System + Access Logs

  • ALM used: Azure DevOps
  • CI system used: Azure DevOps
  • Scanner command used when applicable: n/a
  • Languages of the repository: n/a
  • Steps to reproduce: n/a
  • Potential workaround: unknown

Given the sensitive nature of the information kept in SonarCloud our organisation requires logs to be ingested into a Security Information and Event Management (SIEM) system

Is there a way to view/export/forward system logs and access logs from a SonarCloud Organisation?

If not, is this a feature that sonarsource would consider?

Hi Warner,

there is no way to view/export/forward system and access logs from a SonarCloud Organization into a SIEM system.

Such a feature is not in our radar. Given that it is the first time we’ve got such a request, I don’t think this is something we’ll consider for now. Obviously, this might change in the future if we get more and more requests about this!

1 Like

Thanks for your response @Fabrice_Bellingard,

Unfortunately this will be a problem for us adopting a SaaS solution. It will be an unacceptable security risk if we cannot audit system access in the event of a user’s credentials being compromised. I understand that no-one else has asked for such a request, however as a consultant working across many enterprises, this will be a show stopper.