Auditing for Azure DevOps is now in Public Preview

Avatar

Octavio

We’re excited to announce that Auditing for Azure DevOps is now available for all organizations as a Public Preview! As Azure DevOps keeps growing and is adopted by enterprises, our customers have been demanding for the ability to monitor activities and changes throughout their organizations.

When an auditable event occurs, a log entry is recorded. These events may occur in any portion of Azure DevOps; some examples of auditable events include: Git repository creations, permission changes, resource deletions, code downloads, accessing the auditing feature, and much more.

The audit events include information such as who caused the event to be logged and their IP, what happened, and other useful details that can help you answer the who, what, when, and where questions.

Audit Log Page

We will be working over the next few months on enhancing auditing with new features. In the next quarter we’ll be working on a streaming feature which will allow you to send your logs to first and third party Security Incident and Event Management (SIEM) tools. The use of these tools along with auditing will give you more transparency into your workforce and allow for anomaly detection, trend visualization, and more!

The auditing feature can be found under the Organizations settings. For more information, see our documentation.

We’d love to hear your feedback as we continue to move towards making this feature generally available! You can share your thoughts directly with the product team using @AzureDevOps, Developer Community, or comment on this post.

Avatar
Octavio Licea Leon

Senior Software Engineer, Azure DevOps

Follow Octavio   

11 comments

  • Avatar
    Brian Mirlenbrink

    I don’t see Git/code audit events in the logs today even though you mention them in this post and they are mentioned in the documentation.  Are they not available yet?

  • Avatar
    christoph.haupt@boschrexroth.de

    This news is awesome. As an administrator for one of those ‘enterprise customers’ looking after 2000 users is not easy. But this improvement will help us alot… when it is available for on-prem too 😉 
    I would love to push this priority for DevOps Server to high position, but how could I (my company) ?

  • Avatar
    Octavio Licea Leon

    Hi Christoph, thanks for reaching out, by sharing your opinion you are influencing the way me team prioritizes new features, please keep providing feedback. Streaming being a highly requested one is our immediate priority, on-prem Auditing is more of a longer term goal.

  • Avatar
    Daniel Stefanescu

    Hi,I cannot understand why such a basic feature is not available yet; the product is 13 years old and I still cannot find who deleted an iteration two days ago.So +1 for on-premises

    • Rogan Ferguson
      Rogan Ferguson

      Hey Daniel – Thanks for your feedback. We’re working hard to build out the set of auditing events that we log and building in a streaming capability over the next quarter. Bringing this on-prem is still very much on our radar. I’m hopeful that we’ll have a better timeline for that later on this quarter. Until then, please feel free to try out auditing in an organization on the hosted product and let us know if you have any additional feedback!

  • Avatar
    Paul

    This is nice feature which i was looking for a while. Right now we can download the events to excel , is there any plan to implement trigger notifications to slack / email during changes in security area. Also, it would be nice if we can have filters for columns. 

  • Avatar
    Sreeraj Rajendran

    We have the same question, are there plans to include a service hook  / trigger notifications –  based on auditing events?
    This would help us automate governance better. Thanks!

Leave a comment