You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
While textual logs are nice, most privileged actions require logging some sort of sensitive data. As such, we should consider adding a proper audit log, stored in the database, with important events.
Examples of actions that could be stored:
Account creation ACC_CREATE
Account logged in ACC_LOGIN
This audit log must never be accessible to users. This is a strictly administrative log intended for recovering from catastrophic events.
The deletion of an account from EpiLink should also delete (or rather censor) relevant elements within the database after a delay (like 30 days).
In the mean time, if advanced logging is required, users should set epilink's logging to DEBUG and roll with that to get spammed with stuff.
The text was updated successfully, but these errors were encountered:
While textual logs are nice, most privileged actions require logging some sort of sensitive data. As such, we should consider adding a proper audit log, stored in the database, with important events.
Examples of actions that could be stored:
ACC_CREATE
ACC_LOGIN
This audit log must never be accessible to users. This is a strictly administrative log intended for recovering from catastrophic events.
The deletion of an account from EpiLink should also delete (or rather censor) relevant elements within the database after a delay (like 30 days).
In the mean time, if advanced logging is required, users should set epilink's logging to DEBUG and roll with that to get spammed with stuff.
The text was updated successfully, but these errors were encountered: