diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-02-20 18:08:51 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-02-20 18:08:51 +0000 |
commit | df2eda3f14dccb703bd7054d4ddde7803cb1fe7e (patch) | |
tree | 0200bb0def01cde22da3bc4c9ed0a7b0f91d6b50 /doc/administration/audit_events.md | |
parent | b9bac6dbf78a5a7976fba14aaeef96bdeb0da612 (diff) | |
download | gitlab-ce-df2eda3f14dccb703bd7054d4ddde7803cb1fe7e.tar.gz |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc/administration/audit_events.md')
-rw-r--r-- | doc/administration/audit_events.md | 58 |
1 files changed, 29 insertions, 29 deletions
diff --git a/doc/administration/audit_events.md b/doc/administration/audit_events.md index cf017c0167b..2f4079396e6 100644 --- a/doc/administration/audit_events.md +++ b/doc/administration/audit_events.md @@ -3,28 +3,28 @@ GitLab offers a way to view the changes made within the GitLab server for owners and administrators on a [paid plan][ee]. GitLab system administrators can also take advantage of the logs located on the -filesystem, see [the logs system documentation](logs.md) for more details. +filesystem. See [the logs system documentation](logs.md) for more details. ## Overview -**Audit Events** is a tool for GitLab owners and administrators to be -able to track important events such as who performed certain actions and the -time they happened. These actions could be, for example, change a user +**Audit Events** is a tool for GitLab owners and administrators +to track important events such as who performed certain actions and the +time they happened. For example, these actions could be a change to a user permission level, who added a new user, or who removed a user. -## Use-cases +## Use cases -- Check who the person was that changed the permission level of a particular - user for a project in GitLab. -- Use it to track which users have access to a certain group of projects - in GitLab, and who gave them that permission level. +- Check who changed the permission level of a particular + user for a GitLab project. +- Track which users have access to a certain group of projects + in GitLab, and who gave them that permission level. ## List of events There are two kinds of events logged: -- Events scoped to the group or project, used by group / project managers - to look up who made what change. +- Events scoped to the group or project, used by group and project managers + to look up who made a change. - Instance events scoped to the whole GitLab instance, used by your Compliance team to perform formal audits. @@ -36,9 +36,9 @@ You need Owner [permissions] to view the group Audit Events page. To view a group's audit events, navigate to **Group > Settings > Audit Events**. From there, you can see the following actions: -- Group name/path changed +- Group name or path changed - Group repository size limit changed -- Group created/deleted +- Group created or deleted - Group changed visibility - User was added to group and with which [permissions] - Permissions changes of a user assigned to a group @@ -48,11 +48,11 @@ From there, you can see the following actions: - [Project shared with group](../user/project/members/share_project_with_groups.md) and with which [permissions] - Removal of a previously shared group with a project -- LFS enabled/disabled +- LFS enabled or disabled - Shared runners minutes limit changed -- Membership lock enabled/disabled -- Request access enabled/disabled -- 2FA enforcement/grace period changed +- Membership lock enabled or disabled +- Request access enabled or disabled +- 2FA enforcement or grace period changed - Roles allowed to create project changed Group events can also be accessed via the [Group Audit Events API](../api/audit_events.md#group-audit-events-starter) @@ -65,8 +65,8 @@ You need Maintainer [permissions] or higher to view the project Audit Events pag To view a project's audit events, navigate to **Project > Settings > Audit Events**. From there, you can see the following actions: -- Added/removed deploy keys -- Project created/deleted/renamed/moved(transferred)/changed path +- Added or removed deploy keys +- Project created, deleted, renamed, moved(transferred), changed path - Project changed visibility level - User was added to project and with which [permissions] - Permission changes of a user assigned to a project @@ -75,7 +75,7 @@ From there, you can see the following actions: - Project repository was downloaded - Project was archived - Project was unarchived -- Added/removed/updated protected branches +- Added, removed, or updated protected branches - Release was added to a project - Release was updated - Release milestone associations changed @@ -94,20 +94,20 @@ In addition to the group and project events, the following user actions are also recorded: - Failed Logins -- Sign-in events and the authentication type (standard, LDAP, OmniAuth, etc.) +- Sign-in events and the authentication type (such as standard, LDAP, or OmniAuth) - Added SSH key -- Added/removed email +- Added or removed email - Changed password - Ask for password reset - Grant OAuth access -- Started/stopped user impersonation +- Started or stopped user impersonation - Changed username ([introduced](https://gitlab.com/gitlab-org/gitlab/issues/7797) in GitLab 12.8) - User was deleted ([introduced](https://gitlab.com/gitlab-org/gitlab/issues/251) in GitLab 12.8) - User was added ([introduced](https://gitlab.com/gitlab-org/gitlab/issues/251) in GitLab 12.8) - User was blocked via Admin Area ([introduced](https://gitlab.com/gitlab-org/gitlab/issues/251) in GitLab 12.8) -It is possible to filter particular actions by choosing an audit data type from -the filter dropdown box. You can further filter by specific group, project or user +It's possible to filter particular actions by choosing an audit data type from +the filter dropdown box. You can further filter by specific group, project, or user (for authentication events). ![audit log](img/audit_log.png) @@ -116,8 +116,8 @@ Instance events can also be accessed via the [Instance Audit Events API](../api/ ### Missing events -Some events are not being tracked in Audit Events. Please see the following -epics for more detail on which events are not being tracked and our progress +Some events are not tracked in Audit Events. See the following +epics for more detail on which events are not being tracked, and our progress on adding these events into GitLab: - [Project settings and activity](https://gitlab.com/groups/gitlab-org/-/epics/474) @@ -129,8 +129,8 @@ on adding these events into GitLab: #### Repository push The current architecture of audit events is not prepared to receive a very high amount of records. -It may make your project/admin audit logs UI very busy and the disk space consumed by the -`audit_events` Postgres table will increase considerably. Thus, it's disabled by default +It may make the user interface for your project or audit logs very busy, and the disk space consumed by the +`audit_events` Postgres table will increase considerably. It's disabled by default to prevent performance degradations on GitLab instances with very high Git write traffic. In an upcoming release, Audit Logs for Git push events will be enabled |