MIT Network Audit docs
Getting started

First look

You have installed Network Audit because you want to answer one blunt question: is my data leaving to MIT? This page is the five-minute tour that shows you where that answer lives and what each part of the menu is for. It does not go deep yet — it just gets you oriented, so the screen in front of you stops feeling like a black box and starts feeling like a report you can read.

4 min read

You have installed Network Audit because you want to answer one blunt question: is my data leaving to MIT? This page is the five-minute tour that shows you where that answer lives and what each part of the menu is for. It does not go deep yet — it just gets you oriented, so the screen in front of you stops feeling like a black box and starts feeling like a report you can read.

The good news is that you do not have to configure anything to get a first answer. The moment the module is installed and capturing, it starts attributing every network call your Odoo makes to the module that made it, and it shows you the result on a single dashboard.

Open the Trust Report

From the top menu, click Network Audit. The first thing you land on is the Trust Report — an interactive dashboard that summarises everything the auditor has observed and gives you a single, plain verdict at the top.

The full Trust Report dashboard showing an all-clear verdict The Trust Report with an all-clear verdict — the at-a-glance answer to "is my data leaving to MIT?"

At a glance the report gives you a hero verdict card (one of three states: all-clear, attention, or alarm), a row of trust chips that confirm the audit's own guarantees (Append-only log, Hash-chained, Bodies OFF, and a Self-egress count), three summary cards counting Total events, MIT-bound events and Third-party events, a Traffic distribution donut and a Volume — bytes transferred chart, and two destination panels that list exactly where traffic went — MIT-bound destinations on one side, third-party destinations on the other.

The header also carries the four actions you will use most: Refresh, Verify chain, Export signed proof, and a shortcut to the Audit Log.

This is the page to read first, every time

If you only ever look at one screen, make it this one. The verdict, the chips and the destination panels together answer the core question without you having to dig into individual records.

What's in the Network Audit menu

Under the top Network Audit menu you will find five entries. Here is what each one is for, in plain terms.

The Network Audit top menu: Trust Report, Traffic Summary, Audit Log, Export Signed Audit, Configuration The Network Audit menu — every screen in the module is one click from here.

Trust Report

The dashboard you just opened. It is the human-readable summary: the verdict, the counts, the traffic split, and the two destination tables. Start here, then click through to a destination or to the Audit Log when you want the detail behind a number.

Traffic Summary

A pre-aggregated view of your traffic as native Odoo list, pivot and graph views. Where the Trust Report gives you the curated verdict, the Traffic Summary lets you slice and group the same activity yourself — by module, destination, direction or time — using the Odoo filters and grouping you already know.

The Traffic Summary as a bar graph of event count per destination host The Traffic Summary (graph view) — the same activity as the dashboard, sliced your way.

Audit Log

The raw, append-only journal — every captured event as a native Odoo list, and each row drillable into a Forensic Record form. This is the underlying evidence: what was contacted, where, by which module (the attribution), the request and response sizes and timing, the provenance, and the tamper-evident chain fields. Remember the core promise: no message bodies are ever stored here — only metadata, sizes and a salted fingerprint.

Export Signed Audit

A wizard that produces a signed JSON export of your audit for an outside party to verify independently. You choose the window — All period, a Date range, the Last N days, or From chain position — and Download a file that includes the cryptographically signed chain head, so a standalone verifier can confirm nothing was altered or removed after the fact.

Configuration

Where an administrator controls the auditor itself. The Settings section holds the master switch (Network auditing enabled), Strict redaction, Audit retention (days), and Disabled channels; Egress Components is the seeded catalogue that classifies each destination as MIT-bound or third-party. The defaults are sensible for trust — you do not need to change anything here to get a valid report.

Where to go next

You now know the lay of the land. The natural next step is to learn how to read the headline screen properly — what each verdict means, how to interpret the chips and counts, and how to use the destination panels to satisfy yourself about where your data goes.

→ Continue with Reading the Trust Report.

Want to verify the audit cannot have been edited?

The Verify chain button and the Export Signed Audit wizard exist precisely so you do not have to take the dashboard on faith. See Verifying the audit chain when you are ready to prove the log is intact.