Interception Events An interception event is an event that CA Access Control encounters for the first time and for which no authorization information or audit information exists in the kernel cache.
Information from an interception event is cached as part of the process for future use by an audit event.
Audit Events An audit event is an event for which the kernel cache has enough information to process for auditing purposes; it is also known as a cached intercepted event. An audit event is the result of an interception event being cached.
