Auditing Coming to General Availability (GA) Early 2022!

In the past couple of years, we’ve been gradually working on building out the Auditing features within Azure DevOps, from adding new billing and token events to the logs to releasing the ability to send auditing data downstream into a Security Incident and Event Management (SIEM) tool. Throughout this public preview, we’ve been happy to share these features with your teams to glean valuable feedback on how you’ve been using the Auditing Log and Streaming functions to address organizational compliance and governance goals.

This coming Q1 2022, we’re looking forward to officially taking the Auditing feature out of public preview and into general availability (GA).

What does this mean for me?

For active users of Auditing today, you may already be experiencing some of the changes we’ve been putting in place over the course of this quarter:

• Making investments in overall scalability and performance. We’ve been learning about expected event volumes and working hard on getting you these events to your logs and streams as close to real-time as possible.
• Scrutinizing the kind of events and the quality of event data we have been feeding into the Auditing service to ensure that they are useful and actionable for your auditing workflows.
• Clarifying our documentation so that you can make the most out of all of the event data you’re ingesting.

Changes coming as part of general availability

As part of general availability, auditing features will be available only to organizations that are connected to Azure Active Directory. Organizations that are not connected to Azure Active Directory will not be able to use auditing after it hits general availability in early 2022. If your organization is not connected to Azure Active Directory, you can do so by following the steps documented here.

In addition to this, auditing will also become an opt-in service as part of general availability. That means customers have to explicitly turn on the auditing feature in their organization for the auditing events to be included in their organization’s audit log. Auditing will be turned on automatically for customers and organizations who are using auditing today.

How can I make sure I still have the auditing feature turned ON for me after general availability?

An organization is considered using the auditing feature and will be kept ON if it satisfies any of the following requirements:

1. Set up an auditing stream. If you have an auditing stream set up right now, you’re set! No further work is needed.
2. Access the Auditing Logs at least once between today and the launch in Q2 2022. If you haven’t been actively accessing the Auditing feature but would still like to revisit it in the future, head on over to your Organization Settings page and visit the Auditing tab now and you’ll be covered moving forward.

Forgot to do one of these two items before we go to GA? No worries! Even if we have toggled your Auditing feature off, you can always turn it back on, if you are a Project Collection Administrator or you have the “Manage enterprise policies” permission enabled. After GA has been launched, simply head to the Organization Settings page, visit the Security Policies page, and toggle the Auditing feature back on. Please note, you may lose some of the data tracked during the time when the feature has been toggled off.

What’s coming next for Auditing?

Bringing Auditing to GA doesn’t mean the work on Auditing will stop! Each of our product teams are working diligently to continue bringing more and more auditing events to you for each of their respective product areas. As new events are added to the Auditing service, keep an eye out for them on the Azure DevOps blogs, release notes, or in the documentation.

In the meantime, if you haven’t explored our auditing capabilities yet, now’s a great time to do so! Learn more about how Auditing works and what events we offer up in Logs and Streaming. Read up on how to use Audit Stream to backup auditing trails or do more complex analytics in a third-party service. And please continue sharing with us what you’d like to see next in Auditing in the Developer Community!