[JRASERVER-41884] Audit log for field configuration changes

Type: Suggestion
Resolution: Unresolved
Fix Version/s: None
Component/s: System Administration - Audit Logs
Labels:
- AuditLogCoverage
- affects-server

UIS:
19
Feedback Policy:

We collect Jira feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion.

As a JIRA Administrator, I would like to have Audit Log for field configuration changes so that it is easy to track how makes modifications like:

Showing/hiding a field.
Making a field optional/required.
Adding a configuration to a screen.

Workaround

While this is not implemented on the native audit log Administrators may choose to monitor some occurrences from the Tomcat access logs.
Refer to How to parse Access Log in Jira for audit purposes for some of the entries related to Field configuration admin actions.

derived from

JRASERVER-3157 JIRA Administration Audit trail / notifications

Closed

duplicates

JRASERVER-3157 JIRA Administration Audit trail / notifications

Closed

relates to

JRACLOUD-41884 Audit log for when a field configuration is associated with a screen

Closed

JRASERVER-42910 As an admin, I want the audit logs to cover screens and the screen schemes so that we audit it

Closed

mentioned in: Page Failed to load; Page Loading...; Page Loading...; Page Loading...; Page Loading...

(4 mentioned in)

Form Name

JasbrisMcCaw added a comment - 11/May/2023 7:08 PM

I do not understand why the Audit Log shows changes to Field Configuration Schemes, but not Field Configurations. The later is much more important to understand what was changed, when, and by who.

JasbrisMcCaw added a comment - 11/May/2023 7:08 PM I do not understand why the Audit Log shows changes to Field Configuration Schemes, but not Field Configurations. The later is much more important to understand what was changed, when, and by who.

Anand Sanke added a comment - 26/Dec/2019 10:41 AM

Jira Audit Log requirements

It would be good if we have audit log entries in below cases

1) When jira project created, or updated any changes including project re-index and project deleted.
2) When custom field created, updated and deleted. Updates are including dropdown field value addition, modification and deletion.
3) Sometimes external data import is changing the custom field configuration changes making it applicable to other issue types and there is no trace when and by whom it happen. Data import log saying users imported, versions created and components created. But it is not making any note of changing custom field configurations. We need these changes in data import log and audit log as well.
4) Workflow changes addition, modification and deletion of statuses/transitions.
5) Issue type scheme changes
6) Screen scheme changes
7) Field configuration scheme changes
8) Priority scheme changes
9) Project version and component changes
10) Permission scheme changes
11) Issue security scheme changes
12) Notification scheme changes
13) Users addition, modification, activation/deactivation and deletion.
14) Board creation, modification and deletion. When board filter deleted without deleting board. When sprint deleted
15) Re-Index intiation, index copy from one node to another.
16) Plugin installs, updates and configuration changes including license
17) General configuration changes
18) Resolutions changes
19) Project roles changes
20) Global permissions changes
21) Whitelist changes
22) Issue Collector changes
23) Issue Link changes
24) Application Links changes
25) Sub-tasks changes
26) Time-tracking admin updates
27) User group admin updates
28) User Directories changes
29) Project category changes

Anand Sanke added a comment - 26/Dec/2019 10:41 AM Jira Audit Log requirements It would be good if we have audit log entries in below cases 1) When jira project created, or updated any changes including project re-index and project deleted. 2) When custom field created, updated and deleted. Updates are including dropdown field value addition, modification and deletion. 3) Sometimes external data import is changing the custom field configuration changes making it applicable to other issue types and there is no trace when and by whom it happen. Data import log saying users imported, versions created and components created. But it is not making any note of changing custom field configurations. We need these changes in data import log and audit log as well. 4) Workflow changes addition, modification and deletion of statuses/transitions. 5) Issue type scheme changes 6) Screen scheme changes 7) Field configuration scheme changes 8) Priority scheme changes 9) Project version and component changes 10) Permission scheme changes 11) Issue security scheme changes 12) Notification scheme changes 13) Users addition, modification, activation/deactivation and deletion. 14) Board creation, modification and deletion. When board filter deleted without deleting board. When sprint deleted 15) Re-Index intiation, index copy from one node to another. 16) Plugin installs, updates and configuration changes including license 17) General configuration changes 18) Resolutions changes 19) Project roles changes 20) Global permissions changes 21) Whitelist changes 22) Issue Collector changes 23) Issue Link changes 24) Application Links changes 25) Sub-tasks changes 26) Time-tracking admin updates 27) User group admin updates 28) User Directories changes 29) Project category changes

Renan Battaglin added a comment - 30/Aug/2019 1:51 AM

Hi all,

Thank you so much for your votes and comments on this suggestion.

We are beginning greater research on the topic of advanced auditing and would love to hear from you.

