I am trying to find a way to audit what users that log into the FreePBX gui do. I can see that there is a freepbx_security.log file but that only has failed attempts to log in. Is there a way to get users that logged into the GUI and what their activity was?
Nope.
grep the usernames in /var/log/httpd/access_log or the error_log. Whatever is there is likely the extent of what is available.
You could also put in a feature request.
https://issues.freepbx.org/projects/FREEPBX/issues/FREEPBX-15268?filter=allopenissues
The access log will also contain the originating IP address, the page requested and the response code sent.
Neither access_log or error_log have any usernames in there. I looked over several weeks of logs.
I believe there is already a feature request in for this. It was a long standing desire to add this but the work involved unfortunately was extensive. When a certain group of us moved on to “greener pastures” it was one of the first things implemented. We also have the advvantage of using current stacks with things such as php 8.1 which helps. Unfortunately with FreePBX the interactions were designed 15 years ago and would all have to be reworked meaning touch everything and hope not to break things just for log lines.
Other things were change audits and “undo” which are also not built in and require database abstraction to be added
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.