From 20b079508af1e5e4074b4cc1d96fd1d03ee7ce37 Mon Sep 17 00:00:00 2001 From: Benjamin Bach Date: Fri, 3 Feb 2023 18:59:32 +0100 Subject: [PATCH 1/6] Adds a seealso and includes existing rtd4b --- docs/user/security-log.rst | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/docs/user/security-log.rst b/docs/user/security-log.rst index 02d2f873d27..d825222c702 100644 --- a/docs/user/security-log.rst +++ b/docs/user/security-log.rst @@ -10,6 +10,11 @@ so that you can confirm this access was from the intended person. Security logs are only visible to organization owners. You can invite other team members as owners. +.. seealso:: + + :doc:`/legal/security-policy` + General information and reference about how security is handled on Read the Docs. + User security log ----------------- @@ -31,9 +36,7 @@ This log is useful to validate that no unauthorized logins have occured on your Organization security log ------------------------- -.. note:: - - This feature exists only on :doc:`/commercial/index`. +.. include:: /shared/admonition-rtd-business.rst The length of log storage varies with your plan, check our `pricing page `__ for more details. From 39ee6e074bd904e15e7278b630f8d659e75be0b4 Mon Sep 17 00:00:00 2001 From: Benjamin Bach Date: Fri, 3 Feb 2023 19:02:16 +0100 Subject: [PATCH 2/6] Relabel the current article as a how-to --- docs/user/guides/administrators.rst | 1 + docs/user/index.rst | 1 - docs/user/security-log.rst | 4 ++-- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/user/guides/administrators.rst b/docs/user/guides/administrators.rst index e0535dedd6d..cf763874883 100644 --- a/docs/user/guides/administrators.rst +++ b/docs/user/guides/administrators.rst @@ -30,3 +30,4 @@ have a look at our :doc:`/tutorial/index`. setup-single-sign-on-google-email manage-read-the-docs-teams redirects + /security-log diff --git a/docs/user/index.rst b/docs/user/index.rst index 7e79942b038..5a244f4fcee 100644 --- a/docs/user/index.rst +++ b/docs/user/index.rst @@ -157,7 +157,6 @@ and some of the core features of Read the Docs. /integrations /versions /hosting - /security-log /builds /build-customization diff --git a/docs/user/security-log.rst b/docs/user/security-log.rst index d825222c702..44bba9eef96 100644 --- a/docs/user/security-log.rst +++ b/docs/user/security-log.rst @@ -1,5 +1,5 @@ -Security log and auditing -========================= +How to use the security logs +============================ Security logs allow you to audit what has happened recently in your organization or account. This feature is quite important for many security compliance programs, From 8ca8bfc6b4b5d402cd01814894144a3d0ae28695 Mon Sep 17 00:00:00 2001 From: Benjamin Bach Date: Fri, 3 Feb 2023 20:24:31 +0100 Subject: [PATCH 3/6] Refactor as feature reference --- docs/user/guides/administrators.rst | 1 - docs/user/reference/features.rst | 1 + docs/user/security-log.rst | 31 ++++++++++------------------- 3 files changed, 12 insertions(+), 21 deletions(-) diff --git a/docs/user/guides/administrators.rst b/docs/user/guides/administrators.rst index cf763874883..e0535dedd6d 100644 --- a/docs/user/guides/administrators.rst +++ b/docs/user/guides/administrators.rst @@ -30,4 +30,3 @@ have a look at our :doc:`/tutorial/index`. setup-single-sign-on-google-email manage-read-the-docs-teams redirects - /security-log diff --git a/docs/user/reference/features.rst b/docs/user/reference/features.rst index 917e10182d2..23b555f46c0 100644 --- a/docs/user/reference/features.rst +++ b/docs/user/reference/features.rst @@ -18,3 +18,4 @@ Features /server-side-search/index /user-defined-redirects /badges + /security-log diff --git a/docs/user/security-log.rst b/docs/user/security-log.rst index 44bba9eef96..e6f38cca497 100644 --- a/docs/user/security-log.rst +++ b/docs/user/security-log.rst @@ -1,5 +1,5 @@ -How to use the security logs -============================ +Security logs +============= Security logs allow you to audit what has happened recently in your organization or account. This feature is quite important for many security compliance programs, @@ -18,20 +18,17 @@ You can invite other team members as owners. User security log ----------------- -We store user security logs for the last 90 days, and track the following events: +We store a user security log for the latest 90 days of activity. +This log is useful to validate that no unauthorized logins have occurred on your user account. + +The security log tracks the following events: - Authentication on the dashboard - Authentication on documentation pages (:doc:`/commercial/index` only) Authentication failures and successes are both tracked. -To access your logs: - -- Click on :guilabel:`` -- Click on :guilabel:`Settings` -- Click on :guilabel:`Security Log` - -This log is useful to validate that no unauthorized logins have occured on your user account. +Logs are available in :menuselection:` --> Settings --> Security Log`. Organization security log ------------------------- @@ -40,22 +37,16 @@ Organization security log The length of log storage varies with your plan, check our `pricing page `__ for more details. -We track the following events: +Your organization security log is a great place to check periodically to ensure there hasn't been unauthorized access to your organization. + +Organization logs track the following events: - Authentication on documentation pages from your organization - User access to every documentation page from your organization (**Enterprise plans only**) Authentication failures and successes are both tracked. -To access your organization logs: - -- Click on :guilabel:`` -- Click on :guilabel:`Organizations` -- Click on :guilabel:`` -- Click on :guilabel:`Settings` -- Click on :guilabel:`Security Log` - -Your organization security log is a great place to check periodically to ensure there hasn't been unauthorized access to your organization. +Logs are available in :menuselection:` --> Organizations --> --> Settings --> Security Log`. If you have any additional information that you wished the security log was capturing, you can always reach out to :doc:`/support`. From 686b603dd3631cfae21c1b9321021a28fc6c4576 Mon Sep 17 00:00:00 2001 From: Benjamin Balder Bach Date: Tue, 7 Feb 2023 15:22:29 +0100 Subject: [PATCH 4/6] Apply suggestions from @ericholscher's code review Co-authored-by: Eric Holscher <25510+ericholscher@users.noreply.github.com> --- docs/user/security-log.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/user/security-log.rst b/docs/user/security-log.rst index e6f38cca497..891592638e3 100644 --- a/docs/user/security-log.rst +++ b/docs/user/security-log.rst @@ -19,7 +19,7 @@ User security log ----------------- We store a user security log for the latest 90 days of activity. -This log is useful to validate that no unauthorized logins have occurred on your user account. +This log is useful to validate that no unauthorized events have occurred. The security log tracks the following events: @@ -36,7 +36,7 @@ Organization security log .. include:: /shared/admonition-rtd-business.rst The length of log storage varies with your plan, -check our `pricing page `__ for more details. +check our `pricing page `__ for more details. Your organization security log is a great place to check periodically to ensure there hasn't been unauthorized access to your organization. Organization logs track the following events: From 94f2bca3c31c5917e9642cdb3d12fa222c24442c Mon Sep 17 00:00:00 2001 From: Benjamin Bach Date: Tue, 7 Feb 2023 15:44:39 +0100 Subject: [PATCH 5/6] Adds @stsewd suggestions - dot some item lists --- docs/user/security-log.rst | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/docs/user/security-log.rst b/docs/user/security-log.rst index 891592638e3..eb9c4f04839 100644 --- a/docs/user/security-log.rst +++ b/docs/user/security-log.rst @@ -23,8 +23,9 @@ This log is useful to validate that no unauthorized events have occurred. The security log tracks the following events: -- Authentication on the dashboard -- Authentication on documentation pages (:doc:`/commercial/index` only) +- Authentication on the dashboard. +- Authentication on documentation pages (:doc:`/commercial/index` only). +- When invitations to manage a project are sent, accepted, revoked or declined. Authentication failures and successes are both tracked. @@ -41,8 +42,10 @@ Your organization security log is a great place to check periodically to ensure Organization logs track the following events: -- Authentication on documentation pages from your organization -- User access to every documentation page from your organization (**Enterprise plans only**) +- Authentication on documentation pages from your organization. +- User accesses a documentation page from your organization (**Enterprise plans only**). +- User accesses downloads documentation pages (**Enterprise plans only**). +- Invitations to organization teams are sent, revoked or accepted. Authentication failures and successes are both tracked. From 4768a6a8e7028ef7b48ddafc38548e897752fb58 Mon Sep 17 00:00:00 2001 From: Benjamin Bach Date: Tue, 7 Feb 2023 15:55:18 +0100 Subject: [PATCH 6/6] Rephrase security log of downloading documentation --- docs/user/security-log.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/user/security-log.rst b/docs/user/security-log.rst index eb9c4f04839..f3834ccf212 100644 --- a/docs/user/security-log.rst +++ b/docs/user/security-log.rst @@ -44,7 +44,7 @@ Organization logs track the following events: - Authentication on documentation pages from your organization. - User accesses a documentation page from your organization (**Enterprise plans only**). -- User accesses downloads documentation pages (**Enterprise plans only**). +- User accesses a documentation's downloadable formats (**Enterprise plans only**). - Invitations to organization teams are sent, revoked or accepted. Authentication failures and successes are both tracked.