Use when requests involve audit trails, privileged action recording, compliance evidence, admin activity logs, change history, or distinguishing audit events from ordinary application logs. Design and operate audit logging for security- and compliance-relevant events: actor attribution, action recording, target resources, before-and-after state summaries, tamper resistance, retention, and privacy boundaries.
