The security team at my company operates a system that monitors data exfiltration. Since this monitoring relies on PC operation logs, data can be exfiltrated undetected if it is transferred without any PC activity. I would like to consult with experts to understand whether it is possible to utilize the features provided by Dify to perform actions such as email forwarding or uploading to storage.
Technically, Dify can perform actions such as forwarding emails or uploading files to storage. We can operate SaaS APIs by using existing plugins (Gmail, Outlook, Google Drive, Dropbox, etc.), HTTP request nodes, or even custom plugins.
However, these operations require authentication (OAuth or API keys), which usually needs to be configured on the SaaS side with appropriate privileges. Therefore, I think whether a user can misuse a SaaS service without administrator approval depends on the authentication method and the permissions assigned to that user.
1 Like
Thank you for your response.
Does Dify retain usage logs for plugins, API keys, or OAuth authentication logs?
If I need to review these logs, would I need to refer to the infrastructure-level logs rather than Dify’s logs?
In my understanding, for the community edition, you can check the following logs in Dify’s GUI:
- Application logs. You can also see which tools were executed, but if the application is deleted, its logs are deleted as well.
From the container logs, you can check the following information:
- The IDs of executed applications and tools. Usually, details of what was actually performed are not included.
Depending on how the plugin is implemented, authentication information is often not available in any logs.
Technically, you can check the credentials and other settings by looking inside the database, but it’s not exactly a casual or convenient solution.
With the enterprise edition of Dify, additional audit logs can be obtained, but in my understanding, these are related to operations performed in the browser and do not allow you to track detailed activity for each plugin.