A simple auditing tool for
Add it to your
Create tables to store audits in the database:
rails audits1984:install:migrations rails db:migrate
Mount the engine in your
mount Audits1984::Engine => "/console"
By default, the library controllers will inherit from the host application's
ApplicationController. To authenticate auditors, you need to implement a method
#find_current_auditor in your
ApplicationController. This method must return a record representing the auditing user. It can be any model but it has to respond to
For example, Imagine all the staff in your company can audit console sessions:
def find_current_auditor Current.user if Current.user&.staff? end
The main screen lists the registered console sessions. It includes a form to filter sessions by date, and also to only show that contains sensitive accesses.
You can click on a session to see its commands and choose whether it was an appropiate console usage or not.
After making a decision on the session, you will be redirected to the next pending session, based on the filter configured in the main screen.
That is. I said it was simple.
These config options are namespaced in
|auditor_class||The name of the auditor class. By default it's
|auditor_name_attribute||The attribute on the auditor class that returns the auditor's name. By default it's
|base_controller_class||The host application base class that will be the parent of