Is there an easy way to get info on who downloaded a publically shared file?

Nextcloud version: 24.0.7
Operating system and version: Ubuntu 22.04
Apache or nginx version: 2.4.54
PHP version: 8.1.12

The issue you are facing:

Not an issue as much as a feature clarification. If we create a public share, when we click on it and look in the “Activity” tab, we can see a log of “downloaded” events. Is there a way to get more info there, for example, a more precise timestamp? IP address? If it was a logged in user, who?

We are looking for an alternative to Box for a project share with people who are not in our org, and I am proposing Nextcloud and am using my personal instance as a demo, this has become a requested feature. The administrator of the project wants more info on who may have viewed documents.

The web server logs would have IPs and timestamps. You’d have to search the log for the exact events you want.

As far as knowing “who” downloaded a public file, we’re talking about unauthenticated users, so that’s really all the info it’s possible to have.

Now if it’s a known set of users who aren’t in your org, you do also have the option of guest accounts rather than making the files public. Or you can do a federated share if they have their own Nextcloud. In either case, then you would be dealing with authenticated users.

There’s no way to pipe that into the UI? Our leadership wants to see that at a glance like he can in Box; he wants to micromanage when his documents were viewed.

I know we’re dealing with just IP’s at best for public users, but if it was a domain user that was logged in, could that info be gleaned from a cookie or something? Some sort of table of “accessed by user123 at 11:45, accessed by at 12:22”

This would be a pilot to replace Box; we have no existing nextcloud, at this point I’m demo’ing off my home instance as a proposal.

You’ll need to use an external service to analyze the logs on the fly, at a glance.

You can read the logs (or perhaps even make the logs available via external storage), but understand these are raw logs from the web server (Apache, etc.).

Honestly the timestamp and IP address of public downloads are not really very useful info, so I would say that’s a misplaced priority on the part of the micro-manager. If access control is a concern then public shares are not the thing to use anyway.

More info is available when looking at registered users, such as the activity app and the activity tab of a given file.

Yea, it all makes sense. The requirement is kind of silly; I believe this individual actually manually refreshes the page multiple times a day to figure out who has looked at their documents thus far, but changing that is not something I have control over sadly.