An interesting task has arisen. In the Hybris admin panel, there is no way to record all administrator actions so that later, if something happens, we can understand who messed up. Some objects keep their change history and there is a reference to the data changer, but various operations leave at best entries in the log, but never with a reference to a specific administrator.
Analyzing server logs is also futile because admin panels are now built on Single Page Application.
I’ve come up with an idea of how to implement such logging for any system, not just Hybris. I am trying to find such a ready-made tool, but have not succeeded yet. It’s relatively easy to make. If you understand Chrome extensions, we could try to make a PoC together.
The idea is as follows:
1. The administrator logs into the site’s admin panel (not necessarily Hybris).
2. A Chrome extension understands that the opened site is from the list for operation logging and switches to work mode.
3. At certain events, like “data input in a form,” “clicking on an element,” the system performs the operation logging and sends the results to the server. Namely:
a) takes a screenshot of the screen and highlights the area where the element is located (or the entire screen if it’s easier, for starters).
b) adds additional metadata to the screenshot, if able to extract it (for example, for a textarea – the text entered)
c) adds the operator ID.
d) puts the screenshot with metadata in a queue for sending.
e) gradually processes the queue by sending the screenshots to the server
On the server, the screenshots fall into a FIFO stack, accessible for analysis by a super admin if a problem arises.
I see the following disadvantages:
1. Unclear how to implement drag-n-drop, for example. Also unclear how to determine if a user has filled out a form (just entered something and left the textarea—should a screenshot be sent in this case? idk)
2. Not always easy to enrich screenshots with metadata. For example, an onClick handler might be on an empty div while another div may contain the active element with data.
3. A lot of attention to system security
4. Possible system slowdown due to constant screenshot uploads. If actively clicking in the admin panel, outgoing traffic could be about 1Mb/sec. Potentially could cause slowdowns. But still, this is not a very big problem.
If there are experts in Chrome Extensions – welcome. Maybe, we can sketch a PoC together?
P.S. In the comments, they ask why not analyze the requests. Here’s why:
Hi, I'm Rauf Aliev. 