diff --git a/include/libs/audit/audit.h b/include/libs/audit/audit.h
index 1381b6e4a2..8465ec510e 100644
--- a/include/libs/audit/audit.h
+++ b/include/libs/audit/audit.h
@@ -29,6 +29,8 @@
 extern "C" {
 #endif
 
+#define AUDIT_DETAIL_MAX 16000
+
 typedef struct {
   const char *server;
   uint16_t    port;
diff --git a/source/dnode/mnode/impl/src/mndStb.c b/source/dnode/mnode/impl/src/mndStb.c
index 9a5429ba87..4e384faf4c 100644
--- a/source/dnode/mnode/impl/src/mndStb.c
+++ b/source/dnode/mnode/impl/src/mndStb.c
@@ -1066,6 +1066,83 @@ static int32_t mndBuildStbFromAlter(SStbObj *pStb, SStbObj *pDst, SMCreateStbReq
   return TSDB_CODE_SUCCESS;
 }
 
+static char* mndAuditFieldTypeStr(int32_t type){
+  switch (type)
+  {
+  case TSDB_DATA_TYPE_NULL:
+    return "null";
+  case TSDB_DATA_TYPE_BOOL:
+    return "bool";
+  case TSDB_DATA_TYPE_TINYINT:
+    return "tinyint";
+  case TSDB_DATA_TYPE_SMALLINT:
+    return "smallint";
+  case TSDB_DATA_TYPE_INT:
+    return "int";
+  case TSDB_DATA_TYPE_BIGINT:
+    return "bigint";
+  case TSDB_DATA_TYPE_FLOAT:
+    return "float";
+  case TSDB_DATA_TYPE_DOUBLE:
+    return "double";
+  case TSDB_DATA_TYPE_VARCHAR:
+    return "varchar";
+  case TSDB_DATA_TYPE_TIMESTAMP:
+    return "timestamp";
+  case TSDB_DATA_TYPE_NCHAR:
+    return "nchar";
+  case TSDB_DATA_TYPE_UTINYINT:
+    return "utinyint";
+  case TSDB_DATA_TYPE_USMALLINT:
+    return "usmallint";
+  case TSDB_DATA_TYPE_UINT:
+    return "uint";
+  case TSDB_DATA_TYPE_UBIGINT:
+    return "ubigint";
+  case TSDB_DATA_TYPE_JSON:
+    return "json";
+  case TSDB_DATA_TYPE_VARBINARY:
+    return "varbinary";
+  case TSDB_DATA_TYPE_DECIMAL:
+    return "decimal";
+  case TSDB_DATA_TYPE_BLOB:
+    return "blob";
+  case TSDB_DATA_TYPE_MEDIUMBLOB:
+    return "mediumblob";
+  case TSDB_DATA_TYPE_GEOMETRY:
+    return "geometry";
+
+  default:
+    return "error";
+  }
+}
+
+static void mndAuditFieldStr(char* detail, SArray *arr, int32_t len, int32_t max){
+  int32_t detialLen = strlen(detail);
+  int32_t fieldLen = 0;
+  for (int32_t i = 0; i < len; ++i) {
+    SField *pField = taosArrayGet(arr, i);
+    char field[TSDB_COL_NAME_LEN + 20] = {0};
+    fieldLen = strlen(", ");
+    if(detialLen > 0 && detialLen < max-fieldLen-1) {
+      strcat(detail, ", ");
+      detialLen += fieldLen;
+    }
+    else{
+      break;
+    }
+    sprintf(field, "%s:%s", pField->name, mndAuditFieldTypeStr(pField->type));
+    fieldLen = strlen(field);
+    if(detialLen < max-fieldLen-1) {
+      strcat(detail, field);
+      detialLen += fieldLen;
+    }
+    else{
+      break;
+    }
+  }
+}
+
 static int32_t mndProcessCreateStbReq(SRpcMsg *pReq) {
   SMnode        *pMnode = pReq->info.node;
   int32_t        code = -1;
@@ -1174,7 +1251,7 @@ static int32_t mndProcessCreateStbReq(SRpcMsg *pReq) {
   }
   if (code == 0) code = TSDB_CODE_ACTION_IN_PROGRESS;
 
