diff --git a/docs/guides/audit_logs.md b/docs/guides/audit_logs.md new file mode 100644 index 0000000..4e043f5 --- /dev/null +++ b/docs/guides/audit_logs.md @@ -0,0 +1,59 @@ +# Audit Logs + +OpenCVE includes **Audit Logs**, a feature that allows organizations to keep track of important actions performed within their workspace. + +Audit Logs provide **full visibility into who did what and when**, making it easier to monitor configuration changes, investigate incidents, and maintain operational traceability. + +![Audit Logs](../images/guides/audit_logs/audit_logs.png){.center style="width:100%"} + +## Why Audit Logs matter + +In many organizations, vulnerability management involves multiple users interacting with projects, notifications, subscriptions, views, or API tokens. Without proper traceability, it can be difficult to understand: + +- who changed a configuration +- when a subscription was added or removed +- why a notification stopped working +- how permissions evolved + +Audit Logs solve this problem by recording key actions performed within your organization. + +This level of visibility is particularly important for teams that need to maintain **accountability, internal control, and strong security processes**. + +## What is tracked? + +Audit Logs record actions performed on several OpenCVE resources such as: + +- projects +- notifications +- subscriptions +- memberships +- API tokens +- views +- organization settings + +Each log entry includes: + +- the **user** who performed the action +- the **action type** (create, update, delete) +- the **resource** affected +- the **timestamp** + +When a resource is updated, OpenCVE also displays the **fields that were modified**, with a comparison showing the previous value and the new one: + +![Audit Logs](../images/guides/audit_logs/before_after.png){.center style="width:100%"} + +This makes it easy to understand exactly what changed. + +!!! info "Where can I find the audit logs?" + You can access the audit logs from your organization’s settings. + +## When to use Audit Logs + +Audit Logs are particularly useful when you need to: + +- investigate configuration changes +- review actions performed by team members +- understand why a workflow changed +- maintain internal security traceability + +For organizations operating with strong security requirements, maintaining a clear audit trail is an essential part of a mature vulnerability management process. diff --git a/docs/images/guides/audit_logs/audit_logs.png b/docs/images/guides/audit_logs/audit_logs.png new file mode 100644 index 0000000..7725539 Binary files /dev/null and b/docs/images/guides/audit_logs/audit_logs.png differ diff --git a/docs/images/guides/audit_logs/before_after.png b/docs/images/guides/audit_logs/before_after.png new file mode 100644 index 0000000..202b535 Binary files /dev/null and b/docs/images/guides/audit_logs/before_after.png differ diff --git a/mkdocs.yml b/mkdocs.yml index 121e0bf..3befbb2 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -37,6 +37,7 @@ nav: - Social Authentication: 'guides/social_auth.md' - Migrate OpenCVE v1 data: 'guides/migrate_opencve_v1.md' - Report Summaries: 'guides/report_summaries.md' + - Audit Logs: 'guides/audit_logs.md' - SMTP Configuration: 'guides/smtp_configuration.md' - API: - Introduction: 'api/index.md'