Skip to content

Fix date range filters on audit event export

Tan Le requested to merge tancnle-fix-audit-csv-export-date-range into master

What does this MR do?

Fix date range filters on audit event export.

The current export has two problems:

  • Ending time (i.e. in created_before) is set to the start of the day (00:00:00), instead of the end of the day (23:59:59). This results in a lot of missing events.

  • If date range params are not provided, it returns the first 100,000 events ordered by created_at, instead of constraining to only a month worth of data like in the search UI.

This change addresses the above issue and, as a result, ensures the exported content matches with the one presented in the search UI.

This audit event export feature is under a feature flag.

Steps to reproduce

Test case 1

  • Navigate to Admin Area > Monitoring > Audit Log
  • Click on Export to CSV without applying any filter
  • Observe the gap of the content of the CSV with the search results

Test case 2

  • Click on Export to CSV after applying a date range filter
  • Observe the gap of the content of the CSV with the search results

Please note that the events in the CSV are always sorted by created_at in ascending order, while they are sorted by created_at in descending order. This is due to a constraint in EachBatch that we hope to address in future iteration.

More information on the feature can be found on the doc.

Does this MR meet the acceptance criteria?

Conformity

Availability and Testing

Security

If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:

  • [-] Label as security and @ mention @gitlab-com/gl-security/appsec
  • [-] The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
  • [-] Security reports checked/validated by a reviewer from the AppSec team
Edited by Tan Le

Merge request reports