We’re excited to announce that Auditing for Azure DevOps is now available for all organizations as a Public Preview! As Azure DevOps keeps growing and is adopted by enterprises, our customers have been demanding for the ability to monitor activities and changes throughout their organizations.
When an auditable event occurs, a log entry is recorded. These events may occur in any portion of Azure DevOps; some examples of auditable events include: Git repository creations, permission changes, resource deletions, code downloads, accessing the auditing feature, and much more.
The audit events include information such as who caused the event to be logged and their IP, what happened, and other useful details that can help you answer the who, what, when, and where questions.
We will be working over the next few months on enhancing auditing with new features. In the next quarter we’ll be working on a streaming feature which will allow you to send your logs to first and third party Security Incident and Event Management (SIEM) tools. The use of these tools along with auditing will give you more transparency into your workforce and allow for anomaly detection, trend visualization, and more!
The auditing feature can be found under the Organizations settings. For more information, see our documentation.
We’d love to hear your feedback as we continue to move towards making this feature generally available! You can share your thoughts directly with the product team using @AzureDevOps, Developer Community, or comment on this post.
We love that and we’ve already automated querying Azure DevOps audit logs and inserting them into Log Analytics Workspace. KQL is powerful. It’s not a problem now to have a full picture of what’s going on.
https://automate.guru/azure-devops-audit-logs-forwarding/
Hi I don’t see any logs related to Azure Repos in the Auditing logs. In the above article and documentation you mentioned about code downloads. I really wanted to know if it is possible to get detailed information on who downloaded as zip and/or cloned the code from azure repos. Are they available?
Hi! When will we see a native integration with Azure Sentinel for this? I really really want it. 🙂
Thanks,
We have the same question, are there plans to include a service hook / trigger notifications – based on auditing events?
This would help us automate governance better. Thanks!