IP Allowlist audit log to include incident and IP address of blocked requests

XMLWordPrintable

    • 28

      Problem Definition

      The organization audit logs related to IP allowlisting is not sufficient to know when connections are blocked by the allowlist. For security auditing purposes, admins should be able to see data on when blocks occur. 

      We would like logs specifically around documenting user/IP information when a user is denied access because their IP does not fall under any of the ranges set in the Atlassian allowlist.

      Suggested Solution

      Please add all the details for any blocks that happen when connections are denied by the IP allowlist in the organization audit log entry.

      Examples are:

      • User Name of blocked attempt
      • IP address of blocked attempt

      Why this is important

      This is important to track when a blocked attempt is made for security auditing purposes. We would like logs specifically around documenting user/IP information when a user is denied access because their IP does not fall under any of the ranges set in the Atlassian allowlist. Currently, admins have no visibility to these events.

      Workaround

      No workaround is available right now

            Assignee:
            Kunwardeep Singh
            Reporter:
            Alexis
            Votes:
            24 Vote for this issue
            Watchers:
            24 Start watching this issue

              Created:
              Updated: