If you do not carefully control who has write access to the file system, a user can subvert the product security controls (such as auditing) by simply hand editing the configuration files.
It is highly recommended to regularly back up both the server log files, as they contain all the information required for auditing and tracing of authentication events.
强烈建议定期备份这两个服务器日志文件,因为它们包含审计和跟踪身份验证事件所需的所有信息。
3
You can customize the configuration and objects files, which are used by the auditing subsystem to keep track of any file you want.