Auditing in Jira applications
The auditing feature tracks key activities in Jira products. These activities are recorded in an audit log that can be viewed in the Jira administration console. This can be a handy tool in helping you diagnose problems in Jira products or used for security purposes.
The audit log isn't available if all of your Jira Cloud products are on the Free plan. You can upgrade your plan to view and track changes made across your site. To view the audit log you need to have the Administer Jira global permission.
View the audit log
- Choose
> System - Choose Audit Log
The following events are captured in the audit log:
| Category | Events |
|---|---|
| Auditing | Auditing enabled, auditing disabled |
| Project changes | Project created, project removed, project updated |
| Permission changes | scheme created, scheme copied, scheme removed, scheme edited, scheme assigned to a project, scheme unassigned from a project, permission added to scheme, permission removed from scheme, global permission added to a group, global permission removed from a group |
| Workflow changes | Scheme created, scheme copied, scheme removed, scheme edited, scheme assigned to a project, scheme unassigned from a project, workflow created, workflow copied, workflow removed, workflow renamed, workflow draft published |
| Notification changes | Scheme created, scheme copied, scheme removed, scheme edited, scheme added to project, scheme removed from project, notification added to scheme, notification removed from scheme. |
| Screen changes | No events recorded. |
| Custom field changes | Custom field created, custom field updated, scheme added to project, scheme removed from project, custom field trashed, custom field restored, custom field deleted |
The audit log isn't intended to record all activity in Jira. For example, it doesn't track issue updates or pages that are viewed by a user. The audit log is intended to record configuration changes that can impact users and projects.
- You can't sort the audit log. You can export the data to a CSV file and open it in a spreadsheet application to manipulate the data.
- There's a known issue which prevents the Author field from displaying the username for changes that were made in the user management pages in Jira cloud products (including changes to users, groups, and application access). For example, events like users being created or assigned to groups won't include the username of the user who made the change.
Edit audit log settings
You can configure how long audit events are retained, and whether events from external user directories like LDAP appear in the log.
- Select Actions > Audit Log Settings
- Choose your retention period
- Update the retention period and external user directory settings and choose Save
Export the audit log
You can export up to 100,000 events as a CSV file. If you have more than 100,000 events, the newest events are included in the export.
When you export the audit log, all events (up to the maximum number) are included even if you've filtered the audit log results in the page.
- Navigate to the audit log and choose Export
- Confirm by clicking Export again
Auditing and the REST API
The audit log can also be accessed via the REST API. You may use this to:
- Export the audit log
- Add events to the audit log triggered by external plugins
For more information on using the REST API, check out the Jira Cloud REST API documentation.