エンタープライズ監査ログの REST API エンドポイント
REST API を使って、エンタープライズの監査ログを取得します。
Note
これらのエンドポイントでは、personal access token (classic) を使う認証のみがサポートされます。 詳しくは、「個人用アクセス トークンを管理する」を参照してください。
Get the audit log for an enterprise
Gets the audit log for an enterprise.
This endpoint has a rate limit of 1,750 queries per hour per user and IP address. If your integration receives a rate limit error (typically a 403 or 429 response), it should wait before making another request to the GitHub API. For more information, see "Rate limits for the REST API" and "Best practices for integrators."
The authenticated user must be an enterprise admin to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the read:audit_log
scope to use this endpoint.
"Get the audit log for an enterprise" のきめ細かいアクセス トークン
このエンドポイントは、次の粒度の細かいトークンの種類で動作します:
粒度の細かいトークンには次のアクセス許可セットが設定されている必要があります:
- "Enterprise administration" business permissions (read)
"Get the audit log for an enterprise" のパラメーター
名前, Type, 説明 |
---|
accept string Setting to |
名前, Type, 説明 |
---|
enterprise string 必須The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
名前, Type, 説明 |
---|
phrase string A search phrase. For more information, see Searching the audit log. |
include string The event types to include:
The default is 次のいずれかにできます: |
after string A cursor, as given in the Link header. If specified, the query only searches for events after this cursor. |
before string A cursor, as given in the Link header. If specified, the query only searches for events before this cursor. |
order string The order of audit log events. To list newest events first, specify The default is 次のいずれかにできます: |
page integer The page number of the results to fetch. For more information, see "Using pagination in the REST API." Default: |
per_page integer The number of results per page (max 100). For more information, see "Using pagination in the REST API." Default: |
"Get the audit log for an enterprise" の HTTP 応答状態コード
状態コード | 説明 |
---|---|
200 | OK |
"Get the audit log for an enterprise" のコード サンプル
GHE.com で GitHub にアクセスする場合は、api.github.com
を api.SUBDOMAIN.ghe.com
にあるエンタープライズの専用サブドメインに置き換えます。
要求の例
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/enterprises/ENTERPRISE/audit-log
Response
Status: 200
[
{
"@timestamp": 1606929874512,
"action": "team.add_member",
"actor": "octocat",
"created_at": 1606929874512,
"_document_id": "xJJFlFOhQ6b-5vaAFy9Rjw",
"org": "octo-corp",
"team": "octo-corp/example-team",
"user": "monalisa"
},
{
"@timestamp": 1606507117008,
"action": "org.create",
"actor": "octocat",
"created_at": 1606507117008,
"_document_id": "Vqvg6kZ4MYqwWRKFDzlMoQ",
"org": "octocat-test-org"
},
{
"@timestamp": 1605719148837,
"action": "repo.destroy",
"actor": "monalisa",
"created_at": 1605719148837,
"_document_id": "LwW2vpJZCDS-WUmo9Z-ifw",
"org": "mona-org",
"repo": "mona-org/mona-test-repo",
"visibility": "private"
}
]
Get the audit log stream key for encrypting secrets
Retrieves the audit log streaming public key for encrypting secrets.
When using this endpoint, you must encrypt the credentials following the same encryption steps as outlined in the guide on encrypting secrets. See "Encrypting secrets for the REST API."
"Get the audit log stream key for encrypting secrets" のきめ細かいアクセス トークン
このエンドポイントは、GitHub アプリのユーザー アクセス トークン、GitHub アプリのインストール アクセス トークン、またはきめ細かい個人用アクセス トークンでは機能しません。
"Get the audit log stream key for encrypting secrets" のパラメーター
名前, Type, 説明 |
---|
accept string Setting to |
名前, Type, 説明 |
---|
enterprise string 必須The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
"Get the audit log stream key for encrypting secrets" の HTTP 応答状態コード
状態コード | 説明 |
---|---|
200 | The stream key for the audit log streaming configuration was retrieved successfully. |
"Get the audit log stream key for encrypting secrets" のコード サンプル
GHE.com で GitHub にアクセスする場合は、api.github.com
を api.SUBDOMAIN.ghe.com
にあるエンタープライズの専用サブドメインに置き換えます。
要求の例
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/enterprises/ENTERPRISE/audit-log/stream-key
The stream key for the audit log streaming configuration was retrieved successfully.
List audit log stream configurations for an enterprise
Lists the configured audit log streaming configurations for an enterprise. This only lists configured streams for supported providers.
