Feature: Basic Audit logs on Devtron UI #3665
Description
🔖 Feature description
As an avid user of Devtron, I would like to propose the implementation of audit logs as a valuable feature for the platform. Audit logs are an essential aspect of any platform engineering tool, and their integration within Devtron would significantly elevate its functionality and security.
I believe that the addition of audit logs aligns perfectly with the platform's commitment to providing a robust, secure, and user-friendly experience. This feature will undoubtedly boost the confidence of the Devtron community and enterprise users and contribute to the platform's overall success.
🎤 Pitch
Importance of Audit logs:
Security and Compliance: With the ever-increasing need for robust security measures, having comprehensive audit logs in Devtron is crucial for detecting and investigating potential security breaches or unauthorized access attempts. This feature would enable us to uphold compliance standards and demonstrate adherence to data privacy regulations.
User Accountability and Transparency: Enhanced audit logs would empower us to track and monitor user activities within Devtron, attributing specific actions to individual users. This increased transparency fosters a sense of accountability and promotes responsible usage of the platform.
Monitoring and Troubleshooting: The ability to review detailed logs of activities and events within Devtron would aid in monitoring the platform's usage, identifying potential bottlenecks, and troubleshooting issues efficiently.
Proactive Issue Detection: By regularly reviewing the audit logs, we can proactively identify and address recurring errors or potential issues before they escalate, thus ensuring the seamless operation of deployed microservices.
✌️ Solution
The basic audit logs will only have a few parameters, such as:
| Parameters | Definition | Example |
|---|---|---|
| action: | Action Performed | updateCIpipeline |
| updated-by | User ID of user who took the action | 2 |
| updated-on | Time stamp of action | 2023-05-03 21:55:6 |
| api-request | API request without auth | Entire api curl without auth data |
| api-response-code | API response code/status | 200 |
- Make this event logging mandatory at each update action triggered by a user or an api-user.
- Provide filters for all the 3 fields above to filter and search relevant logs.
🔄️ Alternative
Users have to rely on getting the audit logs from multiple DB tables.
👀 Have you spent some time to check if this issue has been raised before?
- I checked and didn't find similar issue
🏢 Have you read the Code of Conduct?
- I have read the Code of Conduct
AB#4480