Find user-specific information on projects/repositories access in Bitbucket DC
Platform Notice: Data Center Only - This article only applies to Atlassian products on the Data Center platform.
Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Except Fisheye and Crucible
Summary
This article shares options to extract user-specific information on access to projects/repositories.
Context:
This information might be helpful in the following scenarios:
Security Audits: To ensure users have appropriate access levels and identify unauthorised access.
User Activity Monitoring: To track usage patterns or investigate specific user actions.
Access Management: To review or adjust user permissions based on activity.
Troubleshooting Access Issues: To verify access history when users report issues.
Compliance and Reporting: To generate reports for regulatory requirements. A use case would be to verify the actions of a suspicious user or to validate a user's project/repo permissions.
Environment
All Bitbucket-supported versions
Solution
There are two ways to get project/repository access information from Bitbucket.
Extracting information from access logs:
Bitbucket_Home/log/atlassian-bitbucket-access.log/atlassian-bitbucket-access*.log holds details for requests coming from all users towards Bitbucket and file gets. To get the details of a specific user operation, you can follow the steps below and confirm if you are getting the result:Log in to the Bitbucket Data Center and go to
<Bitbucket_Home>/logdirectory.Check for the access logs via the command line:
ls -lrt atlassian-bitbucket-access*You may get more files where you can check if you need a specific date file or the latest access log file.
Use grep for the username on the found results to check for any entries:
grep -i "username" <file_name>In case you want to check all access logs, use
atlassian-bitbucket-access*.logfor the filename.
Querying the Audit log table: By default, the Coverage level for Repository accessed by user (RepositoryAccessedEvent) is Base; hence, without any need for updating configurations, you can easily access information related to repositories accessed by a user by using the below database query:
select * from "AO_C77861_AUDIT_ENTITY" acae where "ACTION" ='Repository accessed by user' and "USER_NAME" ='admin';
Atlassian does not provide any support for sample database queries provided in our Knowledge Base documents. Extraction of data from Bitbucket should be performed using our REST API Documentation because we don't keep all data relationships in the DB. Many connections to data are handled in the code. The REST API can go through the code paths to get the data. A SQL would have to do that manually, or, in some cases, it can’t be done at all.
Please note that there are many events in the audit log that you can enable based on the different coverage level details present in this documentation: Audit log events.
Was this helpful?