12/27/2022 0 Comments Asp net mvc log user activity audit![]() ![]() You can store logs locally, on the cloud, in a database, or even create a custom storage provider. I was amazed, when I saw the huge list of storage providers. It can be enabled by controller/action attributes, global action filter, middleware or a combination of those.This would give us enough flexibility for today and foreseeable future in case we need to enable/disable it for different levels. It is easy and time-efficient to start using it.I came across various libraries, compare them and finally I chose Audit.Net WebApi for the following reasons: Next, I started looking into different available options. How long they are kept, how we are going to query these data in future, what format the logs should be written into, does it need to be able to integrate into another system, does it need a human interacting interface, and questions like that. Thirdly, The retention and query of the logs should be discussed. Where the logs get stored, how much performance hit we can accept, how much cost we can accept, and questions like these. Secondly, the storage of logs should be discussed. ![]() We also discussed whether we want to record request/response headers as well as request/response bodies. Also certain pieces of Information (a.k.a PII or Personally Identifiable Information) have certain regulations around them. They might have different concerns or need extra pieces of information to make their life easier. Different people (because of their roles) can expect different details from an audit log. As the beginning, I put together a small wiki document and called for a meeting to define what we all mean and expect from word "Audit".įirstly, the data gets stored needs to be defined. I picked up a task about audit requirement for one of the core APIs. In this post, I'm gonna tell you how you can have proper audit log without re-inventing the wheel! ![]() In addition, If your system accepts input from a 3rd party system, Or sends an output to a 3rd party system, you also need proper logging in case of a dispute happens in future. If you have an Api that modifies the core data of a system, you need to log every call to that. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |