we need a log that tells which user, when, click what.
esteban.ribicic,15:06:03 23-12-2024,reset database, access|denied
the “reset database” must be the ACL node that the user clicked, and if possible we need to set if the access was allowed or denied.
data must stay even in the case of a “reset database click” and from the Settings menu the user should be able to download (not remove) each one of these audit files. the retention policy must be 6 months and files should not exceed 3 mb before being rotated.
Settings / Security / Audit Trails