Auditing

Definition

The systematic recording and examination of activity across cloud infrastructure to ensure compliance, detect anomalies, and maintain accountability.

Use Cases

Provider Equivalents

Frequently Asked Questions

What's the difference between Auditing and Monitoring?
Auditing is about keeping a trustworthy record of actions that happened, such as who changed a firewall rule or deleted a storage bucket. Monitoring is about watching systems in near real time for health, performance, and alerts, such as CPU spikes or application errors. In simple terms, auditing helps answer 'who did what and when,' while monitoring helps answer 'what is happening right now.'
When should I use Auditing?
You should use auditing in every cloud environment, especially if you manage production systems, sensitive data, or multiple administrators. It is essential for compliance, security investigations, change tracking, and accountability. A good starting point is to enable native audit logging for all accounts and subscriptions, retain logs centrally, and protect them from tampering.
How much does Auditing cost?
Costs depend on the cloud provider, the types of logs collected, retention period, storage location, and whether logs are analyzed in a SIEM or logging platform. Some providers include basic control plane audit logs at no extra charge, while data access logs, long-term retention, cross-region delivery, and advanced analytics can increase costs. The biggest cost drivers are log volume, retention length, and downstream analysis.

Category: compliance

Difficulty: intermediate

Related Terms

See Also