This is a text description for Figure 1-2. This image shows the usage scenario for various Audit Vault administrator roles.

Monitor, Detect, Alert, and Report Usage Scenario

An auditor (user granted AV_AUDITOR role) creates, views, and manages both internal and external, detail and summary types of reports for compliance purposes. A security officer inspects and further evaluates system-generated alerts logged to the alerts table raised by events that meet specific alert conditions. An auditor administrator also sets and views Audit Vault audit policies.

Archive Usage Scenario

An audit archiver (user granted AV_ARCHIVER role) configures and manages the data lifecycle to automate the task of audit data lifecycle management on an ongoing basis as part of the archiving operation.

Collect Usage Scenario

A source user must first be created (user granted AV_SOURCE role) before an Audit Vault administrator (user granted AV_ADMIN role) can add the source and collector to Audit Vault.

Administration and Management Usage Scenario

An Audit Vault administrator (user granted AV_ADMIN role) oversees the monitoring and management of the audit data consolidation operation. This user also performs audit data collection tasks, configuring collectors (adding sources and collectors) to Audit Vault. This user monitors overall Audit Vault system security.