Audit log improvements (META)
Description
Audit logging is a security feature and is critical for customers and is required by many regulatory bodies.
Audit logging should enable auditors of the GitLab system the ability to retrieve all data between given periods of time, either across the entire system, or within specific groups or projects.
Proposal
- Audit events will be recorded on the database, not logs (see comment).
Audit events
-
Log member actions https://gitlab.com/gitlab-org/gitlab-ee/issues/1370 (%10.1) -
Log group actions https://gitlab.com/gitlab-org/gitlab-ee/issues/1372 (%10.2) -
Log project actions https://gitlab.com/gitlab-org/gitlab-ee/issues/1371 (%10.2) -
Log impersonation actions in audit log #315 (closed) -
Log Git actions https://gitlab.com/gitlab-org/gitlab-ee/issues/1411 -
Add visibility changes of project to the audit logs #199 (closed) -
Add audit event entry when a group share is added/removed #205 -
Git authentications should be stored in audit events #545
Data management and retrieval
-
Consolidate existing log entries into a single area in the Admin area https://gitlab.com/gitlab-org/gitlab-ee/issues/2336 -
Retention settings: Remove data older than N months so the table doesn't grow forever https://gitlab.com/gitlab-org/gitlab-ee/issues/1421 -
Retrieve audit events via API #121 (closed) -
Export audit events data to CSV #1449 (closed) -
Allow audit events to be streamed to a third party system
Edited by Stan Hu