Skip to main content

Эта версия GitHub Enterprise Server будет прекращена 2025-08-27. Исправления выпускаться не будут даже при критических проблемах безопасности. Для повышения производительности, повышения безопасности и новых функций выполните обновление до последней версии GitHub Enterprise Server. Чтобы получить справку по обновлению, обратитесь в службу поддержки GitHub Enterprise.

Просмотрите события, записанные в журнале аудита предприятия.

Кто может использовать эту функцию?

Enterprise owners and site administrators

В этой статье

Примечание.

В этой статье перечислены события, которые могут отображаться в журнале аудита для предприятия. События, которые могут отображаться в журнале безопасности учетной записи пользователя или журнале аудита для организации, см. в разделе [AUTOTITLE и События журнала безопасности](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/audit-log-events-for-your-organization).

В этой статье перечислены события, которые отображаются в параметрах предприятия. Панель мониторинга администратора сайта может содержать другие события, не перечисленные здесь.

Audit log events

account

account.plan_change
The account's plan changed.
Поля
actor, operation_type, _document_id, user_agent, created_at, actor_id, request_id, @timestamp, user, action, user_id, programmatic_access_type
Справочные материалы
How GitHub billing works

actions_cache

actions_cache.delete
A GitHub Actions cache was deleted using the REST API.
Поля
user_agent, request_id, actor, actor_id, oauth_application_id, user_id, user, repo_id, repo, org, org_id, actions_cache_id, actions_cache_key, actions_cache_version, actions_cache_scope, action, _document_id, @timestamp, created_at, operation_type, token_scopes, programmatic_access_type, request_access_security_header

api

api.request
An API request was made to an endpoint for the enterprise, or an enterprise owned resource. This event is only included if API Request Events is enabled in the enterprise's audit log settings. This event is only available via audit log streaming.
Поля
user_agent, request_id, request_method, query_string, hashed_token, programmatic_access_type, actor, actor_id, token_id, token_scopes, request_body, status_code, url_path, business, business_id, org, org_id, repo, repo_id, public_repo, user, user_id, action, _document_id, @timestamp, created_at, operation_type, route, rate_limit_remaining, actor_is_bot
Справочные материалы
Streaming the audit log for your enterprise

artifact

artifact.destroy
A workflow run artifact was manually deleted.
Поля
action, actor, user_agent, actor_id, repo, repo_id, request_id, @timestamp, created_at, _document_id, operation_type, programmatic_access_type

audit_log_streaming

audit_log_streaming.check
A manual check of the endpoint configured for audit log streaming was performed.
Поля
user_agent, request_id, actor, actor_id, audit_log_stream_result, business_id, business, action, _document_id, @timestamp, created_at, operation_type, audit_log_stream_sink_details, request_access_security_header
audit_log_streaming.create
An endpoint was added for audit log streaming.
Поля
user_agent, request_id, actor, actor_id, business_id, business, audit_log_stream_sink, action, _document_id, @timestamp, created_at, operation_type, audit_log_stream_id
audit_log_streaming.destroy
An audit log streaming endpoint was deleted.
Поля
user_agent, request_id, actor, actor_id, business_id, business, action, _document_id, @timestamp, created_at, operation_type, audit_log_stream_id, audit_log_stream_sink_details
audit_log_streaming.update
An endpoint configuration was updated for audit log streaming, such as the stream was paused, enabled, or disabled.
Поля
user_agent, request_id, actor, actor_id, audit_log_stream_enabled, business_id, business, audit_log_stream_sink, action, _document_id, @timestamp, created_at, operation_type, new_s3_bucket, old_s3_bucket, secrets_updated, new_s3_arn_role, old_s3_arn_role, new_azure_blob_container, old_azure_blob_container, new_event_hub_instance, old_event_hub_instance, new_splunk_domain, old_splunk_domain, ssl_verify, old_gc_bucket

billing

billing.change_billing_type
The way the account pays for GitHub was changed.
Поля
actor_id, user, @timestamp, actor, user_id, action, created_at, operation_type, _document_id, user_agent, request_id
Справочные материалы
Managing your payment and billing information
billing.change_email
The billing email address changed.
Поля
actor, operation_type, actor_id, org_id, @timestamp, user_agent, request_id, created_at, _document_id, org, email, action, request_access_security_header
Справочные материалы
Managing your payment and billing information

