JBoss EAP Security Auditing Advice

We are sorting our logging and I am deciding on whether to audit JBoss EAP7. We have an application running on a 3 tier architecture (Apache/JBoss/DB). From a security perspective, what logs would I need (if I need to collect) and how would it help?

Thanks in advance.