Larchmont LabsLarchmont Labs
Config Audit for Jira

Config Audit for Jira

Know who changed which Jira configuration, when — with full before/after history.

Runs on Atlassian
Get it on the Atlassian Marketplace

What it does

Jira's native audit log records that a scheme changed and by whom, but not the before/after of what actually changed — and its history and export are limited. Config Audit takes a daily snapshot of your Jira administration, diffs it, and records every change — who made it, when, and the exact before → after — in a searchable, exportable trail, with one-click SOC 2 / ISO 27001 evidence.

Guide: how to see who changed a Jira workflow, scheme, or field →

What it tracks

Custom fields, permission schemes, notification schemes, workflow schemes, screens, screen schemes, issue-type schemes, and project roles — the configuration that actually controls access and behavior.

Getting started

  1. Install from the Atlassian Marketplace, then open Apps → Config Audit in Jira.
  2. Config Audit snapshots your configuration daily, automatically. Click Scan now for an immediate baseline.
  3. Browse the change feed — every change with the administrator, timestamp, and a clear before → after diff. Search and filter by name, config type, change kind, actor, and date range.
  4. Click View history on any row to see how that object changed over time.
  5. Export to CSV, a printable HTML report, or a SOC 2 / ISO 27001 compliance report that groups changes under the controls they evidence.

FAQ

Does it modify my Jira?
No — Config Audit is strictly read-only. It never changes configuration, issues, or content.
Where is my data stored?
Entirely in Atlassian Forge storage, inside your installation's boundary. Nothing leaves Atlassian's infrastructure, and there are no third-party servers or analytics.
How does it know who made a change?
It correlates each detected change with your site's Jira audit log to attribute it to the administrator.
Does it access issue content or customer data?
No. It reads administrative configuration only — not issues, comments, attachments, or end-user data.