top
(README.md)
# gitlab-auditor

Auditing users' push/fetch events on GitLab.

## Screenshot

![image](screenshot.jpg?raw=true)

## Installation

**Option 1**: Download the [released tar
ball](https://github.com/kfei/gitlab-auditor/releases) from GitHub then run:

```bash
mkdir -p gitlab-auditor
tar xjvf gitlab-auditor-x64.tar.bz -C gitlab-auditor
cd gitlab-auditor
./gitlab-auditor
```

**Option 2**: Clone this repository and build it by yourself:

```bash
git clone https://github.com/kfei/gitlab-auditor
cd gitlab-auditor
go build
./gitlab-auditor
```

Note that **gitlab-auditor** will search
`/var/log/gitlab/gitlab-shell/gitlab-shell.log` by default. To use a different
log file, run `./gitlab-auditor -f <file>` instead.

## Apply patches to GitLab services

To have *gitlab-shell* logging more users' information, we have to patch
GitLab, both the Rails application and the SSH shell parts.

**Step 1**: [Patch](docs/gitlab-rails.diff?raw=true) GitLab, so that the
internal *discover* API exposes users' ID. Then restart GitLab rails
application.

**Step 2**: [Patch](docs/gitlab-shell.diff?raw=true) *gitlab-shell* so that it
can log users' name, ID and IP.

## Usage

Visit `http://<your-server-ip>:3000` through a web browser, and click the
`config` button to paste your GitLab's API token on. Now the web application is
ready to use.

## Todo

Instead of always inefficiently parsing a log file, send them to a persistent
database with index enabled. In the mean time, you might want to set the log
file's rotate frequency to as long as you can by
`logging['logrotate_frequency'] = "yearly"` or even longer.

## Furthermore

In case your nonsense boss ask you to disable all methods to download code from
the GitLab web, have a look at [another document](docs/DIRTYPATCH.md).

Imports 4 package(s) ΒΆ

  1. github.com/docker/docker/pkg/mflag
  2. github.com/martini-contrib/cors
  3. github.com/go-martini/martini
  4. github.com/martini-contrib/render