What is the difference between auditing and logging?

A lot of the questions you get on exams focus on differences, and I am studying for the security+, so I want to know, if I get a question about the difference between auditing and logging, how do I know what qualifies as auditing as opposed to what qualifies as logging? There has got to be some differences.

Find more posts tagged with

Comments

636-555-3226

Thats a subjective answer right there. in my world, logging means you're keeping track of what's happening (recording the transaction). usually an automated fashion with text log files saved somewhere, usually local to start and hopefully then pushed to a centralized log management server

auditing, to me, means you're going one step further and actually reviewing the record of the transaction (either automated or manual) for one reason or another.

fwiw, i've seen most people (including auditors) using auditing & logging interchangeably

TechGuru80

If you google the definition of auditing for infosec you get "An information security audit is an audit on the level of information security in an organization. ... Most commonly the controls being audited can be categorized to technical, physical and administrative."

Auditing is reviewing logs, configurations, etc. while logging or accounting is usually an automated process of recording what happened.