An audit filter may be configured by the administrator to filter out undesired events and only log the events that match the specified filter.
The audit filter provider decides what audit records will actually be supplied to the audit destination. This gives applications a way to avoid effort spent collecting audit data when the record won't be audited anyway.