Audit logs for openreplay-ui about openreplay HOT 7 OPEN

Thanks for the response.

Is "Audit Trail Log File Format" from jfrog standard in anyway?

Yes, it is pretty standard and complete and covers every aspect of user interactions with the jfrog system. Upon that it is very comprehensive so we can play with it in our pipeline and extract the information we need.

The idea of connecting to postgresql should properly work but I don't think this is the best approach since almost every big project has some sort of audit trailing support inside of it I think the openreplay itself should support it.
Keep in mind that with the openreplay's growing community and more production instances this feature is a must.

For the format of the audit trail it can be anything and it can also support multiple formats, the most used format is json.

from openreplay.

This is available in ee edition, see the directory ee/

Closing duplicate the feature is already implemented.

from openreplay.

thanks for the response, but I couldn't find any logic that shows it saves the audit in a file or log it to the stdout. showing them on the admin dashboard is one thing and having the logs collected is another, could you please provide some more information since I couldn't find any, digging documents and code.

from openreplay.

Spoiler: I am new to the project. I will try to be accurate.

Accessing user recorded sessions can be very dangerous and I would love to have the auditing of the system under my control and have one or two alerts on it.

No everybody can access all replays, of all projects. There are ACLs based on RBAC (Role Based Access Control).

If you are admin, you can review access directly from the Audit menu, here is a screenshot:

Look for the function trace inside the file ee/api/chalicelib/core/traces.py.

Hope it answer your question.

from openreplay.

So let me explain myself more.
In our infrastructure there are a lot of different services. I am responsible for collecting their audit logs and store them in elasticsearch, that way we can easily follow a suspicious user actions across all of our infrastructure.
That would be hard if I had to login to each and every service from their UI and look for the trace.
Please take a look at this page to see what I mean by having the audit logs
With this approach I can easily collect logs and store them wherever I want. After that I can set some alerts on top of the collected logs.
This is my requirement and it would be very good to have this feature in the openreplay-ui, becase as I said openreplay sessions may contain sensetive data and we need to be aware when an unauthorized access even tried to be achieved.
This owasp article about Logs should be helpful.

from openreplay.

@amirouche Any thoughts ?

from openreplay.

Thanks for the ping, I missed the previous comment.

collect logs and store them wherever I want. After that I can set some alerts on top of the collected logs.

For programmatic use, you need to read the postgresql table traces, and possibly rely on created_at column in a script that you will create to copy the audit trail logs to your elatissearch cluster. Here is the interesting code snippets from api service in ee:

Here is the schema of the table traces:

If you do not want to connect directly to postgresql, we can consider adding a webhook.

Please take a look at this page to see what I mean by having the audit logs

Is "Audit Trail Log File Format" from jfrog standard in anyway?

Let me know what you think.

from openreplay.