NAME

RT-Extension-AuditLog - Log all RT access requests

DESCRIPTION

In some environments, there are auditing requirements regarding access to the data in tickets. Modifications are already well preserved in the transaction history of a ticket, but read access is not tracked by native RT facilities.

There is the webserver log, but that does not include the user-name in all cases.

RT VERSION

Tested with RT 4.4 and 5.0.3.

As it, it does not work on our RT3.8 installation, but that might be more question of the Mason version, than the RT version itself.

As the missing $q-request()> is the problem, a possible workaround is to replace most for the code in Default by

$RT::AuditLogger->info(join(" ", $session{'CurrentUser'}->Name, $r->method(), $r->unparsed_uri())); };

INSTALLATION

perl Makefile.PL

make

make install

May need root permissions.

I recommend you check if the two files were really installed into the right directory.

Edit your /opt/rt5/etc/RT_SiteConfig.pm

Add this line:

Plugin('RT::Extension::AuditLog');

Clear your mason cache

rm -rf /opt/rt5/var/mason_data/obj

Restart your webserver

CONFIGURATION

This module is configures by setting the following options in the RT configuration file (RT_SiteConfig.pm or a new file under RT_SiteConfig.d):

Set($AuditLogToFileNamed, 'audit.log');
Set($AuditLogToSyslog, 'Audit');        # "ident" parameter to Log::Dispatch::Syslog

AUTHOR

Otmar Lendl <lendl@cert.at>

(based on input received on the RT Dev forum: https://forum.bestpractical.com/t/audit-log-for-user-read-activity/35137 )

All bugs should be reported via email to lendl@cpan.org.

LICENSE AND COPYRIGHT

This software is Copyright (c) 2023 by CERT.at GmbH

This is free software, licensed under:

The GNU General Public License, Version 2, June 1991