business

business.add_admin
An enterprise owner was added to an enterprise.
Поля
name, business, user, user_id, @timestamp, created_at, actor, actor_id, action, operation_type, request_id, business_id, _document_id, user_agent, programmatic_access_type, request_access_security_header
Справочные материалы
Inviting people to manage your enterprise
business.add_organization
An organization was added to an enterprise.
Поля
org_id, operation_type, @timestamp, actor, business_id, org, action, user_agent, actor_id, name, created_at, request_id, _document_id, business, organization_upgrade, request_access_security_header
business.advanced_security_policy_update
An enterprise owner created, updated, or removed a policy for GitHub Advanced Security.
Поля
user_agent, request_id, actor, actor_id, name, new_policy, business, business_id, action, operation_type, @timestamp, created_at, _document_id, request_access_security_header
Справочные материалы
Enforcing policies for code security and analysis for your enterprise
business.clear_actions_settings
An enterprise owner or site administrator cleared GitHub Actions policy settings for an enterprise.
Поля
user_agent, request_id, actor, actor_id, name, business, business_id, action, operation_type, @timestamp, created_at, _document_id
Справочные материалы
Enforcing policies for GitHub Actions in your enterprise
business.clear_default_repository_permission
An enterprise owner cleared the base repository permission policy setting for an enterprise.
Поля
name, operation_type, business_id, user_agent, actor_id, request_id, actor, _document_id, business, action, @timestamp, created_at
Справочные материалы
Enforcing repository management policies in your enterprise
business.clear_members_can_create_repos
An enterprise owner cleared a restriction on repository creation in organizations in the enterprise.
Поля
user_agent, actor_id, business_id, action, _document_id, request_id, name, business, visibility, created_at, actor, operation_type, @timestamp
Справочные материалы
Enforcing repository management policies in your enterprise
business.code_scanning_autofix_policy_update
The policy for Code scanning autofix was updated for an enterprise.
Поля
actor, actor_id, user_agent, request_id, name, new_policy, business, business_id, action, _document_id, @timestamp, created_at, operation_type, actor_is_bot, request_access_security_header
business.create
An enterprise was created.
Поля
actor_id, _document_id, action, @timestamp, request_id, name, business, business_id, operation_type, actor, created_at, user_agent, request_access_security_header
business.disable_open_scim
SCIM provisioning for custom integrations that use the REST API was disabled for the enterprise.
Поля
actor, actor_id, user_agent, request_id, business, business_id, action, _document_id, @timestamp, created_at, operation_type, request_access_security_header
business.disable_source_ip_disclosure
Display of IP addresses within audit log events for the enterprise was disabled.
Поля
actor, actor_id, user_agent, request_id, user, user_id, business, business_id, action, _document_id, @timestamp, created_at, operation_type
Справочные материалы
Displaying IP addresses in the audit log for your enterprise
business.disable_two_factor_requirement
The requirement for members to have two-factor authentication enabled to access an enterprise was disabled.
Поля
action, @timestamp, actor, business, operation_type, created_at, user_agent, business_id, actor_id, name, _document_id, request_id
business.enable_open_scim
SCIM provisioning for custom integrations that use the REST API was enabled for the enterprise.
Поля
actor, actor_id, user_agent, request_id, business, business_id, action, _document_id, @timestamp, created_at, operation_type
business.enable_source_ip_disclosure
Display of IP addresses within audit log events for the enterprise was enabled.
Поля
actor, actor_id, user_agent, request_id, user, user_id, business, business_id, action, _document_id, @timestamp, created_at, operation_type
Справочные материалы
Displaying IP addresses in the audit log for your enterprise
business.enable_two_factor_requirement
The requirement for members to have two-factor authentication enabled to access an enterprise was enabled.
Поля
actor_id, action, user_agent, actor, operation_type, created_at, business, business_id, name, _document_id, request_id, @timestamp
business.members_can_update_protected_branches.clear
An enterprise owner unset a policy for whether members of an enterprise can update protected branches on repositories for individual organizations. Organization owners can choose whether to allow updating protected branches settings.
Поля
user_id, action, created_at, actor, actor_id, @timestamp, request_id, business, name, operation_type, user, user_agent, business_id, _document_id
business.members_can_update_protected_branches.disable
The ability for enterprise members to update branch protection rules was disabled. Only enterprise owners can update protected branches.
Поля
user_agent, request_id, actor, actor_id, name, business, business_id, user, user_id, action, operation_type, @timestamp, created_at, _document_id
business.members_can_update_protected_branches.enable
The ability for enterprise members to update branch protection rules was enabled. Enterprise owners and members can update protected branches.
Поля
name, actor, operation_type, _document_id, business_id, user, @timestamp, business, actor_id, created_at, action, user_agent, request_id, user_id
business.remove_admin
An enterprise owner was removed from an enterprise.
Поля
actor, operation_type, user_agent, business, business_id, @timestamp, created_at, request_id, action, name, actor_id, user_id, _document_id, user
Справочные материалы
Inviting people to manage your enterprise
business.remove_organization
An organization was removed from an enterprise.
Поля
org_id, action, business, actor, actor_id, request_id, created_at, user_agent, business_id, operation_type, @timestamp, _document_id, name, org
business.rename_slug
The slug for the enterprise URL was renamed.
Поля
request_id, name, business_id, user_agent, action, actor_id, operation_type, actor, @timestamp, created_at, business, _document_id
business.revoke_sso_session
The SAML single sign-on session for a member in an enterprise was revoked.
Поля
business_id, user_agent, request_id, user, operation_type, actor, _document_id, actor_id, name, @timestamp, user_id, action, created_at, business
business.set_actions_fork_pr_approvals_policy
The policy for requiring approvals for workflows from public forks was changed for an enterprise.
Поля
user_agent, request_id, actor, actor_id, name, policy, business, business_id, action, _document_id, @timestamp, created_at, operation_type
Справочные материалы
Enforcing policies for GitHub Actions in your enterprise
business.set_actions_private_fork_pr_approvals_policy
The policy for requiring approval for fork pull request workflows from collaborators without write access to private repos was changed for an enterprise.
Поля
actor, actor_id, user_agent, request_id, name, policy, business, business_id, action, _document_id, @timestamp, created_at, operation_type, request_access_security_header
Справочные материалы
Enforcing policies for GitHub Actions in your enterprise
business.set_actions_retention_limit
The retention period for GitHub Actions artifacts and logs was changed for an enterprise.
Поля
user_agent, request_id, actor, actor_id, name, limit, business, business_id, action, operation_type, @timestamp, created_at, _document_id
Справочные материалы
Enforcing policies for GitHub Actions in your enterprise
business.set_default_workflow_permissions
The default permissions granted to the GITHUB_TOKEN when running workflows were changed for an enterprise.
Поля
actor, actor_id, user_agent, request_id, name, business, business_id, action, _document_id, @timestamp, created_at, operation_type, request_access_security_header
Справочные материалы
Enforcing policies for GitHub Actions in your enterprise
business.set_fork_pr_workflows_policy
The policy for fork pull request workflows was changed for an enterprise.
Поля
user_agent, request_id, actor, actor_id, name, policy, business, business_id, action, operation_type, @timestamp, created_at, _document_id, request_access_security_header
Справочные материалы
Enforcing policies for GitHub Actions in your enterprise
business.set_workflow_permission_can_approve_pr
The policy for allowing GitHub Actions to create and approve pull requests was changed for an enterprise.
Поля
actor, actor_id, user_agent, request_id, name, business, business_id, action, _document_id, @timestamp, created_at, operation_type, request_access_security_header
Справочные материалы
Enforcing policies for GitHub Actions in your enterprise
business.sso_response
A SAML single sign-on (SSO) response was generated when a member attempted to authenticate with your enterprise. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.
Поля
issuer, name, user_agent, action, @timestamp, _document_id, actor, business, business_id, actor_id, created_at, request_id, operation_type, request_access_security_header
business.update_actions_settings
An enterprise owner or site administrator updated GitHub Actions policy settings for an enterprise.
Поля
user_agent, request_id, actor, actor_id, name, business, business_id, action, operation_type, @timestamp, created_at, _document_id, updated_github_owned_allowed, updated_verified_allowed, updated_patterns, new_policy, old_policy, updated_access_policy
Справочные материалы
Enforcing policies for GitHub Actions in your enterprise
business.update_default_repository_permission
The base repository permission setting was updated for all organizations in an enterprise.
Поля
business_id, operation_type, user_agent, actor, actor_id, permission, action, created_at, @timestamp, request_id, name, _document_id, old_permission, business
Справочные материалы
Enforcing repository management policies in your enterprise
business.update_member_repository_creation_permission
The repository creation setting was updated for an enterprise.
Поля
created_at, _document_id, request_id, name, business_id, actor, actor_id, @timestamp, operation_type, permission, action, business, user_agent, visibility
Справочные материалы
Enforcing repository management policies in your enterprise
business.update_member_repository_invitation_permission
The policy setting for enterprise members inviting outside collaborators to repositories was updated.
Поля
business_id, created_at, action, operation_type, @timestamp, request_id, permission, actor, actor_id, name, _document_id, user_agent, business
Справочные материалы
Enforcing repository management policies in your enterprise

business_advanced_security

business_advanced_security.disabled
GitHub Advanced Security was disabled for your enterprise.
Поля
actor, actor_id, user_agent, request_id, user, user_id, business, business_id, action, _document_id, @timestamp, created_at, operation_type, request_access_security_header
Справочные материалы
Managing GitHub Advanced Security features for your enterprise
business_advanced_security.disabled_for_new_repos
GitHub Advanced Security was disabled for new repositories in your enterprise.
Поля
actor, actor_id, user_agent, request_id, user, user_id, business, business_id, action, _document_id, @timestamp, created_at, operation_type
Справочные материалы
Managing GitHub Advanced Security features for your enterprise
business_advanced_security.disabled_for_new_user_namespace_repos
GitHub Advanced Security was disabled for new user namespace repositories in your enterprise.
Поля
actor, actor_id, user_agent, request_id, user, user_id, business, business_id, action, _document_id, @timestamp, created_at, operation_type, actor_is_bot, request_access_security_header
Справочные материалы
Managing GitHub Advanced Security features for your enterprise
business_advanced_security.enabled
GitHub Advanced Security was enabled for your enterprise.
Поля
actor, actor_id, user_agent, request_id, user, user_id, business, business_id, action, _document_id, @timestamp, created_at, operation_type
Справочные материалы
Managing GitHub Advanced Security features for your enterprise
business_advanced_security.enabled_for_new_repos
GitHub Advanced Security was enabled for new repositories in your enterprise.
Поля
actor, actor_id, user_agent, request_id, user, user_id, business, business_id, action, _document_id, @timestamp, created_at, operation_type
Справочные материалы
Managing GitHub Advanced Security features for your enterprise
business_advanced_security.enabled_for_new_user_namespace_repos
GitHub Advanced Security was enabled for new user namespace repositories in your enterprise.
Поля
actor, actor_id, user_agent, request_id, user, user_id, business, business_id, action, _document_id, @timestamp, created_at, operation_type, actor_is_bot, request_access_security_header
Справочные материалы
Managing GitHub Advanced Security features for your enterprise
business_advanced_security.user_namespace_repos_disabled
GitHub Advanced Security was disabled for user namespace repositories in your enterprise.
Поля
actor, actor_id, user_agent, request_id, user, user_id, business, business_id, action, _document_id, @timestamp, created_at, operation_type, actor_is_bot
Справочные материалы
Managing GitHub Advanced Security features for your enterprise
business_advanced_security.user_namespace_repos_enabled
GitHub Advanced Security was enabled for user namespace repositories in your enterprise.
Поля
actor, actor_id, user_agent, request_id, user, user_id, business, business_id, action, _document_id, @timestamp, created_at, operation_type, actor_is_bot, request_access_security_header
Справочные материалы
Managing GitHub Advanced Security features for your enterprise

business_dependabot_alerts_new_repos

business_dependabot_alerts_new_repos.disable
Dependabot alerts were disabled for new repositories in your enterprise.
Поля
actor, actor_id, user_agent, request_id, user, user_id, business, business_id, action, _document_id, @timestamp, created_at, operation_type
business_dependabot_alerts_new_repos.enable
Dependabot alerts were enabled for new repositories in your enterprise.
Поля
actor, actor_id, user_agent, request_id, user, user_id, business, business_id, action, _document_id, @timestamp, created_at, operation_type

business_secret_scanning_automatic_validity_checks

business_secret_scanning_automatic_validity_checks.disabled
Automatic partner validation checks have been disabled at the business level
Поля
actor, actor_id, user_agent, request_id, user, user_id, business, business_id, action, _document_id, @timestamp, created_at, operation_type
Справочные материалы
Managing GitHub Advanced Security features for your enterprise
business_secret_scanning_automatic_validity_checks.enabled
Automatic partner validation checks have been enabled at the business level
Поля
actor, actor_id, user_agent, request_id, user, user_id, business, business_id, action, _document_id, @timestamp, created_at, operation_type
Справочные материалы
Managing GitHub Advanced Security features for your enterprise

