Audit logging in Stash

Redirection notice

This page will redirect to /display/BitbucketServer/Audit+logging+in+Bitbucket+Server .

Stash comes with an internal audit system enabled by default at installation. The audit system is intended to give administrators an insight into the way Stash is being used. The audit system could be used to identify authorized and unauthorized changes, or suspicious activity over a period of time. 

Viewing recent events

Stash administrators and system administrators can see a list of recent events for each project and repository in the 'Audit log' view. This is found in the 'Settings' for a project or repository, and shows only the most important audit events.



The audit log displays a subset of the events recorded in the log file and is kept to a configurable maximum size (the default is 500 events). See  Audit events in Stash for more details.

Accessing the audit log file

The full audit log file records a wide range of events in Stash. See  Audit events in Stash for a list of these.
The volume of events that are logged is coarsely configurable by changing a Stash server setting. See  Stash config properties for more details.
You can find the log file in the  <Stash home directory >/log/audit directory. 
The log file will roll daily and also when it grows past a maximum size of 25 MB. There is a limit (currently 100) to the number of rolled files that Stash will keep. When the limit is reached, the oldest file is deleted each day.
(warning) Note that you will need to back up the log files before they are removed, if your organisation needs to keep copies of those.

Configuring audit logging

There are various system properties that can be used to configure audit logging in Stash.

Was this helpful?

Thanks for your feedback!

Why was this unhelpful?

Have a question about this article?

See questions about this article

Powered by Confluence and Scroll Viewport