(logging configuration) Expand the admin_audit section #10604
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,7 +2,11 @@ | |
| Logging | ||
| ======= | ||
|
|
||
| Use your Nextcloud log to review system status, or to help debug problems. You may adjust logging levels, and choose how and where log data is stored. If additional event logging is required, you can optionally activate the **admin_audit** app. | ||
|
|
||
| When ``file`` based logging is utilized, both the Nextcloud log and, optionally, the **admit_audit** app log can be viewed within the Nextcloud interface under *Administration settings -> Logging* (this functionality is provided by the **logreader** app). | ||
|
|
||
| Further configuration and usage details for both the standard Nextcloud log and the optional **admin_audit** app log can be found below. | ||
|
|
||
| Log level | ||
| --------- | ||
|
|
@@ -131,34 +135,55 @@ Log field breakdown | |
|
|
||
| Empty value are written as two dashes: ``--``. | ||
|
|
||
| Admin audit log (Optional) | ||
| -------------------------- | ||
|
|
||
| By enabling the **admin_audit** app, additional information about various events can be logged. Similar to the normal logging, the audit log can be provided to any of the existing logging mechanisms in :file:`config/config.php`. The default behavior, if no parameters are specified after the app is enabled, is ``file`` based logging to a file called ``audit.log`` stored in the ``datadirectory``. | ||
|
|
||
| If you wish to override this and log to syslog instead the following would be one approach: | ||
|
|
||
| :: | ||
|
|
||
| "log_type_audit" => "syslog", | ||
| "syslog_tag_audit" => "Nextcloud", | ||
| "logfile_audit" => "", | ||
|
|
||
| Log level interaction | ||
| ~~~~~~~~~~~~~~~~~~~~~ | ||
|
|
||
| If system ``loglevel`` in ``config.php`` is set to ``2`` or higher, audit logging needs to be triggered explicitly by adding the following setting to to ``config.php``: | ||
|
|
||
| :: | ||
|
|
||
| "log.condition" => [ | ||
| "apps" => ["admin_audit"], | ||
| ], | ||
|
|
||
| Find detailed documentation on auditable events for enterprises in our `customer portal <https://portal.nextcloud.com/article/using-the-audit-log-44.html>`_. | ||
|
|
||
| Integrating into the Web Interface | ||
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | ||
|
|
||
| The built-in NC ``logreader`` app (which is what provides the *Administration settings->Logging* interface) only accesses the file-based ``nextcloud.log``. The **admin_audit** app log output, however, can be integrated into the web interface by configuring it to *also* log to the ``nextcloud.log``. | ||
|
There was a problem hiding this comment. Ah I see. Better would be something like nextcloud/logreader#857 though There was a problem hiding this comment. That PR looks quite useful if one doesn't wish to combine their on-disk audit log with the normal Nextcloud log. The confusing thing has been that screenshot from the logreader app repository README - (it's referenced in nextcloud/logreader#129 and occasionally on the forum). It shows everything merged together. :-) So it turns out it's totally been possible all along. |
||
|
|
||
| Add the following to your ``config.php`` (adjusting the path to your own ``nextcloud.log`` path): | ||
|
|
||
| :: | ||
|
|
||
| 'log.condition' => [ | ||
| 'apps' => [ 'admin_audit'], | ||
| ], | ||
| 'logfile_audit' => '/var/www/html/data/nextcloud.log', | ||
|
|
||
| Configuring through admin_audit app settings | ||
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | ||
|
|
||
| Previously the audit logfile was defined in the app config. This config is still used when the system config is not provided, but is considered a legacy parameter. | ||
|
|
||
| :: | ||
|
|
||
| occ config:app:set admin_audit logfile --value=/var/log/nextcloud/audit.log | ||
|
|
||
| .. _PHP date function: http://www.php.net/manual/en/function.date.php | ||
|
|
||
| Workflow log | ||
|
|
||
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It can? I thought this is a missung feature...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Me too . I got sick of people asking and not knowing the answer. It had been on my to-do list for awhile so finally got around to digging into the code and testing earlier today. So, yes, it does exist as-is today in a form that is totally reasonable for many use cases.