To help administrators keep track of various events, Security for Jira Cloud has an audit log. Due to Atlassian policies, we cannot write to the Atlassian audit log.
Accessing the audit log
From the Jira administration page, select Soteri Audit Log under Soteri security. It can also be accessed from the top right of the settings page.
Viewing events
The audit log page shows events ordered from most to least recent.
The “Show more” column on the right can be clicked to show the details of individual events, including the Atlassian user ID of the author. (Events with no associated user, such as scans starting and completing, use “System” as the author)
The search boxes at the top of the page can be used to filter events by a substring of the Atlassian user ID, event type, or event details (which are stored as JSON). Click the search icon or press enter in one of the search boxes to filter. For example, the above event matches each of these filters:
Exporting events
The export button on the top right exports events matching the current filters as a CSV file.
List of audited events
Event type
Detail fields
Scheduled project scan
Could not access project
projectId ID of the scanned project.
Finished project scan
projectId ID of the scanned project.
findingsCount The number of findings in the project.
Error while running project scan
projectId ID of the scanned project.
errorMessage Error encountered during the scan.
Reviewed a false positive
Deleted a reviewed false positive
projectId ID of the project the finding is reviewed in.
scope reviewed at space or content scope.
ruleName The name of the rule which the finding is for.
Added globally reviewed false positives
uploadedCount Number of false positives uploaded
addedCount Number of newly added false positives
Deleted globally reviewed false positives
uploadedCount Number of false positives uploaded
deletedCount Number of deleted false positives
Updated instance settings
autoScan Whether automatic scanning is enabled.
deduplicateExports Whether findings are deduplicated in exports.
includePlaintextInExports Whether exported findings include the finding in plaintext.
Create custom rule
Update custom rule
Delete custom rule
name Name of the custom rule.
id ID of the custom rule.
regexp The regex for the custom rule.
enabled Whether the custom rule is enabled (only for update).
Toggled built-in rule
name Name of the built-in rule.
enabled Whether the custom rule is enabled.
Updated app access configuration
Added Users and groups that have been given access to the app.
Removed Users and groups whose access to the app has been revoked.
JavaScript errors detected
Please note, these errors can depend on your browser setup.
If this problem persists, please contact our support.
