Skip to content

DSpace should have an Audit Trail of object changes #8824

New issue
New issue
Open
Feature
#11072
DSpace/dspace-angular
#4576
Open
DSpace should have an Audit Trail of object changes#8824
Feature
#11072
DSpace/dspace-angular
#4576
Assignees
steph-ieffam
Labels
code taskCode cleanup taskhelp wantedNeeds a volunteer to claim to move forwardneeds discussionTicket or PR needs discussion before it can be moved forward.new feature
@tdonohue

Description

@tdonohue
tdonohue
opened on May 4, 2023

Is your feature request related to a problem? Please describe.
DSpace should have an out-of-the-box way to track common changes to various objects: who made the change, when was the change made, and what was the change.

For example, a way to track these sort of conceptual changes

  • Item [UUID] was created by [user] on [date/time]
  • Item [UUID] was moved by [user] on [date/time] to Collection [UUID]
  • Item [UUID] was updated by [user] on [date/time] (possibly with information about updates, e.g. metadata fields added/removed/updated)
  • Item [UUID] was withdrawn/reinstated/deleted by [user] on [date/time]
  • Collection [UUID] was created/updated/deleted...
  • Community [UUID] was created/updated/deleted...
  • Bitstream [UUID] was created/updated/deleted...

Describe the solution you'd like
Ideally, DSpace should track these changes automatically (and likely internally) in a location where the audit trail can be easily reviewed/searched (especially for individual objects). This might mean the audit trail needs to be in the database and linked to the object it relates to. (It might be stored as private/internal metadata, or could be a separate database table altogether.)

Only users with Admin rights on the object should be able to see the audit trail of that object. The audit trail should be accessible from the object page at a minimal (so that you can see all changes to that object). But, a global audit search/browse option may need to also be implemented to find information about object deletion (as the object no longer exists in that scenario).

Performance must also be a consideration, as the audit trail could grow large for large systems. This may imply that the audit trail needs tools to configure what information is tracked (based on needs of institution) or cleanup/delete older entries (e.g. auto-remove all audit entries older than 1-2 years).

Describe alternatives or workarounds you've considered
Currently, the only workaround for DSpace 7 or below is to use the existing dspace.log and dc.description.provenance metadata fields as a very basic "audit trail".

  • dc.description.provenance only exists for Items. It only tracks some very basic actions on the Item (e.g. audit of creation information, withdraw/reinstate information, workflow approval information)
  • dspace.log provides INFO logs for many audit trail like tasks (object updates/creation/deletion). But, not all tasks of interest may be logged. Searching older logs can also be complex as you must understand the log format and also possibly manage/index older logs in some manner.

Additional context
This topic has come up on mailing lists before (one example). But, also, more recently came up in the discussion of improving logging in #8777

Metadata

Metadata

Assignees

Labels

code taskCode cleanup taskhelp wantedNeeds a volunteer to claim to move forwardneeds discussionTicket or PR needs discussion before it can be moved forward.new feature

Type

Feature

Projects

DSpace 10.0 Release

Status

🏗 In Progress

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions