Skip to main content
Skip table of contents

Auditing secrets

On 26 Sept 2023, there will be significant improvements to the Security & Encryption Cloud app. Learn more

Audit logs show chronological events around secrets in the space, who interacted and made changes to the secrets. You may use the audit logs to run audit reports, review access to secrets, find out any unintended access, detect suspicious activities and provide supporting evidence of your organization's security compliance.

The audit logs page shows event records of all secrets within the space.

Records are kept for 90 days and cannot be deleted. Only the space administrators are able to see audit logs.

Accessing audit logs

  1. On the left sidebar, click Secret Administrator.
  2. Click on Audit logs tab.

    You can't see this tab if you're not a space administrator.
  3. You'll see a table of audit information. 
    Use the input box at the top to filter by secret name or secret ID.

Audit log details

The following items are available for each row in the audit logs.

DateThe date and time (in your current timezone) the event took place.
UserThe Confluence user who performed the event.

The type of event. It can be one of the following:

  • Created
  • Modified
  • Deleted
  • Restored (see Restoring deleted secrets)
  • Purged (permanently deleted, cannot be restored)
  • Decrypted (successful access to the secret)
  • Attempted (failed access to the secret, typically due to insufficient permissions)
Item affectedName of the secret (and its ID).

The page location where the event was performed.

When marked as "-", the event was performed in the main secrets page or administration pages (available from the sidebar).

VersionThe version of the secret when the event took place.
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.