Difference between revisions of "NATS3 Log Admin Activity"
From TMM Wiki
Jump to navigationJump to searchm |
(No difference)
|
Revision as of 16:23, 21 November 2008
Applies to NATS v3.1.41.3 or greater.
NATS can log every request made by any administrator logged into NATS, but this feature is disabled by default. To enable administrator activity logging, add the following line to your config.php file (located in the includes folder of your NATS install).
$config['ADMIN_ACTION_POSTBACK'] = 'http://mydomain.com/myadminpostback.url';
Replace the URL in the example with a script you created to accept the postback and log it. You can write the log to either a simple text file or a database using one of the sample scripts below.
Text Log Example Script
<?php //check to make sure the request is actually coming from NATS if ($_SERVER['REMOTE_ADDR'] != "192.168.0.0") exit; //this should be the IP for your NATS install //please make sure that log file and directory are read/write accessible to Apache $logpath = "admin_activity.log"; //This is where your log file exists on your server $logfile = fopen($logpath, 'a') or die; //write the entry to the log file foreach ($_REQUEST as $name=> $string) fwrite($logfile, htmlentities($name)." => ".htmlentities($string)."\n"); fclose($logfile); ?>
Database Log Example Script
<?php //check to make sure the request is actually coming from NATS if ($_SERVER['REMOTE_ADDR'] != "192.168.0.0") exit; //this should be the IP for your NATS install //connect to the DB $myDB = mysql_connect("mydb_hostname", "mydb_username", "mydb_password"); //checks for valid connection and valid name of the db as specified in DBname if ($myDB && mysql_select_db('DBname', $myDB)) { //pull only the info we want from the URL $qs = $_REQUEST['query_string']; $loginid = $_REQUEST['performed_action_loginid']; $ip = $_REQUEST['performed_action_ip']; $scr = $_REQUEST['performed_action_script']; $time = $_REQUEST['performed_action_time']; //strips any unwanted slashes from the postback if(get_magic_quotes_gpc()) { $qs = stripslashes($qs); $loginid = stripslashes($loginid); $ip = stripslashes($ip); $scr = stripslashes($scr); $time = stripslashes($time); } $query = sprintf("INSERT INTO admin_logs (query_string, loginid, ip, script, time) VALUES ('%s','%s','%s','%s','%s')",mysql_real_escape_string($qs),mysql_real_escape_string($loginid),mysql_real_escape_string($ip),mysql_real_escape_string($scr),mysql_real_escape_string($time)); //execute query $res = mysql_query($query, $myDB); mysql_close($myDB); } ?>