The process of scrutinizing network security-related events and transactions to ensure that they are accurate, particularly reviewing attempts to create, access, and delete files and directories and reviewing security violations. Records of these events are usually stored in a security log file, which can only be examined by users with special permissions.