business_secret_scanning_custom_pattern

business_secret_scanning_custom_pattern.create
An enterprise-level custom pattern was created for secret scanning.
Поля
user_agent, request_id, actor, actor_id, user, user_id, business, business_id, action, _document_id, @timestamp, created_at, operation_type, request_access_security_header
Справочные материалы
Defining custom patterns for secret scanning
business_secret_scanning_custom_pattern.delete
An enterprise-level custom pattern was removed from secret scanning.
Поля
user_agent, request_id, actor, actor_id, user, user_id, business, business_id, action, _document_id, @timestamp, created_at, operation_type
business_secret_scanning_custom_pattern.publish
An enterprise-level custom pattern was published for secret scanning.
Поля
actor, actor_id, user_agent, request_id, user, user_id, business, business_id, action, _document_id, @timestamp, created_at, operation_type, request_access_security_header
business_secret_scanning_custom_pattern.update
Changes to an enterprise-level custom pattern were saved and a dry run was executed for secret scanning.
Поля
user_agent, request_id, actor, actor_id, user, user_id, business, business_id, action, _document_id, @timestamp, created_at, operation_type

business_secret_scanning_custom_pattern_push_protection

business_secret_scanning_custom_pattern_push_protection.disabled
Push protection for a custom pattern for secret scanning was disabled for your enterprise.
Поля
actor, actor_id, user_agent, request_id, user, user_id, business, business_id, action, _document_id, @timestamp, created_at, operation_type
Справочные материалы
Defining custom patterns for secret scanning
business_secret_scanning_custom_pattern_push_protection.enabled
Push protection for a custom pattern for secret scanning was enabled for your enterprise.
Поля
actor, actor_id, user_agent, request_id, user, user_id, business, business_id, action, _document_id, @timestamp, created_at, operation_type, request_access_security_header
Справочные материалы
Defining custom patterns for secret scanning

business_secret_scanning

business_secret_scanning.disable
Secret scanning was disabled for your enterprise.
Поля
actor, actor_id, user_agent, request_id, user, user_id, business, business_id, action, _document_id, @timestamp, created_at, operation_type
Справочные материалы
Managing GitHub Advanced Security features for your enterprise
business_secret_scanning.disabled_for_new_repos
Secret scanning was disabled for new repositories in your enterprise.
Поля
actor, actor_id, user_agent, request_id, user, user_id, business, business_id, action, _document_id, @timestamp, created_at, operation_type
Справочные материалы
Managing GitHub Advanced Security features for your enterprise
business_secret_scanning.enable
Secret scanning was enabled for your enterprise.
Поля
actor, actor_id, user_agent, request_id, user, user_id, business, business_id, action, _document_id, @timestamp, created_at, operation_type
Справочные материалы
Managing GitHub Advanced Security features for your enterprise
business_secret_scanning.enabled_for_new_repos
Secret scanning was enabled for new repositories in your enterprise.
Поля
actor, actor_id, user_agent, request_id, user, user_id, business, business_id, action, _document_id, @timestamp, created_at, operation_type
Справочные материалы
Managing GitHub Advanced Security features for your enterprise

business_secret_scanning_non_provider_patterns

business_secret_scanning_non_provider_patterns.disabled
Secret scanning for non-provider patterns was disabled at the enterprise level.
Поля
actor, actor_id, user_agent, request_id, user, user_id, business, business_id, action, _document_id, @timestamp, created_at, operation_type, actor_is_bot
Справочные материалы
Supported secret scanning patterns
business_secret_scanning_non_provider_patterns.enabled
Secret scanning for non-provider patterns was enabled at the enterprise level.
Поля
actor, actor_id, user_agent, request_id, user, user_id, business, business_id, action, _document_id, @timestamp, created_at, operation_type, actor_is_bot
Справочные материалы
Supported secret scanning patterns

business_secret_scanning_push_protection_custom_message

business_secret_scanning_push_protection_custom_message.disable
The custom message triggered by an attempted push to a push-protected repository was disabled for your enterprise.
Поля
actor, actor_id, user_agent, request_id, user, user_id, business, business_id, action, _document_id, @timestamp, created_at, operation_type
Справочные материалы
Managing GitHub Advanced Security features for your enterprise
business_secret_scanning_push_protection_custom_message.enable
The custom message triggered by an attempted push to a push-protected repository was enabled for your enterprise.
Поля
actor, actor_id, user_agent, request_id, user, user_id, business, business_id, action, _document_id, @timestamp, created_at, operation_type
Справочные материалы
Managing GitHub Advanced Security features for your enterprise
business_secret_scanning_push_protection_custom_message.update
The custom message triggered by an attempted push to a push-protected repository was updated for your enterprise.
Поля
actor, actor_id, user_agent, request_id, user, user_id, business, business_id, action, _document_id, @timestamp, created_at, operation_type
Справочные материалы
Managing GitHub Advanced Security features for your enterprise

business_secret_scanning_push_protection

business_secret_scanning_push_protection.disable
Push protection for secret scanning was disabled for your enterprise.
Поля
actor, actor_id, user_agent, request_id, user, user_id, business, business_id, action, _document_id, @timestamp, created_at, operation_type
Справочные материалы
Managing GitHub Advanced Security features for your enterprise
business_secret_scanning_push_protection.disabled_for_new_repos
Push protection for secret scanning was disabled for new repositories in your enterprise.
Поля
actor, actor_id, user_agent, request_id, user, user_id, business, business_id, action, _document_id, @timestamp, created_at, operation_type
Справочные материалы
Managing GitHub Advanced Security features for your enterprise
business_secret_scanning_push_protection.enable
Push protection for secret scanning was enabled for your enterprise.
Поля
actor, actor_id, user_agent, request_id, user, user_id, business, business_id, action, _document_id, @timestamp, created_at, operation_type
Справочные материалы
Managing GitHub Advanced Security features for your enterprise
business_secret_scanning_push_protection.enabled_for_new_repos
Push protection for secret scanning was enabled for new repositories in your enterprise.
Поля
actor, actor_id, user_agent, request_id, user, user_id, business, business_id, action, _document_id, @timestamp, created_at, operation_type
Справочные материалы
Managing GitHub Advanced Security features for your enterprise

business_secret_scanning_push_protection_pattern_configuration

business_secret_scanning_push_protection_pattern_configuration.push_protection_setting_changed
The push protection setting was changed for a secret type for your enterprise.
Поля
actor, actor_id, user_agent, request_id, user, user_id, business, business_id, action, _document_id, @timestamp, created_at, secret_type, secret_type_display_name, push_protection_setting
Справочные материалы
Managing GitHub Advanced Security features for your enterprise
business_secret_scanning_push_protection_pattern_configuration.updated
The push protection pattern configuration was updated for your enterprise.
Поля
actor, actor_id, user_agent, request_id, user, user_id, business, business_id, action, _document_id, @timestamp
Справочные материалы
Managing GitHub Advanced Security features for your enterprise

checks

checks.auto_trigger_disabled
Automatic creation of check suites was disabled on a repository in the organization or enterprise.
Поля
visibility, user_agent, user, @timestamp, repo, actor_id, user_id, action, created_at, actor, operation_type, request_id, repo_id, _document_id
Справочные материалы
/rest/checks#update-repository-preferences-for-check-suites
checks.auto_trigger_enabled
Automatic creation of check suites was enabled on a repository in the organization or enterprise.
Поля
user_agent, request_id, actor, actor_id, visibility, repo, repo_id, user, user_id, action, operation_type, @timestamp, created_at, _document_id, public_repo
Справочные материалы
/rest/checks#update-repository-preferences-for-check-suites
checks.delete_logs
Logs in a check suite were deleted.
Поля
@timestamp, actor, actor_id, operation_type, repo_id, action, created_at, _document_id, user_agent, request_id, repo, programmatic_access_type

code

code.search
A code search was run targeting an organization. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.
Поля
@timestamp, action, actor_id, business_id, query, org_id, user_id, _document_id, search_string
Справочные материалы
/search-github/github-code-search

