Looking to purchase and roll this out at a University. This seems to tick all the boxes but I’m missing auditing and logging. I’d like to see sign in logs, actions, e.g. who ran what when, ideally configuration changes, etc.
I can’t see them, am I missing something, or are they just not present yet?
Could likely get a bit of this from the webserver logs, but application level logs would give the most context.
As mentioned, you likely can try to gather the info from the app logs. That said, it will be pretty low level and how to parse out exactly who is doing what.
You can also consider using git to control the system configuration and that will provide a good indicator of who changed what on that level but there are settings that aren’t stored in git.