Hi admins:
I remember to read somewhere that action log was disabled due to performance issues in doc.t.o.
Unluckily, I had to re-enable it again today to (attempt to) view which were the pages spammed by a recurrent spamming user "lissacoffey". I could not fully see them listed through the action log since it had been disabled for a while, and it currently only displays the mails sent due to User Watches" on specific pages where spam was added (Contacts & Troubleshooting). However, where there other pages spammed by that user?
I see that I have been using the action log to help detect (and rollback) spam for a few years already ( e.g. from 2008: https://tiki.org/blogpost373-added-more-actions-to-action-log-settings ).
So yes, we can disable action log again here or there, but there may be chances that it's not easy to detect spam added to our knowledge bases... Maybe, some performance improvements can be done to reduce whatever performance impact we have in our sites?
Regarding huuuuuge tables in the syslogs or action logs, maybe an intermediate solution would be have the ability to store in compressed format on disk old logs (like the log rotation done at sys admin level automagically in most servers). Logs would be preserved (with reduced size, and no impact on huuuge mysql tables - hundreds of Mb easily - in production sites). I do not know how to code that myself in php, unluckily.
Food for thought, depending on the human resources available. Cheap workaround: disable action log again, of course... but some of us might not have the time to investigate all places where a user added spam, without the help of the action log data....
Addendum:
I did not ban the user in purpose, just the IP. This seems to be a human spammer, connecting from fairly similar ips (within the same range). And this way, when she registers again, with the same username, we can infer that it's the same spammers or spammer group (confirmed that they use IP. within the same range the 2 times I had to ban her ip). And that's easier when we see that username again editing things... If we banned the username, that person would re-register with another username, and it wouldn't be that easy to keep an eye on that suspicious user when we see more action related to that username.
;){kind=link}
;){kind=link}