Audit log
An audit log offer admins a trail of every action that has been done in the instance. It is typically used to figure out who has done what when something happened. If for example, User A deleted an important table and permanently deleted emptied the trash, this must be visible in the audit log. It should not be restorable, but the action trail leading up to the deletion of the table must be visible in the audit log.
Requirements
- This is an enterprise feature, so as much code as possible must live in the
enterprise
folder. - For every action that's done we want to store the following information:
- Which action was executed.
- Who executed the action.
- Datetime when the action was executed.
- The IP address of the executor.
- Which group it was related to.
- Maybe some optional parameters needed to render the correct language string.
- The actions must not be stored in a specific language.
- The audit log must still be readable, even if a user, group, table, etc is deleted.
- It must be possible to configure a retention period via the environment variables. If this is 360 days, the older logs must be cleared when they're older than 360 days.
- The audit log is initially on instance level, later we might want to offer the log on group level as well.
- Only instance admins must be able to access the audit log.
- We want to introduce a interface where instance admins can see the audit log.
- It must be possible to filter the audit log by user. This must be a paginated dropdown.
- It must be possible to filter the audit log by year, month and date.
- It must be possible to filter the audit log by action.
- It must be possible to filter the audit log by group. This must be a paginated dropdown.
- It must be possible to order asc or desc by timestamp.
- This must, of course, be paginated.
- Must be performant with at least 10 million entries.
- If the user restored a snapshot we want to have an entry in the audit log that says something like "Bram has restored snapshot X", not hundreds of entries related to the database, tables, views, etc being created.
Nice to have
The nice to haves must probably a separate issue.
- Export to CSV via an async job.
Additional info
- There might be a way to somehow make this related to the undo redo action system.
- When a user created a table, we most likely want to store the following information in the audit log:
User ID: 1 User email: bram@baserow.io Group ID: 1 Group name: "Bram's group" IP: 127.0.0.1 Timestamp: 2021-01-01 12:00:00 Action: `table_created` Additional data: {"table_name": "Projects", "database_name": "Bram's database"}
Edited by Bram Wiepjes