Audit Logging

The ScriptRunner audit log helps you inspect the script configuration changes made by your users. The audit log service logs add, edit, or delete operations for ScriptRunner scripts as part of application audit log. The service also logs execution of built-in scripts that could potentially change the system.

To avoid swamping the audit log, the service does not log activities where scripts read data from the system. It only logs activities where the configuration has been changed.

View Audit Log

ScriptRunner audit logging is enabled by default since ScriptRunner v5.3.8 as part of Confluence audit log. You must be a Confluence administrator to view the Confluence audit log.

Navigate to General Configuration > Administration > Audit Log to view the audit log. The Change column starts with ScriptRunner for the ScriptRunner audit log entry. The screenshot below is an example of how the ScriptRunner audit log entries looks like in Confluence audit log.

Disabling Audit Log

You won’t be able to inspect ScriptRunner script configuration changes if the audit logging is disabled. Disabling ScriptRunner audit logging mechanism is highly discouraged unless you have a strong reason.

To disable the audit logging, follow these steps:

  1. Login as an administrator.

  2. Go to [BASE-URL]/admin/darkfeatures.action.

  3. In the Enable Dark Feature text field, add scriptrunner.audit.log.disabled.

The image below shows the dark feature page after adding the scriptrunner.audit.log.disabled key:

Enabling Audit Log

  1. Login as an administrator.

  2. Go to [BASE-URL]/admin/darkfeatures.action.

  3. Locate the scriptrunner.audit.log.disabled key, and then select (remove) link on the right side of the key.

    This should remove the scriptrunner.audit.log.disabled key from the list.