I am currently investigating an incident which popped up when a colleague discovered that all project-data in one of his projects was missing.
I am system- and project-admin, have the browse-project-permission with no security scheme active. Still no issues.
So I checked all the access-logs since project creation for any delete-actions without results for the missing issues. Creation and editing-actions on the other hand where all there until 2 weeks ago. Just for the fun of it I created a new task in the currently empty project with it getting "MA-7" as the issue-key, which is plausible with MA-1 to MA-6 already being created in the past. Everything fully accessible.
In terms of changes we upgraded our Jira-Instance from 7.12.3 to 8.3.2 (incl. Service Desk 4.3.2) a week after the last activity in said project. No other missing data was discovered so far annd everything is working fine in general. We also use BigPicture (7.4.2) for more project-management-funcionality.
So any idea what could cause the incident or how to resolve it? Right now I will check the DB for the issues, but apart from that I am out of ideas.
Thanks and best regards,
When you say you have no security scheme active you mean, you have taken it out, or you never had one?
Something similar happened to me, where issues had a issue security scheme, or where getting one because of a postfucntion, but it was set up wrong for a security scheme that did not belong to the project.
Because the id the issues had, did not match that security scheme, it was imposible to see the issues, even when there wasn't any security scheme.
They were only restored when we put the RIGHT security scheme for that project ( one that had the same id's as the issues).
If this not the problem, or something similiar you will have to check the database and do some digging to see if there is something that does not match.
I assume you already passed and integrity checker and reindex.
thank you for your reply!
yes, Issue Security always has been disabled for the project. So when I understand you correct and if my problem is similiar, I should define a Security Scheme that gives me access to all issues and assign it to my project. Did that solve your problem?
And yes, the integrity check was positive apart from 4 errors:
- ERROR: The field layout item with id 11384 has a reference to the deleted custom field with id customfield_11700. (JRA-4423)
I also reindexed.
The security scheme, worked for me because I went into the database and saw that the issues existed and has a security level associated, I searched for the scheme with that security level, and put it in the project.
Since we do no know if this the same issue. I would go into the database to check, that the issues are there, and if they have a security level associated for any reason.
If the issues are not in the database I am afraid there is nothing we can do :(.
I'm afraid the cause for my issue lies somewhere else. I checked the DB and the issues are definitely gone. But like I said, no signs of any user action in logs regarding a deletion. So we restored the VM from a Backup and I manually retrieved the issue data. A CSV-Import didn't work, because it was producing a Error-500 after mapping the fields during import.
So at least I got the data, but still have no idea what caused everything.
But thanks a lot for your input :)
Sorry about that Thomas, they seems they were truly deleted.
Things that come to my mind to prevent this in the future.
There are addons that create an event when things are deleted so you get a warning, and others with better auditlog to check who is doing what.
For me the best solution was eliminating the Delete option for everyone (in the permissions) and creating a Delete status, so we could get Deleted things back in case people made a mistake. The issues that had been in the deleted status for a month were really deleted so we did not end up with two many issues, and we gave people time to recover them.
Hope you like them, keep up the good work :)
Thanks a lot for the ideas!
I will for sure look into them to enhance administrative transparency in the future. Are you using the mentioned App for deletion-warning-events? As far as I found out, I can only track delete-actions by users via the access-logs, but none triggered by the system itself.
So additional functionality in that matter would be very interesting.
I believe there is a issue deleted notification, if the emails is not enough for you, If you use and addon like Automation for Jira o Scriptrunner you can track the event and have an action related to it.
Also for better audits https://marketplace.atlassian.com/apps/43203/auditor-for-jira?hosting=server&tab=overview
Best of luck
Thank you again, Lara! I just set up a automation-rule which tracks any delete issue event and sends an E-Mail to me with basic information on the deleted issue like Key, Summary and the User who triggered the event. Outlook then sorts these mails into its own inbox, creating sort of a log.
This will have to do for now. If similar problems appear more often, there will be now way around something like the marketplace-app you suggested.
In my opinion it is more than embarrassing for Atlassian to provide admins with such grossly incomplete logs and accessibility.
yes, the project contained 6 issues over all, including project descriptions, plans and other important information. Now they are all gone. I already checked against all issues, which were created around the same time in other project with my colleague being the creator.
When I directly navigate to /browse/MA-6, I get the "You can't view this issue" screen.
Hi, Jira users! Do you use Jira alongside Microsoft Teams? We want to hear how you’ve used the power of Jira Cloud and Microsoft Teams (via the Jira Cloud for Microsoft Teams app) to achieve a team...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event