Audit log improvements (META)
Audit logging is a security feature and is critical for customers and is required by many regulatory bodies. Enterprises—especially in regulated industries that need to show accurate logs of data and application access—may hesitate to use a software for this very reason.
This is the kind of features that add credibility to the Enterprise version.
We are going to improve our audit events in each release.
- Audit events will be recorded on the database, not logs (see comment).
- Consolidate existing log entries into a single area in the Admin area #2336 (closed)
- Log member actions #1370 (closed) (10.1)
- Log group actions #1372 (10.2)
- Log project actions #1371 (10.2)
- Remove data older than N months so the table doesn't grow forever #1421
The tasks below still needs product work
- Log impersonation actions in audit log #315
- Log Git actions #1411
- Retrieve audit events via API #121
- Add visibility changes of project to the audit logs #199
- Add audit event entry when a group share is added/removed #205
- Git authentications should be stored in audit events #545
- Export audit events data to CSV #1449