Create audit event when a visualisation is shared

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

Close this issue

Problem to solve

For us to deliver Allow users to download/share/embed a chart pan... (&8940) we need to give users the ability to:

See who shared analytics and what they shared because it may be sensitive data.
See the analytics attachment hash + file name so that they can delete it.

Proposed solution

Add new audit events to log when a user:

Generates an analytics image Add download image action to dashboard panels (#460470).
Uploads an analytics image in Add "Share image with URL" action to dashboard ... (#460471).

Open questions

How do we implement this?
What additional visualization / panel information should we log?

Implementation plan

backend

Create two audit events type definition - generate_analytics_image and upload_analytics_image by following instructions in doc. Make sure to run the rake task to update documentation for new events.

Create a new class Audit::ProductAnalytics::ShareVisualisationAuditor to create event payload and execute

def execute
	audit_context = {
	  name: 'generate_analytics_image',
	  author: current_user,
	  scope: project,
	  target: '',
	  message: 'Downloaded analytics dashboard image',
	  additional_details: {},
          target_details: ''
	}

	::Gitlab::Audit::Auditor.audit(audit_context)
end

Create an api endpoint POST - :project_id/analytics/events/audit for logging audit events here that creates payload for event and invokes Audit::ProductAnalytics::ShareVisualisationAuditor . This api should be called after image is generated/uploaded.
```
endpoint - api/v4/projects/:project_id/product_analytics/events/audit
method - POST
payload = {
  'event_type': 'generate_analytics_image'/'upload_analytics_image',
  'additional_details': {}
}
```

TODO: additional details that we want to send for these events.

Edited Aug 19, 2025 by 🤖 GitLab Bot 🤖