{"id":35525,"date":"2017-08-18T09:15:51","date_gmt":"2017-08-18T07:15:51","guid":{"rendered":"https:\/\/owncloud.com\/?p=35525\/"},"modified":"2023-01-16T15:30:04","modified_gmt":"2023-01-16T15:30:04","slug":"app-week-auditing","status":"publish","type":"post","link":"https:\/\/owncloud.com\/de\/blogs\/app-week-auditing\/","title":{"rendered":"App of the Week: Auditing"},"content":{"rendered":"<p><em>Welcome to the third part of our ownCloud App of the Week blog series. In this entry we would like to introduce the <a href=\"https:\/\/marketplace.owncloud.com\/apps\/admin_audit\">ownCloud Auditing application<\/a> and showcase why logging and auditing of user events &amp; activities is crucial for secure enterprise filesharing scenarios.<\/em><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignright size-medium wp-image-35537\" src=\"https:\/\/owncloud.com\/wp-content\/uploads\/2017\/08\/Stock_CC_Code_1920-300x200.jpg\" alt=\"\" width=\"300\" height=\"200\" \/>When it comes to sensitive business data, security always has the highest priority. Firewalls, encryption, authentication, access restrictions or device management \u2013 there are numerous ways of raising security levels in professional IT environments. But how can you make sure all security measures are working as planned? And how can you prove it? Well, this is where logging and auditing of the ownCloud system comes into play.<\/p>\n<p>To start off, <a href=\"https:\/\/owncloud.com\/download\/\">ownCloud Server<\/a> comes with a built-in logging mechanism that protocols all technical system activity (e.g. PHP messages, background job reports, configuration issues). By default this information is collected and stored in the <em>owncloud.log<\/em> file. This ownCloud log file comes in handy for a variety of uses, for example to review the system status or to help debug problems. The detail of the logging may be adjusted in five levels, ranging from <em>0: DEBUG<\/em> to <em>1: INFO<\/em>, <em>2: WARN<\/em>, <em>3: ERROR<\/em> and <em>4: FATAL<\/em> with <em>0: DEBUG<\/em> being the most detailed logging level. By default the log level is set to <em>2: WARN<\/em>.<\/p>\n<p>A complete technical Logging Configuration guide can be found in the ownCloud documentation:<br \/>\n<a href=\"https:\/\/doc.owncloud.org\/server\/latest\/admin_manual\/configuration\/server\/logging_configuration.html\" target=\"_blank\" rel=\"noopener\">https:\/\/doc.owncloud.org\/server\/latest\/admin_manual\/configuration\/server\/logging_configuration.html<\/a><\/p>\n<h3>Okay, but what does the Auditing App do?<\/h3>\n<p>Put simply, the <em>Auditing<\/em> application for ownCloud adds the logging of user and administrator actions to the ownCloud logging mechanism to make them traceable and auditable. While the basic ownCloud <em>Logging<\/em> functionality is mainly for system information, the <em>Auditing<\/em> application also logs:<\/p>\n<ul>\n<li>Login and logout events of users<\/li>\n<li>File system operations of users (create\/delete\/move; including actions on the trash bin)<\/li>\n<li>Sharing operations of users (internal sharing with users or groups, sharing via public link, change permissions, calls to sharing API from clients)<\/li>\n<li>File tagging operations of users (add\/remove tags)<\/li>\n<li>User management operations (creation\/deletion\/activation\/deactivation of users)<\/li>\n<li>Enabling\/disabling of ownCloud Apps<\/li>\n<li>Executions of OCC commands (CLI)<\/li>\n<\/ul>\n<p>By default the Audit log messages have the log level <em>1: INFO<\/em> and are added to the standard <em>owncloud.log<\/em> file. Make sure your general log level is set to <em>1: INFO<\/em> or higher in <em>config.php<\/em>. For a better overview and potential external audit usage it is easily possible to create a separate audit log file, e.g. a file named <em>audit.log<\/em>. An example on how to split these files can be found in <em>config.sample.php<\/em>.<\/p>\n<p>And there you have it \u2013 a simple and powerful auditing application for user and admin activities in your ownCloud. You are now able to review and track all types of user events, file and sharing operations, OCC command executions and even user management operations. With the <em>Auditing<\/em> application your IT-Department is able to always guarantee a full overview of user and admin activities and can easily follow-up on suspicious behavior. You are now also able to prove the integrity and compliance of your ownCloud system, for example for third party security audits and reviews.<\/p>\n<p><strong>The ownCloud Auditing App can be found here:<br \/>\n<a href=\"https:\/\/marketplace.owncloud.com\/apps\/admin_audit\">https:\/\/marketplace.owncloud.com\/apps\/admin_audit<\/a><\/strong><\/p>\n<p><em>So, are you already using the ownCloud Auditing App? As always we\u2019d love to hear your feedback. Stay tuned for next weeks App of the Week Blog!<\/em><\/p>\n<h3>Overview of the past ownCloud App of the Week Blogs:<\/h3>\n<p><em><a href=\"https:\/\/owncloud.com\/app-week-ldap-home-connector\/\">App of the Week &#8211; LDAP Home Connector<\/a><br \/>\n<a href=\"https:\/\/owncloud.com\/blog-app-week-market\/\">App of the Week &#8211; Market<\/a><\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Welcome to the third part of our ownCloud App of the Week blog series. In this entry we would like to introduce the ownCloud Auditing application and showcase why logging and auditing of user events &amp; activities is crucial for secure enterprise filesharing scenarios. When it comes to sensitive business data, security always has the [&hellip;]<\/p>\n","protected":false},"author":7,"featured_media":35537,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","inline_featured_image":false,"footnotes":""},"categories":[603,48,55],"tags":[],"class_list":["post-35525","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-apps","category-news","category-owncloud-product"],"acf":[],"_links":{"self":[{"href":"https:\/\/owncloud.com\/de\/wp-json\/wp\/v2\/posts\/35525","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/owncloud.com\/de\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/owncloud.com\/de\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/owncloud.com\/de\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/owncloud.com\/de\/wp-json\/wp\/v2\/comments?post=35525"}],"version-history":[{"count":1,"href":"https:\/\/owncloud.com\/de\/wp-json\/wp\/v2\/posts\/35525\/revisions"}],"predecessor-version":[{"id":68044,"href":"https:\/\/owncloud.com\/de\/wp-json\/wp\/v2\/posts\/35525\/revisions\/68044"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/owncloud.com\/de\/wp-json\/wp\/v2\/media\/35537"}],"wp:attachment":[{"href":"https:\/\/owncloud.com\/de\/wp-json\/wp\/v2\/media?parent=35525"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/owncloud.com\/de\/wp-json\/wp\/v2\/categories?post=35525"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/owncloud.com\/de\/wp-json\/wp\/v2\/tags?post=35525"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}