Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Preventing JIRA from saving insecure data on site or in logs

Mathieu Castonguay
Mathieu Castonguay January 16, 2018

Hello everyone,

I'm working right now on a plugin for JIRA that blocks any potential number of 10 digits that begin with the number 9, for example: it's supposed to block the number "9876543217"

The issue I have right now is I realize JIRA saves everything you write in the fields of JIRA, like the search field and Labels field for example. It saves that information in some logs called "access_log.2018.01.16" but that's something I don't want to happen because it could be a potential breach.

I want to know if there are a way to make sure that information is not saved in the logs or at least being censored immediately?

Answer
Watch
Like Be the first to like this
303 views

1 answer

0 votes
somethingblue
somethingblue
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 17, 2018

Hi Mathieu,

The JIRA Anonymizer anonymizes the following data:

The anonymizer currently replaces the following text with x's:

  • Issue summary, environment, and description.
  • Comments, work logs, change logs.
  • Project descriptions.
  • Descriptions for most elements (notification schemes, permission schemes, resolutions).
  • Attachment file names.
  • "Unlimited text" custom fields.

This could perhaps be incorporated into a script to run whenever X happens or on a periodic basis.

Cheers,

Branden

View More Comments
Mathieu Castonguay
Mathieu Castonguay January 17, 2018

Is JIRA Anonymizer can affect the Activity Stream too? For example, writing "9876543217" in a text field will be replaced with x's for that text field and the Activity Stream as well?

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events