From 943e9dfbbad319bc267ad27c297d685aada219b4 Mon Sep 17 00:00:00 2001 From: David Christofas Date: Wed, 30 Nov 2022 12:05:09 +0100 Subject: [PATCH 1/6] add a README to the audit package --- services/audit/README.md | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 services/audit/README.md diff --git a/services/audit/README.md b/services/audit/README.md new file mode 100644 index 000000000..efdf1885e --- /dev/null +++ b/services/audit/README.md @@ -0,0 +1,11 @@ +# Audit service + +The audit service logs all events of the system into an audit log. To be able to prove compliance with corporate guidelines as well as to enable reporting and auditing of operations, the Auditing extension takes note of actions conducted by users and administrators. Per default it will be logged to standard out but can also be configured to a file output. Supported log formats are json or a simple key value ("key1=value1 key2=value2"). + +The service is not started automatically when running `ocis server` (single binary setup), it has to be started explicitly. + +Specifically, the application logs + +- file system operations (create/delete/move; including actions on the trash bin and versioning) +- user management operations (creation/deletion of users) +- sharing operations (user/group sharing, sharing via link, changing permissions, calls to sharing API from clients) From e554f7b4eeaa5759f6fd653f356d955b889f71b0 Mon Sep 17 00:00:00 2001 From: Edith Parzefall Date: Wed, 30 Nov 2022 15:39:54 +0100 Subject: [PATCH 2/6] Apply suggestions from code review Co-authored-by: Martin --- services/audit/README.md | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/services/audit/README.md b/services/audit/README.md index efdf1885e..1639ac86c 100644 --- a/services/audit/README.md +++ b/services/audit/README.md @@ -1,11 +1,13 @@ # Audit service -The audit service logs all events of the system into an audit log. To be able to prove compliance with corporate guidelines as well as to enable reporting and auditing of operations, the Auditing extension takes note of actions conducted by users and administrators. Per default it will be logged to standard out but can also be configured to a file output. Supported log formats are json or a simple key value ("key1=value1 key2=value2"). +The audit service logs all events of the system as an audit log. Per default, it will be logged to standard out, but can also be configured to a file output. Supported log formats are json or a simple key-value pair ("key1=value1 key2=value2"). -The service is not started automatically when running `ocis server` (single binary setup), it has to be started explicitly. +With audit logs you are able to prove compliance with corporate guidelines as well as to enable reporting and auditing of operations. The audit service takes note of actions conducted by users and administrators. -Specifically, the application logs +The service is not started automatically when running as single binary started via `ocis server` or when running as docker container and must be started and stopped manually on demand. -- file system operations (create/delete/move; including actions on the trash bin and versioning) -- user management operations (creation/deletion of users) -- sharing operations (user/group sharing, sharing via link, changing permissions, calls to sharing API from clients) +Specifically, the audit service logs: + +- File system operations (create/delete/move; including actions on the trash bin and versioning) +- User management operations (creation/deletion of users) +- Sharing operations (user/group sharing, sharing via link, changing permissions, calls to sharing API from clients) From ced6820d7a409250d1047b9a66e2fe3070ab3f3f Mon Sep 17 00:00:00 2001 From: Edith Parzefall Date: Wed, 30 Nov 2022 15:41:41 +0100 Subject: [PATCH 3/6] Update services/audit/README.md --- services/audit/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/audit/README.md b/services/audit/README.md index 1639ac86c..434b2b052 100644 --- a/services/audit/README.md +++ b/services/audit/README.md @@ -6,7 +6,7 @@ With audit logs you are able to prove compliance with corporate guidelines as we The service is not started automatically when running as single binary started via `ocis server` or when running as docker container and must be started and stopped manually on demand. -Specifically, the audit service logs: +The audit service logs: - File system operations (create/delete/move; including actions on the trash bin and versioning) - User management operations (creation/deletion of users) From 35e5c6aedacf18d9254d8c649044b52ece84255e Mon Sep 17 00:00:00 2001 From: Martin Date: Wed, 30 Nov 2022 16:18:25 +0100 Subject: [PATCH 4/6] Update services/audit/README.md --- services/audit/README.md | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/services/audit/README.md b/services/audit/README.md index 434b2b052..18ca1cb92 100644 --- a/services/audit/README.md +++ b/services/audit/README.md @@ -1,6 +1,11 @@ # Audit service -The audit service logs all events of the system as an audit log. Per default, it will be logged to standard out, but can also be configured to a file output. Supported log formats are json or a simple key-value pair ("key1=value1 key2=value2"). +The audit service logs all events of the system as an audit log. Per default, it will be logged to standard out, but can also be configured to a file output. Supported log formats are json or a simple key-value pair like: + +file_delete) + user 'user_id' trashed file 'item_id' +file_trash_delete) + user 'user_id' removed file 'item_id' from trashbin With audit logs you are able to prove compliance with corporate guidelines as well as to enable reporting and auditing of operations. The audit service takes note of actions conducted by users and administrators. From a0c06d733d30e60e69f3e1782a0b3d8da3a28490 Mon Sep 17 00:00:00 2001 From: mmattel Date: Wed, 30 Nov 2022 16:24:57 +0100 Subject: [PATCH 5/6] update readme --- services/audit/README.md | 24 ++++++++++++++++++------ 1 file changed, 18 insertions(+), 6 deletions(-) diff --git a/services/audit/README.md b/services/audit/README.md index 18ca1cb92..8b17989a6 100644 --- a/services/audit/README.md +++ b/services/audit/README.md @@ -1,18 +1,30 @@ # Audit service -The audit service logs all events of the system as an audit log. Per default, it will be logged to standard out, but can also be configured to a file output. Supported log formats are json or a simple key-value pair like: +The audit service logs all events of the system as an audit log. Per default, it will be logged to standard out, but can also be configured to a file output. Supported log formats are json or a simple key-value pair. +With audit logs, you are able to prove compliance with corporate guidelines as well as to enable reporting and auditing of operations. The audit service takes note of actions conducted by users and administrators. + +Example key-value pairs: +``` file_delete) user 'user_id' trashed file 'item_id' file_trash_delete) user 'user_id' removed file 'item_id' from trashbin +``` -With audit logs you are able to prove compliance with corporate guidelines as well as to enable reporting and auditing of operations. The audit service takes note of actions conducted by users and administrators. +Example json: +``` +{"RemoteAddr":"","User":"user_id","URL":"","Method":"","UserAgent":"","Time":"","App":"admin_audit","Message":"user 'user_id' trashed file 'item_id'","Action":"file_delete","CLI":false,"Level":1,"Path":"path","Owner":"user_id","FileID":"item_id"} +{"RemoteAddr":"","User":"user_id","URL":"","Method":"","UserAgent":"","Time":"","App":"admin_audit","Message":"user 'user_id' removed file 'item_id' from trashbin","Action":"file_trash_delete","CLI":false,"Level":1,"Path":"path","Owner":"user_id","FileID":"item_id"} +``` -The service is not started automatically when running as single binary started via `ocis server` or when running as docker container and must be started and stopped manually on demand. +The autit service is not started automatically when running as single binary started via `ocis server` or when running as docker container and must be started and stopped manually on demand. The audit service logs: -- File system operations (create/delete/move; including actions on the trash bin and versioning) -- User management operations (creation/deletion of users) -- Sharing operations (user/group sharing, sharing via link, changing permissions, calls to sharing API from clients) +- File system operations +(create/delete/move; including actions on the trash bin and versioning) +- User management operations +(creation/deletion of users) +- Sharing operations +(user/group sharing, sharing via link, changing permissions, calls to sharing API from clients) From 23a41f7d0f1c81111254236d64d21c83fb2ec909 Mon Sep 17 00:00:00 2001 From: David Christofas Date: Wed, 30 Nov 2022 16:32:49 +0100 Subject: [PATCH 6/6] renaming of the simple format --- services/audit/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/services/audit/README.md b/services/audit/README.md index 8b17989a6..31239cb2c 100644 --- a/services/audit/README.md +++ b/services/audit/README.md @@ -1,10 +1,10 @@ # Audit service -The audit service logs all events of the system as an audit log. Per default, it will be logged to standard out, but can also be configured to a file output. Supported log formats are json or a simple key-value pair. +The audit service logs all events of the system as an audit log. Per default, it will be logged to standard out, but can also be configured to a file output. Supported log formats are json or a minimal human-readable format. With audit logs, you are able to prove compliance with corporate guidelines as well as to enable reporting and auditing of operations. The audit service takes note of actions conducted by users and administrators. -Example key-value pairs: +Example minimal format: ``` file_delete) user 'user_id' trashed file 'item_id'