Hello,
We recently upgrade to Jira version 10.3.10. Every month, I audit the system using the Audit Log to see if there have been any login failures. After the upgrade there have been no login failures. In fact, there have not been any login or logout log entries either.
Did this audit option move somewhere else? Did it get eliminated?
Thanks,
Nancy
Hi @Nancy Debnam , I ran into the same issue on Jira Data Center (10.3.12). I also noticed that failed login attempts were no longer appearing in the audit log. In my case, the events were still being generated, but they weren’t included because of the audit coverage level.
Here is what resolved it:
After switching to Full, failed login events started showing up again in the audit log.
Hope this helps.
Hello @Marcelo Viana de Siqueira
Unfortunately, our Security category Audit log setting was already set to Full. I even reset it and that didn't work. One thing that might be is that we are using SAML authentication. Perhaps they have stopped logging that. Although, I don't know why they would.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello @Nancy Debnam , If I look at my DC instance system setting windows and the select Audit Log I can clearly see a category called Login where I can track failed and successful login.
This on my actual version 10.3.12
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi @Nancy Debnam ,
Best,
Fadoua
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I am not seeing anything on the release notes:
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I did not see anything in the release notes either. One thing that is important when running a security program is knowing who is trying to login and failing to do so. Then the question is why. But if this information is not in the logs, then we can't do that evaluation.
Of course I looked into the logs. This is why I asked the question.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Very hard for me to check as I don't have access to DC instance
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.