Extend security audit logging
Created by: filiphaftek
Feature request description
We need to extend security logging:
-
- 1. Extend security_eventsto support API token operations -
- 2. Extend security_eventsto support OIDC logins -
- 3. Extend security_eventsto support Github Auth logins -
- 4. Extends security_eventsto login impersonate user actions - sudo access token -
- 5. Allow enable audit_logs via env variable (to avoid changing by admin in site-config.json) - now it's only in [dot-com mode] (PR)(https://sourcegraph.com/github.com/sourcegraph/sourcegraph@409dfa0859f481c7038160de0a8e7bee95464c2b/-/blob/internal/database/security_event_logs.go?L105) -
- 6. Allow send audit logs to dedicated logger (not only to DB) - log framework
Is your feature request related to a problem? If so, please describe.
Required for Managed Instances - OIDC logging Short-lived tokens aka impersonate user - issue