Can anyone delete audit files? Also, in the back end of the server, how do you track user ID log on and off?
Thanks for getting in touch! Octopus actively prevents deleting or modifying audit records via its API. The only way someone could delete audit logs is if they can delete records from the
Events table in the SQL Server. You could configure your SQL Server permissions to prevent anyone from doing so.
Octopus doesn’t audit log on or log off events per user, but every action is recorded along with what changes were made and who initiated the action.
I have updated our documentation based on our conversation.
Hope that helps!