A build-to-order Odoo module that logs every login, session, IP, and record-level action into a searchable audit trail with suspicious-activity alerts and a per-user activity dashboard. ECOSIRE scopes, builds, installs, and supports it for your database. Built to order by ECOSIRE for Odoo 17, 18, 19 — indicative price from $199.00 USD; request a quote for a scoped proposal.

A build-to-order Odoo module that logs every login, session, IP, and record-level action into a searchable audit trail with suspicious-activity alerts and a per-user activity dashboard. ECOSIRE scopes, builds, installs, and supports it for your database.
Sem pagamento agora. Isto envia um pedido de orçamento à nossa equipe — responderemos por e-mail com preços e próximos passos.
Most ERP security incidents are invisible until it is too late. Odoo core keeps only a thin trail of who touched what: res.users has login_date, mail.thread chatter records some field changes on tracked models, and the server log can hold auth lines if you configure it — but there is no unified, in-database record of failed login attempts, the IP and device behind each session, or which user read (not just wrote) a sensitive res.partner, account.move, or hr.payslip. When an auditor asks "who accessed this customer's data on March 3rd, and from where?", the honest answer with a stock database is usually "we can't tell you." That gap fails SOC 2, ISO 27001, GDPR/HIPAA access-log requirements, and internal segregation-of-duties reviews.
Custom `ecosire.audit.log` model written on create/write/unlink (and optional read) for the specific models you nominate during scoping
Login, logout, and failed-attempt logging via overridden auth entry points (`_check_credentials`) — failures captured even when no session is created
Per-event capture of resolved client IP (request / `X-Forwarded-For`), user agent, session id, and precise UTC timestamp
Record-level action history with old-vs-new field values on tracked models, stored independently of `mail.thread` chatter
Optional read-access logging for sensitive models (`res.partner`, `account.move`, `hr.payslip`, etc.) — something Odoo core cannot record
Immutable audit entries enforced by `ir.model.access.csv` (no unlink/write for normal users) plus record rules scoping visibility to an Audit Manager group
We build a dedicated audit module that closes that gap. At its core is a custom model (ecosire.audit.log) written on every relevant event, plus a lightweight ecosire.login.attempt model. Authentication events are captured by overriding res.users._check_credentials / the auth entry points so both successful logins and failed attempts are recorded with timestamp, resolved IP (from the HTTP request/X-Forwarded-For), user agent, and session id — failed attempts are logged even when no user session is created, which core cannot do. Record-level activity is captured by extending the ORM (create, write, unlink, and optionally read) on the specific models you nominate during scoping, so we log high-value objects without drowning the database in noise. Every entry is immutable to end users and enforced through ir.model.access.csv plus record rules that restrict visibility to a dedicated Audit Manager group.
On top of the log we build the analytics and controls your compliance team actually uses: a per-user activity dashboard (OWL/JS views over read-only server data), filtered and grouped list/pivot views, and QWeb PDF reports for period access reviews you can hand to an auditor. Suspicious-activity detection runs as Odoo automated actions / scheduled ir.cron jobs — configurable rules such as N failed logins in M minutes, login from a new IP or outside business hours, or bulk export/read of a protected model — that raise an in-app activity, send an email, or flag the session. Everything is reachable over the standard XML-RPC/JSON-RPC API, so a SIEM or external monitoring stack can pull the audit stream on a schedule.
Because this is build-to-order, you are not downloading a generic binary and hoping it fits. After a short scoping call we confirm exactly which models are audited, your retention and alerting rules, and your Community vs Enterprise baseline (the module targets Odoo 17.0/18.0/19.0; Enterprise-only hooks are used only if you run Enterprise). We build against your version, test on a staging clone, run UAT with you, then install on production with a rollback plan. Typical delivery is 2-4 weeks from confirmed scope, and you receive the full source and git repository so nothing is locked behind us.
Owns SOC 2 / ISO 27001 / GDPR access-log evidence and needs a defensible, immutable record of who logged in, from where, and what protected data they touched — exportable for auditors.
Runs the Odoo instance and wants alerts on brute-force logins, new-IP or off-hours access, and concurrent sessions, without wading through raw server logs or hand-writing SQL.
Performs periodic access reviews and segregation-of-duties checks and needs pivotable activity data and per-user PDF reports scoped to a date range and model set.
Wants the Odoo audit stream pulled into an external SIEM over XML-RPC/JSON-RPC so ERP events sit alongside the rest of the monitoring stack.
