Logging typically means the recording of implementation level events that happen as the program is running (methods get called, objects are created, etc.). As such it focuses on things that interest programmers

日志记录通常意味着记录在程序运行时发生的实现级事件（调用方法、创建对象等）。因此，它专注于程序员感兴趣的事情

Auditing is about recording domain-level events: a transaction is created, a user is performing an action, etc. In certain types of application (Banking) there is a legal obligation to record such events.

审计是关于记录域级事件：创建交易、用户执行操作等。在某些类型的应用程序（银行）中，有法律义务记录此类事件。

Audit implies active review of the logging, IMHO. Can't have audit without logging, but you can have logging without audit.

审计意味着积极日志记录，恕我直言。没有日志就不能有审计，但是你可以有没有审计的日志。

The difference is more in usage than in technique.

区别更多是在使用上而不是在技术上。

Auditing is used to answer the question "Who did what?" and possibly why. Logging is more focussed on what's happening.

审计用于回答“谁做了什么？”的问题。以及可能的原因。日志更关注正在发生的事情。

They're significantly different. Logging is simply the abstract task of recording data about events that take place in a system. If you are recording any information at all, you're logging.

他们有很大的不同。日志记录只是记录有关系统中发生的事件的数据的抽象任务。如果您正在记录任何信息，那么您就是在记录。

Auditing, however, is more complex. Auditing is the practice of inspecting logs for the purpose of verifying that the system is in a desirable state or to answer questions about how the system arrived at a particular state. One way of doing auditing is by reviewing logs, of course, but you can do audits without logs (as a simple example, you could ask a user directly whether they were responsible for a particular change). That's not a great idea, because logging is typically such a cheap operation that alternatives don't need to be considered.

然而，审计更为复杂。审计是为了验证系统是否处于理想状态或回答有关系统如何到达特定状态的问题而检查日志的做法。进行审计的一种方法当然是查看日志，但您可以在没有日志的情况下进行审计（作为一个简单的例子，您可以直接询问用户他们是否对特定更改负责）。这不是一个好主意，因为日志记录通常是一种不需要考虑替代方案的廉价操作。

There is a technical issue in that Auditing often has legal requirements. Also, Auditing is often done within the application, as in: there is a user interface to see who changed what because users / compliance department may need to check it. Also, Auditing may have legal requirements (write out to WORM media once so it cannot be manipulated, keep data for x years).

审计通常有法律要求，因此存在技术问题。此外，审计通常在应用程序中完成，例如：有一个用户界面来查看谁更改了什么，因为用户/合规部门可能需要检查它。此外，审计可能有法律要求（写入 WORM 媒体一次，使其无法被操纵，将数据保留 x 年）。

An example: I have a trading application. All changes to orders are audited - you have the OrderStatus, and the OrderStatusHistory. This is not technical - and the history is part of the application interface.

一个例子：我有一个交易应用程序。对订单的所有更改都经过审核 - 您有 OrderStatus 和 OrderStatusHistory。这不是技术性的 - 历史是应用程序界面的一部分。

Logging is purely technical. It is totally ok to turn it off at times, or to have admins extract the log files.

日志记录纯粹是技术性的。有时可以关闭它，或者让管理员提取日志文件。

I see Audit logs as information required by Business to ascertain some action happened on the specific date and time by this user for this user. It has a business value attached to it, which will let you verify what happened. Generally, Audit logs are archived for historical and compliance purpose.

我将审核日志视为业务所需的信息，以确定此用户在特定日期和时间为该用户执行的某些操作。它具有附加的业务价值，可以让您验证发生了什么。通常，审计日志是出于历史和合规目的而存档的。

Normal logging, on the other hand, logs information required by technology partner to understand what happened or how the system behaved during a specific event. It can contain method signature, what values are passed as input, and what values are as passed as output, and if there was an exception, more information about the exception etc. These information are not required by the business and can be turned off or the details which are logged can be reduced based on the needs. These information basically assist development or support teams to debug the system.

另一方面，正常日志记录记录技术合作伙伴所需的信息，以了解在特定事件期间发生的情况或系统的行为方式。它可以包含方法签名，什么值作为输入传递，什么值作为输出传递，如果有异常，关于异常的更多信息等。 这些信息不是业务所需要的，可以关闭或可以根据需要减少记录的详细信息。这些信息基本上可以帮助开发或支持团队调试系统。

Audit Trail is a unperishable records of transaction while Logs in the other hand used to detect errors and there is a certain time that a log file will be present

审计跟踪是一个不易腐烂的交易记录，而另一方面日志用于检测错误，并且有一定的时间会出现日志文件

Loggingis tracing the flow of in which class which method called let us we have A,B,C methods with deffrent classes In X class A methods is called to Y class B method,and B method is called to Y class c method ..like this traces the flow of control

日志记录是跟踪哪个类中哪个方法调用的流程让我们有不同类的A、B、C方法在X类中，A方法被调用到Y类B方法，B方法被调用到Y类c方法..像这样追踪控制流

Auditingwill track the activities of user. We have to write logic and then system will automatically insert/save the data int the audit table.

审计将跟踪用户的活动。我们必须编写逻辑，然后系统会自动将数据插入/保存到审计表中。

Let's take a login.jsp in that we can enter the user name and password then hit the login page then control goes to logic servlet page inside the service method will called and inside write the logic like

让我们以 login.jsp 为例，我们可以输入用户名和密码，然后点击登录页面，然后控制转到逻辑 servlet 页面，服务方法将调用并在内部编写逻辑

httpsession session=reg.getsession();
session.setAttribute("userId",uid);

i.e in the database we have take columns as

即在数据库中，我们将列作为

created_by 
created_date
last_modified_by
last_modified_dt