Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-7277

Logging and Life Cycle Management

XMLWordPrintable

    • We collect Confluence feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

      NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion.

      Logging -

      1) How can we track and log user account activities? Activities include last login, inactivity, successful and unsuccessful log-in actions and attempts.
      For user account activity we want to be able to track this user login information from an administrative console, account, log file or application so the response "Last login is already recorded. A user can view their last login date by going to their user preferences page" is not what we are looking for.

      2) How can we track and log authenticated HTTP access requests? Since Confluence does not use HTTP BASIC authentication there is no record in the access log of what authenticated user is associated with an individual HTTP request. For logging in general we need an understanding of all the logging options for Confluence which can produce log records.

      3) How can we lock out users after three unsuccessful login attempts (i.e. brute force attack)?

      4) How can we apply password policy controls (expiration, minimum length, re-use,...)?

      For life cycle management, I have included two examples in which meta-tags were used.

      Example 1 - what we used for the policy driven lifecycle meta-tags in HTML pages

      <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
      <meta name="title" content="Apache Web Server">
      <meta name="description" content="Apache Web Server">
      <meta name="creator" content="John P. Dodge">
      <meta name="owner" content="John P. Dodge">
      <meta name="date" content="2006-10-20">
      <meta name="validuntil" content="2009-10-20">
      <meta name="generator" content="mk-metas/0.9">
      <meta name="robots" content="all">
      <meta name="GENERATOR" content="Mozilla/4.79 [en] (X11; U; SunOS 5.8 sun4u) [Netscape]">
      <meta name="subject" content="Apache Web Server">
      <meta name="Modified-Date" content="2006-10-20">
      <meta name="Identification" content="Apache Web Server">
      <meta name="Created-Date" content="1997-1-31">
      <meta name="Storage" content="Share Server">
      <meta name="Retrieval" content="Electronically">
      <meta name="Protection" content="Password access">
      <meta name="Retention" content="Life of product">
      <meta name="Disposition" content="Electronically deleted">

      Another Example:

      <head>
      <title>ISO - NISO Main Website</title>
      <meta name="Creator" content="Joan Elmquist">
      <meta name="Owner" CONTENT="Joan Elmquist">
      <meta name="Subject" CONTENT="ISO / NISO">
      <meta name="Description" CONTENT="ISO/ NISO / Web Hosting ">
      <meta name="keywords" CONTENT="Internal Service Offerings / ISO / Non-Standard Internal Service Offerings / NISO / Web Hosting / Web Server / Puget Sound ">
      <meta name="Storage" content="Web Share Server">
      <meta name="Retrieval" content="Electronically">
      <meta name="Created Date" content="06.06.03">
      <meta name="Protection" content="No protection required">
      <meta name="Retention" content="Life of product">
      <meta name="Disposition" content="Electronically deleted">
      <meta name="Generator" CONTENT="mk-metas-2.0">
      <meta name="Robots" CONTENT="All">
      <link href="/iso.css" rel="stylesheet" type="text/css">
      </head>

              Unassigned Unassigned
              b36ae1156a50 CathyR
              Votes:
              7 Vote for this issue
              Watchers:
              8 Start watching this issue

                Created:
                Updated:
                Resolved: