roos-fs tasks #250
open
Change history monitoring module
0%
Description
Description
we need a monitoring system that records all CRUD events in all categories and raises automatic alerts for suspicious activity. Logging covers users, services and their templates, machines, tasks and their templates, customers, vehicle users, locations, and leads, including lead-to-customer conversions. Additionally, we record file and report uploads/downloads, errors, security events, connection breaks, slow operations, and imports in each category.
Expected result:
Monitoring and logging of next main CRUD actions:
- All actions related to user authorization, account, such as account creation, login attempts, failed login attempts, password changes
- All actions related to creating/updating/deleting in users section
- All actions related to creating/updating/deleting in services section, service templates
- All actions related to creating/updating/deleting in vehicles section
- All actions related to creating/updating/deleting in tasks section, including task templates
- All actions related to creating/updating/deleting in customers section
- All actions related to creating/updating/deleting in vehicle users section
- All actions related to creating/updating/deleting in locations section
- All actions related to creating/updating/deleting in leads section, including transition from lead to customer
- All import actions in sections mentioned above
- All file imports for the sections mentioned above
- All file exports for the sections mentioned above
- Errors on actions listed above
- THIS LISTS NEEDS TO BE REVISED -
**Alerts on next events (included, but not limited to): **
- More than N files exported in a single request / within a very short interval ()
- The same report uploaded N + times in a short interval
- Record that’s created or updated but still missing from the DB after 500 ms
- More than N failed login attempts from any user within one minute
- More than N failed logins in total, or N + consecutive failures for the same account
- Any operation whose duration significantly exceeds the normal threshold
- A burst of identical errors in a short time window
Proposal:
- Personal data (email, phone, VIN, tokens) is masked; only hashes or abbreviated values remain in the log.
- Each upload/download of a file or package of files is logged with the size and number.
- The import event contains the number of rows and the number of successful/failed records.
- Any prohibited action or call is logged with the full context and request body size.
Updated by Vadim Golub 9 months ago
- Status changed from Deployed (QA) to Backlog
- Assignee set to Vadim Golub
Updated by Vadim Pariev 9 months ago
- Assignee changed from Vadim Golub to Anton Obolientsev
Updated by Alex Katasonov 9 months ago
@Vadim Pariev @vadim.golub@matecube.dev
I think this ticket is not complete. App monitoring is not built in this way. The concept is completely different. I would like to refine this
Updated by Alex Katasonov 9 months ago
- Subject changed from app monitoring module to change history monitoring module
Updated by Alex Katasonov 9 months ago
- Subject changed from change history monitoring module to Change history monitoring module
Updated by Anton Obolientsev 9 months ago
- Status changed from Open to In progress
Updated by Anton Obolientsev 9 months ago
- Status changed from In progress to Open
Updated by Anton Obolientsev 9 months ago
- Status changed from Open to In progress
Updated by Anton Obolientsev 9 months ago
- Status changed from In progress to In review
Updated by Anton Obolientsev 9 months ago
- Status changed from In review to Deployed (QA)
Updated by Vadim Pariev 8 months ago
- Status changed from Deployed (QA) to Closed
Updated by