codespaces

codespaces.allow_permissions
A codespace using custom permissions from its devcontainer.json file was launched.
Поля
user_agent, request_id, actor, actor_id, origin_repository, action, _document_id, @timestamp, created_at, operation_type
codespaces.connect
Credentials for a codespace were refreshed.
Поля
user_agent, request_id, actor, actor_id, repository_id, repository, pull_request_id, user_id, org_id, owner, name, action, operation_type, @timestamp, created_at, _document_id, public_repo, token_scopes, programmatic_access_type, actor_is_bot, machine_type, devcontainer_path
codespaces.create
A codespace was created
Поля
user_agent, request_id, actor, actor_id, repository_id, repository, pull_request_id, owner, name, action, operation_type, @timestamp, created_at, _document_id, token_scopes, programmatic_access_type, actor_is_bot, machine_type, devcontainer_path
Справочные материалы
Creating a codespace for a repository
codespaces.destroy
A user deleted a codespace.
Поля
user_agent, request_id, actor, actor_id, repository_id, repository, pull_request_id, owner, name, action, operation_type, @timestamp, created_at, _document_id, token_scopes, programmatic_access_type
Справочные материалы
Deleting a codespace
codespaces.export_environment
A codespace was exported to a branch on GitHub.
Поля
user_agent, request_id, actor, actor_id, oauth_application_id, owner, action, _document_id, @timestamp, created_at, operation_type, public_repo
codespaces.restore
A codespace was restored.
Поля
user_agent, request_id, actor, actor_id, owner, repo, repo_id, public_repo, action, _document_id, @timestamp, created_at, operation_type
codespaces.start_environment
A codespace was started.
Поля
actor, actor_id, user_agent, request_id, name, org, owner, pull_request_id, machine_type, user_id, user, devcontainer_path, repo, repo_id, public_repo, action, _document_id, @timestamp, created_at, operation_type, request_access_security_header
codespaces.suspend_environment
A codespace was stopped.
Поля
user_agent, request_id, actor, actor_id, owner, action, operation_type, @timestamp, created_at, _document_id, public_repo, token_scopes, programmatic_access_type
codespaces.trusted_repositories_access_update
A personal account's access and security setting for Codespaces were updated.
Поля
user_agent, request_id, actor, actor_id, business, org, org_id, action, operation_type, @timestamp, created_at, _document_id
Справочные материалы
Managing access to other repositories within your codespace

copilot

copilot.cfb_seat_added
A Copilot Business or Copilot Enterprise seat was added for a user and they have received access to GitHub Copilot. This can occur as the result of directly assigning a seat for a user, assigning a seat for a team, or setting the organization to allow access for all members.
Поля
user_agent, request_id, token_id, hashed_token, programmatic_access_type, actor, actor_id, user, user_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, request_access_security_header
copilot.cfb_seat_assignment_created
A Copilot Business or Copilot Enterprise seat assignment was newly created for a user or a team, and seats are being created.
Поля
actor, actor_id, user_agent, request_id, action, _document_id, @timestamp, created_at, operation_type, request_access_security_header
Справочные материалы
What is GitHub Copilot?
copilot.cfb_seat_assignment_refreshed
A seat assignment that was previously pending cancellation was re-assigned and the user will retain access to Copilot.
Поля
user_agent, request_id, hashed_token, programmatic_access_type, actor, actor_id, token_id, token_scopes, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, request_access_security_header
copilot.cfb_seat_assignment_reused
A Copilot Business or Copilot Enterprise seat assignment was re-created for a user who already had a seat with no pending cancellation date, and the user will retain access to Copilot.
Поля
actor, actor_id, user_agent, request_id, org, org_id, action, _document_id, @timestamp, created_at, operation_type
copilot.cfb_seat_assignment_unassigned
A user or team's Copilot Business or Copilot Enterprise seat assignment was unassigned, and the user(s) will lose access to Copilot at the end of the current billing cycle.
Поля
actor, actor_id, user_agent, request_id, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, request_access_security_header
copilot.cfb_seat_cancelled
A user's Copilot Business or Copilot Enterprise seat was canceled, and the user no longer has access to Copilot.
Поля
actor, actor_id, user_agent, request_id, user, user_id, action, _document_id, @timestamp, created_at, operation_type, seat_assignment, request_access_security_header
copilot.cfb_seat_cancelled_by_staff
A user's Copilot Business or Copilot Enterprise seat was canceled manually by GitHub staff, and the user no longer has access to Copilot.
Поля
actor, actor_id, user_agent, request_id, user_id, user, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id

custom_property_definition

custom_property_definition.create
A new custom property definition was created.
Поля
actor, actor_id, user_agent, request_id, property_name, action, _document_id, @timestamp, created_at, operation_type, business, business_id, value_type, required, default_value, definition_id
Справочные материалы
/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization
custom_property_definition.destroy
A custom property definition was deleted.
Поля
actor, actor_id, user_agent, request_id, property_name, action, _document_id, @timestamp, created_at, operation_type, business, business_id, value_type, required, default_value, definition_id, allowed_values
Справочные материалы
/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization
custom_property_definition.update
A custom property definition was updated.
Поля
actor, actor_id, user_agent, request_id, property_name, action, _document_id, @timestamp, created_at, operation_type, value_type, required, default_value, old_allowed_values, allowed_values, definition_id, old_required, old_default_value, old_value_type, old_values_editable_by, values_editable_by, request_access_security_header
Справочные материалы
/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization

custom_property_value

custom_property_value.create
A repository's custom property value was manually set for the first time.
Поля
actor, actor_id, user_agent, request_id, definition_id, property_name, value, repo, repo_id, public_repo, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, actor_is_bot, request_access_security_header
Справочные материалы
/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization
custom_property_value.destroy
A repository's custom property value was deleted.
Поля
actor, actor_id, user_agent, request_id, repository, repository_id, public_repo, action, _document_id, @timestamp, created_at, operation_type, request_access_security_header
Справочные материалы
/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization
custom_property_value.update
A repository's custom property value was updated.
Поля
actor, actor_id, user_agent, request_id, repository, repository_id, public_repo, action, _document_id, @timestamp, created_at, operation_type, definition_id
Справочные материалы
/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization

dependabot_alerts

dependabot_alerts.disable
Dependabot alerts were disabled for all existing repositories.
Поля
user_agent, request_id, actor, actor_id, user, user_id, org, org_id, action, operation_type, @timestamp, created_at, _document_id
Справочные материалы
/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-for-all-existing-repositories
dependabot_alerts.enable
Dependabot alerts were enabled for all existing repositories.
Поля
user_agent, request_id, actor, actor_id, created_at, user, user_id, org, org_id, action, operation_type, @timestamp, _document_id
Справочные материалы
/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-for-all-existing-repositories

dependabot_alerts_new_repos

dependabot_alerts_new_repos.disable
Dependabot alerts were disabled for all new repositories.
Поля
user_agent, request_id, actor, actor_id, created_at, user, user_id, org, org_id, action, operation_type, @timestamp, _document_id
Справочные материалы
/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-automatically-when-new-repositories-are-added
dependabot_alerts_new_repos.enable
Dependabot alerts were enabled for all new repositories.
Поля
user_agent, request_id, actor, actor_id, user, user_id, org, org_id, action, operation_type, @timestamp, created_at, _document_id
Справочные материалы
/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-automatically-when-new-repositories-are-added

dependabot_repository_access

dependabot_repository_access.repositories_updated
The repositories that Dependabot can access were updated.
Поля
user_agent, request_id, actor, actor_id, org, org_id, action, operation_type, @timestamp, created_at, _document_id

dependabot_security_updates

dependabot_security_updates.disable
Dependabot security updates were disabled for all existing repositories.
Поля
user_agent, request_id, actor, actor_id, user, user_id, org, org_id, action, operation_type, @timestamp, created_at, _document_id
Справочные материалы
/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization
dependabot_security_updates.enable
Dependabot security updates were enabled for all existing repositories.
Поля
user_agent, request_id, actor, actor_id, created_at, user, user_id, org, org_id, action, operation_type, @timestamp, _document_id

dependabot_security_updates_new_repos

dependabot_security_updates_new_repos.disable
Dependabot security updates were disabled for all new repositories.
Поля
user_agent, request_id, actor, actor_id, created_at, user, user_id, org, org_id, action, operation_type, @timestamp, _document_id
Справочные материалы
/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization
dependabot_security_updates_new_repos.enable
Dependabot security updates were enabled for all new repositories.
Поля
user_agent, request_id, actor, actor_id, user, user_id, org, org_id, action, operation_type, @timestamp, created_at, _document_id

