Hi Team,

Compared to Git hub, Bitbucket cloud has lot of option not available, If you developed this type of features it would be great.

This needs to be corrected. We simply must have the ability to audit user interactions with our repos.

People are often prone to hyperbole when they are upset but... it just really is shocking that Bitbucket does not provide any tooling to allow you to manage your users so as to identify and remove users without activity and otherwise manage permissions using the security best practice of "Least Privilege Access".

I got suckered into using Bitbucket thinking that the tight integration with Jira and Confluence would make it worthwhile.  And, to be fair, there are definitely a bunch of nice things about that.  But every time I code review I'm reminded how much more difficult it is to use Bitbucket on a day-to-day basis and I have that nagging question in the back of my head as to whether I made a bad decision in going with Bitbucket.  When I then try to do something as simple as see whether I have any users that need to be removed due to an absence of activity but I am unable to do it without paying for a 3rd party add-on product or writing custom scripts against your APIs...  well, I find myself getting pretty irritated and pissed off.

Switching source control is a bit of a pain in the arse but it's certainly possible and there is good tooling around importing repository history.  The pain/irritation/frustration of staying on Bitbucket keeps on getting closer and closer to exceeding the pain of switching to something like GitHub.

If there weren't so many fundamental feature gaps with corresponding feature enhancement tickets (like this one) that are multiple years old often accompanied by years of comments begging Atlassian to do something, I would be tempted to make the cynical and snarky comment about how it's almost as if Atlassian is being paid by the number of users...  I think the actual issue runs much deeper than that.

The fact that Atlassian even has a "new features policy" (https://confluence.atlassian.com/support/implementation-of-new-features-policy-201294576.html ) is, I'm guessing, an indication that people are constantly complaining.

My sense is that Atlassian doesn't have anything in place where a percentage of your dev capacity is dedicated to working the backlog of feature requests without making projects out of them.  It's very hard to believe it's that difficult to surface the last activity of a user.  Couldn't this be done without making a full-blown project out of it?

Atlassian, please help.

Anyway, yet another comment on yet another ancient ticket requesting feature parity with other source control systems.  I sure hope no one is reading this another 5 years from now but even with the earlier stated "active development" in this area, I'm not at all confident someone won't be...

Excellent point @Matijs Visser

How can we, as paying customers, to have an active voice in next Bitbucket developments?

Writing here in BB issues seems to be irrelevant for them, our needs are just ignored.

@ruchi ookalkar,  how can it be that "last login" is out of scope?
BCLOUD-15536  (login details) was closed because it is a duplicate for this one?

We desperately need the last login time so we can deactivate users that do not use Bitbucket for a while.
(one the other hand, I suppose this does not have priority with you guys because this feature will cost you income)

Hi 4caa168d1d79, we are currently actively developing improvements to the audit log feature. The 'last login' event is out of scope for us at this time. We will inform you about the expected availability of the improved audit logs soon.

@Ruchi Ookalkar or anyone from BB cloud team: Any update you can share so far about this story or the research you have had?

Hi all,

Thank you for your votes and comments on this suggestion.

I am a designer on Bitbucket Cloud and will be conducting some research on audit logs. The Bitbucket Cloud team would like to invite you to take part in our upcoming customer research study to help us reimagine and improve audit logs in Bitbucket Cloud.

Why we would like you to participate:

• You are an admin on workspaces with 100 or more members

• You are an admin or a security analyst who needs to access audit logs

What’s involved in the research:

• Sessions are one hour and conducted over video conference, so you can participate from anywhere around the globe.

• During the research, we'll start with a general chat to get to know you, then we’ll ask some questions to guide the conversations.

• As a token of our appreciation, you'll receive an e-gift card worth $100 USD within 5 days of completing your session.

If you're interested in taking part, fill out this form.

If you have any other questions at all, feel free to reply to this message. We look forward to meeting you!

Cheers,

Ruchi

This is a major security failure on BB Cloud. There is basically no audit log. All you offer is one big dump of all activity. We can not sort it, filter, look up by event, etc. We can't even export the dump to try to sort by the user. If we were to have a security breech, your logs would be useless unless we knew the exact date of the attack beginning and ending.

Hi Atlassian,

Are there any updates?
We would like to have a way to identify users that are logged in a long time ago so we can disable them in orde to save license costs.

One the other hand, I suppose this does not have priority with you guys because this feature will cost you money