Audit trails
The following are essential fields that are typically captured in audit trails:
- Timestamp: The date and time when the event occurred. It’s important to have a universal time zone for all audit trails. Coordinated Universal Time (UTC) is a sensible choice as it’s atomic and doesn’t tie to any time zone. There’s no daylight saving or clock change complication. It can easily be converted into any local time zone. It’s also a global standard for timekeeping. This is valuable information for correlating different actions that happened around the same time to reflect a pattern.
- User IDs: The identifier of the user who performed or was affected by the action. The user’s identity must be tokenized and not contain any PII. This is often regulated by local laws and regulations, particularly on data protection and privacy. Therefore, using a tokenized user ID reduces most of the legal hassle of exposing user details. Accessing...
