Enable Logging of user Activity on the App

[samkanga]

Describe the issue to be researched
From a discussion with PATH, they are seeking a non functional requirement where the user activity on the app would be logged and uploaded into a space where it can be reviewed based on need. This is meant to support any audit on a users action while interacting with the app. Some of the logs bing sought include:

1. Log all activities performed by the user
2. Log access to views of individual client records
3. Log access to data summaries, reports, analysis, and visualization features (e.g. in app reports or charts)

Request 1 summarises the request from 2 and 3.

Describe the goal of the research
The outcome is that a manager will be able to access a report that provides all the actions conducted by a user on the device.

Describe the methodology
Considerations to be made include:

1. How the logging can be achieved on the app
2. How the logged details can me submitted to a central place for reporting
3. What is the best option for visualising the logs

[dubdabasoduba]

Related discussion #2528

[Kigamba]

It seems that the most important user actions that needs to be logged are patient record views, record edits, record creations and record deletions.

Most of the actions which include editing a record, deleting a record or adding a new record are already covered by #2528 and https://github.com/onaio/opensrp-tasks/issues/107.

Does the manager need the chronological data per user? Some of the strategies in the other issues might not provide accurate date-time when the action was performed on the device but rather when the final record was synced to the server or when the last record update was done on the record eg. if the user updates a family multiple times before syncing them up, all the edits will be logged as a single edit

[qiarie]

🚧 Work in progress

Background

As introduced in issue Enable Logging of User Activity on the App for Auditing Purposes and the corresponding discussions (#2598 - this discussion, #2528, #2848), we need to be able to track which users created or modified resources for auditing purposes.

We also need to be able to identify which users accessed which records and views.

Activities on the app that need to be tracked include:

• Resources access, creation, updates or deletion
• Access to views, data summaries and in-app charts/reports

Logging access and modification of resources can be done using the FHIR AudiEvent resource.
Access to views and other

Considerations

• Implementations should be allowed to opt out of audit logging. Audit logging should be configurable. The level of detail to be logged should also be configurable
• Logging should be done in a performant way to prevent slowing down the app. Writes to the database for AuditEvent resources should be queued and written:
  • In intervals and in small batches
  • During intervals when the app is not in use
  • In case of a graceful app close, write anything on the log queue to DB
• Considering audit logging is a side effect of other events happening in the app, it should be generic enough to handle all types of events

Resource Modification Audit Logs Implementation

Application Configuration

To control whether audit logging should be done, application level flags need to be set.

• enableResourceModificationLogs configures whether to write AuditEvent logs for resource creation and modifications
• enableAccessLogs configures whether to log access to views and resources on the application

val enableResourceModificationLogs: Boolean = false,
val enableAccessLogs: List<String> = listOf()

AuditEvents Processing

• Create a new OnAuditLogEvent event in org.smartregister.fhircore.quest.event.AppEvent class. The class has a Bundle as it's only primary constructor parameter.

  data class OnAuditLogEvent(val bundle: Bundle) : AppEvent()
  

• When a questionnaire is submitted, extracted resources are added to a bundle. We can then use the bundle to generate AuditEvent resources for each of the resources.

  An OnAuditLogEvent event is queued in the EventBus with the resource bundle.

  eventBus.triggerEvent(
    AppEvent.OnAuditLogEvent(
      Bundle(
        ...
      ),
    ),
  )  
  

  This should be done in the background from org.smartregister.fhircore.quest.ui.questionnaire.QuestionnaireViewModel class, after the database update.

• Events of type OnAuditLogEvent can then be processed in the QuestApplication class.

  Inside the QuestApplication class, maintain a list of OnAuditLogEvent events as a caching mechanism. The items in the list should be written to DB when a certain count is attained.

  eventBus.events
    .getFor(...)
    .onEach { appEvent ->
      if (appEvent is AppEvent.OnAuditLogEvent) {
        // generate and save AuditEvent resources
      }
    }
    .launchIn(lifecycleScope)
  

• If there are remaining events on the queue that have not been saved, process them when terminating the app. This needs to be controlled

  This requires

[qiarie]

🚧 Work in progress

Content Access Audit Logs Implementation

There is a requirement to log what resources and views users access. These logs can be used to monitor application usage, compliance with regulations, analysis as well as user accountability.

Due to the heavy amount of access data that can be generated, it is proposed that this be logged through Sentry together with other logs and telemetry data.