Skip to content

GitHub Audit

Cyderes supports the ingestion of organization or enterprise audit logs from GitHub. GitHub is a provider for internet hosting software development and version control. To learn more about the types of audit logs GitHub provides, visit this guide. Audit logs are obtained via the GitHub REST API.

For more information regarding the GitHub API, please reference the Organization Audit Logs or the Enterprise Admin Audit Logs documentation.

Chronicle Data Types

  • GITHUB

Requirements

Note

The GitHub Personal Access Token must be authorized with your organization's SSO. Please refer to this guide.

Note

This integration requires Github Enterprise Cloud licensing.

Refer to this guide for directions on how to create a personal access token.

The permissions required depend on the API used. Please see the below options.

Github GraphQL API

For the GraphQL API, the personal access token requires the below permissions:

  • admin:org
  • read:user
  • security_events
  • user:email

Github Rest API

For the REST API, the personal access token requires the below permissions:

  • admin:org
  • read:audit_log

Gather Information

Please include the credential's expiration date if available

Please send the following to Cyderes when setup is completed:

  • Organization OR Enterprise Name
  • Personal Access Token