Audit event categories
- Authentication, logout, session, and account state events.
- Policy view and legal acceptance events.
- Administrative user, class, assignment, institution, and LTI configuration actions.
- Submission, interview, report, export, and grade synchronization activity.
- Security-relevant API, authorization, and integration events.
Log handling principles
- Collect enough information to support troubleshooting, security investigations, and compliance review.
- Avoid logging unnecessary student content, secrets, tokens, passwords, or full sensitive payloads.
- Mask or redact sensitive values where practical.
- Restrict log access to authorized operational personnel.
Customer reporting
Institution-specific audit reporting should be scoped by agreement, role, and technical feasibility. Some audit records may be operational logs rather than customer-facing reports.