So the "Improved audit logs for Bitbucket" roadmap entry says it was released back in 2022 and the linked doc said the events would be rolled out incrementally.  It's been 2 year and we still don't see entries for anything related to projects, branches, merges, etc, etc.  When can we expect the events to be added for everything in this list?
https://confluence.atlassian.com/bbkb/bitbucket-cloud-audit-log-events-1178872155.html

We've had to investigate issue we had recently and there are no logs to support any of the actions that happened, log events that we did have in Bitbucket server.  What's the hold up?

I have been directed here from BBS-216751

I specifically need to have more detail when BB IP restrictions are changed. Currently it shows who and from what IP - but we need to know what change was made (additions/removals, and the IP addresses affected).

For compliance reasons, the IP restrictions act as a sort of firewall and we have to secure these changes with change management and auditing of changes.

Hi there,

so you are saying if we do not buy Atlassian Access we wont get any improvements in audit log at all?

Hi everyone,

This is Denise from the Bitbucket PM team. I’m excited to let you know that we’re starting work on improving audit logs. Our first milestone will deliver highly-requested Workspace, Project, and Repository administration and configuration events in Atlassian Access - Atlassian’s organization-wide subscription that enables enterprise-grade identity and access management and security features. Atlassian Access has a robust audit log feature complete with export and search capability, and an API for querying and retrieving events. You can get a 30-day free trial of Atlassian Access by following the instructions here.

While we don’t yet have a specific timeline on the delivery, we plan to roll it out next quarter and will update the status here when we have additional details.

Cheers,
Denise

is there any update on this ticket?

Hi all,

Thank you for your votes and comments on this suggestion.

I am a designer on Bitbucket Cloud and will be conducting some research on audit logs. The Bitbucket Cloud team would like to invite you to take part in our upcoming customer research study to help us reimagine and improve audit logs in Bitbucket Cloud.

Why we would like you to participate:

• You are an admin on workspaces with 100 or more members

• You are an admin or a security analyst who needs to access audit logs

What’s involved in the research:

• Sessions are one hour and conducted over video conference, so you can participate from anywhere around the globe.

• During the research, we'll start with a general chat to get to know you, then we’ll ask some questions to guide the conversations.

• As a token of our appreciation, you'll receive an e-gift card worth $100 USD within 5 days of completing your session.

If you're interested in taking part, fill out this form.

If you have any other questions at all, feel free to reply to this message. We look forward to meeting you!

Cheers,

Ruchi

Hello! I'm a BBC PM. My team is working on improving audit logging in Bitbucket. Thank you for providing examples of items you would like to see included in the feature - this is really helpful for us. We expect to release the improved audit logging feature in FY22 - I will update this when I have a better idea of when to expect it. 

We would also love to have this feature. It's available in github & gitlab, and it would be great if Bitbucket could reach feature parity. 

Still not seeing any integration with Atlassian Access. It's horrendously crude that we have to resort to copy/paste for providing compliance evidence to who has access to our source control,

Hi, is there any update on this item? 

This would be great for license management - knowing who is using it, who is not using it, who has logged in and who hasn't!

Hi, everyone. One of our initiatives for the coming year is a more complete integration with Atlassian Access. This includes pushing all our events into a consolidated audit log across all Atlassian Cloud products. Many of the improvements for searching, exporting, or 3rd party integration for audit log analysis will be made here and shared by all products.
Just to be clear, we are not getting rid of Bitbucket’s audit logs we making them available in two places. As we make changes to push our audit logs to Access as well we can examine what other information we need to be collecting here.

welcome to Atlassian where user feedback goes to die.

Five years! and no action on something relatively trivial.

Bit bucket, this is a critical option to be logged. I believe your product management team needs a security expert to be on team.
user/group/repo permissions changes either through UI / api / any call must be logged.

+1
Also missing: import repository is not logged into the audit log

Can't believe this is not implemented. This is a must have feature for a large enterprise with dozens of developers.

Could changes to branch permissions also be added? Including permissions removed or added by the platform itself.

API calls need to be logged to audit log , since users / groups / permissions can be modified and would help with auditing the changes introduced

Issue BCLOUD-11523 was marked as a duplicate of this issue.

Issue BCLOUD-10441 was marked as a duplicate of this issue.