Add Group SAML activities to Group Audit Events
Problem to solve
Audit Events are a useful way to view GitLab activity, but most of them are instance-level only and stashed away in the admin panel. With the introduction of Group SAML, we should include these events in the audit log for the group.
Proposal
Log Group SAML activity in Audit Events for the group.
What does success look like, and how can we measure that?
Successful and failed logins via SAML are logged in Audit Events at the namespace level.
Implementation plan
-
Find entry point for SAML success and failure login -
Inject audit event service for those points -
Add SAML success and failure to documentation for group-level audit events
Potential obstacles
- Setting up SAML on GDK can be tricky, but completely doable.