to be able to go back in time and prove exactly what a person said, but it wouldn't be feasible to use a log containing all of that information for taking care of phone system operations.
An audit log usually contains more sensitive information than other system logs so access to it should be more restricted.