Details
-
Suggestion
-
Resolution: Unresolved
Description
Implement an audit log similar to that in Jira and Confluence to capture activities performed that require privileged access (e.g. administrative functions) in order to potentially identify malicious or unintended activity.
Events should include all administrative actions that can take place such as changes to system configurations, additions/removal of repositories, additions/removal of add-ons, unsuccessful logon attempts and lockouts, etc.
Records should contain information that establishes what type of event occurred, when the event occurred, source of the event, outcomes, identity of the individual.
Viewing the audit log should be restricted to administrators only.