Audit Logging

The ScriptRunner audit log helps you inspect the script configuration changes made by your users. The audit log service logs add, edit, or delete operations for ScriptRunner scripts as part of application audit log. The service also logs execution of built-in scripts that could potentially change the system.

To avoid swamping the audit log, the service does not log activities where scripts read data from the system. It only logs activities where the configuration has been changed.

View Audit Log

ScriptRunner audit logging is enabled by default since ScriptRunner v5.6.7, in the Bitbucket audit log in repository and project settings.

You must be a project administrator or repository administrator to view the Bitbucket audit log. To view the audit log, navigate to one of the following options:

  • Repository Settings > Audit Log

  • Project Settings > Audit Log

You can only view the Bitbucket audit log from within project or repisitory settings. There is no global audit log view that an administrator can access for an overview of all repositories and projects. A plain-text audit log file can be found at log/audit/atlassian-bitbucket-audit.log within the Bitbucket home directory.

The Action column is prefixed with ScriptRunner for ScriptRunner-related audit log entries. Entries that are not prefixed with ScriptRunner are from Bitbucket or another installed app.

The Details column contains a JSON representation of the configuration related to the audit entry.

Disabling Audit Log

You won’t be able to inspect ScriptRunner script configuration changes if the audit logging is disabled. Disabling ScriptRunner audit logging mechanism is highly discouraged unless you have a strong reason.

The ScriptRunner audit log can be turned off by enabling a Bitbucket dark feature. Atlassian does not document how to use dark features in Bitbucket, and no user interface for the configuration of dark features is present.

The only way to enable a dark feature is by setting a JVM system property.

To disable audit logging, add the -Datlassian.darkfeature.scriptrunner.audit.log.disabled=true system property to the JVM_SUPPORT_RECOMMENDED_ARGS field present in the Bitbucket startup script. The startup script is named on Linux/MacOS and start-webapp.bat on Windows.

On this page