Add support for encrypted logs

Created on 23 May 2024, 7 months ago
Updated 27 May 2024, 7 months ago

Problem/Motivation

Some sensitive data may be stored in ELT logs. For example, ELT can log the modifications of an configuration entity containing credentials.
Public key encryption can be used to secure access to this sensitive data without removing it from the logs : Data is encrypted with a public key before being written to the logs. Only the owner of the private key can decrypt the data.
The aim is to add support for encrypted logs to ELT.

Steps to reproduce

No steps to reproduce.

Proposed resolution

Add event_log_track_encrypt sub-module :
- Support to encrypt the 'description' part of an event recorded in ELT logs.
- Provide a set of drush commands to decrypt encrypted ELT logs.
- For a full description/help, see modules/event_log_track_encrypt/README.md

Remaining tasks

No remaining tasks.

User interface changes

The administration interface of event_track_log module (admin/config/system/events-log-track) is modified by the event_log_track_encrypt module to add encryption logs configuration.

API changes

No API changes.

Data model changes

No data model changes.

Feature request
Status

Closed: duplicate

Version

4.0

Component

Code

Created by

🇫🇷France aurm

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Merge Requests

Comments & Activities

  • Issue created by @aurm
  • 🇫🇷France aurm

    aurm changed the visibility of the branch 3449334-add-support-for to hidden.

  • Merge request !66Issue #3449334 : Add support for encrypted logs → (Open) created by aurm
  • Pipeline finished with Success
    7 months ago
    Total: 148s
    #180162
  • Pipeline finished with Success
    7 months ago
    Total: 203s
    #180421
  • Pipeline finished with Success
    7 months ago
    Total: 140s
    #180460
  • Pipeline finished with Success
    7 months ago
    Total: 141s
    #180473
  • Pipeline finished with Success
    7 months ago
    Total: 170s
    #180962
  • Status changed to Closed: duplicate 7 months ago
  • 🇫🇷France aurm

    Hi everyone,

    After some thought, I think it's better to make a separate module rather than a sub-module of Events Log Track to support encryption.
    Encryption feature brings new dependencies to the Encrypt and Key modules which are not useful for the majority of ELT users.
    So I initialized the Event Log Track Encrypt module instead of this Merge Request.
    All comments and suggestions are welcome.

    Best regards.

    Aurélien.

Production build 0.71.5 2024