Uploaded image for project: 'Jira Data Center'
  1. Jira Data Center
  2. JRASERVER-43160

User and Group Management events in JIRA audit log are anonymous

    • We collect Jira feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

      NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion.

      Author of all these events is JIRA which is useless for auditing purpose - I cannot see who added the user, who changed his/her permissions.
      Must be specific user name.
      See screenshot.

            [JRASERVER-43160] User and Group Management events in JIRA audit log are anonymous

            Any updates to this? I need to make a security incident investigation and the only thing I get from the log is "JIRA", and no user is named JIRA

            Fernando Graterol added a comment - Any updates to this? I need to make a security incident investigation and the only thing I get from the log is "JIRA", and no user is named JIRA

            Mahtab added a comment -

            This issue is being tracked here: https://jira.atlassian.com/browse/JRASERVER-68953

            Mahtab added a comment - This issue is being tracked here: https://jira.atlassian.com/browse/JRASERVER-68953

            This is closed as "Tracked Elsewhere", where is that elsewhere that this is tracked?

            Perry Tancredi added a comment - This is closed as "Tracked Elsewhere", where is that elsewhere that this is tracked?

            Hey slizenko, we understand the need to see the real author of events logged in auditing. Unfortunately, when user management is handled in remote Crowd directory, JIRA is not receiving the information about the author of the change from Crowd itself, that's why the author of the event is displayed as anonymous.
            We have this issue in the backlog for potential expansion of Audit Log capabilities, however we are not likely to address it in the next months.

            All the best,
            Eve Stankiewicz
            JIRA Product Management

            Eve (Inactive) added a comment - Hey slizenko , we understand the need to see the real author of events logged in auditing. Unfortunately, when user management is handled in remote Crowd directory, JIRA is not receiving the information about the author of the change from Crowd itself, that's why the author of the event is displayed as anonymous. We have this issue in the backlog for potential expansion of Audit Log capabilities, however we are not likely to address it in the next months. All the best, Eve Stankiewicz JIRA Product Management

              Unassigned Unassigned
              13f501460608 SL
              Votes:
              0 Vote for this issue
              Watchers:
              8 Start watching this issue

                Created:
                Updated:
                Resolved: