diff --git a/docs/docs/Enterprise/audit_logs.md b/docs/docs/Enterprise/audit_logs.md index a3ddba5367..e4e55bde46 100644 --- a/docs/docs/Enterprise/audit_logs.md +++ b/docs/docs/Enterprise/audit_logs.md @@ -34,19 +34,19 @@ Pagination at the bottom allows navigation through the pages, with each page dis
-### Filter Audit Logs +## Filter Audit Logs You can apply filters to the audited events based on the following criteria. -#### Select Users +### Select Users Choose a specific user from the dropdown list to view all their activities. -#### Select Apps +### Select Apps The dropdown will display all the apps associated with your account. Select an app to filter the logs related to that particular app. -#### Select Resources +### Select Resources |
Resources
|
Description
| | ----------- | ----------- | @@ -56,7 +56,7 @@ The dropdown will display all the apps associated with your account. Select an a | Group Permission | All the events associated with Group Permissions will be filtered. Group Permissions include `GROUP_CREATE`, `GROUP_UPDATE`, `GROUP_DELETE`. | | App Group Permission | Within each group, you can set apps for read or edit privileges. These events get recorded as App Group Permissions. | -#### Select Actions +### Select Actions |
Actions
|
Description
| | ----------- | ----------- | @@ -81,7 +81,7 @@ The dropdown will display all the apps associated with your account. Select an a
-### Understanding Log Information +## Understanding Log Information
@@ -112,11 +112,35 @@ The file will contain all the data from audit logs. The log file can be created Learn more about **setting up the log file generation** [here](/docs/how-to/setup-rsyslog). -#### Log Rotation +### Log Rotation The log file is configured to rotate on a daily basis. This means that a new log file will be created every day, ensuring efficient management and organization of audit data. -#### Log File Path +### Log Redaction + +ToolJet implements log redaction to protect sensitive information. By default, the following headers are masked in the logs: + +- authorization +- cookie +- set-cookie +- x-api-key +- proxy-authorization +- www-authenticate +- authentication-info +- x-forwarded-for + +Additionally, you can specify custom fields to be masked using the `LOGGER_REDACT` environment variable. + +|
Variable
|
Description
| +| -------- | --------------------------------------------------------------------------- | +| LOGGER_REDACT | Comma-separated list of additional fields to be masked in logs (e.g., req.headers["x-session-id"],req.headers["x-device-fingerprint"]) | + +For example: +```bash +LOGGER_REDACT=res.headers["x-rate-limit-remaining"],res.headers["x-request-id"] +``` + +### Log File Path The path for the log file is defined using the `LOG_FILE_PATH` variable in the environment. It's important to understand that this path is relative to the home directory of the machine. For instance, if `LOG_FILE_PATH` is set to `hsbc/dashboard/log`, the resulting log file path will be structured as follows: ``` diff --git a/docs/versioned_docs/version-2.50.0-LTS/Enterprise/audit_logs.md b/docs/versioned_docs/version-2.50.0-LTS/Enterprise/audit_logs.md index a3ddba5367..e4e55bde46 100644 --- a/docs/versioned_docs/version-2.50.0-LTS/Enterprise/audit_logs.md +++ b/docs/versioned_docs/version-2.50.0-LTS/Enterprise/audit_logs.md @@ -34,19 +34,19 @@ Pagination at the bottom allows navigation through the pages, with each page dis
-### Filter Audit Logs +## Filter Audit Logs You can apply filters to the audited events based on the following criteria. -#### Select Users +### Select Users Choose a specific user from the dropdown list to view all their activities. -#### Select Apps +### Select Apps The dropdown will display all the apps associated with your account. Select an app to filter the logs related to that particular app. -#### Select Resources +### Select Resources |
Resources
|
Description
| | ----------- | ----------- | @@ -56,7 +56,7 @@ The dropdown will display all the apps associated with your account. Select an a | Group Permission | All the events associated with Group Permissions will be filtered. Group Permissions include `GROUP_CREATE`, `GROUP_UPDATE`, `GROUP_DELETE`. | | App Group Permission | Within each group, you can set apps for read or edit privileges. These events get recorded as App Group Permissions. | -#### Select Actions +### Select Actions |
Actions
|
Description
| | ----------- | ----------- | @@ -81,7 +81,7 @@ The dropdown will display all the apps associated with your account. Select an a
-### Understanding Log Information +## Understanding Log Information
@@ -112,11 +112,35 @@ The file will contain all the data from audit logs. The log file can be created Learn more about **setting up the log file generation** [here](/docs/how-to/setup-rsyslog). -#### Log Rotation +### Log Rotation The log file is configured to rotate on a daily basis. This means that a new log file will be created every day, ensuring efficient management and organization of audit data. -#### Log File Path +### Log Redaction + +ToolJet implements log redaction to protect sensitive information. By default, the following headers are masked in the logs: + +- authorization +- cookie +- set-cookie +- x-api-key +- proxy-authorization +- www-authenticate +- authentication-info +- x-forwarded-for + +Additionally, you can specify custom fields to be masked using the `LOGGER_REDACT` environment variable. + +|
Variable
|
Description
| +| -------- | --------------------------------------------------------------------------- | +| LOGGER_REDACT | Comma-separated list of additional fields to be masked in logs (e.g., req.headers["x-session-id"],req.headers["x-device-fingerprint"]) | + +For example: +```bash +LOGGER_REDACT=res.headers["x-rate-limit-remaining"],res.headers["x-request-id"] +``` + +### Log File Path The path for the log file is defined using the `LOG_FILE_PATH` variable in the environment. It's important to understand that this path is relative to the home directory of the machine. For instance, if `LOG_FILE_PATH` is set to `hsbc/dashboard/log`, the resulting log file path will be structured as follows: ```