Skip to main content

GitHub Audit logs

The GitHub audit logs managed log source lets you ingest your GitHub audit logs directly into Matano.

The Github audit log tracks events triggered by activities that affect your GitHub organization. For a complete list of supported events, consult the GitHub audit log documentation.

Usage

Use the managed log source by specifying the managed.type property in your log_source as GITHUB_AUDIT.

name: "github_audit"

managed:
  type: "GITHUB_AUDIT"

Tables

The GitHub audit logs history managed log source supports a single table containing GitHub audit log data.

Ingest

S3 (GitHub audit log streaming)

Matano supports ingestion using S3. You can use GitHub's audit log streaming feature to deliver GitHub audit logs to an S3 bucket. Consult the GitHub documentation for more information.

Schema

GitHub audit log data is normalized to ECS fields. Custom fields are normalized into the github field. You can view the complete mapping to see the full schema.