dependency_graph

dependency_graph.disable
The dependency graph was disabled for all existing repositories.
Поля
user_agent, request_id, actor, actor_id, created_at, user, user_id, org, org_id, action, operation_type, @timestamp, _document_id
Справочные материалы
/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization
dependency_graph.enable
The dependency graph was enabled for all existing repositories.
Поля
user_agent, request_id, actor, actor_id, created_at, user, user_id, org, org_id, action, operation_type, @timestamp, _document_id

dependency_graph_new_repos

dependency_graph_new_repos.disable
The dependency graph was disabled for all new repositories.
Поля
user_agent, request_id, actor, actor_id, created_at, user, user_id, org, org_id, action, operation_type, @timestamp, _document_id
Справочные материалы
/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization
dependency_graph_new_repos.enable
The dependency graph was enabled for all new repositories.
Поля
user_agent, request_id, actor, actor_id, created_at, user, user_id, org, org_id, action, operation_type, @timestamp, _document_id, request_access_security_header

discussion_post

discussion_post.destroy
Triggered when a team discussion post is deleted.
Поля
request_id, team, created_at, user_id, @timestamp, number, org, title, actor, actor_id, user, action, user_agent, operation_type, _document_id
Справочные материалы
/communities/moderating-comments-and-conversations/managing-disruptive-comments#deleting-a-comment
discussion_post.update
Triggered when a team discussion post is edited.
Поля
created_at, _document_id, title, user, user_agent, org, operation_type, actor_id, @timestamp, actor, team, action, org_id, request_id, user_id, number
Справочные материалы
/communities/moderating-comments-and-conversations/managing-disruptive-comments#editing-a-comment

discussion_post_reply

discussion_post_reply.destroy
Triggered when a reply to a team discussion post is deleted.
Поля
actor_id, action, @timestamp, user_agent, operation_type, user_id, actor, number, user, created_at, request_id, _document_id
Справочные материалы
/communities/moderating-comments-and-conversations/managing-disruptive-comments#deleting-a-comment
discussion_post_reply.update
Triggered when a reply to a team discussion post is edited.
Поля
action, _document_id, request_id, org, @timestamp, actor_id, operation_type, user, user_id, org_id, user_agent, actor, number, team, created_at
Справочные материалы
/communities/moderating-comments-and-conversations/managing-disruptive-comments#editing-a-comment

enterprise_announcement

enterprise_announcement.create
A global announcement banner was created for the enterprise.
Поля
actor, actor_id, user_agent, request_id, owner, owner_type, business_id, message, action, _document_id, @timestamp, created_at, operation_type
Справочные материалы
Customizing user messages for your enterprise
enterprise_announcement.destroy
A global announcement banner was removed from the enterprise.
Поля
actor, actor_id, user_agent, request_id, owner, owner_type, business_id, action, _document_id, @timestamp, created_at, operation_type
Справочные материалы
Customizing user messages for your enterprise
enterprise_announcement.update
A global announcement banner was updated for the enterprise.
Поля
actor, actor_id, user_agent, request_id, owner, owner_type, business_id, message, old_message, action, _document_id, @timestamp, created_at, operation_type
Справочные материалы
Customizing user messages for your enterprise

enterprise_domain

enterprise_domain.approve
A domain was approved for an enterprise.
Поля
user_agent, request_id, actor, actor_id, owner_type, domain_name, business_id, owner, action, operation_type, @timestamp, created_at, _document_id
Справочные материалы
Verifying or approving a domain for your enterprise
enterprise_domain.create
A domain was added to an enterprise.
Поля
user_agent, request_id, actor, actor_id, created_at, owner_type, domain_name, owner, action, operation_type, @timestamp, _document_id
Справочные материалы
Verifying or approving a domain for your enterprise
enterprise_domain.destroy
A domain was removed from an enterprise.
Поля
user_agent, request_id, actor, actor_id, created_at, owner_type, domain_name, owner, action, operation_type, @timestamp, _document_id
Справочные материалы
Verifying or approving a domain for your enterprise
enterprise_domain.verify
A domain was verified for an enterprise.
Поля
user_agent, request_id, actor, actor_id, owner_type, domain_name, owner, action, operation_type, @timestamp, created_at, _document_id
Справочные материалы
Verifying or approving a domain for your enterprise

enterprise

enterprise.register_self_hosted_runner
A new GitHub Actions self-hosted runner was registered.
Поля
user_agent, request_id, actor, actor_id, business, business_id, action, operation_type, @timestamp, created_at, _document_id, request_access_security_header
Справочные материалы
Adding self-hosted runners
enterprise.remove_self_hosted_runner
A GitHub Actions self-hosted runner was removed.
Поля
user_agent, request_id, actor, actor_id, business, business_id, action, operation_type, @timestamp, created_at, _document_id, token_scopes, programmatic_access_type, request_access_security_header
Справочные материалы
Removing self-hosted runners
enterprise.runner_group_created
A GitHub Actions self-hosted runner group was created.
Поля
user_agent, request_id, actor, actor_id, runner_group_id, business, business_id, action, operation_type, @timestamp, created_at, _document_id, runner_group_restricted_to_workflows
Справочные материалы
Removing self-hosted runners
enterprise.runner_group_removed
A GitHub Actions self-hosted runner group was removed.
Поля
user_agent, request_id, actor, actor_id, runner_group_id, business, business_id, action, operation_type, @timestamp, created_at, _document_id
Справочные материалы
Managing access to self-hosted runners using groups
enterprise.runner_group_runner_removed
The REST API was used to remove a GitHub Actions self-hosted runner from a group.
Поля
user_agent, request_id, actor, actor_id, oauth_application_id, runner_group_id, runner_id, business, business_id, action, operation_type, @timestamp, created_at, _document_id
Справочные материалы
/rest/actions#remove-a-self-hosted-runner-from-a-group-for-an-organization
enterprise.runner_group_runners_added
A GitHub Actions self-hosted runner was added to a group.
Поля
user_agent, request_id, actor, actor_id, runner_group_id, business, business_id, action, operation_type, @timestamp, created_at, _document_id, request_access_security_header
Справочные материалы
Managing access to self-hosted runners using groups
enterprise.runner_group_runners_updated
A GitHub Actions runner group's list of members was updated.
Поля
user_agent, request_id, actor, actor_id, oauth_application_id, runner_group_id, business, business_id, action, operation_type, @timestamp, created_at, _document_id
Справочные материалы
/rest/actions#set-self-hosted-runners-in-a-group-for-an-organization
enterprise.runner_group_updated
The configuration of a GitHub Actions self-hosted runner group was changed.
Поля
user_agent, request_id, actor, actor_id, runner_group_id, runner_group_name, runner_group_allow_public, business, business_id, action, operation_type, @timestamp, created_at, _document_id, runner_group_restricted_to_workflows, runner_group_selected_workflow_refs, network_configuration_id, request_access_security_header
Справочные материалы
Managing access to self-hosted runners using groups
enterprise.self_hosted_runner_offline
The GitHub Actions runner application was stopped. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.
Поля
business_id, runner_id, runner_name, action, _document_id, operation_type, created_at, @timestamp
Справочные материалы
Monitoring and troubleshooting self-hosted runners
enterprise.self_hosted_runner_online
The GitHub Actions runner application was started. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.
Поля
business_id, runner_id, runner_name, action, _document_id, operation_type, created_at, @timestamp
Справочные материалы
Monitoring and troubleshooting self-hosted runners
enterprise.self_hosted_runner_updated
The GitHub Actions runner application was updated. This event is not included in the JSON/CSV export.
Поля
business_id, runner_id, runner_name, source_version, target_version, runner_group_id, runner_group_name, action, _document_id, operation_type, created_at, @timestamp
Справочные материалы
Self-hosted runners

enterprise_team

enterprise_team.add_member
A new member was added to the enterprise team or an IdP group linked to an enterprise team, or an IdP group was linked to an enterprise team.
Поля
actor, actor_id, user_agent, request_id, user_id, business_id, enterprise_team_id, enterprise_team, user, business, action, _document_id, @timestamp, created_at, operation_type, request_access_security_header
enterprise_team.copilot_assignment
A license for GitHub Copilot was assigned to an enterprise team.
Поля
actor, actor_id, user_agent, request_id, business_id, enterprise_team_id, enterprise_team, business, action, _document_id, @timestamp, created_at, operation_type, actor_is_bot, request_access_security_header
enterprise_team.copilot_unassignment
A license for GitHub Copilot was unassigned from an enterprise team.
Поля
actor, actor_id, user_agent, request_id, business_id, enterprise_team_id, enterprise_team, business, action, _document_id, @timestamp, created_at, operation_type, actor_is_bot
enterprise_team.create
A new enterprise team was created.
Поля
actor, actor_id, user_agent, request_id, business_id, enterprise_team_id, enterprise_team, business, action, _document_id, @timestamp, created_at, operation_type
enterprise_team.destroy
An enterprise team was deleted.
Поля
actor, actor_id, user_agent, request_id, business_id, enterprise_team_id, enterprise_team, business, action, _document_id, @timestamp, created_at, operation_type, actor_is_bot
enterprise_team.remove_member
A member was removed from the enterprise team or an IdP group linked to an enterprise team, or an IdP group was unlinked from an enterprise team.
Поля
actor, actor_id, user_agent, request_id, user_id, business_id, enterprise_team_id, enterprise_team, user, business, action, _document_id, @timestamp, created_at, operation_type, request_access_security_header
enterprise_team.rename
The name of an enterprise team was changed.
Поля
actor, actor_id, user_agent, request_id, name, business_id, enterprise_team_id, enterprise_team, business, action, _document_id, @timestamp, created_at, operation_type, actor_is_bot

