We just have a simple activity table. We grab the user uid from a session set when they log-in.
id
usrUID
dateTime
activityDetail
On every action (CRUD) we have an activity insert in to this table. So there will be the actual action of the CRUD and afterwards the insert in to the activity table, the activityDetail is just entered as a brief description, ie, deleted this, added that, etc. Works well for general activity, like such:
No real reason. Out of habit really, and some of the older legacy systems of this client use this data for other things Some further details are sent and recorded for other purposes. Really depends on what kind of activity and what caliber of user.
on each API Action insert into an audit table the post/get body of the API call - this will help you capture each step they take on the app.
the API call body will be JSON - to be able to use that data you should on a DB that supports JSON like MySQL 8+ or PostgreSQL.
given that it is an internal app, each page will have some dynamic data coming in via an API Actions - so this setup should work.
Also, you may want to create a library action to insert in audit logs table and use that library action elsewhere - to keep the insert action centralised in one place will allow for easier way to make changes.
Hi @nshkrsh, sorry but only just getting on to this and not quite understanding what the process would be.
So, for instance, I have a database update query which has form data $_POST fields sent from the form to the API and then various steps, conditions, insert and update queries within the API.
What you are saying is, at the end of this API put a final Database Update Query which will update a database table, for example
Table
tbl_user_audit
Fields
audit_id (auto increment)
audit_login_user (auto fill from Security Provider)
audit_activity (??)
audit_date (CURRENT_TIMESTAMP)
What is it that you would insert into 'audit_activity' ?
audit_activity can hold the $_POST json as it is - this will indicate the data that was passed to the API Action for execution and hence can help in tracing those steps in case it may be required.
Alternatively, you can also setup custom values in a Set Value step within the API to accumulate useful data to save for future ref in the audit_activity field. This one is difficult to config and maintain though!
And, you might want another field api_action to hold the name of the API action that inserted that audit log - this name can be retired directly from server side function (in PHP am sure, Node & ASP, not so sure, but i guess there should be one)
Current set-up : SPA Pages, Windows 10, MySQL, PHP
Wappler Version : 3.9.5
Operating System : Windows 10 Pro 64bit
Server Model: PHP
Database Type: MySQL/MariaDB
Hosting Type: custom
Server Software:
Apache: 2.4.46 Port 80
PHP Version: 7.3.21
MySQL Version: 8.0.21 - Port 3306 - DBMS
MariaDB Version: 10.4.13 - Port 3307
phpMyAdmin: 5.0.2
I use https://clicky.com for our apps and the real-time view I have open all the time to watch where people go. It also has lots of options for setting up monitoring for specific targets etc… and not too pricey!
Interesting but too complex for this particular requirement. We’re looking for something like @Dave’s first post above. I will certainly keep note of this for other projects.
Ah! To be able to save a json body via a query in an api action you’ll need to encode the json - we made a custom formatter to do this.
It cannot be done natively with Wappler.
In node there is a built in option (built into node, not wappler) that can be used in api actions.
But for php, must create a custom formatter to encode json.
