API Token AuthenticationAPI Token Authentication
Try For Free

Atlassian Audit Log Related Problems

Problem & Symptoms

When browsing the Audit Log page (https://<<your-instance-base-URL>>/plugins/servlet/audit), the page becomes slow or even unresponsive. This might eventually only happen if you try grouping the results by Summaries:
image2024-9-9_19-36-40.png
Additionally, similar messages like in the example below might appear in the Atlassian log file:

  1. [c.a.a.ao.dao.AoCachedActionDao] Detected 623099 audit summaries (AKA actions) which is greater than the limit of 1000 this may lead to general performance degradation as audit events are saved and/or while loading the UI.

Cause

Before version 2.6.0, our implementation of adding data to the audit log added event-specific information to the Summary field. Since every summary is then unique, this leads to issues because grouping these summaries via database becomes more expensive. We corrected that behaviour with version 2.6.0; you can see the differences between audit log records in the old and new versions here: before 2.6.0 and starting with 2.6.0. However, you might still have a lot of summaries in a particular database table that might cause the issues mentioned. The following paragraph describes how to get rid of them.

Solution

Since the fix requires database operations, we recommend doing that in a downtime window with Jira shutdown to be safe. However, it’s improbable that deleting these records in a running system causes any issues. However, using LIKE in a WHERE clause and a table with many records can impact database performance, so it is recommended that you do this outside of business hours.

Identify the Number of Records

You might not need to double-quote field and table names as in the queries below; this is PostgreSQL-specific. 

The following query reveals the number of records our app created in the database table before the change.

  1. SELECT count(*) FROM "AO_C77861_AUDIT_ACTION_CACHE" WHERE "ACTION" LIKE 'Found a matching token%' OR "ACTION" LIKE 'A user provided%' OR "ACTION" LIKE 'Token verification for user%' OR "ACTION" LIKE 'Created token with%' OR "ACTION" LIKE 'Deleted token with%' OR "ACTION" LIKE '%is authenticating with an invalid token%' OR "ACTION" LIKE 'An unknown user provided an invalid%';

The count(*) value is expected to be very high and just for informational purposes. 

Deleting the Offending Records

You can use the same WHERE clause to delete the records:

  1. DELETE FROM "AO_C77861_AUDIT_ACTION_CACHE" WHERE "ACTION" LIKE 'Found a matching token%' OR "ACTION" LIKE 'A user provided%' OR "ACTION" LIKE 'Token verification for user%' OR "ACTION" LIKE 'Created token with%' OR "ACTION" LIKE 'Deleted token with%' OR "ACTION" LIKE '%is authenticating with an invalid token%' OR "ACTION" LIKE 'An unknown user provided an invalid%';


This site uses cookies to deliver its service & to analyse traffic. By browsing this site, you accept the privacy policy.

Our Wiki uses cookies

We want to give you the best possible experience on our website. For this we use technically required cookies and, if you agree, cookies for analysis and marketing purposes. You can find more information about the cookies in our Privacy Policy. By tapping ‘Accept All,’ you consent to the use of these methods by us and third parties.

Necessary
Always Active
Analytics
Advertisement
Other