From dede3c97e0506243df41601d9c342b597164a018 Mon Sep 17 00:00:00 2001
From: Joas Schilling <coding@schilljs.com>
Date: Wed, 9 Nov 2022 12:18:09 +0100
Subject: [PATCH] Document CriticalActionPerformedEvent

Signed-off-by: Joas Schilling <coding@schilljs.com>
---
 developer_manual/basics/logging.rst | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/developer_manual/basics/logging.rst b/developer_manual/basics/logging.rst
index db9259279..490581cb1 100644
--- a/developer_manual/basics/logging.rst
+++ b/developer_manual/basics/logging.rst
@@ -41,3 +41,25 @@ the app ID.
     use function OCP\Log\logger;
 
     logger('calendar')->warning('look, no dependency injection');
+
+Admin audit logging
+-------------------
+
+If you want to log things less for system administration but for compliance reasons, e.g. who accessed which file,
+who changed the password of an item or made it public, the
+`admin audit log <https://docs.nextcloud.com/server/stable/admin_manual/configuration_server/logging_configuration.html#admin-audit-log>`_
+is the correct place.
+
+You can easily add a log by simply emitting an ``OCP\Log\Audit\CriticalActionPerformedEvent`` event:
+
+.. code-block:: php
+
+    <?php
+
+    $dispatcher = \OCP\Server::get(\OCP\EventDispatcher\IEventDispatcher::class);
+
+    $event = new \OCP\Log\Audit\CriticalActionPerformedEvent(
+        'My critical action for app %s',
+        ['name' => 'My App ID']
+    );
+    $dispatcher->dispatchTyped($event);