Hi
We have a request from our SecOps team questioning whether it is possible to audit who deployed nodes, this is in the event a malicious action is performed so we can trace who did it.
With Editor security enabled Securing Node-RED : Node-RED does the name of the user and the flows being deployed get logged anywhere?
Hi @GregHNZ
You can enable audit level logging via the settings file: Logging : Node-RED
That will log all API access by the editor, including the username.
It doesn't log the details of the flows being deployed, just that a deploy was done.
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.
Copyright OpenJS Foundation and Node-RED contributors. All rights reserved. The OpenJS Foundation has registered trademarks and uses trademarks. For a list of trademarks of the OpenJS Foundation, please see our Trademark Policy and Trademark List. Trademarks and logos not indicated on the list of OpenJS Foundation trademarks are trademarks™ or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.
The OpenJS Foundation | Terms of Use | Privacy Policy | OpenJS Foundation Bylaws | Trademark Policy | Trademark List | Cookie Policy