Audit log of private repository downloads #23153
-
Hello, Is it possible to get detailed audit log of downloads (e.g. performed using pull/fetch/clone commands) of private repositories on the GitHub? Specifically, information identifying user, command used, date & time, and destination URL/IP address will be very useful in identification of any suspicious activity. SM |
Beta Was this translation helpful? Give feedback.
Replies: 8 comments 1 reply
-
@sumit-creates unfortunately the Audit event log API does not include events of Git actions. It is a feature requested by many people, and still nothing on the public roadmap for this. There are Webhook events for git actions. Not as user friendly, you would need to configure and setup webhook’s and a listener to pick up the http payloads sent to your Webhook listener. You will also need to consider how you wish to handle lost/undelivered messages |
Beta Was this translation helpful? Give feedback.
-
Hi Hugh, Thanks for your prompt and helpful response! Appreciate your suggestion about the Webhook events plus git actions based alternative approach. Yes, it definitely seems complicated to automate this apparently simple yet important task. It will be great if GitHub makes this more user and automation friendly given that sharing of sensitive data in private repositories mandates active monitoring. Thanks and best regards, |
Beta Was this translation helpful? Give feedback.
-
See these roadmap updates
Here are two roadmap features relevant to this topic Git action events (e.g. clone and push) appear in the audit logs (beta Q4 2020) GitHub adding Git CLI activities to the audit log on Github Enterprise Cloud Webhook Delivery API (beta) (beta Q1 2021) Today, webhooks may fail to be delivered for a variety of reasons: severed connections, downtime from GitHub, downtime from the integrator, etc. Right now, we offer the ability to view failed webhook deliveries in the UI and retry them, but we… |
Beta Was this translation helpful? Give feedback.
-
Thanks Hugh for sharing this very important and relevant information. Looking forward to try these new additions. It seems from the description that our primary objective of monitoring sensitive information usage will be achieved to a significant extent with the help of mentioned features. Thanks and best regards, |
Beta Was this translation helpful? Give feedback.
-
This has long since been resolved: Audit Log Git events and REST API are generally available | GitHub Changelog. |
Beta Was this translation helpful? Give feedback.
-
Hey @smarj / @byrneh, has this feature been made available for on-prem enterprise git and git enterprise SaaS ? The above link does not provide clarity on git clones, pulls, fetch and tarball/zip downloads. Could you please clarify ? |
Beta Was this translation helpful? Give feedback.
-
If you follow the link in the article to the docs, you can select your enterprise version (including Enterprise Server) which will show the specifics for the version you are running. Enterprise Server 3.9 - Using the audit log API The same can be said with Enterprise Server 3.9 - Audit log events for your organization. Which shows |
Beta Was this translation helpful? Give feedback.
@sumit-creates unfortunately the Audit event log API does not include events of Git actions. It is a feature requested by many people, and still nothing on the public roadmap for this.
There are Webhook events for git actions. Not as user friendly, you would need to configure and setup webhook’s and a listener to pick up the http payloads sent to your Webhook listener. You will also need to consider how you wish to handle lost/undelivered messages