Skip to content

Implement auditing #1

Description

@adrolli

There is already a moox Audit package with entity that requires Spatie ActivityLog.

Test implementation of

  • model auditing for example using moox Categories, Tags then other existing entities
  • simple logging to ActivityLog by replacing existing logging (not sure where we do ...)
  • moox Scope to organize large volumes of log entries to the corresponding package

Before we continue, we need to distinct between

  • Logging
  • Auditing
  • Revisions

most probably by adding a type field.

Then we can define the retention defaults like

Type Live Archive Backup
Logging 7d 30d 365d
Auditing 30d 90d 10y
Revision 90d 365d forever

while backup may depend ...

Then we need to tackle

  • Loose Coupling (packages can use ActivityLog for models and/or instead of logging)
  • Archive (e. g. activity_log_archive) or combined with Backup
  • Retention Policy (when and which ones to archive or delete)
  • Tamper Resistance (no edit or delete actions, app only INSERT, Hash Chain)
  • Chain of custody (Laravel Permission / Shield, opt. mask sensitive fields)
  • Export (as part of retention policy for compliance?)
  • Diff-Viewer, Snapshots, Revisions with UI, Restore-Workflow (own permission)

Metadata

Metadata

Labels

No labels
No labels

Type

No type

Fields

No fields configured for issues without a type.

Projects

Status
Idea

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions