Audit Record Structure

An audit record is a sequence of audit tokens. Each token contains event information such as user ID, time, and date. A header token begins an audit record, and an optional trailer concludes the record. Other audit tokens contain audit-relevant information. The following figure shows a typical audit record.

Figure B–1 Typical Audit Record

Previous: Appendix A Event-to-Class Mappings
Next: Audit Token Structure