The general contents of an event log file are described here.
For both the security audit trail and recent change log, each event log entry contains the following information:
A description of the event or action that is being logged—for example, a password reset, a dialing plan modification, or the creation of a new subscriber.
The identity and security level of the user or process that initiated the event or action.
The date and time the event or action occurred. The timestamp is based on the local time zone of the Telephony Control Server.
Identity of the system files or resource, system parameter, network element, device or user ID that the event or action impacts. This includes attempts to access files or resources outside of the user's privileges.
An indication of whether the event or action was successfully implemented.
Although the active security event log files are not encrypted, they are accessible only to Telephony Control Server Assistant users who have the proper authorization. However, after the data is transferred to the Telephony Control Server Assistant, the file can be archived to long-term storage as either an encrypted or unencrypted file.
Parent topic: Event Logging