When using this endpoint, you must encrypt the credentials following the same encryption steps as outlined in the guide on encrypting secrets. See "Encrypting secrets for the REST API."
"List audit log stream configurations for an enterprise" のきめ細かいアクセス トークン
このエンドポイントは、GitHub アプリのユーザー アクセス トークン、GitHub アプリのインストール アクセス トークン、またはきめ細かい個人用アクセス トークンでは機能しません。
"List audit log stream configurations for an enterprise" のパラメーター
名前, Type, 説明 |
---|
accept string Setting to |
名前, Type, 説明 |
---|
enterprise string 必須The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
"List audit log stream configurations for an enterprise" の HTTP 応答状態コード
状態コード | 説明 |
---|---|
200 | OK |
"List audit log stream configurations for an enterprise" のコード サンプル
GHE.com で GitHub にアクセスする場合は、api.github.com
を api.SUBDOMAIN.ghe.com
にあるエンタープライズの専用サブドメインに置き換えます。
要求の例
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/enterprises/ENTERPRISE/audit-log/streams
OK
Create an audit log streaming configuration for an enterprise
Creates an audit log streaming configuration for any of the supported streaming endpoints: Azure Blob Storage, Azure Event Hubs, Amazon S3, Splunk, Google Cloud Storage, Datadog.
When using this endpoint, you must encrypt the credentials following the same encryption steps as outlined in the guide on encrypting secrets. See "Encrypting secrets for the REST API."
"Create an audit log streaming configuration for an enterprise" のきめ細かいアクセス トークン
このエンドポイントは、GitHub アプリのユーザー アクセス トークン、GitHub アプリのインストール アクセス トークン、またはきめ細かい個人用アクセス トークンでは機能しません。
"Create an audit log streaming configuration for an enterprise" のパラメーター
名前, Type, 説明 |
---|
accept string Setting to |
名前, Type, 説明 |
---|
enterprise string 必須The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
名前, Type, 説明 | |||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
enabled boolean 必須This setting pauses or resumes a stream. | |||||||||||||||||||||||||||||||||||||||||||||||||
stream_type string 必須The audit log streaming provider. The name is case sensitive. 次のいずれかにできます: | |||||||||||||||||||||||||||||||||||||||||||||||||
vendor_specific object 必須 | |||||||||||||||||||||||||||||||||||||||||||||||||
Can be one of these objects:
AzureHubConfig object 必須Azure Event Hubs Config for audit log streaming configuration. Properties of |
名前, Type, 説明 |
---|
name string 必須Instance name of Azure Event Hubs |
encrypted_connstring string 必須Encrypted Connection String for Azure Event Hubs |
key_id string 必須Key ID obtained from the audit log stream key endpoint used to encrypt secrets. |
AmazonS3OIDCConfig
object 必須Amazon S3 OIDC Config for audit log streaming configuration.
Properties of AmazonS3OIDCConfig
名前, Type, 説明 |
---|
bucket string 必須Amazon S3 Bucket Name. |
region string 必須AWS S3 Bucket Region. |
key_id string 必須Key ID obtained from the audit log stream key endpoint used to encrypt secrets. |
authentication_type string 必須Authentication Type for Amazon S3. Value: |
arn_role string 必須 |
AmazonS3AccessKeysConfig
object 必須Amazon S3 Access Keys Config for audit log streaming configuration.
Properties of AmazonS3AccessKeysConfig
名前, Type, 説明 |
---|
bucket string 必須Amazon S3 Bucket Name. |
region string 必須Amazon S3 Bucket Name. |
key_id string 必須Key ID obtained from the audit log stream key endpoint used to encrypt secrets. |
authentication_type string 必須Authentication Type for Amazon S3. Value: |
encrypted_secret_key string 必須Encrypted AWS Secret Key. |
encrypted_access_key_id string 必須Encrypted AWS Access Key ID. |
SplunkConfig
object 必須Splunk Config for Audit Log Stream Configuration
Properties of SplunkConfig
名前, Type, 説明 |
---|
domain string 必須Domain of Splunk instance. |
port integer 必須The port number for connecting to Splunk. |
key_id string 必須Key ID obtained from the audit log stream key endpoint used to encrypt secrets. |
encrypted_token string 必須Encrypted Token. |
ssl_verify boolean 必須SSL verification helps ensure your events are sent to your Splunk endpoint securely. |
GoogleCloudConfig
object 必須Google Cloud Config for audit log streaming configuration.
