The Provisioning Auditing and Recovery Manager service installs by default when you install the transaction log database component of Microsoft Provisioning Framework (MPF). It then runs as a Microsoft® Windows® 2000 service. Each transaction log and audit log is bound to a specific auditing and recovery manager, which constantly monitors MPF components and detects crashes in provisioning engines.
For transaction processing, the auditing and recovery manager periodically cleans up the transaction log. For permanent storage, you can set MPF to move selected transactions to the audit log for data warehousing.
Using Custom Audit Provider, you can save audit data to custom tables or manipulate audit data before it goes in the audit log. Custom Audit Provider does not, however, verify the existence of custom tables or attributes, if, for example, MPF has permission to write to a custom table in the database.
If MPF cannot successfully complete a Custom Audit command, it inserts the command into the Bad Commands table of the transaction log database and inserts an error event into the event log. After a specified time-out, it continues to try to execute the bad command, in anticipation that the problem can be resolved.
For more information, see Administering auditing and recovery managers.