View Source

Overview

Audit logs for your team that manages operations help the IT administrators and Atlassian support teams troubleshoot integrations and issues related to configuration changes. Audit logs are accessible to only the admins (organization, site, or product). If you’re a team admin, contact the admin for your organization, site, or product for access permissions.

Audit logs is the best place to go to view all the incoming data related to your integrations and configuration updates or if you’re having trouble with your integrations for your team that’s managing operations.

Troubleshooting integration data flows follows this pattern:

Check the logs of the originating system to verify that a request is made.
Check the audit logs to verify that the request is received.
If the request is received, look into how it was processed.
If the request isn’t received, check the configuration on the sender’s side.

note

Detailed versions of alert activity events are available in the alert activity logs.

Audit logs are maintained, by default, for 180 days.

Understanding audit logs

Audit logs capture and provide key information on the activities and their outcomes. They are broadly categorized into two groups and further into sub-categories.

Log categories

The log category tells you whether the record relates to a notification, alert, integration, etc.

Jira Service Management System Actions: Captures information about system-originated actions (incoming data and automation).

Jira Service Management User Actions: Captures information about user-originated activity in the following areas. For example, configuration changes at a product or integration level, project settings, assets (global schemas, reference, status, icons), etc. The following isn’t an exhaustive list, but it gives you an idea of what is covered.

Alerts
API
Integrations
Emails
Heartbeats
Notifications
On-call schedules

An activity could be a create/change/delete action taken in relation to any of these entities.

Category	For logging ..
Integration	Changes related to integrations
Alert and alert action	Changes related to alerts and alert actions
API request	Changes related to API payloads
Email request	Changes related to email workflows
Config change	Changes related to configuration
Notification	Changes related to notifications

Log levels

There are three logging levels available in audit logs:

INFORMATION (including DEBUG and TRACE): The most verbose logging. Indicates what’s generally happening in the environment.
WARNING: The default level. Indicates that something may have gone wrong or other messages an admin might be interested in.
ERROR (includes FATAL): The least verbose logging. Indicates that something has gone wrong in the environment.

Log attributes and examples

The following table lists the primary log attributes every log entry comprises and provides examples for each:

Attribute	Example
Timestamp and timezone	Mar 08, 2023 16:24 GMT+5:30
Category	Integrations, Alerts, Configuration changes
Activity summary	[outgoing][alert] Received integration request with event ID: [a4a89a81-386c-489b-a897-a1bd72035884], but there are integration(s) that are turned off. [alertAction] User [xyz@mysite.com] is added as a responder via web.
Log level	INFORMATION WARNING ERROR
Logs in JSON format