The security audit on my drupal site suggested as follows - Applications should have adequate repudiation controls, such as web access logs, audit trails at every tier. A common task, typically required from the audits, is reconstructing the chain of events that led to a certain problem. Recommendations: Incorporate code for audit trails with following guidelines:
1. Information to be logged includes the following:
• IP of the originating client,
• Date & Time (Log-in & Log-out time),
• Number of successful and failed login attempts.
• Link/Documents updates (if applicable)
• User creation/deletion
In addition to above all the other action taken by user on the critical functionalities (which are in the application) should be logged.
Probably one content type need to be created and then report to be generated through 'view' The sceen shot enclosed.