How to track and log Profile Admin activities after login?

Hello,

How to track and log "Profile Admin" activities after they log in?

There are some malicious Admins who engage themselves into suspicious activities to sabotage or harm the site and most of the time, they deny what they have done specially if the site has many admins or moderators. I once had such a bad experience with an admin in one of my projects.

So it will be great to track and log EVERY SINGLE ACTIVITY of a "Profile Admin" in JR: what they do, when and how. What they edit, delete, modify, upload etc, with date and timestamp.

This feature is already available in some Joomla extensions and it comes to handy if you have a troublesome admin or someone that you don't trust too much or someone who always deny what he/she does on the site.

Can JR handle the "Profile Admin" activities stream / tracking?

Thanks
updated by @pch: 09/14/16 07:09:39AM

Is the Jamroom Activity Log not sufficient for this?


--
Paul Asher - JR Developer and System Import Specialist

Well, it seems to me that Jamroom Activity Log will not log activities such as profile password change, profile deletion, quota change, forum post, video deletion by a Profile Admin on another user profile etc. It seems that Jamroom Activity tracker ony logs the profile activity of the owner of profile not the activity of a "Profile Admin" on someone else profile. I am not quite sure, please confirm.

Thanks
updated by @pch: 06/13/16 12:27:49PM

I think you are right. Admin activity on profiles is not logged by default.
This would need to be a custom module that listens for profile admin activity and logs it to its own datastore. Aparna would be a good starting point for this.


--
Paul Asher - JR Developer and System Import Specialist

Yes. The Admin activity is not logged. Also it will be great to have an option to exclude some Admin IDs from the Activity log. It will be good not to display the Master Admin. I would not like other Profile admins to even get to know the existence of some other Master Admin Features/tools or to track my activities as the Master Admin.

Or maybe the Master Admin activity log should be visible to Master Admins only while the remaining JR activity log (including the Profile Admin log) is visible to all admins.

Yep Aparna might be a good starting point. I am not a developer. So maybe you guyz from JR Team can help the JR Community. We will all appreciate it because it is a important feature.

Any plan to develop this module?

Thanks in advance.
updated by @pch: 06/13/16 12:55:56PM

Also there are two other issues with the Jamroom Activity Log in the Dashboard:

1) It logs IP address only, not the profile user name. it should add the user name as well.

2) JR is installed in a subfolder e.g: mysite.com/jamroom/

but the JR Activity log is even logging and showing the activity of the CMS installed in the main site (mysite.com). So, many "404 Page not found" in the JR log. I think that when installed in a subfolder, it was supposed to log the activity of JR in that subfolder only, right?

I have weird log rows like this:

Date: 11 Jun 2016 14:23:30 IP: xxx.xxx.xxx.xx Text: 404 Page not found: /Big_Concert_Band/index.php?option=com_content&Itemid=149&id=65&lang=fr&view=category

Please note that this log is a mixing of information of JR (/Big_Concert_Band/) with the
CMS installed on the main site (index.php?option=com_content&Itemid=149&id=65&lang=fr&view=category). It wasn't supposed to work that way, isn't it?

Also, I have installed a fresh JR5 site with no user accounts or profiles except the Master Admin but I don't know where this infomation in the JR Activity log is coming from (Big_Concert_Band, Techno_DJ, Punk_Band, Rock_Band, etc). It seems to me that they were left behind in the database when the JR Development moved from JR4 to JR5.

Please consider investigating this issue.

Thanks

1) It does log the user name - see their name in brackets. If you see n username, then the user is NOT logged in or it's a system worker process.

2) You've got a messed up .htaccess file in your ROOT folder that is sending stuff to Jamroom - you will need to modify the root folder .htaccess file to NOT route into Jamroom's directory.


--
Brian Johnson
Founder and Lead Developer - Jamroom
https://www.jamroom.net

Brain how can we open up our artist Guest book for info from there fans, or is it not recommended by Jamroom?

Please put new questions into their own thread.

Hi Brian,

Thanks for your reply.

1) Yes, you may be right.

2) Well, what should I put in the .htaccess file in the root folder? It is the standard Joomla .htaccess file.

Thanks

2) (guess) if the standard joomla .htaccess reads "take any url coming in and re-write it to index.php" then your going to need to exclude the /jamroom/ directory from that re-write rule.

Jamroom's .htaccess does a similar thing, it takes any url directed at it and sends it to router.php for processing.

May be that joomla doesnt like having a different CMS system living within its directory structure.

Hi Michael,

JR has its own router.php file and Joomla its own router.php file too. So, there are separate files in separate folders. I just can't understand why JR which is installed in a subfolder is picking up and including to the JR activities, information from Joomla which is installed in the root. I doesn't make sense. I am lost. JR in a subfolder was supposed to be isolated from whatever script installed in the root.

So what is the fix to this issue?

Thanks
updated by @pch: 06/14/16 01:43:22PM

The fix is to fix your Joomla .htaccess file - since Joomla is in the root directory, the .htaccess file in your root directory takes precedence over all the other .htaccess files.

I don't run Joomla here so cannot tell you what to change, but you should be able to google for "exclude directory using .htaccess rule".

Is it possible for you to run Jamroom in it's own root directory? Jamroom is not designed to run "inside" Joomla (which is what you are doing), so I can't tell you everything is going to work right.

You might consider trial hosting as well:

https://www.jamroom.net/hosting


--
Brian Johnson
Founder and Lead Developer - Jamroom
https://www.jamroom.net

Thanks. I will google for it and even post to Joomla forum. We will try to find our way to fix it.


Nice sales pitch Brian!

Thanks, we will think about it. We are satisfied with our hosting provider. When we will need to move to another one, we will let you know.

We've started using Joomla before JR. We have being using it for years now and we have thousands of users, articles, documents etc. Joomla suits our needs.

Joomla as a CMS does thousands of things that JR as CMS can't even do (at least till now, maybe in the future things will change). We are using JR to deliver audio and videos only not as CMS. That is why it is installed in a subfolder. As an Audio/Video Sharing Software, Jamroom is the BEST in the world. You guyz have done an outstanding work. Hats off!

Thanks