GitHub Audit logs
The GitHub audit logs managed log source lets you ingest your GitHub audit logs directly into Matano.
The Github audit log tracks events triggered by activities that affect your GitHub organization. For a complete list of supported events, consult the GitHub audit log documentation.
Usage
Use the managed log source by specifying the managed.type
property in your log_source
as GITHUB_AUDIT
.
name: "github_audit"
managed:
type: "GITHUB_AUDIT"
Tables
The GitHub audit logs history managed log source supports a single table containing GitHub audit log data.
Ingest
S3 (GitHub audit log streaming)
Matano supports ingestion using S3. You can use GitHub's audit log streaming feature to deliver GitHub audit logs to an S3 bucket. Consult the GitHub documentation for more information.
Schema
GitHub audit log data is normalized to ECS fields. Custom fields are normalized into the github
field. You can view the complete mapping to see the full schema.