Jira REST API Audit Logs: AssociatedItems Name Field Shows IDs Instead of User Names

Hi @Luiz Ricardo Pereira da Silva , Thanks for taking this up.

We can use the mentioned API as a 2nd REST call, but the problem with that is we are not receiving the accountID in audit logs every time. for example it might contains the authorKey (i.e, ug:123ec4f5-a678-912b-34d5-6788123e4ada) which is deprecated from the Jira. 

Hi @Luiz Ricardo Pereira da Silva  Do we have any updates on this ?

Hi @Luiz Ricardo Pereira da Silva  Do we have any updates on this ?

Hello, I apologize for the delay.
Unfortunately, some records in the audit log do not include the AccountId, and the author key has indeed been discontinued.
I'm not sure if this will help, but I created a Python script that, in addition to scanning all users, also identifies the AccountId related to the author key in other audit logs.
If the AccountId is not found in that session, the script will look for it in other sessions where the same user appears, performing a comparison by the author key.
If it still can't find it, the result will be returned as "unknown."
This isn't the solution, but it's the closest approach I could find to assist you.
I hope it works for most of the sessions.

import json
import requests
import base64

# Authentication configuration
JIRA_USER = "your_email" # Replace with the correct user
JIRA_TOKEN = "your_token" # Replace with the correct token
AUTH_HEADER = base64.b64encode(f"{JIRA_USER}:{JIRA_TOKEN}".encode()).decode()

# Function to get user by authorKey
def get_user_by_authorKey(authorKey):
JIRA_USER_URL = f"you_domainrest/api/3/user?key={authorKey}"
HEADERS = {
"Authorization": f"Basic {AUTH_HEADER}",
"Accept": "application/json"
}
response = requests.get(JIRA_USER_URL, headers=HEADERS)
if response.status_code == 200:
return response.json().get("accountId", "Unknown")
return "Unknown"

# Function to extract users from the audit JSON
def get_user_from_audit(audit_json):
users = []

for record in audit_json.get("records", []):
user_info = {
"event_id": record.get("id"),
"summary": record.get("summary"),
"accountId": None,
"authorKey": None,
"user": "Unknown"
}

# First, try to get the accountId directly
if "authorAccountId" in record:
user_info["accountId"] = record["authorAccountId"]
user_info["user"] = record["authorAccountId"]

# If not found, try to get the authorKey
elif "authorKey" in record:
user_info["authorKey"] = record["authorKey"]
user_info["user"] = record["authorKey"]

# If still not found, check in associatedItems
if not user_info["accountId"]:
for item in record.get("associatedItems", []):
if item.get("typeName") == "USER":
user_info["authorKey"] = item.get("id")
user_info["user"] = item.get("name")
break

# If the user is still "Unknown", try to fetch it from the API
if user_info["user"] == "Unknown" and user_info["authorKey"]:
user_info["user"] = get_user_by_authorKey(user_info["authorKey"])

users.append(user_info)

return users

# API request configuration
JIRA_URL = "you_domainrest/api/3/auditing/record"
HEADERS = {
"Authorization": f"Basic {AUTH_HEADER}",
"Accept": "application/json"
}

# Making the request
response = requests.get(JIRA_URL, headers=HEADERS)
if response.status_code == 200:
auditing_json = response.json()
users_extracted = get_user_from_audit(auditing_json)
print(json.dumps(users_extracted, indent=4))
else:
print(f"Request failed: {response.status_code} - {response.text}")

Best regards,