Track access to your data and meet compliance needs with user activity logging in audit logs

Hi all, I’m Jonathon, a product manager on cloud security. I’m pleased to announce that we are launching our first set of user activity logs with our Cloud Enterprise offering.

What are user activity logs? They’re a new category of audit log event types that track user actions inside of Atlassian cloud products, in addition to the existing coverage of org admin events. This includes events like if a user viewed a Confluence page or deleted a Jira issue.

If you need audit logs to meet compliance needs, conduct security investigations, or simply troubleshoot issues in your Atlassian cloud products, read on to see how the new user activity logs can help you.

Review who’s accessing to your sensitive data

Historically, assessing data loss or leakage in a security incident has required you to contact Atlassian support, which often results in a months-long investigative process and not always one that ends with answers.

Now, with user activity logging, assessing impact is as simple as going to the audit log in your Atlassian administration interface and scanning for a compromised user account’s activity or for everyone that looked at a specific piece of content. We know this is a critical security need – the kind you might not use every day but absolutely has to be there when you need it.

Using our audit log API, you can also retrieve these logs for cold storage or to process with your own security intelligence solutions. Here’s some additional documentation on our audit log API: https://developer.atlassian.com/cloud/admin/organization/rest/api-group-orgs/#api-orgs-orgid-events-get

Meet compliance needs

Through conversations we’ve had with you over the past year, we know enterprise compliance often includes a comprehensive record of user activity in our products. While the types of activities that an organization creates often vary, as do the activities different organizations want to keep track of, we’re starting with these most common and essential events first.

If your compliance checklist ever required tracking user views of data in Jira and Confluence, we’ve now got you covered!

Customize UGC storage to match your data residency requirements

We know some customers are subject to different data residency needs than others, so we wanted to give you the flexibility to choose whether or not your user-generated content is stored in the audit log. Right now, we don’t yet support location-specific storage for logging, so if things like issue IDs and page titles are part of your data residency regime, you can opt out of storing them. Data residency and its nuances are deeply complex, so if you want to know more about this specific set of features, you can read more here:

Audit Log Documentation

Because of the complexity of data residency requirements, we wanted to give you as much flexibility and customizable control here as possible so you can tailor to your own needs.

What’s next for audit logs and user activity logging?

Atlassian’s journey into the cloud is a marathon, not a sprint, and that includes our ongoing investments in security visibility and audit logging. We plan to continue to add new events into our audit log as we have been for the past several years and now with user activity logging that will include future coverage of more user event types, additional products, and more. If space interactions matter to you more than pages or Bitbucket generates stricter logging needs than Jira, we aim to meet or exceed your needs soon. We plan to continue making improvements to the audit log across all cloud editions so stay tuned.

If you have ideas or suggestions, let us know in the comments. We’d love to hear from you!