Uploaded image for project: 'Atlassian Guard'
  1. Atlassian Guard
  2. ACCESS-1195

Events not captured in Audit logs - user changes and IDP user removal

    • Icon: Bug Bug
    • Resolution: Duplicate
    • Icon: Low Low
    • Audit Log
    • None

      Issue Summary

      Audit logs do not capture events for two scenarios:

      1. Email address or Full name change of a user directly via managed accounts is not captured in Audit logs.
      2. IDP synced user removed from the group at IDP deactivates the account. The user's group removal is logged in the audit log but the user's deactivation event is not logged.

      Steps to Reproduce

      1. Change the email address or full name of the user under the managed account for a user and check audit logs.
      2. For scenario 2: remove an IDP synced user from all IDP synced groups, this will deactivate the user, deactivated account event is not logged in audit logs through the user's group membership removal is logged. 

      Expected Results

      The above-explained scenarios should be captured in audit logs.

      Actual Results

      Events for the explained scenarios are not captured in audit logs.

      Workaround

      Currently, there is no known workaround for this behavior. A workaround will be added here when available

            [ACCESS-1195] Events not captured in Audit logs - user changes and IDP user removal

            Atlassian Update - March 2023

            After some analysis, we've found that this ticket is a duplicate of two other requests which have more votes:

            • ACCESS-1129 – Add user profile and account changes to org audit log - when changes are made to a Managed user
            • ID-8153 – Add org-level audit log when name or email change is made to a managed user

            We encourage you to watch and vote on the above instead. All internal ticket references on this ticket have been transferred. If you do not think this issue should have been closed, please add a comment here saying why and we can reopen it as needed.

            Anusha Rutnam added a comment - Atlassian Update - March 2023 After some analysis, we've found that this ticket is a duplicate of two other requests which have more votes: ACCESS-1129 – Add user profile and account changes to org audit log - when changes are made to a Managed user ID-8153 – Add org-level audit log when name or email change is made to a managed user We encourage you to watch and vote on the above instead. All internal ticket references on this ticket have been transferred. If you do not think this issue should have been closed, please add a comment here saying why and we can reopen it as needed.

            The first section of this request - adding changes made to Managed user to the audit log is already tracked in ACCESS-1129 – Add user profile and account changes to org audit log - when changes are made to a Managed user

            With that in mind, I propose we change the title of this issue to "Add IDP user removal to org-level audit logs". Can the watchers of this issue let me know if they see any problems with making this change? Thank you!

            Anusha Rutnam added a comment - The first section of this request - adding changes made to Managed user to the audit log is already tracked in  ACCESS-1129 – Add user profile and account changes to org audit log - when changes are made to a Managed user With that in mind, I propose we change the title of this issue to "Add IDP user removal to org-level audit logs". Can the watchers of this issue let me know if they see any problems with making this change? Thank you!

              gdalvi@atlassian.com Gaurav Dalvi (Inactive)
              20d8b956adca Jayant Suneja
              Affected customers:
              1 This affects my team
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: