Skip to main content

Esta versión de GitHub Enterprise Server se discontinuará el 2024-08-29. No se realizarán lanzamientos de patch, ni siquiera para problemas de seguridad críticos. Para obtener rendimiento mejorado, seguridad mejorada y nuevas características, actualice a la versión más reciente de GitHub Enterprise Server. Para obtener ayuda con la actualización, póngase en contacto con el soporte técnico de GitHub Enterprise.

Acerca del registro de auditoría de la empresa

Para permitir la depuración y el cumplimiento interno y externo, GitHub Enterprise Server proporciona registros de eventos del sistema,, de usuario, de organización y de repositorio auditados.

About audit logs

Note: Webhooks might be a good alternative to the audit log or API polling for certain use cases. Webhooks are a way for GitHub to notify your server when specific events occur for a repository, organization, or enterprise. Compared to the API or searching the audit log, webhooks can be more efficient if you just want to learn and possibly log when certain events occur on your enterprise, organization, or repository. For more information, see "Webhooks documentation."

The audit log lists events triggered by activities that affect your enterprise. Audit logs for GitHub Enterprise Server are retained indefinitely, unless an enterprise owner configured a different retention period. For more information, see "Configuring the audit log for your enterprise."

By default, only events from the past three months are displayed. To view older events, you must specify a date range with the created parameter. For more information, see "Understanding the search syntax."

The name for each audit log entry is composed of a category of events, followed by an operation type. For example, the repo.create entry refers to the create operation on the repo category.

Each audit log entry shows applicable information about an event, such as:

  • The enterprise or organization an action was performed in
  • The user (actor) who performed the action
  • The user affected by the action
  • Which repository an action was performed in
  • The action that was performed
  • Which country the action took place in
  • The date and time the action occurred
  • For actions outside of the web UI, how the user (actor) authenticated

Site administrators can review the audit log for an instance, which contains a wider range of events including system administrative events. To access the instance-level audit log:

  1. From an administrative account on GitHub Enterprise Server, in the upper-right corner of any page, click .
  2. If you're not already on the "Site admin" page, in the upper-left corner, click Site admin.
  3. In the left menu, click Audit log.

In addition to viewing your audit log, you can monitor activity in your enterprise in other ways, such as viewing push logs and managing global webhooks. For more information, see "Exploring user activity in your enterprise." You can also use the audit log, and other tools, to monitor the actions taken in response to security alerts. For more information, see "Auditing security alerts."

Using your audit logs

As an enterprise owner or site administrator, you can interact with the audit log data for your enterprise in several ways:

For a full list of audit log actions that may appear in your enterprise audit log, see "Audit log events for your enterprise."

Further reading