Audit log improvements (META)
Description
Audit logging is a security feature and is critical for customers and is required by many regulatory bodies. Enterprises—especially in regulated industries that need to show accurate logs of data and application access—may hesitate to use a software for this very reason.
This is the kind of features that add credibility to the Enterprise version.
We are going to improve our audit events in each release.
Proposal
- Audit events will be recorded on the database, not logs (see comment).
First step
-
Consolidate existing log entries into a single area in the Admin area https://gitlab.com/gitlab-org/gitlab-ee/issues/2336 -
Log member actions https://gitlab.com/gitlab-org/gitlab-ee/issues/1370 (%10.1) -
Log group actions https://gitlab.com/gitlab-org/gitlab-ee/issues/1372 (%10.2) -
Log project actions https://gitlab.com/gitlab-org/gitlab-ee/issues/1371
Then
-
Remove data older than N months so the table doesn't grow forever https://gitlab.com/gitlab-org/gitlab-ee/issues/1421
The tasks below still needs product work
-
Log impersonation actions in audit log #315 -
Log Git actions https://gitlab.com/gitlab-org/gitlab-ee/issues/1411 -
Retrieve audit events via API #121 -
Add visibility changes of project to the audit logs #199 -
Add audit event entry when a group share is added/removed #205 -
Git authentications should be stored in audit events #545
Finally:
-
Export audit events data to CSV #1449
Edited by James Ramsay