environment

environment.add_protection_rule
A GitHub Actions deployment protection rule was created via the API.
Поля
user_agent, request_id, actor, actor_id, name, repo, repo_id, org, org_id, action, operation_type, @timestamp, created_at, _document_id, programmatic_access_type, request_access_security_header
Справочные материалы
Managing environments for deployment
environment.create_actions_secret
A secret was created for a GitHub Actions environment.
Поля
user_agent, request_id, actor, actor_id, oauth_application_id, key, visibility, repo, repo_id, org, org_id, action, operation_type, @timestamp, created_at, _document_id, business, business_id, public_repo, token_scopes, programmatic_access_type, request_access_security_header
Справочные материалы
Managing environments for deployment
environment.create_actions_variable
A variable was created for a GitHub Actions environment.
Поля
actor, actor_id, user_agent, request_id, key, visibility, environment_name, repo, repo_id, public_repo, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, actor_is_bot, request_access_security_header
Справочные материалы
Store information in variables
environment.delete
An environment was deleted.
Поля
user_agent, request_id, actor, actor_id, name, repo, repo_id, org, org_id, action, operation_type, @timestamp, created_at, _document_id, public_repo, token_scopes, programmatic_access_type, actor_is_bot, request_access_security_header
Справочные материалы
Managing environments for deployment
environment.remove_actions_secret
A secret was deleted for a GitHub Actions environment.
Поля
user_agent, request_id, actor, actor_id, oauth_application_id, key, repo, repo_id, org, org_id, action, operation_type, @timestamp, created_at, _document_id, business, business_id, public_repo, token_scopes, request_access_security_header
Справочные материалы
Managing environments for deployment
environment.remove_actions_variable
A variable was deleted for a GitHub Actions environment.
Поля
actor, actor_id, user_agent, request_id, key, environment_name, repo, repo_id, public_repo, action, _document_id, @timestamp, created_at, operation_type, request_access_security_header
Справочные материалы
Store information in variables
environment.remove_protection_rule
A GitHub Actions deployment protection rule was deleted via the API.
Поля
user_agent, request_id, actor, actor_id, name, repo, repo_id, org, org_id, action, operation_type, @timestamp, created_at, _document_id, public_repo, request_access_security_header
Справочные материалы
Managing environments for deployment
environment.update_actions_secret
A secret was updated for a GitHub Actions environment.
Поля
user_agent, request_id, actor, actor_id, oauth_application_id, key, visibility, repo, repo_id, org, org_id, action, operation_type, @timestamp, created_at, _document_id, public_repo, programmatic_access_type, request_access_security_header
Справочные материалы
Managing environments for deployment
environment.update_actions_variable
A variable was updated for a GitHub Actions environment.
Поля
actor, actor_id, user_agent, request_id, key, visibility, environment_name, repo, repo_id, public_repo, action, _document_id, @timestamp, created_at, operation_type, request_access_security_header
Справочные материалы
Store information in variables
environment.update_protection_rule
A GitHub Actions deployment protection rule was updated via the API.
Поля
user_agent, request_id, actor, actor_id, repo, repo_id, org, org_id, action, @timestamp, _document_id, new_value, approvers_was, approvers, programmatic_access_type, can_admins_bypass, prevent_self_review
Справочные материалы
Managing environments for deployment

external_group

external_group.add_member
A user was added to an external group.
Поля
user_agent, request_id, hashed_token, programmatic_access_type, actor, actor_id, token_id, token_scopes, external_group, external_group_id, user, user_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, scim_group_id, request_access_security_header
external_group.delete
An external group was deleted.
Поля
user_agent, request_id, actor, actor_id, oauth_application_id, action, operation_type, @timestamp, created_at, _document_id, business, business_id, token_scopes, scim_group_id
external_group.link
An external group was linked to a GitHub team.
Поля
user_agent, request_id, actor, actor_id, external_group_id, action, operation_type, @timestamp, created_at, _document_id, business, business_id, external_group, programmatic_access_type, scim_group_id, request_access_security_header
external_group.provision
An external group was created.
Поля
user_agent, request_id, actor, actor_id, oauth_application_id, action, operation_type, @timestamp, created_at, _document_id, business, business_id, token_scopes, programmatic_access_type, request_access_security_header
external_group.remove_member
A user was removed from an external group.
Поля
user_agent, request_id, hashed_token, programmatic_access_type, actor, actor_id, token_id, token_scopes, external_group, external_group_id, user, user_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, request_access_security_header
external_group.scim_api_failure
Failed external group SCIM API request.
Поля
user_agent, request_id, request_method, hashed_token, programmatic_access_type, actor, actor_id, token_id, token_scopes, query_string, api_request_body, route, status_code, url_path, scim_group_id, message, action, _document_id, @timestamp, created_at, operation_type, business, business_id, actor_is_bot, request_access_security_header
Справочные материалы
REST API endpoints for SCIM
external_group.scim_api_success
Successful external group SCIM API request. Excludes GET API requests.
Поля
user_agent, request_id, request_method, hashed_token, programmatic_access_type, actor, actor_id, token_id, token_scopes, query_string, api_request_body, route, status_code, url_path, scim_group_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, actor_is_bot, request_access_security_header
Справочные материалы
REST API endpoints for SCIM
external_group.unlink
An external group was unlinked to a GitHub team.
Поля
user_agent, request_id, actor, actor_id, external_group_id, action, operation_type, @timestamp, created_at, _document_id, business, business_id, external_group
external_group.update
An external group was updated.
Поля
user_agent, request_id, actor, actor_id, oauth_application_id, action, operation_type, @timestamp, created_at, _document_id, business, business_id, token_scopes, programmatic_access_type, scim_group_id, request_access_security_header
external_group.update_display_name
An external group's display name was updated.
Поля
user_agent, request_id, hashed_token, programmatic_access_type, actor, actor_id, token_id, token_scopes, external_group_id, external_group, action, _document_id, @timestamp, created_at, operation_type, business, business_id, scim_group_id, request_access_security_header

external_identity

external_identity.deprovision
An external identity was deprovisioned, suspending the linked GitHub user.
Поля
user_agent, request_id, actor, actor_id, oauth_application_id, action, user_id, operation_type, @timestamp, created_at, _document_id, token_scopes, programmatic_access_type, request_access_security_header
external_identity.provision
An external identity was created and linked to a GitHub user.
Поля
user_agent, request_id, action, user_id, operation_type, @timestamp, created_at, _document_id, programmatic_access_type, scim_user_id, request_access_security_header
external_identity.scim_api_failure
Failed external identity SCIM API request.
Поля
user_agent, request_id, request_method, hashed_token, programmatic_access_type, actor, actor_id, token_id, token_scopes, query_string, api_request_body, route, status_code, url_path, scim_user_id, message, action, _document_id, @timestamp, created_at, operation_type, business, business_id, actor_is_bot, request_access_security_header
Справочные материалы
REST API endpoints for SCIM
external_identity.scim_api_success
Successful external identity SCIM API request. Excludes GET API requests.
Поля
user_agent, request_id, request_method, hashed_token, programmatic_access_type, actor, actor_id, token_id, token_scopes, query_string, api_request_body, route, status_code, url_path, scim_user_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, actor_is_bot, request_access_security_header
Справочные материалы
REST API endpoints for SCIM
external_identity.update
An external identity was updated.
Поля
user_agent, request_id, action, user_id, operation_type, @timestamp, created_at, _document_id, token_scopes, programmatic_access_type, scim_user_id, request_access_security_header

gist

gist.create
A gist was created.
Поля
request_id, user_id, user, gist_id, @timestamp, created_at, operation_type, user_agent, actor, actor_id, visibility, action, _document_id, token_scopes, programmatic_access_type
gist.destroy
A gist was deleted.
Поля
user_id, gist_id, visibility, created_at, _document_id, user, request_id, operation_type, actor, actor_id, action, user_agent, @timestamp, programmatic_access_type
gist.visibility_change
The visibility of a gist was updated.
Поля
action, operation_type, @timestamp, user_agent, actor, user, gist_id, actor_id, request_id, visibility, user_id, created_at, _document_id, token_scopes, programmatic_access_type

git

Note: Git events have special access requirements and retention policies that differ from other audit log events. For GitHub Enterprise Cloud, access Git events via the REST API only with 7-day retention. For GitHub Enterprise Server, Git events must be enabled in audit log configuration and are not included in search results.

