Crowd audit report


We need to provide a audit report to the mangement on who has accessed the Atlassian tools crowd in the last 30 days ?



5 answers

0 votes
Ann Worley Atlassian Team Nov 22, 2017

By default there is no reporting built in but you can get the information in the future by enabling access logs, as described in: How do I enable Access Logging for Crowd? The logs can be analyzed with log analyzer tools such as WebalizerGoogle Analytics or AwStats.

If you have a proxy in front of Confluence, the proxy logs may have recorded access history.

Can we get this done by using DB query ?

We are using MSSQL and Can you share us the query to achieve that.

DBnames


Crowd_DB

Can we get this done by using DB query ?

We are using MSSQL and Can you share us the query to achieve that.

DBnames


Crowd_DB

 

Crowd version - 2.11.1

Any Help Here ?

Hi Friends,

 

Any suggestion please

0 votes
Marcin Kempa Atlassian Team Dec 12, 2017

Hi @vivuu

 

There is some workaround for your current problem as described in a knowledge base article: https://confluence.atlassian.com/crowdkb/list-the-last-login-date-for-all-users-in-crowd-218278872.html

Please note that the results may vary depending on your setup.

The lastAuthenticated attribute is stored for users coming from:

  • Crowd internal directory (created locally in Crowd itself)
  • Delegated authentication directory
  • Remote directory with caching
  • Azure AD directory

Please also note that Crowd does not store the information about from which application the authentication request originated, in other words if you happen to have one internal directory in Crowd, which is mapped to different products (for example to JIRA and Confluence), then after running queries suggested in aforementioned KB article you won't be able to tell if user accessed JIRA or Confluence.

 

     Crowd                 +--------------+    
                           |              |    
       +-------------------+     Jira     |    
       |                   |              |    
+------+------+            +--------------+    
|             |                                
| Directory 1 |                                
|             |                                
+------+------+            +--------------+    
       |                   |              |    
       +-------------------+  Confluence  |    
                           |              |    
                           +--------------+    

 

If you have same user name in different directories, DB query mentioned in the KB article will return same user per each of directory. You will then have to determine which directory user belongs to (I suggest adding director_id to the select clause) and which applications are mapped to that directory. You will then have the information that the user logged in at the specified time to one of those applications which the user directory is mapped to.

 

                Crowd                                    
                                      +-------------+    
                  +-------------------+             |    
                  |                   |    Jira     |    
           +------+------+            |             |    
           |             |            +-------------+    
 User: John| Directory 1 |                               
           |             |            +-------------+    
           +------+------+            |             |    
                  |                   | Confluence  |    
                  +-------------------+             |    
                                      +-------------+    
                                                         
                                                         
           +-------------+            +-------------+    
           |             |            |             |    
 User: John| Directory 2 +------------+  Bitbucket  |    
           |             |            |             |    
           +-------------+            +-------------+

 

All in all currently Crowd does not provide detailed information about users accessing products connected to it. This is something we are thinking of for the future releases in Crowd.

Please see following feature request https://jira.atlassian.com/browse/CWD-2557, and vote for it. This will help us to shape Crowd future roadmap.

 

Hope that helps,

Marcin Kempa

Suggest an answer

Log in or Join to answer
Community showcase
Teodora [Botron]
Published Thursday in Marketplace Apps

Jira Inferno: The Nine Circles of Jira Administration Hell

If you spend enough time as a Jira admin - whether you are managing a single, mid-sized instance, a large enterprise one or juggling multiple instances at once - you will eventually find yourself in ...

499 views 1 15
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you
Atlassian Team Tour

Join us on the Team Tour

We're bringing product updates and pro tips on teamwork to ten cities around the world.

Save your spot