Comment 13 for bug 1552795

I agree with the comment https://review.openstack.org/288643: if entity has been deleted it is away, no chance to query further details. And with #9 which confirms the first. For me it sounds as a quite real use case. How to answer the question: who was this guy from domain x, who participated on project y, in the group z and did several things but now has gone?
What about extending CADF payload with additional properties or probably make its content configurable so that the customers can extend content with the properties defined by keystone schema?
As I’ve seen in this document
https://wiki.openstack.org/w/images/e/e1/Introduction_to_Cloud_Auditing_using_CADF_Event_Model_and_Taxonomy_2013-10-22.pdf there is already mentioned the idea of user ID/name pairs within CADF payload, but I think it is not available yet.