git.clone
A repository was cloned.
Поля
transport_protocol, request_id, repository, repository_id, repository_public, actor, actor_id, org, org_id, business, business_id, user, user_id, transport_protocol_name
git.fetch
Changes were fetched from a repository.
Поля
action, transport_protocol, request_id, repository, repository_id, repository_public, actor, actor_id, org, org_id, business, business_id, user, user_id, transport_protocol_name
git.push
Changes were pushed to a repository.
Поля
transport_protocol, request_id, repository, repository_id, repository_public, actor, actor_id, org, org_id, business, business_id, user, user_id, transport_protocol_name

git_signing_ssh_public_key

git_signing_ssh_public_key.create
An SSH key was added to a user account as a Git commit signing key.
Поля
actor, actor_id, user_agent, request_id, title, key, fingerprint, user_id, user, action, _document_id, @timestamp, created_at, operation_type, token_scopes, request_access_security_header
Справочные материалы
/authentication/managing-commit-signature-verification/telling-git-about-your-signing-key
git_signing_ssh_public_key.delete
An SSH key was removed from a user account as a Git commit signing key.
Поля
actor, actor_id, user_agent, request_id, title, key, fingerprint, user_id, explanation, user, action, _document_id, @timestamp, created_at, operation_type, token_scopes, request_access_security_header
Справочные материалы
/authentication/managing-commit-signature-verification/telling-git-about-your-signing-key

hook

hook.active_changed
A hook's active status was updated.
Поля
user_agent, request_id, actor, actor_id, created_at, name, events, active, active_was, hook_id, repo, repo_id, org, org_id, action, operation_type, @timestamp, _document_id, programmatic_access_type
hook.config_changed
A hook's configuration was changed.
Поля
actor_id, operation_type, @timestamp, _document_id, actor, name, org, user_agent, request_id, hook_id, repo, repo_id, created_at, oauth_application_id, action, events, org_id, token_scopes, programmatic_access_type
hook.create
A new hook was added.
Поля
oauth_application, _document_id, user_agent, actor, actor_id, oauth_application_id, repo_id, request_id, hook_id, events, repo, @timestamp, operation_type, name, action, created_at, org_id, org, token_scopes, programmatic_access_type
Справочные материалы
About webhooks
hook.destroy
A hook was deleted.
Поля
actor, events, repo, created_at, org, name, request_id, actor_id, repo_id, org_id, action, operation_type, oauth_application_id, user_agent, hook_id, @timestamp, _document_id, token_scopes, programmatic_access_type
hook.events_changed
A hook's configured events were changed.
Поля
actor, events, repo, operation_type, action, _document_id, actor_id, name, events_were, @timestamp, created_at, hook_id, repo_id, org_id, org, user_agent, request_id, oauth_application_id, token_scopes, programmatic_access_type

integration

integration.create
A GitHub App was created.
Поля
user, action, operation_type, @timestamp, actor, user_agent, actor_id, request_id, name, user_id, _document_id, integration, created_at, programmatic_access_type, request_access_security_header, application_client_id
integration.destroy
A GitHub App was deleted.
Поля
actor, user_id, actor_id, request_id, @timestamp, name, integration, user, _document_id, action, operation_type, created_at, user_agent
integration.manager_added
A member of an enterprise or organization was added as a GitHub App manager.
Поля
created_at, action, _document_id, name, org_id, manager, operation_type, actor, integration, org, @timestamp, actor_id, request_id, user_agent
Справочные материалы
/organizations/managing-programmatic-access-to-your-organization/adding-and-removing-github-app-managers-in-your-organization#giving-someone-the-ability-to-manage-all-github-apps-owned-by-the-organization
integration.manager_removed
A member of an enterprise or organization was removed from being a GitHub App manager.
Поля
user_agent, request_id, actor_id, org, operation_type, integration, org_id, _document_id, action, actor, name, created_at, manager, @timestamp
Справочные материалы
/organizations/managing-programmatic-access-to-your-organization/adding-and-removing-github-app-managers-in-your-organization#removing-a-github-app-managers-permissions-for-the-entire-organization
integration.remove_client_secret
A client secret for a GitHub App was removed.
Поля
user_agent, request_id, actor, actor_id, name, integration, user, user_id, action, operation_type, @timestamp, created_at, _document_id, request_access_security_header
integration.revoke_all_tokens
All user tokens for a GitHub App were requested to be revoked.
Поля
user_agent, request_id, actor, actor_id, name, integration, user, user_id, action, operation_type, @timestamp, created_at, _document_id, application_client_id
integration.revoke_tokens
Token(s) for a GitHub App were revoked.
Поля
user_agent, request_id, actor, actor_id, name, integration, user, user_id, action, operation_type, @timestamp, created_at, _document_id, application_client_id
integration.suspend
A GitHub App was suspended.
Поля
actor, actor_id, user_agent, request_id, name, integration, user, user_id, action, _document_id, @timestamp, created_at, operation_type, application_client_id
Справочные материалы
/apps/maintaining-github-apps/suspending-a-github-app-installation
integration.transfer
Ownership of a GitHub App was transferred to another user or organization.
Поля
@timestamp, user_id, name, transfer_to_id, user, requester, action, requester_id, actor_id, created_at, _document_id, user_agent, transfer_to, operation_type, request_id, actor, integration, transfer_from, transfer_from_id, transfer_from_type, transfer_to_type
Справочные материалы
/apps/maintaining-github-apps/transferring-ownership-of-a-github-app
integration.unsuspend
A GitHub App was unsuspended.
Поля
actor, actor_id, user_agent, request_id, name, integration, user, user_id, action, _document_id, @timestamp, created_at, operation_type, application_client_id
Справочные материалы
/apps/maintaining-github-apps/suspending-a-github-app-installation

integration_installation

integration_installation.create
A GitHub App was installed.
Поля
operation_type, @timestamp, name, request_id, repository_selection, user_id, action, user_agent, user, created_at, integration, _document_id, programmatic_access_type, application_client_id
Справочные материалы
/apps/using-github-apps/authorizing-github-apps
integration_installation.destroy
A GitHub App was uninstalled.
Поля
@timestamp, request_id, actor, created_at, _document_id, repository_selection, integration, user_id, user, action, operation_type, name, actor_id, user_agent, programmatic_access_type, application_client_id
Справочные материалы
/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#blocking-access
integration_installation.repositories_added
Repositories were added to a GitHub App.
Поля
user_id, repository_selection, name, user, request_id, integration, operation_type, actor_id, action, repositories_added, created_at, _document_id, @timestamp, actor, user_agent, token_scopes, repositories_added_names, programmatic_access_type, actor_is_bot, application_client_id
Справочные материалы
/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#modifying-repository-access
integration_installation.repositories_removed
Repositories were removed from a GitHub App.
Поля
user, operation_type, user_agent, actor, repository_selection, repositories_removed, integration, user_id, created_at, _document_id, request_id, @timestamp, name, action, actor_id, repositories_removed_names, programmatic_access_type, actor_is_bot, application_client_id
Справочные материалы
/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#modifying-repository-access
integration_installation.suspend
A GitHub App was suspended.
Поля
user_agent, request_id, name, repository_selection, actor_id, integration, user, user_id, action, operation_type, @timestamp, created_at, _document_id, request_access_security_header, application_client_id
Справочные материалы
/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#blocking-access
integration_installation.unsuspend
A GitHub App was unsuspended.
Поля
user_agent, request_id, name, repository_selection, actor_id, integration, user, user_id, action, operation_type, @timestamp, created_at, _document_id
Справочные материалы
/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#blocking-access
integration_installation.version_updated
Permissions for a GitHub App were updated.
Поля
integration, user_id, user_agent, name, user, operation_type, actor_id, action, _document_id, request_id, created_at, repository_selection, @timestamp, actor, application_client_id
Справочные материалы
/apps/using-github-apps/approving-updated-permissions-for-a-github-app

