Atlassian Organization Audit Logs

Supported OS Linux Windows Mac OS

Overview

Atlassian Organization Audit Logs track admin changes to your organization’s group configurations and product access. This integration provides visibility into admin events across all Atlassian products, beyond Jira and Confluence. In addition to these administrative actions, we recommend installing the Jira & Confluence Audit Records integrations to get more granular product-specific user events.

This integration can also be used to set up Cloud SIEM detection rules using the out-of-the-box Logs pipeline.

In addition, you can:

  • Control the data retention of your Atlassian products.
  • Build custom widgets and dashboards.
  • Set up detection rules that trigger specific actions.
  • Cross-reference Atlassian product events with the data from other services.

Logs are collected using Atlassian’s Audit Logs API and record the following information:

  • Group Management: Creations, deletions, renames, and user list modifications of groups.
  • Group Access Configuration: Changes to the product or administration access of a group. This includes granting and revoking access roles.
  • Product Access Configuration: Changes to invite settings and allowed users for product or site access. This includes enabling and disabling third-party account invites, as well as creating or revoking API tokens.

For more granular details on the properties of these logs, visit the Atlassian’s Track Organization Activities from the Audit Log documentation. If your organization has Atlassian Guard Premium Tier, your account might generate additional audit log events that track user-created content and classification activity.

Search for source:atlassian-event-logs to view your Atlassian Organization Audit Logs in Datadog’s Logs Management product.

Setup

  1. From the Configure tab of the Atlassian Organization Audit Logs tile, click the Add New button.
  2. Follow the instructions on the Atlassian Organization Audit Logs tile to authenticate using your Atlassian Organization ID and API Bearer Token.

Validation

In Datadog’s Log Explorer, search your logs using the query: source:atlassian-event-logs. If the integration was installed and authenticated correctly, logs should populate shortly.

Data Collected

Metrics

Atlassian Organization Audit Logs does not include any metrics.

Service Checks

Atlassian Organization Audit Logs does not include any service checks.

Events

Atlassian Organization Audit Logs does not include any events.

Logs

Atlassian Organization Audit Logs collects audit logs.

Troubleshooting

Rate Limit Restrictions

Organizations with high levels of admin activity may hit the API rate limit. See Atlassian’s Audit Log Rate Limit documentation to find the current limits. If the rate of log ingestion is close to the maximum threshold, it may be the cause of missing logs.

Need help? Contact Datadog support.