Software /
code /
prosody-modules
Comparison
mod_audit/README.md @ 4932:530d116b7f68
mod_audit*: modules for audit logging in prosody
These are to be seen as proof-of-concept for now.
author | Jonas Schäfer <jonas@wielicki.name> |
---|---|
date | Tue, 26 Apr 2022 22:32:44 +0200 |
child | 5326:dc058fcc3fe3 |
comparison
equal
deleted
inserted
replaced
4931:f4a9e804c457 | 4932:530d116b7f68 |
---|---|
1 --- | |
2 summary: Audit Logging | |
3 rockspec: {} | |
4 ... | |
5 | |
6 This module provides infrastructure for audit logging inside Prosody. | |
7 | |
8 ## What is audit logging? | |
9 | |
10 Audit logs will contain security sensitive events, both for server-wide | |
11 incidents as well as user-specific. | |
12 | |
13 This module, however, only provides the infrastructure for audit logging. It | |
14 does not, by itself, generate such logs. For that, other modules, such as | |
15 `mod_audit_auth` or `mod_audit_register` need to be loaded. | |
16 | |
17 ## A note on privacy | |
18 | |
19 Audit logging is intended to ensure the security of a system. As such, its | |
20 contents are often at the same time highly sensitive (containing user names | |
21 and IP addresses, for instance) and allowed to be stored under common privacy | |
22 regulations. | |
23 | |
24 Before using these modules, you may want to ensure that you are legally | |
25 allowed to store the data for the amount of time these modules will store it. | |
26 Note that it is currently not possible to store different event types with | |
27 different expiration times. |