Auditing Actions
-
Mrs.
Someone has already implemented a scheme under audit actions in pfSense?
The idea is to know "which user" did "what action"?
Implement something like a report of changes ….?
[]`s
Jack -
It depends on the level of detail you're after. You can already see the last several config changes, and who did them, under Diag > Backup/Restore, on the Config History tab.
That only applies to configuration changes though, actions that do not cause a config change wouldn't be noted there.
-
jimp,
Thank you for your usual attention.
If we wanted increase the logging level, would have to develop a package or a scheme in parallel, right?
For example, knowing that when the firewall rule was changed by a particular user of pfSense?
From what I tested so far, history does not specify this level of detail yet, is not it?
[]`s
Jack -
No there's no way to do that in a package, it would require changes to the source in far too many places and there's no hook to let a package do that.
I do have tagging firewall rules with a user/ip/timestamp of the creation and last edit on my to-do list, probably won't be until 2.2 though.
-
All right jimp.
Thank you for your attention! ;)
[]`s
Jack