Module Unalterable Archives - Logs
Archives / Logs Unalterable | |
---|---|
Numéro/ID du module | 30 |
Doc utilisateur du module | This page |
Doc développeur du module |
Introduction
The "Unalterable Archives - Logs" module activates the logging of certain business events in an unalterable log/archive. Events are archived in real time. The archive is a table of chained events that can only be read and exported. This module allows to be compatible with the requirements of the laws of certain countries (such as the Finance law 2016 or standard 525 in France).
Installation
This module is included with the Dolibarr distribution, so there is no need to install it.
Setup
To use this module, you must first enable it using an administrator account, via the menu option "Home - Setup - Modules".
Choose the tab where the module is listed. Then click on "Activate".
The module is now activated.
If a cog icon appears on module thumb or at end of the line of the module, click on it to access the setup page specific to the module.
Usage
Once the module is activated, there is nothing special to do to use it. The application is used as if the module was not activated. The difference is that some management actions will be traced in a log (a table) called unalterable archives. The events that are traced are the following:
- Registration of a payment (this case is the one that is mandatory in France by the Finance 2016 law)
- Deactivation / Reactivation of the Unalterable Log module.
By unalterable, it must be understood that the maximum has been achieved to reduce the risk of modifying a record. This includes the following points:
- There is no functionality in the application to delete or modify a line.
- Each record of this log is protected by a checksum that depends on the data of the record, making the checksum invalid in case of an attempt to modify the record (following a database hack for example).
- Each checksum is chained with the checksum of the previous record, so that it is not possible to hack a checksum chain of a record without invalidating the previous record in turn.
- A program signature can be defined to validate a state of the program code and a verification tool can be used to identify if a file has been modified (e.g. as a result of a server hack) making it detectable if computer code has been modified in an attempt to bypass the unalterable log mechanism.
Reading archived logs
To browse the list of archived event, a tool is available into menu Tools - Unalterable Archives/Log - Tab "Unalterable Logs".
You need the permission "Read archived events and fingerprints" to be able to access this area.
You can filter on a date and export the list of events into a CSV file.