- Notifications
You must be signed in to change notification settings - Fork27
📑 Create audit logs into the database for user behaviors, including a web UI to query logs.
License
rails-engine/audit-log
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
Trail audit logs (Operation logs) into the database for user behaviors, including a Web UI to query logs.
We used audit-log in our production environment more than 1 year, until now (2020.5.21), it's inserted about20 million log in our system.
Audit log list:
Detail page:
Add this line to your application's Gemfile:
gem"audit-log"
And then execute:
$ bundle
Generate files:
$ rails g audit_log:install
Use in controllers:
classTicktsController <ApplicationControllerdefindexaudit!:list_ticket,nilenddefcreateif@ticket.saveaudit!:create_ticket,@ticket,payload:ticket_paramselserender:newendenddefupdateif@ticket.saveaudit!:update_ticket,@ticket,payload:ticket_paramselserender:editendenddefapproveif@ticket.approveaudit!:approve_ticket,@ticket,payload:ticket_paramsendenddefdestroy# store original attributes for destroy for keep valuesaudit!:delete_ticket,nil,@ticket.attributesendprivatedefticket_paramsparams.required(:ticket).permit!(:title,:description,:status)endend
In models or other places:
AuditLog.audit!(:update_password,@user,payload:{ip:request.remote_ip})AuditLog.audit!(:sign_in,@user,payload:{ip:request.remote_ip})AuditLog.audit!(:create_address,nil,payload:params)
Changeconfig/routes.rb to add Route:
Rails.application.routes.drawdoauthenticate:user,->(u){u.admin?}domountAuditLog::Engine=>"/audit-log"endend
I18n for audit names, you need create aconfig/locales/audit-log.zh-CN.yml:
zh-CN:audit_log:action:sign_in:登录update_password:修改密码create_address:添加住址list_ticket:查看工单列表create_ticket:创建工单update_ticket:更新工单delete_ticket:删除工单approve_ticket:审批工单
For track Warden (Devise) sign in behavirs:
config/initializes/devise.rb
Warden::Manager.after_authenticationdo |user,auth,opts|request=ActionDispatch::Request.new(auth.env)AuditLog.audit!(:sign_in,user,payload:opts,user:user,request:request)endWarden::Manager.before_failuredo |env,opts|request=ActionDispatch::Request.new(env)email=request.params.dig(:user,:email)user=User.find_by_email(email)opts[:email]=emailAuditLog.audit!(:sign_in_failure,nil,payload:opts,request:request,user:user)end
You can write aconfig/initializers/audit_log.rb to configure the behavior of audit log.
AuditLog.configuredo# class name of you User model, default: 'User'self.user_class="User"# current_user method name in your Controller, default: 'current_user'self.current_user_method="current_user"# Speical a table_name for AuditLog model, default: "audit_logs"self.table_name="audit_logs"end
The gem is available as open source under the terms of theMIT License.
About
📑 Create audit logs into the database for user behaviors, including a web UI to query logs.