Security Audit Logging

During the current crisis, my organization has been looking at Jitsi as a possible video conferencing solution. As part of our investigation, we are attempting to discover what the audit logging capabilities of the product are. Specifically:

  1. Is there a way to log successful connections (IP address and room name)?
  2. Is there a way to log what IP addresses create what rooms?
  3. Is there a way to log both failed and successful authentication attempts? (This may end up being handled outside Jitsi; but, I ask as we’re still investigating options).

Following the Ubuntu Quick Install instructions, the web front end appears to be using Jetty though the Manual Install instructions mention Nginx. Looking on our test server, I do not see an /etc/nginx folder. Does the quick install not use Nginx?

No actually installation uses Nginx.

You can check the logs to see what you can gather. See below:

/var/log/jitsi/jicofo.log
/var/log/syslog
/var/log/prosody/prosody.log

/var/log/nginx/access.log
/var/log/nginx/error.log

It appears that, when our admins installed it, they used the instructions at: https://github.com/jitsi/jitsi-meet/blob/master/doc/quick-install.md

The process they used (on an Ubuntu 18.04 LTS system) was:

echo 'deb https://download.jitsi.org stable/' >> /etc/apt/sources.list.d/jitsi-stable.list
wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | apt-key add - apt-get update
apt-get -y install jitsi-meet
/usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh

Reading the install guide, the installer should have installed Nginx; but, that does not appear to have happened in our case. I’ll address this with our admins and see if they did something to prevent the Nginx install. That would help a lot with our logging.

/var/log/jitsi/jicofo.log
/var/log/syslog
/var/log/prosody/prosody.log

I’ve looked at these logs on our test server and I don’t see anything which shows room creation or connected IP addresses. The Nginx logs might give us connected IP addresses and room names. Though that still leaves us looking for room creation logs.

Thank you for the info.