What is the difference between auditing and logging?

skywolaskywola Member Posts: 9 ■□□□□□□□□□
A lot of the questions you get on exams focus on differences, and I am studying for the security+, so I want to know, if I get a question about the difference between auditing and logging, how do I know what qualifies as auditing as opposed to what qualifies as logging? There has got to be some differences.

Comments

  • 636-555-3226636-555-3226 Member Posts: 975 ■■■■■□□□□□
    Thats a subjective answer right there. in my world, logging means you're keeping track of what's happening (recording the transaction). usually an automated fashion with text log files saved somewhere, usually local to start and hopefully then pushed to a centralized log management server

    auditing, to me, means you're going one step further and actually reviewing the record of the transaction (either automated or manual) for one reason or another.

    fwiw, i've seen most people (including auditors) using auditing & logging interchangeably
  • TechGuru80TechGuru80 Member Posts: 1,539 ■■■■■■□□□□
    If you google the definition of auditing for infosec you get "An information security audit is an audit on the level of information security in an organization. ... Most commonly the controls being audited can be categorized to technical, physical and administrative."

    Auditing is reviewing logs, configurations, etc. while logging or accounting is usually an automated process of recording what happened.
Sign In or Register to comment.