When we trigger an event from a signal handler, we do not have a client. Because we have a constraint enforced in the AuditEvent class to ensure that the caller passes in a client, we have to create our own client and pass it to the AuditEvent constructor. Currently the only place we have this issue is in shutdown, where we have an audit event that can be triggered by a signal handler (Ctrl-C). In this case we create a client (possibly for other reasons) and we pass that client in for the audit log. Audit log rotation also has an audit event that can be triggered by a signal handler. Here it doesn’t pass in a client (nullptr) and instead puts an if check in to the AuditEvent class.

We should instead standardize a way of accepting audit events without a client.