I figured out how to add an issue security scheme to my project. I am using two security levels: General (anyone can view) and Private (only viewable by the reporter, and group working on the project). The JIRA Audit Log shows when I add or remove an Issue Security Scheme from a project, but it does not include changes to Issue Security Schemes. Users with the JIRA Administrator privilege can give themselves permission to view issues that I've marked as Private, look through all the Private issues in my project, then revoke the permission. Is there anything I can do to know if/when this happens?
I tried looking through the audit audit logs, system logs, and Atlassian's support documentation. I haven't found anything yet, but I may not be searching for the correct terms. We are running a standalone version of JIRA v6.3.6.
I wasn't aware that the information displayed in Administration > Troubleshooting and Support > Audit Log was configurable. When I go to Administration > Troubleshooting and Support > Logging & Profiling, I see several logs that I can enable or disable. Which one of those do I need to enable to capture the Issue Security Scheme changes? Where would the information be accessible? Specifically, I want to know when the Users/Groups/Project Roles associates with a Security Level are updated. Currently, I only see when Issue Security Schemes are added to/removed from a project. -Tom
Issue security scheme changes should be caught by the audit log, not logging and profiling. You shouldn't need to change anything to catch the changes - it should be logging edits to the schemes and the changes of scheme when it's changed in a project.
Thanks for the replies, Nic. I am not seeing edits or changes to issue security schemes in the audit logs - maybe something is misconfigured on my end. Any recommendations for how to troubleshoot? The audit log documentation doesn't include issue security schemes as far as I can tell: https://confluence.atlassian.com/display/JIRA/Auditing+in+JIRA
So far, the only place I've found to audit changes to issue security schemes is the sql audit log. I turned on SQL Logging in the Administration > Troubleshooting and Support > Logging & Profiling, and I can see the insert/update/delete statements in atlassian-jira-sql.log:
atlassian-jira-sql.log.1:2014-12-03 10:28:01,556 http-8080-32 tom 628x21821x1 1xy9ia9 /secure/admin/EditIssueSecurities!addLevel.jspa 12ms "INSERT INTO schemeissuesecuritylevels (ID, NAME, DESCRIPTION, SCHEME) VALUES ('10635', 'zzzzz', 'zzzzz', '10040')"
atlassian-jira-sql.log:2014-12-03 10:30:28,606 http-8080-30 tom 630x21842x1 1xy9ia9 /secure/admin/AddIssueSecurity.jspa 62ms "INSERT INTO schemeissuesecurities (ID, SCHEME, SECURITY, sec_type, sec_parameter) VALUES ('10526', '10040', '10635', 'projectrole', '10040')"
I don't see any corresponding entries in the Audit Log. For grins, I tried upgrading to the latest version of JIRA (v6.3.11), but still nothing. I'm using the WAR installation - could I have something misconfigured on my end? Any recommendations for where to look next?
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event