Audit logging in Bitbucket Server

Bitbucket Server comes with an internal audit system enabled by default at installation. The audit system is intended to give administrators an insight into the way Bitbucket Server is being used. The audit system could be used to identify authorized and unauthorized changes, or suspicious activity over a period of time. 

Viewing recent events

Bitbucket Server administrators and system administrators can see a list of recent events for each project and repository in the 'Audit log' view. This is found in the 'Settings' for a project or repository, and shows only the most important audit events. 

The audit log displays a subset of the events recorded in the log file and is kept to a configurable maximum size (the default is 500 events). See Audit events in Bitbucket Server for more details.

Accessing the audit log file

The full audit log file records a wide range of events in Bitbucket Server. See Audit events in Bitbucket Server for a list of these.
The volume of events that are logged is coarsely configurable by changing a Bitbucket Server instance setting. See Bitbucket Server config properties for more details.
You can find the log file in the <Bitbucket Server home directory>/log/audit directory. 
The log file will roll daily and also when it grows past a maximum size of 25 MB. There is a limit (currently 100) to the number of rolled files that Bitbucket Server will keep. When the limit is reached, the oldest file is deleted each day.

 

Note that you will need to backup the log files before they are removed, if your organization needs to keep copies of those.

 

Configuring audit logging

There are various system properties that can be used to configure audit logging in Bitbucket Server.

Last modified on May 28, 2018

Was this helpful?

Yes
No
Provide feedback about this article
Powered by Confluence and Scroll Viewport.