We intend to better understand:

What information you need to log and keep about your Atlassian applications and environments

What are the questions you need to answer, or specific insights your are looking for when auditing logs

Responses can be in regard to recording product usage, information that needs to be tracked for internal policies (i.e. security) or compliance standards (i.e. SOC2 or SOX)

What’s involved in the research:

Sessions are 1 hour and conducted over video-conference, so you can participate from anywhere around the globe.

After scheduling, you'll receive a calendar invite with a video-conference link.

During the research, we'll start with a general chat to get to know you and your company, then try to understand better your auditing needs and even explore some prototypes.

As a token of our appreciation, you'll receive an e-gift card worth $100 USD within 5 days of completing your session.

If you're interested in taking part, please send me an email at rbattaglin@atlassian.com and I'll get in touch. We can't guarantee that all interested parties will be selected but we appreciate your interest in helping us to make auditing in our products satisfy more advanced use cases.

We look forward to meeting you!

Cheers,
Renan Battaglin
Server and Data Center Team

Renan Battaglin added a comment - 30/Aug/2019 1:51 AM Hi all, Thank you so much for your votes and comments on this suggestion. We are beginning greater research on the topic of advanced auditing and would love to hear from you. We intend to better understand: What information you need to log and keep about your Atlassian applications and environments What are the questions you need to answer, or specific insights your are looking for when auditing logs Responses can be in regard to recording product usage, information that needs to be tracked for internal policies (i.e. security) or compliance standards (i.e. SOC2 or SOX) What’s involved in the research: Sessions are 1 hour and conducted over video-conference, so you can participate from anywhere around the globe. After scheduling, you'll receive a calendar invite with a video-conference link. During the research, we'll start with a general chat to get to know you and your company, then try to understand better your auditing needs and even explore some prototypes. As a token of our appreciation, you'll receive an e-gift card worth $100 USD within 5 days of completing your session. If you're interested in taking part, please send me an email at rbattaglin@atlassian.com and I'll get in touch. We can't guarantee that all interested parties will be selected but we appreciate your interest in helping us to make auditing in our products satisfy more advanced use cases. We look forward to meeting you! Cheers, Renan Battaglin Server and Data Center Team

Alex Kaufman added a comment - 09/Nov/2017 5:51 AM

I'd like to mention that we maintain and sell a paid add-on, Auditor for JIRA, which provides full coverage for all administrative actions in JIRA, including field configuration changes, in its comprehensive audit log. It's a commercial product we are committed to support and enhance. We also take user feedback extremely seriously and are willing to add features and functionality requested by our customers.

If you are interested, please give it a try:
https://marketplace.atlassian.com/plugins/com.plugenta.jiraauditor/server/overview

Coverage comparison with the built-in audit log is available here:
http://www.enhancera.com/jira/auditor/tour.html?jira#comparison

And please reach out to us with any questions or requests:
http://www.enhancera.com/jira/auditor/contact.html

Alex Kaufman added a comment - 09/Nov/2017 5:51 AM I'd like to mention that we maintain and sell a paid add-on, Auditor for JIRA , which provides full coverage for all administrative actions in JIRA, including field configuration changes, in its comprehensive audit log. It's a commercial product we are committed to support and enhance. We also take user feedback extremely seriously and are willing to add features and functionality requested by our customers. If you are interested, please give it a try: https://marketplace.atlassian.com/plugins/com.plugenta.jiraauditor/server/overview Coverage comparison with the built-in audit log is available here: http://www.enhancera.com/jira/auditor/tour.html?jira#comparison And please reach out to us with any questions or requests: http://www.enhancera.com/jira/auditor/contact.html

Eve (Inactive) added a comment - 02/Dec/2015 8:33 PM

This is a duplicate of JRA-3157 so I am closing this suggestion. Please vote and comment under JRA-3157 instead.

Cheers,
Eve
JIRA Product Manager

Eve (Inactive) added a comment - 02/Dec/2015 8:33 PM This is a duplicate of JRA-3157 so I am closing this suggestion. Please vote and comment under JRA-3157 instead. Cheers, Eve JIRA Product Manager

Details

Description

Workaround

Attachments

Issue Links

Forms

Activity

Collapse comment: JasbrisMcCaw added a comment - 11/May/2023 7:08 PM

Expand comment: JasbrisMcCaw added a comment - 11/May/2023 7:08 PM

Collapse comment: Anand Sanke added a comment - 26/Dec/2019 10:41 AM

Expand comment: Anand Sanke added a comment - 26/Dec/2019 10:41 AM

Collapse comment: Renan Battaglin added a comment - 30/Aug/2019 1:51 AM

Expand comment: Renan Battaglin added a comment - 30/Aug/2019 1:51 AM

Collapse comment: Alex Kaufman added a comment - 09/Nov/2017 5:51 AM

Expand comment: Alex Kaufman added a comment - 09/Nov/2017 5:51 AM

Collapse comment: Eve (Inactive) added a comment - 02/Dec/2015 8:33 PM

Expand comment: Eve (Inactive) added a comment - 02/Dec/2015 8:33 PM

People

Dates