phpipam icon indicating copy to clipboard operation
phpipam copied to clipboard

Published 20 hours ago verified publisher icon phpipam

Issues regarding changelog

Open jonashauge opened this issue 8 years ago • 6 comments

Hi Miha,

a couple of issues regarding the changelog feature;

  1. When entries (eg. a subnet or an IP address) is deleted, then the entire changelog for the object is removed as well.The content in the changelog should be kept - otherwise the log is useless for auditing purposes :-)
  2. changelog is not done for VLANs, l2-domains, devices or vrf's which are just as crucial as subnets, sections and ip addresses.

In a perfect world, changelog should also be done on nameservers and firewallzones, but the 4 points in 2) are the most important ones.

/Jonas

jonashauge avatar Oct 07 '15 19:10 jonashauge

Hi, Well changelog is actually there, it is just not picked up by the query, as id of original object is not available anymore. Dont know how to change that.

Will add for other objects aswell.

phpipam avatar Oct 08 '15 12:10 phpipam

Hmm, my best suggestion will be to add an extra column (cObjectName?) in the changelog table where you record the subnet/ip of 'cid' as a varchar. Then if 'cid' is gone as the ip/subnet was deleted, then print the value of the new column in italic (and no link). Then the current functionality is kept and changes with deletion will be shown. If someone can think of a better solution, feel free to comment :-)

Another finding regarding changelog. If you edit an object and push the edit button without changing any value, then an empty changelog i written. As no change has been done, I would suggest to skip writing anything to the changelog.

jonashauge avatar Oct 08 '15 17:10 jonashauge

+1 for the suggestion of @jonashauge as this seems the best solution. One of my clients is working with Infoblox IPAM and there you can always trace who for example deleted a subnet. The changelog in there is pure text and not relying on any other information in the database as far as I can see.

For auditing a changelog that has no relational information (entries made as pure text at the time of the changes) would be a big plus.

michielvisser avatar Dec 06 '15 15:12 michielvisser

I am missing changelog for subnets as well. You would make me happy if this could be in 1.4. It's related in a way to #800.

Park0 avatar Jul 13 '17 07:07 Park0

+1. This log will be very usefull for us too.

xFRaNeRx avatar Feb 16 '18 11:02 xFRaNeRx

I noticed this too. And to track who deleted a subnet, I had to check the main log file. Click the wrench "Show Tools Menu" > under "Tools" > "Log Files".

Here you can download the logs in xls format and find who may have deleted a subnet. I've recently run into the 65536 row limit in excel so this feature is also lacking now. Perhaps xlsx can be used as the export format?

I just brought it up today in issue: ChangeLog viewing and row limits #4092

Anyone9060 avatar Apr 26 '24 19:04 Anyone9060