Auditing Best Practices

Article ID:360039529131
1 minute readKnowledge base

Issue

  • Best Practice for auditing Jenkins instance usage: “WHO did WHAT?”

Resolution

Jenkins Community

There are two open-source plugins that allow you to perform audits in Jenkins:

  • Audit Trail Plugin: Adds an “Audit Trail” section in your Jenkins main configuration page, where it is possible to define where to save logs on who performed particular operations on Jenkins. To get additional information about this plugin, please refer to How does Audit Trail plugin work?.

  • Job Config History Plugin: stores all the changes made to jobs (history), saving the config.xml of each job. For each change, it is possible to see the record of the change, compare the difference between the new and the old version and restore a previous version. It is also possible to keep track of the changes made to the system configuration.

CloudBees

Complementary to the Open Source plugins, CloudBees offers:

  • User Activity Monitoring: provides you with a summary of user activity, CSV exports of user access details, and JSON reports that can be exported to other applications. The User Activity Monitoring plugin helps you understand licensing and entitlement.