Mercurial > prosody-modules
comparison mod_audit/README.md @ 4938:bc8832c6696b
upstream merge
| author | Goffi <goffi@goffi.org> |
|---|---|
| date | Wed, 11 May 2022 12:44:32 +0200 |
| parents | 530d116b7f68 |
| children | dc058fcc3fe3 |
comparison
equal
deleted
inserted
replaced
| 4913:3ddab718f717 | 4938:bc8832c6696b |
|---|---|
| 1 --- | |
| 2 summary: Audit Logging | |
| 3 rockspec: {} | |
| 4 ... | |
| 5 | |
| 6 This module provides infrastructure for audit logging inside Prosody. | |
| 7 | |
| 8 ## What is audit logging? | |
| 9 | |
| 10 Audit logs will contain security sensitive events, both for server-wide | |
| 11 incidents as well as user-specific. | |
| 12 | |
| 13 This module, however, only provides the infrastructure for audit logging. It | |
| 14 does not, by itself, generate such logs. For that, other modules, such as | |
| 15 `mod_audit_auth` or `mod_audit_register` need to be loaded. | |
| 16 | |
| 17 ## A note on privacy | |
| 18 | |
| 19 Audit logging is intended to ensure the security of a system. As such, its | |
| 20 contents are often at the same time highly sensitive (containing user names | |
| 21 and IP addresses, for instance) and allowed to be stored under common privacy | |
| 22 regulations. | |
| 23 | |
| 24 Before using these modules, you may want to ensure that you are legally | |
| 25 allowed to store the data for the amount of time these modules will store it. | |
| 26 Note that it is currently not possible to store different event types with | |
| 27 different expiration times. |