Time of login and logout report

I would like to ask if there is any intergration or main feature of hipchat to report the time of login and logout of each user of my room. All employees are using the desktop version of hipchat for windows. Is there any way to take a report of login ang logout time each day of the month?

Thanks in advance

1 answer

1 vote
Ahmad Danial Atlassian Team Sep 11, 2017

Hello. Quick checks on the following before we look further into this:

  • Can we please check with you if you are utilizing HipChat Cloud or HipChat Server / HipChat Data Center?
  • Are you looking specifically at log in >> log out to the web interface only OR log in >> log out to the chat client itself?

While this is not available through the UI, it might be possible to track them from the logs, at least for HCS / HCDC.

Hello! Using HipChat Server, trying to identify where different security-related events are logged within the server itself, as I do not see the level of detail I would like in the Group Admin GUI.

We are using Crowd as a delegated authority within AD, so I can see successful/unsuccessful user logins to the chat client via var/log/atlassian-crowd, but I havent found the correct log where user logoffs are noted.

For those of us doing security auditing for our organizations, a quick, more descriptive article on useful security-related logs within the HCS would be super helpful! I know Hipchat is being deprecated in favor of Slack, but as we are an on-prem-only environment, Slack is currently not an option for us.

Please help us junior admin's address all these security auditing requirements for our orgs! I fully realize Hipchat is a chat engine/app, but I cant really state that as an answer to my auditors.

Some of the logged events I'm looking for:

Privilege escalation- i.e. promoting a user to an admin

Admin's making changes such as logging verbosity

Admin's starting or stopping services

Users logging off, users logging into to multiple sessions from different IP's, etc.

As for logging into the web interface or the Server itself, both would be helpful!

Thanks for your time and help- hipchat is a very important collaborative tool for us!

Hi there, Daniel.

You are most welcome. The fastest and easiest way to know the logs that are touched when specific actions are performed is through the following steps:

  1. Enable active logging by running the following command in your server terminal / SSH console:

  2. sudo dont-blame-hipchat -c "find /var/log -name '*.log' -type f | xargs tail -f -n0" > /tmp/all.log &
  3. Take note of the generated pid. For example, mine is 8282:

  4. admin@hipchat:~$ sudo dont-blame-hipchat -c "find /var/log -name '*.log' -type f | xargs tail -f -n0" > /tmp/all.log &
    [1] 8282
  5. Execute the action (log in / log out / start service) to capture the information we need:

  6. Once done, gain root access:

  7. admin@hipchat:~$ sudo dont-blame-hipchat
  8. Kill the process:

  9. root@hipchat:/home/admin# kill -9 8282
  10. Exit the root access:

  11. root@hipchat:/home/admin# exit
    exit
    [1]+ Killed sudo dont-blame-hipchat -c "find /var/log -name '*.log' -type f | xargs tail -f -n0" > /tmp/all.log
  12. Review the /tmp/all.log for the information that you are looking for

Let us take a look at the /hipchat-scm/web/application/models/important_event.php to understand some of the important events that gets logged into the database and web interface:

sudo dont-blame-hipchat

nano /hipchat-scm/web/application/models/important_event.php

You will see a list of events that is broken down to 4 main sections:

  • /* groups: 1000 - 1999 */
  • /* users: 2000 - 2999 */
  • /* rooms: 3000 - 3999 */
  • /* misc: 4000 - 4999 */

Looking into the Audit Log in the web interface, you will be able to see some of these events being logged there with the details:

Screen Shot 2018-09-17 at 14.19.24.png

For example:

Privilege escalation- i.e. promoting a user to an admin

This can be tracked from the web interface as per the following.

Screen Shot 2018-09-17 at 14.28.08.png

Admin's making changes such as logging verbosity and Admin's starting or stopping services

This is something that needs to be done on an OS level. You can check on the usage of audit as an example - Linux audit files to see who made changes to a file for making changes to the log4j.properties for logging verbosity.

As for admin stopping / starting services, you can trace it via auditd for example as mentioned in the Log all commands run by admins on production servers

Take note that these are not default features that are available on HipChat Server, so no official support is provided for it.

Users logging off, users logging into to multiple sessions from different IP's, etc.

For this one, you should be able to trace it from /var/log/hipchat/web.log. For example, log out from the web interface:

2018-09-17T06:45:52.098396+00:00 ip-10-0-180-114 web[8542]: users/sign_in#REQB6270A uid-anon 1ms [info] === REQUEST START === url: https://adanial240.lightning.hcsinf.com/users/sign_in?src=sign_out, metho
d: GET, referrer: https://hipchat.example.com/admin/user/2, server: , remote_addr: 103.233.242.8, user_agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/605.1.15 (KHTML, like
Gecko) Version/11.1.2 Safari/605.1.15, x_hipchat_request: public

Failed login from desktop client:

2018-09-17T06:49:53.704678+00:00 ip-10-0-180-114 web[9055]: users/login_password#REQ5A061A uid-anon 2ms [info] === REQUEST START === url: https://hipchat.example.com/login_password, method: POST, referrer: https://hipchat.example.com/login_password?d=%2Fusers%2Fauthorize%3Fresponse_type%3Dcode%26client_name%3Dcom.atlassian.hipchat.osx-clients%26scope%3Dadmin_room%2520manage_rooms%2520send_message%2520send_notification%2520view_group%2520view_messages%2520view_room%26redirect_uri%3Dhipchat%3A%2F%2Fhipchat.com%2Fauthorized%26state%3D37977846, server: , remote_addr: 103.233.242.8, user_agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/605.1.15 (KHTML, like Gecko) HipChat/759 (modern), x_hipchat_request: public
2018-09-17T06:49:53.704838+00:00 ip-10-0-180-114 web[9055]: users/login_password#REQ5A061A uid-anon 122ms [info] Error body: {"error":{"code":"403","xmpp_error":"not-authorized"}}

 Let me know how that goes for you. I really appreciate the support and love you have for HipChat. Rest assured that we will continue to deliver the best customer experience until the day it goes EOL. Thanks!

Suggest an answer

Log in or Sign up to answer
Community showcase
Published Nov 14, 2018 in Hipchat Cloud

Hipchat Cloud and Stride End of Life: Just over 90 days away

Earlier this year we made the difficult decision to discontinue our team messaging tools, Stride and Hipchat. The end of life date for Stride and Hipchat Cloud is quickly approaching - February 15, 2...

539 views 0 2
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you