Difference in Auditing and Logging?

I have been coming across these two words more often but i didn't see much difference in these? I mean want to know are they used interchangeably or there are some differences in those two? Thanks.


Solution 1:

Logging typically means the recording of implementation level events that happen as the program is running (methods get called, objects are created, etc.). As such it focuses on things that interest programmers

Auditing is about recording domain-level events: a transaction is created, a user is performing an action, etc. In certain types of application (Banking) there is a legal obligation to record such events.

Solution 2:

The difference is more in usage than in technique.

Auditing is used to answer the question "Who did what?" and possibly why. Logging is more focussed on what's happening.

Solution 3:

There is a technical issue in that Auditing often has legal requirements. Also, Auditing is often done within the application, as in: there is a user interface to see who changed what because users / compliance department may need to check it. Also, Auditing may have legal requirements (write out to WORM media once so it cannot be manipulated, keep data for x years).

An example: I have a trading application. All changes to orders are audited - you have the OrderStatus, and the OrderStatusHistory. This is not technical - and the history is part of the application interface.

Logging is purely technical. It is totally ok to turn it off at times, or to have admins extract the log files.

Solution 4:

They're significantly different. Logging is simply the abstract task of recording data about events that take place in a system. If you are recording any information at all, you're logging.

Auditing, however, is more complex. Auditing is the practice of inspecting logs for the purpose of verifying that the system is in a desirable state or to answer questions about how the system arrived at a particular state. One way of doing auditing is by reviewing logs, of course, but you can do audits without logs (as a simple example, you could ask a user directly whether they were responsible for a particular change). That's not a great idea, because logging is typically such a cheap operation that alternatives don't need to be considered.

Solution 5:

I see Audit logs as information required by Business to ascertain some action happened on the specific date and time by this user for this user. It has a business value attached to it, which will let you verify what happened. Generally, Audit logs are archived for historical and compliance purpose.

Normal logging, on the other hand, logs information required by technology partner to understand what happened or how the system behaved during a specific event. It can contain method signature, what values are passed as input, and what values are as passed as output, and if there was an exception, more information about the exception etc. These information are not required by the business and can be turned off or the details which are logged can be reduced based on the needs. These information basically assist development or support teams to debug the system.