https://www.fbi.gov/services/information-management/foipa/privacy-impact-assessments/sentinel
>andaudit logswill be reviewed regularly
>Audit logswill be provided to the Enterprise Security Operations Center (ESOC) on a daily basis for monitoring of potential system misuse
>Local monitoring ofaudit logsoccurs as part of routine SENTINEL operations, and events can be escalated for ESOC analysis.
>All Operating System, Database and Get/Putlogsare provided to the ESOC on a daily basis. The Enterprise Operations Center will perform network level monitoring.
>Systemaudit logsare reviewed on a daily basis by the Security Administrator with auditor privileges.
>Audit logscan only be accessed by the Information Systems Security Officer and specific privileged users. Audit reports of specific events can be requested
>General users cannot view, change, or delete theaudit logs.