Generic term for recording (logging) a sequence of activities. In computer and network contexts, an audit trail tracks the sequence of activities on a system, such as user logins and logouts. More expansive audit trail mechanisms would record each user's activity in detail: what commands were issued to the system, what records and files were accessed or modified, etc.

Audit trails are a fundamental part of computer security, used to trace (albeit usually retrospectively) unauthorized users and uses. They can also be used to assist with information recovery in the event of a system failure.

(In accounting contexts, an audit trail is any logical sequence of documentation -- on paper or in electronic form -- that validates a transaction.)

See also:

• Security in Open Systems: "Audit Trail Generation and Manipulation" NIST Pub 800-7

  Last modified: 24-Apr-2006 [RC]