Auditing of RBAC requests - confirmation and example log


I am in research mode. Can someone confirm that RBAC authorisations are logged to the Audit log; and if possible provide a example of an audit log entry for a denied operation pls?


Audit log should only contain successful actions. Which audit log or product is this about?


I can see (from public examples) that the audit log contains successful and unsuccessful Authentication events. I want to understand if RBAC events are similarly logged.

I would like to understand if a control is configured that specifies, for some resource “foo”

Alice : allow : read foo
Bob : deny : read foo

Then both Alice and Bob attempt to read foo - will I see audit logs for both?


No, actions blocked by RBAC are generally aren’t audit logged. Which product is this in regards to?