-  char detail[2000] = {0};
+  char detail[AUDIT_DETAIL_MAX] = {0};
   sprintf(detail, "colVer:%d, delay1:%" PRId64 ", delay2:%" PRId64 ", deleteMark1:%" PRId64 ", "
           "deleteMark2:%" PRId64 ", igExists:%d, numOfColumns:%d, numOfFuncs:%d, numOfTags:%d, "
           "source:%d, suid:%" PRId64 ", tagVer:%d, ttl:%d, "
@@ -1183,11 +1260,14 @@ static int32_t mndProcessCreateStbReq(SRpcMsg *pReq) {
           createReq.deleteMark2, createReq.igExists, createReq.numOfColumns, createReq.numOfFuncs, createReq.numOfTags,
           createReq.source, createReq.suid, createReq.tagVer, createReq.ttl,
           createReq.watermark1, createReq.watermark2);
+  
+  mndAuditFieldStr(detail, createReq.pColumns, createReq.numOfColumns, AUDIT_DETAIL_MAX);
+  mndAuditFieldStr(detail, createReq.pTags, createReq.numOfTags, AUDIT_DETAIL_MAX);
 
   SName name = {0};
-  tNameFromString(&name, pDb->name, T_NAME_ACCT | T_NAME_DB);
+  tNameFromString(&name, createReq.name, T_NAME_ACCT | T_NAME_DB | T_NAME_TABLE);
 
-  auditRecord(pReq, pMnode->clusterId, "createStb", name.dbname, createReq.name, detail);
+  auditRecord(pReq, pMnode->clusterId, "createStb", name.dbname, name.tname, detail);
 
 _OVER:
   if (code != 0 && code != TSDB_CODE_ACTION_IN_PROGRESS) {
diff --git a/source/dnode/mnode/impl/src/mndTopic.c b/source/dnode/mnode/impl/src/mndTopic.c
index 1e3a8bddb7..1e4299a59e 100644
--- a/source/dnode/mnode/impl/src/mndTopic.c
+++ b/source/dnode/mnode/impl/src/mndTopic.c
@@ -635,14 +635,24 @@ static int32_t mndProcessCreateTopicReq(SRpcMsg *pReq) {
     code = TSDB_CODE_ACTION_IN_PROGRESS;
   }
 
-  char detail[1000] = {0};
-  sprintf(detail, "igExists:%d, subStbName:%s, subType:%d, withMeta:%d", 
-          createTopicReq.igExists, createTopicReq.subStbName, createTopicReq.subType, createTopicReq.withMeta);
+  char detail[4000] = {0};
+  char sql[3000] = {0};
+  strncpy(sql, createTopicReq.sql, 2999);
 
-  SName name = {0};
-  tNameFromString(&name, createTopicReq.subDbName, T_NAME_ACCT | T_NAME_DB);
+  SName tableName = {0};
+  tNameFromString(&tableName, createTopicReq.subStbName, T_NAME_ACCT | T_NAME_DB | T_NAME_TABLE);
 
-  auditRecord(pReq, pMnode->clusterId, "crateTopic", createTopicReq.name, name.dbname, detail);
+  sprintf(detail, "igExists:%d, subStbName:%s, subType:%d, withMeta:%d, sql:%s", 
+          createTopicReq.igExists, tableName.tname, createTopicReq.subType, createTopicReq.withMeta, sql);
+
+  SName dbname = {0};
+  tNameFromString(&dbname, createTopicReq.subDbName, T_NAME_ACCT | T_NAME_DB);
+
+  SName topicName = {0};
+  tNameFromString(&topicName, createTopicReq.name, T_NAME_ACCT | T_NAME_DB);
+  //reuse this function for topic
+
+  auditRecord(pReq, pMnode->clusterId, "crateTopic", topicName.dbname, dbname.dbname, detail);
 
 _OVER:
   if (code != 0 && code != TSDB_CODE_ACTION_IN_PROGRESS) {
diff --git a/source/dnode/mnode/impl/src/mndUser.c b/source/dnode/mnode/impl/src/mndUser.c
index 42a3ba8904..4b59debc26 100644
--- a/source/dnode/mnode/impl/src/mndUser.c
+++ b/source/dnode/mnode/impl/src/mndUser.c
@@ -791,6 +791,67 @@ static int32_t mndRemoveTablePriviledge(SMnode *pMnode, SHashObj *hash, SHashObj
   return 0;
 }
 
