Skip to main content

Эта версия GitHub Enterprise Server была прекращена 2024-09-25. Исправления выпускаться не будут даже при критических проблемах безопасности. Для повышения производительности, повышения безопасности и новых функций выполните обновление до последней версии GitHub Enterprise Server. Чтобы получить справку по обновлению, обратитесь в службу поддержки GitHub Enterprise.

Аудит пользователей на вашем предприятии

Панель мониторинга журнала аудита показывает администраторам сайта действия, выполняемые всеми пользователями и организациями в организации в течение последних 180 дней. В журнале аудита указывает, кто выполнил действие, что это было за действие и когда оно было выполнено.

Accessing the audit log

The audit log dashboard gives you a visual display of audit data across your enterprise.

  1. In the top-right corner of GitHub Enterprise Server, click your profile photo, then click Enterprise settings.

    Screenshot of the drop-down menu that appears when you click the profile photo on GitHub Enterprise Server. The "Enterprise settings" option is highlighted in a dark orange outline.

  2. On the left side of the page, in the enterprise account sidebar, click Settings.

  3. Under " Settings", click Audit log.

Within the map, you can pan and zoom to see events around the world. Hover over a country to see a quick count of events from that country.

Searching for events across your enterprise

The audit log lists the following information about actions made within your enterprise:

Note

  • While you can't use text to search for audit entries, you can construct search queries using a variety of filters. GitHub Enterprise Server supports many operators for searching across GitHub Enterprise Server. For more information, see About searching on GitHub.
  • Audit records are available for the last 180 days.

Search based on the repository

The repo qualifier limits actions to a specific repository owned by your organization. For example:

  • repo:my-org/our-repo finds all events that occurred for the our-repo repository in the my-org organization.
  • repo:my-org/our-repo repo:my-org/another-repo finds all events that occurred for both the our-repo and another-repo repositories in the my-org organization.
  • -repo:my-org/not-this-repo excludes all events that occurred for the not-this-repo repository in the my-org organization.

You must include your organization's name within the repo qualifier; searching for just repo:our-repo will not work.

Search based on the user

The actor qualifier scopes events based on the member of your organization that performed the action. For example:

  • actor:octocat finds all events performed by octocat.
  • actor:octocat actor:hubot finds all events performed by both octocat and hubot.
  • -actor:hubot excludes all events performed by hubot.

You can only use a GitHub Enterprise Server username, not an individual's real name.

Search based on the organization

The org qualifier limits actions to a specific organization. For example:

  • org:my-org finds all events that occurred for the my-org organization.
  • org:my-org action:team finds all team events performed within the my-org organization.
  • -org:my-org excludes all events that occurred for the my-org organization.

Search based on the action performed

The action qualifier searches for specific events, grouped within categories. For information on the events associated with these categories, see Audit log events for your enterprise.

Category nameDescription
hookContains all activities related to webhooks.
orgContains all activities related organization membership
repoContains all activities related to the repositories owned by your organization.
teamContains all activities related to teams in your organization.

You can search for specific sets of actions using these terms. For example:

  • action:team finds all events grouped within the team category.
  • -action:billing excludes all events in the billing category.

Each category has a set of associated events that you can filter on. For example:

  • action:team.create finds all events where a team was created.
  • -action:billing.change_email excludes all events where the billing email was changed.

Search based on the location

The country qualifier filters actions by the originating country.

  • You can use a country's two-letter short code or its full name.
  • Countries with spaces in their name must be wrapped in quotation marks. For example:
    • country:de finds all events that occurred in Germany.
    • country:Mexico finds all events that occurred in Mexico.
    • country:"United States" all finds events that occurred in the United States.

Search based on the time of action

The created qualifier filters actions by the time they occurred.

  • Define dates using the format of YYYY-MM-DD--that's year, followed by month, followed by day.
  • Dates support greater than, less than, and range qualifiers. For example:
    • created:2014-07-08 finds all events that occurred on July 8th, 2014.
    • created:>=2014-07-01 finds all events that occurred on or after July 8th, 2014.
    • created:<=2014-07-01 finds all events that occurred on or before July 8th, 2014.
    • created:2014-07-01..2014-07-31 finds all events that occurred in the month of July 2014.