Background
With IP Masking enabled, only privileged users will be able to see IP addresses (see T325238: [Epic] IP Address Reveal for Privileged Users for more information).
Whenever this information is accessed, it should be logged. This is in order to provide a pathway for peer oversight and keep a check on misuse of IP address reveal.
What should we log
Log 1: Activation/deactivation of access
- Who activated/deactivated access to IP addresses
- When they received/revoked the access (timestamp)
Log 2: Log of actions taken
- Temp username that was revealed
- Performer for the reveal
- Timestamp of this action
PageSee T325658#8805061
Retention
Indefinite retention of these logs
Who can access the logs
- This log is visible to staff (t&s), stewards, checkusers and ombuds
Notes
- We don't want to include any filters on the log just yet. This may change if we hear a demonstrated need for them.
- Some of this may change when we rollout based on feedback we get
- The log is debounced for 24 hours, i.e. the same action is not logged more than once in 24 hours