Properties of GoogleCloudConfig
名前, Type, 説明 |
---|
bucket string 必須Google Cloud Bucket Name |
key_id string 必須Key ID obtained from the audit log stream key endpoint used to encrypt secrets. |
encrypted_json_credentials string 必須 |
DatadogConfig
object 必須Datadog Config for audit log streaming configuration.
Properties of DatadogConfig
名前, Type, 説明 |
---|
encrypted_token string 必須Encrypted Splunk token. |
site string 必須Datadog Site to use. 次のいずれかにできます: |
key_id string 必須Key ID obtained from the audit log stream key endpoint used to encrypt secrets. |
"Create an audit log streaming configuration for an enterprise" の HTTP 応答状態コード
状態コード | 説明 |
---|---|
200 | The audit log stream configuration was created successfully. |
"Create an audit log streaming configuration for an enterprise" のコード サンプル
GHE.com で GitHub にアクセスする場合は、api.github.com
を api.SUBDOMAIN.ghe.com
にあるエンタープライズの専用サブドメインに置き換えます。
要求の例
curl -L \
-X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/enterprises/ENTERPRISE/audit-log/streams \
-d '{"enabled":false,"stream_type":"Azure Event Hubs","vendor_specific":{"namespace":"newnamespace","shared_access_key_name":"newaccesskeyname","shared_access_key":"newaccesskey","event_hub_name":"neweventhub"}}'
The audit log stream configuration was created successfully.
List one audit log streaming configuration via a stream ID
Lists one audit log stream configuration via a stream ID.
When using this endpoint, you must encrypt the credentials following the same encryption steps as outlined in the guide on encrypting secrets. See "Encrypting secrets for the REST API."
"List one audit log streaming configuration via a stream ID" のきめ細かいアクセス トークン
このエンドポイントは、GitHub アプリのユーザー アクセス トークン、GitHub アプリのインストール アクセス トークン、またはきめ細かい個人用アクセス トークンでは機能しません。
"List one audit log streaming configuration via a stream ID" のパラメーター
名前, Type, 説明 |
---|
accept string Setting to |
名前, Type, 説明 |
---|
enterprise string 必須The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
stream_id integer 必須The ID of the audit log stream configuration. |
"List one audit log streaming configuration via a stream ID" の HTTP 応答状態コード
状態コード | 説明 |
---|---|
200 | Lists one audit log stream configuration via stream ID. |
"List one audit log streaming configuration via a stream ID" のコード サンプル
GHE.com で GitHub にアクセスする場合は、api.github.com
を api.SUBDOMAIN.ghe.com
にあるエンタープライズの専用サブドメインに置き換えます。
要求の例
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/enterprises/ENTERPRISE/audit-log/streams/STREAM_ID
Lists one audit log stream configuration via stream ID.
Update an existing audit log stream configuration
Updates an existing audit log stream configuration for an enterprise.
When using this endpoint, you must encrypt the credentials following the same encryption steps as outlined in the guide on encrypting secrets. See "Encrypting secrets for the REST API."
"Update an existing audit log stream configuration" のきめ細かいアクセス トークン
このエンドポイントは、GitHub アプリのユーザー アクセス トークン、GitHub アプリのインストール アクセス トークン、またはきめ細かい個人用アクセス トークンでは機能しません。
"Update an existing audit log stream configuration" のパラメーター
名前, Type, 説明 |
---|
accept string Setting to |
名前, Type, 説明 |
---|
enterprise string 必須The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
stream_id integer 必須The ID of the audit log stream configuration. |
名前, Type, 説明 | |||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
enabled boolean 必須This setting pauses or resumes a stream. | |||||||||||||||||||||||||||||||||||||||||||||||||
stream_type string 必須The audit log streaming provider. The name is case sensitive. 次のいずれかにできます: | |||||||||||||||||||||||||||||||||||||||||||||||||
vendor_specific object 必須 | |||||||||||||||||||||||||||||||||||||||||||||||||
Can be one of these objects:
AzureHubConfig object 必須Azure Event Hubs Config for audit log streaming configuration. Properties of |
名前, Type, 説明 |
---|
name string 必須Instance name of Azure Event Hubs |
encrypted_connstring string 必須Encrypted Connection String for Azure Event Hubs |
key_id string 必須Key ID obtained from the audit log stream key endpoint used to encrypt secrets. |
AmazonS3OIDCConfig
object 必須Amazon S3 OIDC Config for audit log streaming configuration.
