We have a situation where one of the access level was modified. How to capture who and when

AUDIT_EVENT lists all events However what are the distinct event_type_id and their meanings