Skip to main content
Skip table of contents

Viewing Audited Events

To help administrators keep track of various events, Security for Jira places entries in Jira’s Audit Log.

Accessing the Audit Log

From the Jira administration page, select Audit log (under “Administration”) from the sidebar. This brings up the “Advanced audit log” page:

From here, click on the + More button. A new Categories drop-down will appear. From that, select “Soteri Security for Jira” to view only Security for Jira audit log events. You can expand events to see more details:

Jira audit log access is only available to Jira Administrators.

Audited Events

The following Security for Jira events are currently recorded in the audit log:

Audit Event Category

Description

Scanning rule toggled

When a user toggles a built-in rule.

Global setting changed

When a user changes a setting on the settings page.

App administrator setting changed

When a user or group is added or removed from the list of users and groups with explicit app access.

Custom scanning rule created

When a user creates a new custom rule.

Custom scanning rule updated

When a user changes a custom rule.

Custom scanning rule deleted

When a user deletes a custom rule.

Scan finding reviewed

When a user marks a scan finding reviewed.

Scan finding un-reviewed

When a user unmarks a scan finding reviewed.

Un-reviewed all scan findings

When a user unmarks all findings reviewed for a project.

Issue scan triggered

When a user triggers a scan of a specific issue.

Project scan triggered

When a user triggers a scan of a specific project.

Whole instance scan triggered

When a user triggers a scan of the entire instance.

Findings exported

When a user exports findings for a specific project.

Scheduled scans canceled

When scheduled scans are cancelled by a user.

All findings exported

When a user exports all findings.

False positives exported

When a user exports reviewed findings for a specific project.

All false positives exported

When a user exports all reviewed findings.

Attachment scan information exported

When a user exports attachment scan information for a specific project.

All attachment scan information exported

When a user exports all attachment scan information.

Globally reviewed false positives exported

When a user exports globally reviewed false positives.

Globally reviewed false positives changed

When a user changes globally reviewed false positives.

REST API

Jira provides a REST API for accessing all audit log events. For instance, you can fetch recent audit events with a REST API call that looks like this:

CODE
curl -u admin https://{jira.server}/rest/api/audit

Reference the REST API documentation for your Jira version for more information.

External Integration

The Jira audit log can be integrated with external SIEM tools (like the ELK stack) to do things like notify administrators when Security for Jira settings are changed, or potentially sensitive content is published. Reference Atlassian’s Guide to audit log integration for more information.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.