Difference in Auditing and Logging?
Asked Answered
T

9

76

I have been coming across these two words more often but i didn't see much difference in these? I mean want to know are they used interchangeably or there are some differences in those two? Thanks.

Torpedoman answered 22/3, 2010 at 13:4 Comment(0)
M
100

Logging typically means the recording of implementation level events that happen as the program is running (methods get called, objects are created, etc.). As such it focuses on things that interest programmers

Auditing is about recording domain-level events: a transaction is created, a user is performing an action, etc. In certain types of application (Banking) there is a legal obligation to record such events.

Moton answered 22/3, 2010 at 13:10 Comment(3)
I think your definition of logging might be a bit narrow in scope, but probably just right for a programming forum :-)Stratocumulus
Often, auditing is a subset of what is logged, so they are not so different. Logging just includes much more than auditing events.Preparation
ok, what is difference between auditing and Event Sourcing(which is a word in cqrs ) @PreparationVasyuta
M
39

The difference is more in usage than in technique.

Auditing is used to answer the question "Who did what?" and possibly why. Logging is more focussed on what's happening.

Marriageable answered 22/3, 2010 at 13:8 Comment(5)
-1. Try telling that to programs where auditing requirements are clearly legally defined. Like: maintenance of aircraft engines, biological labs, business / trading applications.Phosphine
@Phosphine I really don't get your point. You implement auditing as part of requirements, wherever they come from. The techniques to store the logs, whether audit or debug or whatever, really are no different unless there are implementation requiements.Marriageable
The point is that Auditing pretty much resolves AROUND implementation requirements. Often you are told WHAT to audit, HOW LONG to store it and HOW SAFE to store it, in a lot of details. I know a lot of auditing requirements where text logs would be out because - they are minpulatable if stored on discs.Phosphine
But Auditing also tells what's happening, and logging also tells who (eg. which loggedin user) did that?Rainie
Not only. Auditing tells you WHAT happened, Logging may tell you HOW. I.e. "Deleted Timestamp" tells me when a record was deleted. I do not care at this point what methods the deletion went through, with timestamps and possibly variables. I care about the business side data, not the technical.Phosphine
P
13

There is a technical issue in that Auditing often has legal requirements. Also, Auditing is often done within the application, as in: there is a user interface to see who changed what because users / compliance department may need to check it. Also, Auditing may have legal requirements (write out to WORM media once so it cannot be manipulated, keep data for x years).

An example: I have a trading application. All changes to orders are audited - you have the OrderStatus, and the OrderStatusHistory. This is not technical - and the history is part of the application interface.

Logging is purely technical. It is totally ok to turn it off at times, or to have admins extract the log files.

Phosphine answered 22/3, 2010 at 13:13 Comment(0)
S
9

They're significantly different. Logging is simply the abstract task of recording data about events that take place in a system. If you are recording any information at all, you're logging.

Auditing, however, is more complex. Auditing is the practice of inspecting logs for the purpose of verifying that the system is in a desirable state or to answer questions about how the system arrived at a particular state. One way of doing auditing is by reviewing logs, of course, but you can do audits without logs (as a simple example, you could ask a user directly whether they were responsible for a particular change). That's not a great idea, because logging is typically such a cheap operation that alternatives don't need to be considered.

Siliceous answered 22/3, 2010 at 13:12 Comment(0)
F
7

I see Audit logs as information required by Business to ascertain some action happened on the specific date and time by this user for this user. It has a business value attached to it, which will let you verify what happened. Generally, Audit logs are archived for historical and compliance purpose.

Normal logging, on the other hand, logs information required by technology partner to understand what happened or how the system behaved during a specific event. It can contain method signature, what values are passed as input, and what values are as passed as output, and if there was an exception, more information about the exception etc. These information are not required by the business and can be turned off or the details which are logged can be reduced based on the needs. These information basically assist development or support teams to debug the system.

Federalese answered 22/3, 2010 at 13:23 Comment(0)
T
7

Auditing

  • Business level events
  • Information for users and clients
  • Who did what, when
  • Often required legally or by the client contract
  • Usually kept indefinitely or at least for legally specified period

Examples:

2021-01-01T08:45:21 User 4711 accessed record 0815
2021-02-02T12:13:45 Received new invoice with guid f456-87D2-...

Logging

  • Program level events
  • Information for developers and support
  • What happend, incl debug informations
  • Required for maintenance or debugging purposes
  • Often deleted after a short time

Examples:

2021-01-01T08:45:21 Method Foo.Bar() sending request of 46kb to https://...
2021-02-02T12:13:45 Starting listener with id 4711 on server server01.mydomain

Tran answered 25/8, 2021 at 9:55 Comment(0)
C
2

Logging is tracing the flow of in which class which method called let us we have A,B,C methods with deffrent classes In X class A methods is called to Y class B method,and B method is called to Y class c method ..like this traces the flow of control

Auditing will track the activities of user. We have to write logic and then system will automatically insert/save the data int the audit table.

Let's take a login.jsp in that we can enter the user name and password then hit the login page then control goes to logic servlet page inside the service method will called and inside write the logic like

httpsession session=reg.getsession();
session.setAttribute("userId",uid);

i.e in the database we have take columns as

created_by 
created_date
last_modified_by
last_modified_dt
Churchill answered 5/6, 2018 at 17:14 Comment(0)
S
1

Audit implies active review of the logging, IMHO. Can't have audit without logging, but you can have logging without audit.

Stratocumulus answered 22/3, 2010 at 13:8 Comment(0)
C
-1

Audit Trail is a unperishable records of transaction while Logs in the other hand used to detect errors and there is a certain time that a log file will be present

Cyte answered 9/1, 2014 at 12:37 Comment(2)
i don't believe the retention policy matters.Unlike
Generally, retention policy is one of the differences between auditing and logging as @Tran mentioned. But this is still not a complete answer.Culdesac

© 2022 - 2024 — McMap. All rights reserved.