What are some of the best practice for auditing confluence access?
Apart from using the usual ITGC framework; looking at user access provisioning, termination, access review what are things do people look out for?
Also given the immense amount of logs, what are some of the key logs that should be reviewed?
it might depend on what you are looking for - or in other words: who requests the logs / the audit.
Confluence comes with an audit log:
If it is still needed to save the logs for somebody depends on what your requirements are.
In case you are using external tools like a Single-Sign-On and/or a role base access model those environments might have their own logs.
Hi Community! We're thrilled to share that Team Calendars for Confluence is now a built-in feature for Confluence Data Center releases 7.11 and beyond. A long time favorite, Team Cale...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events