Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,365,242
Community Members
 
Community Events
168
Community Groups

Is there a way to get an alert on admin actions?

Hi, 

I had a user created in the subscription allegedly under my account. As I do not recall doing this, I wonder which of the operations I did perform could cause this. 

Unlike with other operations in the audit log, this user addition states the actor location as 'unavailable'.

I also see the Atlassian support engineer has created a user for himself without informing me, the subscription admin.

This all looks very troubling, especially in the cloud service.

So I'm looking for a way to receive real time alerts on any activity related to user creation, role assignment and group allocation.

Please share your experience and solutions to this situation.

Thank you,

Inna 

1 answer

1 accepted

0 votes
Answer accepted

Hi @Inna S 

In my opinion, there are definitely gaps in the information and reliability of the built-in admin logging of events with Jira Cloud.  For example some of the site admin actions in the log do not indicate who performed the action; some are not logged at all.

Until these functions are improved by our vendor, some possible options are:

  • Contact Atlassian support to learn about that user which was created
  • Investigate the marketplace to learn if there are better audit reporting addons
  • Use a webhook to push out site changes to another tool.  We experimented with that second option to review the logs in SumoLogic; it helped but there were still gaps.
  • Disciplined change management:
    • Limit the number of site admins,
    • Use a change-control project or Confluence page to log all planned site-admin-level changes, and
    • Have admins pair-program on all such changes.

Kind regards,
Bill

Thank you, @Bill Sheboy .

I've contact the support and the response was not helpful as they were unable to provide any additional information.

Discipline is all good till you get an overworked and inexperienced team members.

As far as the change control is not enforced, it can't be relied upon.

I've set up the webhook to fire on all the admin events available, but somehow my system of choice (MS Power Automate) did not get the events. On the Jira side, there is no record on the webhook health and fires, so it is unclear if it wasn't fired or did not reach the destination or was rejected. 

So as far as I can see, the only protection would be a decent backup and restore capability, that is also missing from the current offering. Looks like we are off to additional spending on the yet another 3rd-party service here.

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
PREMIUM
PERMISSIONS LEVEL
Site Admin
TAGS

Atlassian Community Events