OneFS audit log entries

Does anyone know of a document that outlines the events generated by OneFS protocol auditing?  I am trying to make sense of the events, but haven't been able to find anything that explains the various sections.  I am currently only auditing failures for create, delete, read, rename, and set_security.  Below is an example audit entry, which must be a failure because I am not auditing success entries.  It does say "DOES_NOT_EXISTS", so I would probably assume that is a failure even if I were auditing success events as well, but is there a way to tell?  How are the success vs failure audits determined, I don't see anything that says one way or another.  In theparticular event below, I see it is a create event, so according to the docs, it is either a create file/fold, open file/folder, or a share mount operation.  Is there a way to determine which of those operations were performed?    Is there a place to reference the desiredAccess, createDispo, and ntStatus values?  Any info is greatly appreciated.