An audit log is an unalterable, chronological record of events occurring within an information system, documenting activities performed, users involved, and the precise timing of each operation. These logs capture all security-relevant activities, including user logins, access attempts to sensitive data, system configuration changes, and administrative actions along with their outcomes. As a fundamental security control, audit logs establish an immutable evidentiary trail essential for maintaining system integrity, ensuring accountability, and enforcing security policies.

In risk management and threat intelligence, audit logs are indispensable tools that enable organizations to detect unauthorized access, identify suspicious patterns, and uncover indicators of compromise. Security teams leverage this granular forensic data for proactive threat hunting, incident response, and vulnerability assessment. Beyond demonstrating regulatory compliance, continuous monitoring and analysis of audit logs helps refine an organization's security posture, protect sensitive assets, and strengthen operational resilience against evolving cyber threats.