Note: Displaying IP addresses in the audit log for an organization is in public beta and subject to change.
About display of IP addresses in the audit log
By default, GitHub does not display the source IP address for events in your organization's audit log. Optionally, to ensure compliance and respond to threats, you can display the full IP address associated with the actor responsible for each event. Actors are typically users, but can also be apps or integrations.
You are responsible for meeting any legal obligations that accompany the viewing or storage of IP addresses displayed within your organization's audit log.
Alternatively, you can configure IP addresses at the enterprise level. For more information, see "Displaying IP addresses in the audit log for your enterprise."
When anyone creates an account on GitHub.com, the person agrees to GitHub's collection of basic information about connections to GitHub's services, including source IP address. For more information, see "GitHub Privacy Statement."
After you enable the feature, you can access the audit log to view events that include IP addresses. For more information, see "Reviewing the audit log for your organization."
Events that display IP addresses in the audit log
GitHub displays an IP address for each event in the organization audit log that meets these criteria.
- The actor is an organization member or owner
- The target is either an organization-owned repository that is private or internal, or an organization resource that is not a repository, such as a project.
Enabling display of IP addresses in the audit log
In the top right corner of GitHub.com, click your profile photo, then click Your organizations.
Next to the organization, click Settings.
Click Source IP disclosure.
Under "Disclose actor IP addresses in audit logs", select Enable source IP disclosure.