What is the USN Journal and what kind of information does it record?

The USN Journal (Update Sequence Number Journal), also known as the Change Journal, is a feature of NTFS that logs all modifications to files and directories on a volume, including creation, deletion, renaming, and encryption changes. Each entry contains a timestamp, reason code, file name, and references to the file and its parent. For more context on NTFS forensic techniques, see Penetration Techniques - USN Journal of NTFS Files in Windows.