Skip to main content

This version of GitHub Enterprise was discontinued on 2023-01-18. No patch releases will be made, even for critical security issues. For better performance, improved security, and new features, upgrade to the latest version of GitHub Enterprise. For help with the upgrade, contact GitHub Enterprise support.

Filtering alerts in the security overview

Use filters to view specific categories of alerts

Who can use this feature

Organization owners and security managers can access the organization-level security overview. Members of a team can see the security overview for repositories that the team has admin privileges for.

The security overview for your organization is available if you have a license for GitHub Advanced Security. For more information, see "About GitHub Advanced Security."

Note: The security overview is currently in beta and subject to change.

About filtering the security overview

You can use filters in a security overview to narrow your focus based on a range of factors, like alert risk level, alert type, and feature enablement. Different filters are available depending on the specific view.

Filter by repository

QualifierDescription
repo:REPOSITORY-NAMEDisplays data for the specified repository.

Filter by whether security features are enabled

In the examples below, replace :enabled with :not-enabled to see repositories where security features are not enabled. These qualifiers are available in the main summary views.

QualifierDescription
code-scanning:enabledDisplay repositories that have configured code scanning.
dependabot:enabledDisplay repositories that have enabled Dependabot alerts.
secret-scanning:enabledDisplay repositories that have enabled secret scanning alerts.
not-enabled:anyDisplay repositories with at least one security feature that is not enabled.

Filter by repository type

These qualifiers are available in the main summary views.

QualifierDescription
is:publicDisplay public repositories.
is:internalDisplay internal repositories.
is:privateDisplay private repositories.
archived:trueDisplay archived repositories.
archived:falseOmit archived repositories.

Filter by number of alerts

These qualifiers are available in the main summary views.

QualifierDescription
code-scanning:NUMBERDisplay repositories that have NUMBER code scanning alerts. This qualifier can use =, > and < comparison operators.
secret-scanning:NUMBERDisplay repositories that have NUMBER secret scanning alerts. This qualifier can use =, > and < comparison operators.
dependabot:NUMBERDisplay repositories that have NUMBER Dependabot alerts. This qualifier can use =, > and < comparison operators.

Filter by team

These qualifiers are available in the main summary views.

QualifierDescription
team:TEAM-NAMEDisplays repositories that TEAM-NAME has admin access to.

Filter by topic

These qualifiers are available in the main summary views.

QualifierDescription
topic:TOPIC-NAMEDisplays repositories that are classified with TOPIC-NAME.

Additional filters for secret scanning alert views

QualifierDescription
provider:PROVIDER_NAMEDisplays alerts for all secrets issues by the specified provider.
secret-type:SERVICE_PROVIDERDisplays alerts for the specified secret and provider.
secret-type:CUSTOM-PATTERNDisplays alerts for secrets matching the specified custom pattern.

For more information, see "Secret scanning patterns."