Hi! Bitbucket cloud user here. I have a suspicion that one of my app passwords have leaked. The first thing I did was to revoke the password. Now I want to try and figure out whether any read actions took place in the time period in which the repo was exposed. Is there any way to go about doing so?
I don't see a Bitbucket Cloud account in our system with the email of the community account that you used to post this question. I assume that you have an account with a different email?
There is an Audit log available for every account at https://bitbucket.org/account/settings/auditlog/, but I'm afraid that it doesn't show events about when an app password was used.
I suggest that you open a ticket with Bitbucket Cloud support team via https://support.atlassian.com/contact/#/. Depending on the time frame that the app password was leaked, the support team may be able to check internal logs and let you know if any operations were performed by your account with an app password and also IP addresses for these events, so you can compare with the IP addresses that you normally use. Please make sure to open the support ticket by logging in with the same email as your Bitbucket Cloud account's primary email. In the field "What can we help you with?" select "Technical issues and bugs" and then Bitbucket Cloud as product.
Please feel free to let me know if you have any questions.
Hey Community! We’re willing to wager that quite a few of you not only use Bitbucket, but administer it too. Our team is excited to share that we’ll be releasing improvements throughout this month of...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events