+static char* mndUserAuditTypeStr(int32_t type){
+  if(type == TSDB_ALTER_USER_PASSWD){
+    return "changePassword";
+  }
+  if(type == TSDB_ALTER_USER_SUPERUSER){
+    return "changeSuperUser";
+  }
+  if(type == TSDB_ALTER_USER_ADD_READ_DB){
+    return "addReadToDB";
+  }
+  if(type == TSDB_ALTER_USER_ADD_READ_DB){
+    return "addReadToDB";
+  }
+  if(type == TSDB_ALTER_USER_REMOVE_READ_DB){
+    return "removeReadFromDB";
+  }
+  if(type == TSDB_ALTER_USER_ADD_WRITE_DB){
+    return "addWriteToDB";
+  }
+  if(type == TSDB_ALTER_USER_REMOVE_WRITE_DB){
+    return "removeWriteFromDB";
+  }
+  if(type == TSDB_ALTER_USER_ADD_ALL_DB){
+    return "addToAllDB";
+  }
+  if(type == TSDB_ALTER_USER_REMOVE_ALL_DB){
+    return "removeFromAllDB";
+  }
+  if(type == TSDB_ALTER_USER_ENABLE){
+    return "enableUser";
+  }
+  if(type == TSDB_ALTER_USER_SYSINFO){
+    return "userSysInfo";
+  }
+  if(type == TSDB_ALTER_USER_ADD_SUBSCRIBE_TOPIC){
+    return "addSubscribeTopic";
+  }
+  if(type == TSDB_ALTER_USER_REMOVE_SUBSCRIBE_TOPIC){
+    return "removeSubscribeTopic";
+  }
+  if(type == TSDB_ALTER_USER_ADD_READ_TABLE){
+    return "addReadToTable";
+  }
+  if(type == TSDB_ALTER_USER_REMOVE_READ_TABLE){
+    return "removeReadFromTable";
+  }
+  if(type == TSDB_ALTER_USER_ADD_WRITE_TABLE){
+    return "addWriteToTable";
+  }
+  if(type == TSDB_ALTER_USER_REMOVE_WRITE_TABLE){
+    return "removeWriteFromTable";
+  }
+  if(type == TSDB_ALTER_USER_ADD_ALL_TABLE){
+    return "addToAllTable";
+  }
+  if(type == TSDB_ALTER_USER_REMOVE_ALL_TABLE){
+    return "removeFromAllTable";
+  }
+  return "error";
+}
+
 static int32_t mndProcessAlterUserReq(SRpcMsg *pReq) {
   SMnode       *pMnode = pReq->info.node;
   SSdb         *pSdb = pMnode->pSdb;
@@ -978,8 +1039,8 @@ static int32_t mndProcessAlterUserReq(SRpcMsg *pReq) {
   if (code == 0) code = TSDB_CODE_ACTION_IN_PROGRESS;
 
   char detail[1000] = {0};
-  sprintf(detail, "alterType:%d, enable:%d, superUser:%d, sysInfo:%d, tabName:%s", 
-          alterReq.alterType, alterReq.enable, alterReq.superUser, alterReq.sysInfo, alterReq.tabName);
+  sprintf(detail, "alterType:%s, enable:%d, superUser:%d, sysInfo:%d, tabName:%s", 
+          mndUserAuditTypeStr(alterReq.alterType), alterReq.enable, alterReq.superUser, alterReq.sysInfo, alterReq.tabName);
 
   if(alterReq.alterType == TSDB_ALTER_USER_PASSWD){
     auditRecord(pReq, pMnode->clusterId, "changePassword", alterReq.user, "", detail);
diff --git a/source/dnode/vnode/src/vnd/vnodeSvr.c b/source/dnode/vnode/src/vnd/vnodeSvr.c
index 1ec301f7de..0b7f969ed7 100644
--- a/source/dnode/vnode/src/vnd/vnodeSvr.c
+++ b/source/dnode/vnode/src/vnd/vnodeSvr.c
@@ -948,7 +948,10 @@ static int32_t vnodeProcessCreateTbReq(SVnode *pVnode, int64_t ver, void *pReq,
     sprintf(detail, "btime:%" PRId64 ", flags:%d, ttl:%d, type:%d", 
             pCreateReq->btime, pCreateReq->flags, pCreateReq->ttl, pCreateReq->type);
 
-    auditRecord(pReq, clusterId, "createTable", pVnode->config.dbname, pCreateReq->name, detail);
+    SName name = {0};
+    tNameFromString(&name, pVnode->config.dbname, T_NAME_ACCT | T_NAME_DB);
+
+    auditRecord(pReq, clusterId, "createTable", name.dbname, pCreateReq->name, detail);
   }
 
   vDebug("vgId:%d, add %d new created tables into query table list", TD_VID(pVnode), (int32_t)taosArrayGetSize(tbUids));