Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Create audit log when archive is sent to device #1847

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Create audit log when archive is sent to device #1847

wants to merge 1 commit into from

Conversation

nshoes
Copy link
Contributor

@nshoes nshoes commented Jan 28, 2025

If an archive is sent to a device on connect or from an archive update, an audit log is created specifying device, deployment, and archive details.

@nshoes nshoes force-pushed the add-audit-logs-when-sending-archives branch from 6da81a7 to 5573666 Compare January 28, 2025 23:06
@nshoes nshoes requested review from joshk and jjcarstens January 28, 2025 23:15
joshk
joshk requested changes Jan 28, 2025
View reviewed changes
Copy link
Collaborator

@joshk joshk left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can you please return :ok from the templates, this makes dialyzer happy

jjcarstens
jjcarstens requested changes Jan 29, 2025
View reviewed changes
Copy link
Collaborator

@jjcarstens jjcarstens left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think we want this. There is no discernment check for archive versions and this happens on every connection, so this has potential to really bloat the logs again (like online/offline/exetension logs that have been removed)

Perhaps a small metric is useful or we wait until proper adjustment and handling of archives?

@joshk
Copy link
Collaborator

joshk commented Jan 29, 2025

I don't think we want this. There is no discernment check for archive versions and this happens on every connection, so this has potential to really bloat the logs again (like online/offline/exetension logs that have been removed)

Perhaps a small metric is useful or we wait until proper adjustment and handling of archives?

Ahhh, true true, there is no annoucement from the device about what archive version has been downloaded and installed (something bigger we should consider improving)

what about moving the logging to handle_info(%Broadcast{event: "archives/updated"}, socket), as this will only be logged when a device is already connected?

@nshoes
Copy link
Contributor Author

nshoes commented Jan 29, 2025

so this has potential to really bloat the logs again (like online/offline/exetension logs that have been removed)

Great callout, thank you.

what about moving the logging to handle_info(%Broadcast{event: "archives/updated"}, socket), as this will only be logged when a device is already connected?

This is a good option to avoid table bloat over time, but then we don't get an audit log if we do send the archive update on connect (which feels weird). I think if we log 2 out of 3 scenarios that's better than none?

@esvinson
Copy link
Contributor

Do we need to store it in the database or can we just log it with the normal logger?

@esvinson
Copy link
Contributor

esvinson commented Jan 29, 2025
edited
Loading

Perhaps a small metric is useful or we wait until proper adjustment and handling of archives?

We'd want to avoid anything metric related that's hub device specific for cost reasons. Deployment specific might be ok.

@joshk
Copy link
Collaborator

joshk commented Jan 30, 2025

I would suggest only adding this audit log event to handle_info(%Broadcast{event: "archives/updated"}, socket) as it would only occur when the deployment archive is updated and sent to connected devices. It would help devs and support know if an online device received the archive.

@nshoes
Copy link
Contributor Author

nshoes commented Jan 30, 2025

@joshk it shall be done

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jjcarstens jjcarstens jjcarstens requested changes

@joshk joshk joshk requested changes

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@nshoes @joshk @esvinson @jjcarstens