Module Unalterable Archives - Logs

From Dolibarr ERP CRM Wiki
Jump to navigation Jump to search


Archives / Logs Unalterable
Numéro/ID du module 30
Doc utilisateur du module This page
Doc développeur du module

Introduction

The "Unalterable Archives - Logs" module activates the logging of certain business events in an unalterable log/archive. Events are archived in real time. The archive is a table of chained events that can only be read and exported. This module allows to be compatible with the requirements of the laws of certain countries (such as the Finance law 2016 or standard 525 in France).

Installation

This module is included with the Dolibarr distribution, so there is no need to install it.

Setup

To use this module, you must first enable it using an administrator account, via the menu option "Home - Setup - Modules".

Choose the tab where the module is listed. Then click on "Activate".

The module is now activated.

If a cog icon appears Cog circle.svg on module thumb or at end of the line of the module, click on it to access the setup page specific to the module.

Usage

Once the module is activated, there is nothing special to do to use it. The application is used as if the module was not activated. The difference is that some management actions will be traced in a log (a table) called unalterable archives. The events that are traced are the following:

  • Registration of a payment (this case is the one that is mandatory in France by the Finance 2016 law)
  • Deactivation / Reactivation of the Unalterable Log module.

By unalterable, it must be understood that the maximum has been achieved to reduce the risk of modifying a record. This includes the following points:

  • There is no functionality in the application to delete or modify a line.
  • Each record of this log is protected by a checksum that depends on the data of the record, making the checksum invalid in case of an attempt to modify the record (following a database hack for example).
  • Each checksum is chained with the checksum of the previous record, so that it is not possible to hack a checksum chain of a record without invalidating the previous record in turn.
  • A program signature can be defined to validate a state of the program code and a verification tool can be used to identify if a file has been modified (e.g. as a result of a server hack) making it detectable if computer code has been modified in an attempt to bypass the unalterable log mechanism.

Reading archived logs

To browse the list of archived event, a tool is available into menu Tools - Unalterable Archives/Log - Tab "Unalterable Logs".

You need the permission "Read archived events and fingerprints" to be able to access this area.

You can filter on a date and export the list of events into a CSV file.