Compre a licença em ecosire.com e baixe o ZIP do módulo User Activity & Login Audit Monitor no painel da sua conta.
Extraia o ZIP em sua pasta de complementos personalizados do Odoo no servidor (ou faça upload via Aplicativos > Instalar do arquivo em Odoo.sh/runbot).
Ative o modo de desenvolvedor, abra Aplicativos, clique em Atualizar lista de aplicativos, procure por User Activity & Login Audit Monitor e pressione Instalar.
Abra o novo menu, cole sua chave de licença ECOSIRE, conecte quaisquer credenciais externas (Shopify, Amazon, Stripe, etc.) e salve.
Execute o teste de conexão integrado, sincronize seus primeiros 10 registros e agende o cron recorrente. Entre em contato com o suporte se algo falhar.
| Critério | ECOSIRE | Construção personalizada | Concorrente | Odoo nativo |
|---|---|---|---|---|
| Failed-login logging | Captured with IP, device, and timestamp even when no session starts | Possible, but you build the auth override yourself | Often only successful logins tracked | |
| Record read-access logging | Optional per-model read capture on the sensitive models you choose | Feasible but needs careful ORM work to avoid slowdowns | Rarely offered; usually write-only | |
| IP & session tracking | Resolved IP, user agent, and session id correlated per login | Depends entirely on your implementation | Varies; often partial | |
| Tamper resistance | Immutable via access rules + record rules; Audit Manager group only | Only as strong as your own security design | Access controls vary by vendor | |
| Suspicious-activity alerts | Configurable rules via automated actions + `ir.cron` with email/in-app alerts | Buildable but time-consuming to design and tune | Sometimes fixed, non-configurable rules | |
| Compliance reporting | QWeb PDF access-review reports + pivot views per user/model/date | You design and build the reports | Basic list export at best | |
| Version & environment fit | Built and tested against your exact 17/18/19, Community or Enterprise | Fits, but you own all version maintenance | May lag Odoo releases or assume Enterprise | |
| Support & source ownership | Post-go-live support window + full git repo handover | You maintain everything | Vendor-locked binary; support varies |
Because this is build-to-order, we build it for your database rather than shipping a generic binary. Typical delivery is 2-4 weeks from confirmed scope. The clock starts once we've agreed which models are audited, your alert and retention rules, and your Odoo version — smaller scopes land sooner, broad read-logging across many models sits toward the upper end.
It works on Community. The core audit log, login/failed-attempt capture, record-action history, alerts, dashboard, and reports are all built with standard framework features (ORM overrides, `ir.model.access.csv`, record rules, `ir.cron`, QWeb, OWL). Enterprise-only hooks are used only if you run Enterprise. We target Odoo 17.0, 18.0, and 19.0.
Read logging is the heaviest event type, so we don't apply it blanket. During scoping we nominate only sensitive models (e.g. `res.partner`, `account.move`, `hr.payslip`) for read capture, keep write/login logging everywhere it's cheap, and add a scheduled purge/archive job plus indexes so the audit table stays fast. We load-test on staging before go-live.
No. Audit entries are immutable for normal users — `ir.model.access.csv` grants no write/unlink on the log model, and record rules restrict even read access to a dedicated Audit Manager group. Only the scheduled retention job removes aged records, and that behavior is documented and configurable.
Detection runs as Odoo automated actions and `ir.cron` jobs against configurable thresholds — for example N failed logins in M minutes, a login from a new IP or outside business hours, or bulk read/export of a protected model. When a rule fires it can raise an in-app activity, send a templated email, or flag the session. You tune the rules; we seed sensible defaults.
Yes. The audit stream is exposed over Odoo's standard XML-RPC/JSON-RPC API, so an external SIEM, Splunk-style collector, or custom job can pull events on a schedule and correlate ERP activity with the rest of your security stack. We document the endpoints and a sample pull during handover.
Every build includes a post-go-live support window for bug fixes and configuration tweaks, and you receive the full git repository so your team can maintain it. For future Odoo version upgrades (e.g. moving 18.0 to 19.0) or new audited models and rules, we scope that as a follow-on engagement.
A build-to-order Odoo module that logs every login, session, IP, and record-level action into a searchable audit trail with suspicious-activity alerts and a per-user activity dashboard. ECOSIRE scopes, builds, installs, and supports it for your database.