I found nothing in the API docs, only the enterprise version mentions that you can retrieve the audit-logs using the staff-tools.
Any idea? I'd love to periodically check the audit log and send the new entries to our IM channel (ChatOps).
Thanks in advance,
The Audit Logs API is meant for anyone interested in programmatically monitoring audit events in a Slack Enterprise Grid organization. This may include: Providers of security information and event management (SIEM) solutions looking to integrate with Slack.
Navigate to the file/folder for which you want to view the audit logs. Click Audit Logs. Or right-click the file or folder and select Audit Logs. Apply the time filter for which you want to view the user activity on a specific file or folder.
Github APIs( or Github ReST APIs) are the APIs that you can use to interact with GitHub. They allow you to create and manage repositories, branches, issues, pull requests, and many more. For fetching publicly available information (like public repositories, user profiles, etc.), you can call the API.
In the top right corner of GitHub.com, click your profile photo, then click Your organizations. Next to the organization, click Settings. In the "Archives" section of the sidebar, click Logs, then click Audit log.
As VonC points out, there is no API (as of October 2017).
Unfortunately the "Export" function in the GitHub audit logs produces JSON or CSV of the audit events but the data is missing the payload with the details.
For example the export would show that an issue_comment.update
had been made but the web UI gives a link to the comment itself. The export would show that one user executed org.update_member
on another user but the web UI would show what role change was made for that user.
To get the details of each event, at the moment (October 2017), the only way is via the web UI.
Here is a ruby tool which scrapes the web UI, fetching the audit log entries with details.
Update Dec. 2020, 5 years later:
Audit Log Git events and REST API now available
(in limited public beta)
In GitHub Enterprise Cloud, the Audit Log now includes Git events and has a new REST API.
Both are available as a limited public beta.The new Git events will allow you as an administrator to review activities for users interacting with your Git repositories.
You can view events forgit.clone
,git.fetch
, andgit.push
.Additionally, the new REST API provides you with another option to interface with your Audit Log events. During the limited public beta, Git events can only be viewed via the REST API and can be exported.
How can you get access to this limited public beta? To be added to the limited public beta, please contact Sales or Support.
Feb. 2021, still for GHE (GitHub for Enterprise):
GitHub Actions: Workflow run events are now included in the Audit Log
The Audit Log now includes events associated with GitHub Actions workflow runs.
This data provides enterprise customers with a greatly expanded data set for security and compliance audits.New events will be incorporated into the audit log when:
- A workflow run is created, completed, deleted, or re-run
- A workflow job is prepared. Importantly, this job will include the list of secrets that were provided to the runner
- A self-hosted runner's version is updated
These new events are only available to customers on the Enterprise plan. All events are available in the REST API, and all events except for workflow run created, workflow run completed, and workflow job prepared are available in the UI and exports.
Learn more about Audit Log events
2015: Not yet possible through the GitHub API.
But at least, it is possible to export it (since May, 5th 2015) in either JSON or CSV format.
See "Exporting the audit log".
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With