Skip to main content

このバージョンの GitHub Enterprise はこの日付をもって終了となりました: 2022-10-12. 重大なセキュリティの問題に対してであっても、パッチリリースは作成されません。 パフォーマンスの向上、セキュリティの向上、新機能の向上を図るために、最新バージョンの GitHub Enterprise にアップグレードします。 アップグレードに関するヘルプについては、GitHub Enterprise サポートにお問い合わせく� さい

Filtering alerts in the security overview

Use filters to view specific categories of alerts

Who can use this feature

Organization owners and security managers can access the security overview for organizations. Members of a team can see the security overview for repositories that the team has admin privileges for.

GitHub Advanced Security のライセンスを持っているなら、ご自分の組織のセキュリティの概要が利用できます。 詳細については、「GitHub Advanced Security について」を参照してく� さい。

注: セキュリティの概要は現在ベータ版であり、変更される可能性があります。

About filtering the security overview

You can use filters in the security overview to narrow your focus based on a range of factors, like alert risk level, alert type and feature enablement. Different filters are available depending on the specific view and whether your analysis is at the organization, team or repository level.

Filter by repository

Available in all organization-level and team-level views.

QualifierDescription
repo:REPOSITORY-NAMEDisplays alerts for the specified repository.

Filter by whether security features are enabled

Available in the organization-level and team-level overview.

QualifierDescription
code-scanning:enabledDisplay repositories that have code scanning enabled.
code-scanning:not-enabledDisplay repositories that do not have code scanning enabled.
secret-scanning:enabledDisplay repositories that have secret scanning enabled.
secret-scanning:not-enabledDisplay repositories that have secret scanning enabled.
dependabot:enabledDisplay repositories that have Dependabot alerts enabled.
dependabot:not-enabledDisplay repositories that do not have Dependabot alerts enabled.
not-enabled:anyDisplay repositories with at least one security feature that is not enabled.

Filter by repository type

Available in the organization-level and team-level overview.

QualifierDescription
is:publicDisplay public repositories.
is:internalDisplay internal repositories.
is:privateDisplay private repositories.
archived:trueDisplay archived repositories.
archived:trueDisplay archived repositories.

Filter by level of risk for repositories

The level of risk for a repository is determined by the number and severity of alerts from security features. If one or more security features are not enabled for a repository, the repository will have an unknown level of risk. If a repository has no risks that are detected by security features, the repository will have a clear level of risk. Available in the organization-level overview.

QualifierDescription
risk:highDisplay repositories that are at high risk.
risk:mediumDisplay repositories that are at medium risk.
risk:lowDisplay repositories that are at low risk.
risk:unknownDisplay repositories that are at an unknown level of risk.
risk:clearDisplay repositories that have no detected level of risk.

Filter by number of alerts

Available in the organization-level overview.

QualifierDescription
code-scanning:nDisplay repositories that have n code scanning alerts. This qualifier can use =, > and < comparison operators.
secret-scanning:nDisplay repositories that have n secret scanning alerts. This qualifier can use =, > and < comparison operators.
dependabot:nDisplay repositories that have n Dependabot alerts. This qualifier can use =, > and < comparison operators.

Filter by team

Available in the organization-level overview.

QualifierDescription
team:TEAM-NAMEDisplays repositories that TEAM-NAME has admin privileges for.

Filter by topic

Available in the organization-level overview.

QualifierDescription
topic:TOPIC-NAMEDisplays repositories that are classified with TOPIC-NAME.

Filter by secret types

Available in the secret scanning alert views.

QualifierDescription
secret-type:SERVICE_PROVIDERDisplays alerts for the specified secret and provider. For more information, see "Secret scanning patterns."
secret-type:CUSTOM-PATTERNDisplays alerts for secrets matching the specified custom pattern. For more information, see "Defining custom patterns for secret scanning."

Filter by provider

Available in the secret scanning alert views.

QualifierDescription
provider:PROVIDER_NAMEDisplays alerts for all secrets issues by the specified provider. For more information, see "Secret scanning patterns."