Rank: Member
Joined: 1/24/2008(UTC) Posts: 60
|
Audit Log for the Admin Section.
1. Logs every action done by admins (For Example: Actions, like Saving a Product/Category, Deleting a Customer Order, or Changing a customer's password, etc) with date and time. 2. Logs are Protected, and *cannot* be deleted manually from the site (which excludes those that have direct access to the database) 3. Settings to determine how long to keep the logs (ie only keep last x days/months/years worth of logs) 4. Access to logs are restricted and only people with appropriate permissions may access them.
The purpose of this is to keep track of who all is doing what on your website. At my previous job we had a problem with an irate employee randomly messing with our site (renaming products to garbage, changing prices, etc) before quitting later that day. Without our audit log we'd have had no idea who messed everything up. We were also able to restore the site to its pre-messed up condition since we had an exact record of what all he did.
At my new job here, I kept having to re-enter the same product over and over. It turns out one of our newbie admins (and one of my bosses), didn't know what she was doing and kept deleting my products.
Anyways, that's my idea. |
- Brian Web Developer/IT Manager |
|
|
|
Rank: Member
Joined: 3/3/2006(UTC) Posts: 1,737
|
This is a good one. I'd put this in my top 20 requests.
Perhaps in Excel or sim you could come up with what this log might look like on the screen. Rows, columns. This needs some more/varied input. |
Optimists invent airplanes, Pessimists buy parachutes. |
|
|
|
Rank: Member
Joined: 1/24/2008(UTC) Posts: 60
|
This is sorta what our old one looked like: Key points are: 1. The actual action Performed, Modify, Delete, Add 2. What was actually affected by the action. This can vary greatly depending on what was done. 3. Any details that will help identify exactly was was done. This should also show what the old value Used to be before the change. 4. Date change was made. 5. User that made the change. The details section could actually be multiple lines, like for instance if someone Modified multiple fields in a product, it would be one for each line (as shown). Its also important to be able to search/sort/filter the logs so you can find exactly what you are looking for (ie when someone breaks your site, or you changed the wrong product name but forgot which product you changed, etc). |
- Brian Web Developer/IT Manager |
|
|
|
Rank: Member
Joined: 3/3/2006(UTC) Posts: 1,737
|
You'd need a good long list of triggers and descriptions - ie: "Changed [[product name]] to [[product name]]".
Have you got a list handy? Was this list admin editable? |
Optimists invent airplanes, Pessimists buy parachutes. |
|
|
|
Rank: Member
Joined: 1/24/2008(UTC) Posts: 60
|
Nah. When I created the audit log for my previous company, I wrote an object to handle the code and hardcoded all of the values. So for each action my program took, it would call the AdutiLog Function, which looked something like this:
Function AuditLog(Action as String, Effected as String, Details as String, Date as String, User as String) 'Add Record to Log in database End Function
When someone modified an order, it would also call the function:
AuditLog("Modify Order", "Order Number: " & iOrderNumber, "Added Product " & sProductSku & " to Order", DateTime.Now.ToString, sUser)
I just hardcoded all of the Actions and such depending on what they were doing.
Its not really that hard of a project to write. . . its just really really long and tedious.
Our solution was for a very proprietary application and wasn't nearly as flexible as BV Commerce is on the configuration side of things, so we didn't care about allowing the admins to change the descriptions and such as you suggested, heh. |
- Brian Web Developer/IT Manager |
|
|
|
Forum Jump
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.