Logging is the recording of system activity, such as logins, file access, configuration changes, network connections, and administrator actions. Good logs create an audit trail that shows what happened, when it happened, and which account or device was involved.
In cyber security, logging matters because defenders need visibility. Without logs, a breach can be hard to detect in time, difficult to investigate, and impossible to prove in detail to auditors or regulators. Attackers often try to erase or tamper with logs after gaining access, because logs can expose lateral movement, privilege escalation, data access, or exfiltration. Defenders use centralized logging, retention, and alerting to spot suspicious patterns, correlate events across systems, and support incident response. In critical infrastructure and privacy-sensitive environments, strong logging is part of showing control over personal data and proving that security measures are working.