Audit log of who deployed flows

Hi
We have a request from our SecOps team questioning whether it is possible to audit who deployed nodes, this is in the event a malicious action is performed so we can trace who did it.

With Editor security enabled Securing Node-RED : Node-RED does the name of the user and the flows being deployed get logged anywhere?

Hi @GregHNZ

You can enable audit level logging via the settings file: Logging : Node-RED

That will log all API access by the editor, including the username.

It doesn't log the details of the flows being deployed, just that a deploy was done.

1 Like