Difference in Auditing and Logging?

There is a technical issue in that Auditing often has legal requirements. Also, Auditing is often done within the application, as in: there is a user interface to see who changed what because users / compliance department may need to check it. Also, Auditing may have legal requirements (write out to WORM media once so it cannot be manipulated, keep data for x years).

An example: I have a trading application. All changes to orders are audited - you have the OrderStatus, and the OrderStatusHistory. This is not technical - and the history is part of the application interface.

Logging is purely technical. It is totally ok to turn it off at times, or to have admins extract the log files.


Logging typically means the recording of implementation level events that happen as the program is running (methods get called, objects are created, etc.). As such it focuses on things that interest programmers

Auditing is about recording domain-level events: a transaction is created, a user is performing an action, etc. In certain types of application (Banking) there is a legal obligation to record such events.


The difference is more in usage than in technique.

Auditing is used to answer the question "Who did what?" and possibly why. Logging is more focussed on what's happening.