Audit logging

Owned by Steinar Line
Last updated: Jan 03, 2023
1 min read

Kantega SSO provides a basic audit log through the standard slf4j logging facility. It’s enabled via the standard logging configuration. NOTE: While the config examples below write the audit events to the standard application logs, you can also write to a custom file if you prefer.

Both successful and failed Kerberos and SAML logins will be logged. For failed logins, there will be an additional message explaining the cause.

Example output:

The user 'johndoe' has PASSED authentication using Kerberos
The user 'john.doe@mycompany.com' has PASSED authentication using SAML

Bitbucket

Add the following line to your bitbucket.properties file:

logging.logger.com.kantegasso.AuditLog=DEBUG

Read more about logging in Bitbucket how to enable runtime here:
Enable debug logging | Bitbucket Data Center 9.3 | Atlassian Documentation

Confluence

Add the following at the bottom of the file ${CONFLUENCE_INSTALL}/confluence/WEB-INF/classes/log4j.properties:

The log will be written to: ${CONFLUENCE_HOME}/logs/atlassian-security.log.

Jira

Version 9.5 and newer

Locate the bottom two lines of ${JIRA_INSTALL}/atlassian-jira/WEB-INF/classes/log4j2.xml:

add the 3 first lines below so that the last 5 lines in the file look like this (the correct number of spaces in front of lines are not important):


Older versions of Jira than 9.5

Add the following lines to ${JIRA_INSTALL}/atlassian-jira/WEB-INF/classes/log4j.properties:

The log will be written to: ${JIRA_HOME}/log/atlassian-jira-security.log

Enabling in other Atlassian products

Similarly, you may enable audit logging in other Atlassian products. Please contact us if you have problems setting this up and we will help you out.