Auditing Actions



  • Mrs.

    Someone has already implemented a scheme under audit actions in pfSense?

    The idea is to know "which user" did "what action"?

    Implement something like a report of changes ….?

    []`s
    Jack


  • Rebel Alliance Developer Netgate

    It depends on the level of detail you're after. You can already see the last several config changes, and who did them, under Diag > Backup/Restore, on the Config History tab.

    That only applies to configuration changes though, actions that do not cause a config change wouldn't be noted there.



  • jimp,

    Thank you for your usual attention.

    If we wanted increase the logging level, would have to develop a package or a scheme in parallel, right?

    For example, knowing that when the firewall rule was changed by a particular user of pfSense?

    From what I tested so far, history does not specify this level of detail yet, is not it?

    []`s
    Jack


  • Rebel Alliance Developer Netgate

    No there's no way to do that in a package, it would require changes to the source in far too many places and there's no hook to let a package do that.

    I do have tagging firewall rules with a user/ip/timestamp of the creation and last edit on my to-do list, probably won't be until 2.2 though.



  • All right jimp.

    Thank you for your attention! ;)

    []`s
    Jack


Log in to reply