- ALM used: Azure DevOps
- CI system used: Azure DevOps
- Scanner command used when applicable: n/a
- Languages of the repository: n/a
- Steps to reproduce: n/a
- Potential workaround: unknown
Given the sensitive nature of the information kept in SonarCloud our organisation requires logs to be ingested into a Security Information and Event Management (SIEM) system
Is there a way to view/export/forward system logs and access logs from a SonarCloud Organisation?
If not, is this a feature that sonarsource would consider?
there is no way to view/export/forward system and access logs from a SonarCloud Organization into a SIEM system.
Such a feature is not in our radar. Given that it is the first time we’ve got such a request, I don’t think this is something we’ll consider for now. Obviously, this might change in the future if we get more and more requests about this!
Thanks for your response @Fabrice_Bellingard,
Unfortunately this will be a problem for us adopting a SaaS solution. It will be an unacceptable security risk if we cannot audit system access in the event of a user’s credentials being compromised. I understand that no-one else has asked for such a request, however as a consultant working across many enterprises, this will be a show stopper.
Has there been any more requests for this feature?
You can count me as plus one for a way to export/forward system and access logs into a SIEM system.