Project

General

Profile

Decision #212

What level of logging information should be available to whom

Added by Bruce Wilson over 12 years ago. Updated almost 12 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
d1_common_java
Target version:
Start date:
Due date:
% Done:

100%

Milestone:
None
Sprint:

Description

Previous discussions have indicated that the owner of an object should be able to at least see the logs for access to that object. This is generally reasonable, but there are privacy issues that need to be addressed. What level of logging? Should the owner always be able to see, for example, the username/IP address of all read operations for that object, or simply the number of times it was accessed?

Given that the 0.3 implementation has no authentication, we cannot have authenticated log access, so owners in that sense can't have access to the log information for only their objects. And there are definitely privacy implications to having log file information publicly readable

History

#1 Updated by Matthew Jones over 12 years ago

I added an initial draft of a logging schema description to the system architecture documents. See:

https://repository.dataone.org/documents/Projects/VDC/docs/service-api/api-documentation/source/LoggingSchema.txt

I also added example instance documents to the schemas directory. See:

https://repository.dataone.org/software/cicore/trunk/schemas/log_instance_example.xml

Also available in: Atom PDF

Add picture from clipboard (Maximum size: 14.8 MB)