Event Logs incomplete - enterprise customer in the cloud

Ask the Community Password Manager
, ,
1

We use bitwarden Enterprise and have noticed that the event logs are incomplete. For one thing, login entries and password access entries are missing. Bitwarden Support says that I should make sure that I am connected to the server. Strangely enough, I work with the Cloud WebApp, so I assume that the connection should be there.

Are there any Enterprise customers among you who operate the vault in the cloud? If so, can you check your event log to see if your actions are recorded completely and correctly?

We have a SIEM integration with Splunk, and there it is even worse. Not even all the logs that are visible in the WebApp arrive in Splunk. Completely unacceptable.

We use the log to check licensing, whether users are logging in and using Bitwarden, or whether shadow IT is being used. But to do that, we need to have a reliable log.

Many thanks

2

Same here with Sentinel.

1 Like
3

Hi there, and thanks for sharing! The team has flagged this, and working on a resolution.

2 Likes
4

@dwbit Could you explain what problem you are trying to solve? There are three concerns.

  1. Event logs in the web app
  2. SIEM integration with Splunk and Sentinel.
  3. Bitwarden API?

I would expect all three logs to be consistent with each other.

5

btw

the Event Log in WebApp has a massive delay. at the moment around 4 hours and it’s very slow.

7

Any idea, when a fix is expected?

8

Thanks everyone, if you’re still experiencing any issues, please open a ticket with the official support team for further review.

9

Hi

Should that problem in this thread be fixed?

In which release number?