Properties of AmazonS3OIDCConfig
名前, Type, 説明 |
---|
bucket string 必須Amazon S3 Bucket Name. |
region string 必須AWS S3 Bucket Region. |
key_id string 必須Key ID obtained from the audit log stream key endpoint used to encrypt secrets. |
authentication_type string 必須Authentication Type for Amazon S3. Value: |
arn_role string 必須 |
AmazonS3AccessKeysConfig
object 必須Amazon S3 Access Keys Config for audit log streaming configuration.
Properties of AmazonS3AccessKeysConfig
名前, Type, 説明 |
---|
bucket string 必須Amazon S3 Bucket Name. |
region string 必須Amazon S3 Bucket Name. |
key_id string 必須Key ID obtained from the audit log stream key endpoint used to encrypt secrets. |
authentication_type string 必須Authentication Type for Amazon S3. Value: |
encrypted_secret_key string 必須Encrypted AWS Secret Key. |
encrypted_access_key_id string 必須Encrypted AWS Access Key ID. |
SplunkConfig
object 必須Splunk Config for Audit Log Stream Configuration
Properties of SplunkConfig
名前, Type, 説明 |
---|
domain string 必須Domain of Splunk instance. |
port integer 必須The port number for connecting to Splunk. |
key_id string 必須Key ID obtained from the audit log stream key endpoint used to encrypt secrets. |
encrypted_token string 必須Encrypted Token. |
ssl_verify boolean 必須SSL verification helps ensure your events are sent to your Splunk endpoint securely. |
GoogleCloudConfig
object 必須Google Cloud Config for audit log streaming configuration.
Properties of GoogleCloudConfig
名前, Type, 説明 |
---|
bucket string 必須Google Cloud Bucket Name |
key_id string 必須Key ID obtained from the audit log stream key endpoint used to encrypt secrets. |
encrypted_json_credentials string 必須 |
DatadogConfig
object 必須Datadog Config for audit log streaming configuration.
Properties of DatadogConfig
名前, Type, 説明 |
---|
encrypted_token string 必須Encrypted Splunk token. |
site string 必須Datadog Site to use. 次のいずれかにできます: |
key_id string 必須Key ID obtained from the audit log stream key endpoint used to encrypt secrets. |
"Update an existing audit log stream configuration" の HTTP 応答状態コード
状態コード | 説明 |
---|---|
200 | Successful update |
422 | Validation error |
"Update an existing audit log stream configuration" のコード サンプル
GHE.com で GitHub にアクセスする場合は、api.github.com
を api.SUBDOMAIN.ghe.com
にあるエンタープライズの専用サブドメインに置き換えます。
要求の例
curl -L \
-X PUT \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/enterprises/ENTERPRISE/audit-log/streams/STREAM_ID \
-d '{"enabled":false,"stream_type":"Azure Event Hubs","vendor_specific":{"namespace":"newnamespace","shared_access_key_name":"newaccesskeyname","shared_access_key":"newaccesskey","event_hub_name":"neweventhub"}}'
Successful update
Delete an audit log streaming configuration for an enterprise
Deletes an existing audit log stream configuration for an enterprise.
When using this endpoint, you must encrypt the credentials following the same encryption steps as outlined in the guide on encrypting secrets. See "Encrypting secrets for the REST API."
"Delete an audit log streaming configuration for an enterprise" のきめ細かいアクセス トークン
このエンドポイントは、GitHub アプリのユーザー アクセス トークン、GitHub アプリのインストール アクセス トークン、またはきめ細かい個人用アクセス トークンでは機能しません。
"Delete an audit log streaming configuration for an enterprise" のパラメーター
名前, Type, 説明 |
---|
accept string Setting to |
名前, Type, 説明 |
---|
enterprise string 必須The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
stream_id integer 必須The ID of the audit log stream configuration. |
"Delete an audit log streaming configuration for an enterprise" の HTTP 応答状態コード
状態コード | 説明 |
---|---|
204 | The audit log stream configuration was deleted successfully. |
"Delete an audit log streaming configuration for an enterprise" のコード サンプル
GHE.com で GitHub にアクセスする場合は、api.github.com
を api.SUBDOMAIN.ghe.com
にあるエンタープライズの専用サブドメインに置き換えます。
要求の例
curl -L \
-X DELETE \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/enterprises/ENTERPRISE/audit-log/streams/STREAM_ID
The audit log stream configuration was deleted successfully.
Status: 204