Audit Logs
Audit logging is a simple way to track activity that has occurred inside of FOSSA. By logging and displaying critical user actions, audit logs help administrators determine who did what, when it happened, and where it occurred inside of the product. This provides insight into how your FOSSA environment arrived at its current state and how to revert changes in the case of user error (e.g. uploaded the wrong project, changed the policy accidentally, resolved an issue without proper approval, etc). One way to prevent these issues from happening again is to refine user permissions with the Role-Based Access Control (RBAC) feature.
Enterprise Feature
This feature is only available in a FOSSA Enterprise subscription. Contact [email protected] for more details.
Logged Operations
The following table summarizes the actions that are logged:
| Type | Action |
|---|---|
| User | - Add a user - Delete a user - Disable a user - Change a user’s role - Change another user value (email update, etc) - Change a user’s role - Give a user access to a project or release group - Remove user access from a project or release group - Give a user access to a team - Remove user access from a team |
| Team | - Create new team - Change team name - Delete team |
| Issue | - Open an issue - Export an issue - Resolve (both project and global level) an issue - Modify the licenses associated with a package |
| Policy & Licenses | - Create new policy - Change the default action for uncategorized licenses - Re-categorize a license within a policy - Changing the policy for a project - Change the default policy for an organization - Modify the conditional rules of a license within a policy |
| Projects & Release Groups | - Create new project (incl. import method) - Create new release group - Create a new release for release group - Modify revision of project within release group - Add a new project revision - Run a new license or issue scan |
Log Format
Audit log entries (which can be viewed in the Account Settings > Audit Logs page) consist of the following fields:
Email: current email of user that performed the actionRole: role of the user at the time the action occurred (see RBAC for more information about user roles)Date: timestamp of when the action occurredAction: details about the action that occurred
View Permissions
By default, only users with the role admin are able to view the audit logs. In the future, we plan on supporting the ability to customize user roles which would allow select non-admins to view them as well.
Updated about 1 year ago