The generalizedAudit object class and
the generalizedAuditEvent attribute
Consultant
This document defines an LDAP auxiliary object class and a single attribute, which together can be used to store and track the entities who may have accessed or modified a specific entry in an LDAP directory information tree. For example, an LDAP application may need to store information which can indicate when an entry was created, when it was accessed, who modified it, and other kinds of similar information, with this information acting as a general- purpose auditing log for that entry. The object class and attributes defined herein are designed for that purpose in particular, and are not intended to serve as detailed auditing information capable of withstanding court-of-law scrutiny, nor are they designed to be used for journaling-playback purposes. They are simply to be used for storing general information about the changes which have been made to a specific entry.