Skip to main content
Skip table of contents

Viewing Audited Events

To help administrators keep track of various events, Security for Confluence Cloud has an audit log. Due to Atlassian policies, we cannot write to the Atlassian audit log.

Accessing the audit log

From the Confluence administration page, select Soteri Audit Log under Soteri security. It can also be accessed from the top right of the settings page.

Viewing events

The audit log page shows events ordered from most to least recent.

The “Show more” column on the right can be clicked to show the details of individual events, including the Atlassian user ID of the author. (Events with no associated user, such as scans starting and completing, use “System” as the author)

The search boxes at the top of the page can be used to filter events by a substring of the Atlassian user ID, event type, or event details (which are stored as JSON). Click the search icon or press enter in one of the search boxes to filter. For example, the above event matches each of these filters:

Exporting events

The export button on the top right exports events matching the current filters as a CSV file.

List of audited events

Event type

Detail fields

Scheduled space scan

spaceId ID of the scanned space.

spaceKey Key of the scanned space.

Reviewed a false positive

Deleted a reviewed false positive

spaceId ID of the space which the finding was reviewed in.

spaceKey Key of the space which the finding was reviewed in.

ruleName The name of the rule which the finding is for.

Updated instance settings

autoScan Whether automatic scanning is enabled.

deduplicateExports Whether findings are deduplicated in exports.

includePlaintextInExports Whether exported findings include the finding in plaintext.

Create custom rule

Update custom rule

Delete custom rule

name Name of the custom rule.

id ID of the custom rule.

regexp The regex for the custom rule.

enabled Whether the custom rule is enabled (only for update).

Toggled built-in rule

name Name of the built-in rule.

enabled Whether the custom rule is enabled.

Updated app access configuration

Added Users and groups that have been given access to the app.

Removed Users and groups whose access to the app has been revoked.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close