Long story short, I got a question to see if it's possible to see who have opened issues in a specific project. The one who set up the project missed that it contained very sensitive data and gave everyone in our JIRA access.
I've done some searching, and I can't find any way to see who has accessed specific issues/projects, but before I report this to my boss I wanted to ask the community.
Therefore: is there any way (SQL/JQL) to see which users has opened specific issues?
First question do you want to get info from which period?
1. easy way is plugin like this
2. next step is sql query, it is based in the table userhistoryitem
3. next step is access log from tomcat, if you are configuried (just grep using project predicate)
4. check revers proxy logs (nginx, httpd, varnish) whatelse. like this cat access.log | grep --color SECRET
---- For future
5. For the future you can setup ELK (ElasticSearch+Logstash + Kibana) and configure parser for you project additionationaly/
Thanks for the answer!
The time period is six months past to yesterday when this was discovered.
I looked at the plugin, and we will probably test it in our test environment, but it seems that it can't backtrack, but certainly be a tool for later on.
The SQL query seems to be the best bet, but userhistoryitem shows a limited time from what I saw, but maybe some users who aren't very active will still have older actions.
I will also run a grep in the access_log, however I think that only logs actions/changes in issues and not when you open them.
Thanks for the ELK tip, we should probably set up a better monitoring of our logs, yeah.
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG