A Global Administrator can select Configuration > Audit Enablement to enable and disable specified audit events for specified packages and event IDs.
When a Global Administrator enables auditing, Identity Governance can send audit event information to any combination of the following:
An application server log
A separate log file
A syslog destination
Audit event logs allow you to provide evidence that you comply with regulations. The Global Administrator must first set the audit targets for selected modules, and then enable or disable audit event logging for specific packages or event IDs. Authorized administrators can also export and import audit settings.
NOTE:If you delete an audit log file while auditing is enabled and the server is running, a new audit log file will not automatically be generated. If you need to delete an audit log file while auditing is enabled, you must either first disable auditing and then enable it again, or you must restart the server.
You can also use the Configuration Utility to enable and disable auditing. For more information about the Configuration Utility, see Using the Identity Governance Configuration Utility
in the Identity Governance 4.3.1 Installation and Configuration Guide.