Did you search here before asking, as The SCN Rules of Engagement require? If you had, you would have found this document - Analysis and Recommended Settings of the Security Audit Log (SM19 / SM20). If this doesn't answer all your questions, let us know what questions you still have...
Steve.