What information is stored in the access logs (privacy concerns)

About to rollout the latest developer version of Sonarqube and facing some privacy concerns from our international users.

What information is kept in the access logs (username?, email?, password?, source IP address?, Time and date of access?, failed access?, other???).

Is this documented anywhere, I can’t find it.

Hey there.

The access.log file is right there for you to see! And you can configure the logging in your conf/sonar.properties file (or via environment variable). Both these places also provide documentation for the access log pattern.

Thanks - I can’t get approval to install the software until I let people know what is being logged, so I won’t be able to see the logs until then, otherwise as you mentioned I could have just looked at them. Lots of overhead just to install software at my company.