Note: Displaying IP addresses in the audit log for an organization is in public preview and subject to change.
About display of IP addresses in the audit log
By default, GitHub does not display the source IP address for events in your organization's audit log. Optionally, to ensure compliance and respond to threats, you can display the full IP address associated with the actor responsible for each event. Actors are typically users, but can also be apps or integrations.
You are responsible for meeting any legal obligations that accompany the viewing or storage of IP addresses displayed within your organization's audit log.
When anyone creates an account on GitHub, the person agrees to GitHub's collection of basic information about connections to GitHub's services, including source IP address. For more information, see "GitHub General Privacy Statement."
After you enable the feature, you can access the audit log to view events that include IP addresses. For more information, see "Reviewing the audit log for your organization."
Events that display IP addresses in the audit log
GitHub displays an IP address for each event in the organization audit log that meets these criteria.
- The actor is an organization member or owner
- The target is either an organization-owned repository that is private or internal, or an organization resource that is not a repository, such as a project.
Enabling display of IP addresses in the audit log
-
In the upper-right corner of GitHub, select your profile photo, then click Your organizations.
-
Next to the organization, click Settings.
-
Click Source IP disclosure.
-
Under "Disclose actor IP addresses in audit logs", select Enable source IP disclosure.
-
Click Save.