If enabled, all setting changes for all profiles and for system-wide
settings are written to the audit.log file in the logs
directory. This includes where the event came from, which account did
it, which profile (if applicable), and what changed. Certain other
events are included as well such as logins, logouts, failed logins,
ACL-restricted events, profile creation/deletion, etc.
Note: While known sensitive fields (e.g. Login Info) have
values redacted, other sensitive data may nonetheless be logged
(e.g. URLs). See also the per-profile setting Audit Logging
(section 3.5.89,
here).