Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Track access to your data and meet compliance needs with user activity logging in audit logs

Hi all, I’m Jonathon, a product manager on cloud security. I’m pleased to announce that we are launching our first set of user activity logs with our Cloud Enterprise offering.

What are user activity logs? They’re a new category of audit log event types that track user actions inside of Atlassian cloud products, in addition to the existing coverage of org admin events. This includes events like if a user viewed a Confluence page or deleted a Jira issue.

If you need audit logs to meet compliance needs, conduct security investigations, or simply troubleshoot issues in your Atlassian cloud products, read on to see how the new user activity logs can help you.

Review who’s accessing to your sensitive data

Historically, assessing data loss or leakage in a security incident has required you to contact Atlassian support, which often results in a months-long investigative process and not always one that ends with answers.

Now, with user activity logging, assessing impact is as simple as going to the audit log in your Atlassian administration interface and scanning for a compromised user account’s activity or for everyone that looked at a specific piece of content. We know this is a critical security need – the kind you might not use every day but absolutely has to be there when you need it.

Using our audit log API, you can also retrieve these logs for cold storage or to process with your own security intelligence solutions. Here’s some additional documentation on our audit log API: https://developer.atlassian.com/cloud/admin/organization/rest/api-group-orgs/#api-orgs-orgid-events-get

Meet compliance needs

Through conversations we’ve had with you over the past year, we know enterprise compliance often includes a comprehensive record of user activity in our products. While the types of activities that an organization creates often vary, as do the activities different organizations want to keep track of, we’re starting with these most common and essential events first.

If your compliance checklist ever required tracking user views of data in Jira and Confluence, we’ve now got you covered!

Customize UGC storage to match your data residency requirements

We know some customers are subject to different data residency needs than others, so we wanted to give you the flexibility to choose whether or not your user-generated content is stored in the audit log. Right now, we don’t yet support location-specific storage for logging, so if things like issue IDs and page titles are part of your data residency regime, you can opt out of storing them. Data residency and its nuances are deeply complex, so if you want to know more about this specific set of features, you can read more here:

Audit Log Documentation

Because of the complexity of data residency requirements, we wanted to give you as much flexibility and customizable control here as possible so you can tailor to your own needs.

What’s next for audit logs and user activity logging?

Atlassian’s journey into the cloud is a marathon, not a sprint, and that includes our ongoing investments in security visibility and audit logging. We plan to continue to add new events into our audit log as we have been for the past several years and now with user activity logging that will include future coverage of more user event types, additional products, and more. If space interactions matter to you more than pages or Bitbucket generates stricter logging needs than Jira, we aim to meet or exceed your needs soon. We plan to continue making improvements to the audit log across all cloud editions so stay tuned.

If you have ideas or suggestions, let us know in the comments. We’d love to hear from you!

6 comments

Comment

Log in or Sign up to comment
Medhat Ahmed November 14, 2021

Nice feature and hope to find more details on Audit logs

Like Sandy likes this
Hakeem Olasupo
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
November 19, 2021

Such a very great feature

Patrícia Fortunato Montenegro November 24, 2021

Always nice to know more about audit logs. An important topic that the customers always keep in touch with us about it.

Thank you!

Like Mandy Ross likes this
Marcels Gomez November 25, 2021

Is there an Atlassian whatsapp group that can be joined and keep updated. 

Fabio Genovese
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
March 23, 2023

I have read this article and have some doubts that I express. I ask you the courtesy to help me understand.

The first thing that does not make sense to me is that these Audit Logs are present in Access. The issue is that you have to tell customers that they have to buy Access to get these statistics. Those who perhaps have a fairly low number of users and use Jira will refuse to submit to this decision. There is a risk of losing customers.

second point: this functionality should be native within all cloud profiles, also because I often work with large manufacturing companies where the IT component is limited to very few people. We are talking about companies with 20000 employees but only 10 IT. My question is this: How can these 10 monitor their work and comply with certifications to which they are subject if the out-of-the-box functionalities do not track their activities? I cannot said them: No Problem.... buy Atlassian Access. 

The doubt that grips me is that it would have been better to make this information available, which is well or poorly recorded. I consider this to be a rather serious mistake and call for a review of this functionality.

let me know what do you think.

Like # people like this
Maria Groth
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
July 31, 2023

I must say a fully agree with Fabio in his comment in March. I would expect user activity logs to be available OOTB for all license models. It's quite an investment for us to buy Access...

TAGS
AUG Leaders

Atlassian Community Events