Crowd audit report

By default there is no reporting built in but you can get the information in the future by enabling access logs, as described in: How do I enable Access Logging for Crowd? The logs can be analyzed with log analyzer tools such as Webalizer, Google Analytics or AwStats.

If you have a proxy in front of Confluence, the proxy logs may have recorded access history.

Can we get this done by using DB query ?

We are using MSSQL and Can you share us the query to achieve that.

DBnames

Crowd_DB

Crowd version - 2.11.1

Any Help Here ?

Hi Friends,

Any suggestion please

Hi @vivuu

There is some workaround for your current problem as described in a knowledge base article: https://confluence.atlassian.com/crowdkb/list-the-last-login-date-for-all-users-in-crowd-218278872.html

Please note that the results may vary depending on your setup.

The lastAuthenticated attribute is stored for users coming from:

• Crowd internal directory (created locally in Crowd itself)
• Delegated authentication directory
• Remote directory with caching
• Azure AD directory

Please also note that Crowd does not store the information about from which application the authentication request originated, in other words if you happen to have one internal directory in Crowd, which is mapped to different products (for example to JIRA and Confluence), then after running queries suggested in aforementioned KB article you won't be able to tell if user accessed JIRA or Confluence.

     Crowd                 +--------------+    
                           |              |    
       +-------------------+     Jira     |    
       |                   |              |    
+------+------+            +--------------+    
|             |                                
| Directory 1 |                                
|             |                                
+------+------+            +--------------+    
       |                   |              |    
       +-------------------+  Confluence  |    
                           |              |    
                           +--------------+    

If you have same user name in different directories, DB query mentioned in the KB article will return same user per each of directory. You will then have to determine which directory user belongs to (I suggest adding director_id to the select clause) and which applications are mapped to that directory. You will then have the information that the user logged in at the specified time to one of those applications which the user directory is mapped to.

                Crowd                                    
                                      +-------------+    
                  +-------------------+             |    
                  |                   |    Jira     |    
           +------+------+            |             |    
           |             |            +-------------+    
 User: John| Directory 1 |                               
           |             |            +-------------+    
           +------+------+            |             |    
                  |                   | Confluence  |    
                  +-------------------+             |    
                                      +-------------+    
                                                         
                                                         
           +-------------+            +-------------+    
           |             |            |             |    
 User: John| Directory 2 +------------+  Bitbucket  |    
           |             |            |             |    
           +-------------+            +-------------+

All in all currently Crowd does not provide detailed information about users accessing products connected to it. This is something we are thinking of for the future releases in Crowd.

Please see following feature request https://jira.atlassian.com/browse/CWD-2557, and vote for it. This will help us to shape Crowd future roadmap.

Hope that helps,

Marcin Kempa