search

fleetdm / fleet

Open-source platform for IT, security, and infrastructure teams. (Linux, macOS, Chrome, Windows, cloud, data center)
https://fleetdm.com
Other
2.65k stars 378 forks source link

Add activity when global config is modified #19644

Open RachelElysia opened 3 weeks ago

RachelElysia commented 3 weeks ago

Problem

I just went into Dogfood and added a host expiry to test some states. I then removed it. I checked the activity log to see if anyone could tell that I modified our global config. No one can see that it was me or what the change was.

Is not knowing what or when the global config was modified a security issue? Should it be logged somewhere? Does it have enough importance to have a log of it?

Potential solutions

  1. Add modifying the global config to the global activity log.
  2. Add activity feed entry for modifying host expiry.
noahtalerman commented 3 weeks ago

@RachelElysia thanks for tracking this!

Audibility and clarity is core to Fleet. We want to track all activities. That said, we iterate at Fleet. So, I think a quick win would be creating an activity for when host expiry is modified (instead of any item in global config).

We'll weigh this request at the next feature fest on 2024-06-20.