ip_allow_list

ip_allow_list.disable
An IP allow list was disabled.
Поля
operation_type, actor, request_id, org, user_agent, _document_id, user_id, actor_id, created_at, org_id, action, @timestamp, user
ip_allow_list.disable_for_installed_apps
An IP allow list was disabled for installed GitHub Apps.
Поля
user_agent, request_id, actor, actor_id, created_at, user, user_id, business, business_id, action, operation_type, @timestamp, _document_id
ip_allow_list.disable_user_level_enforcement
IP allow list user level enforcement was disabled.
Поля
user_agent, request_id, actor, actor_id, user, user_id, business, business_id, action, _document_id, @timestamp, created_at, operation_type
ip_allow_list.enable
An IP allow list was enabled.
Поля
org_id, business, user_id, request_id, actor, user, business_id, _document_id, action, @timestamp, user_agent, actor_id, operation_type, org, created_at
ip_allow_list.enable_for_installed_apps
An IP allow list was enabled for installed GitHub Apps.
Поля
user_agent, request_id, actor, actor_id, created_at, user, user_id, business, business_id, action, operation_type, @timestamp, _document_id
ip_allow_list.enable_user_level_enforcement
IP allow list user level enforcement was enabled.
Поля
user_agent, request_id, actor, actor_id, user, user_id, business, business_id, action, _document_id, @timestamp, created_at, operation_type

ip_allow_list_entry

ip_allow_list_entry.create
An IP address was added to an IP allow list.
Поля
active, org, ip_allow_list_entry, @timestamp, _document_id, operation_type, created_at, user_agent, action, request_id, actor_id, business_id, org_id, business, actor, token_scopes, programmatic_access_type, request_access_security_header
ip_allow_list_entry.destroy
An IP address was deleted from an IP allow list.
Поля
_document_id, request_id, ip_allow_list_entry, org, operation_type, created_at, active, action, @timestamp, business, business_id, user_agent, org_id, actor, actor_id, token_scopes, programmatic_access_type, request_access_security_header
ip_allow_list_entry.update
An IP address or its description was changed.
Поля
request_id, _document_id, actor, org, action, operation_type, created_at, user_agent, actor_id, ip_allow_list_entry, active, org_id, @timestamp

marketplace_agreement_signature

marketplace_agreement_signature.create
The GitHub Marketplace Developer Agreement was signed.
Поля
request_id, actor, actor_id, @timestamp, _document_id, user_agent, operation_type, created_at, action, user, user_id, request_access_security_header

marketplace_listing

marketplace_listing.approve
A listing was approved for inclusion in GitHub Marketplace.
Поля
secondary_category, actor, primary_category, user, @timestamp, _document_id, user_id, user_agent, operation_type, created_at, request_id, actor_id, marketplace_listing, integration, action
marketplace_listing.change_category
A category for a listing for an app in GitHub Marketplace was changed.
Поля
primary_category, user_agent, request_id, actor, marketplace_listing, @timestamp, integration, org_id, action, org, secondary_category, operation_type, created_at, actor_id, _document_id
marketplace_listing.create
A listing for an app in GitHub Marketplace was created.
Поля
primary_category, _document_id, user, created_at, user_agent, oauth_application, action, request_id, marketplace_listing, user_id, secondary_category, oauth_application_id, actor, actor_id, operation_type, @timestamp
marketplace_listing.delist
A listing was removed from GitHub Marketplace.
Поля
org, actor, actor_id, user_agent, request_id, org_id, created_at, secondary_category, operation_type, marketplace_listing, action, @timestamp, _document_id, primary_category, integration
marketplace_listing.redraft
A listing was sent back to draft state.
Поля
_document_id, secondary_category, oauth_application_id, @timestamp, action, user_agent, user_id, operation_type, oauth_application, actor, created_at, marketplace_listing, request_id, actor_id, primary_category, user
marketplace_listing.reject
A listing was not accepted for inclusion in GitHub Marketplace.
Поля
user_agent, request_id, actor, actor_id, primary_category, secondary_category, marketplace_listing, oauth_application, oauth_application_id, user, user_id, action, operation_type, @timestamp, created_at, _document_id

migration

migration.create
A migration file was created for transferring data from a source location (such as a GitHub.com organization or a GitHub Enterprise Server instance) to a target GitHub Enterprise Server instance.
Поля
repo, org_id, _document_id, org, repo_id, action, actor, created_at, operation_type, @timestamp, user_agent, request_id, actor_id, token_scopes, programmatic_access_type, actor_is_bot, request_access_security_header

oauth_access

oauth_access.create
An OAuth access token was generated.
Поля
_document_id, operation_type, user_agent, actor, @timestamp, user, user_id, created_at, action, actor_id, request_id, token_scopes, programmatic_access_type, request_access_security_header, oauth_application_name
Справочные материалы
/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps, Managing your personal access tokens
oauth_access.destroy
An OAuth access token was deleted.
Поля
@timestamp, user_agent, action, operation_type, _document_id, actor, created_at, user, user_id, request_id, explanation, hashed_token, actor_id, token_scopes, oauth_application_name
Справочные материалы
/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps
oauth_access.regenerate
An OAuth access token was regenerated.
Поля
user, user_id, _document_id, created_at, @timestamp, operation_type, action, user_agent, request_id, actor, actor_id, token_scopes, programmatic_access_type, oauth_application_name
oauth_access.update
An OAuth access token was updated.
Поля
request_id, actor_id, actor, operation_type, _document_id, user_id, created_at, action, @timestamp, user, user_agent, request_access_security_header

oauth_application

oauth_application.create
An OAuth application was created.
Поля
org, created_at, oauth_application_id, operation_type, user_agent, actor_id, org_id, action, actor, oauth_application, @timestamp, _document_id, request_id, request_access_security_header
Справочные материалы
/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app
oauth_application.destroy
An OAuth application was deleted.
Поля
created_at, oauth_application_id, user_id, operation_type, @timestamp, user_agent, oauth_application, _document_id, actor, actor_id, request_id, action, user, request_access_security_header
Справочные материалы
/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app
oauth_application.generate_client_secret
An OAuth application's secret key was generated.
Поля
user_agent, request_id, actor, actor_id, oauth_application, oauth_application_id, user, user_id, action, operation_type, @timestamp, created_at, _document_id, request_access_security_header
Справочные материалы
/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app
oauth_application.remove_client_secret
An OAuth application's secret key was deleted.
Поля
user_agent, request_id, actor, actor_id, oauth_application, oauth_application_id, user, user_id, action, operation_type, @timestamp, created_at, _document_id, request_access_security_header
Справочные материалы
/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app
oauth_application.reset_secret
The secret key for an OAuth application was reset.
Поля
user, user_id, action, oauth_application, operation_type, request_id, actor_id, _document_id, created_at, actor, oauth_application_id, @timestamp, user_agent
Справочные материалы
/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app
oauth_application.revoke_all_tokens
All user tokens for an OAuth application were requested to be revoked.
Поля
user_agent, request_id, actor, actor_id, oauth_application, oauth_application_id, user, user_id, action, operation_type, @timestamp, created_at, _document_id, request_access_security_header
Справочные материалы
/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app
oauth_application.revoke_tokens
Token(s) for an OAuth application were revoked.
Поля
oauth_application_id, oauth_application, actor_id, user_agent, @timestamp, request_id, user_id, action, _document_id, actor, user, created_at, operation_type, request_access_security_header
Справочные материалы
/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app
oauth_application.transfer
An OAuth application was transferred from one account to another.
Поля
actor, operation_type, created_at, user_agent, oauth_application, actor_id, oauth_application_id, @timestamp, user_id, _document_id, request_id, user, action
Справочные материалы
/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app
oauth_application.unsuspend
An OAuth application was unsuspended for a user or organization account.
Поля
operation_type, org_id, action, oauth_application_id, oauth_application, org, created_at, @timestamp, _document_id
Справочные материалы
/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app

oauth_authorization

oauth_authorization.create
An authorization for an OAuth application was created.
Поля
operation_type, user_agent, user_id, actor, org_id, _document_id, request_id, action, @timestamp, created_at, actor_id, user, business, business_id, token_scopes, programmatic_access_type, actor_is_bot, request_access_security_header, oauth_application_name
Справочные материалы
/apps/oauth-apps/using-oauth-apps/authorizing-oauth-apps
oauth_authorization.destroy
An authorization for an OAuth application was deleted.
Поля
user_agent, _document_id, request_id, operation_type, @timestamp, actor, created_at, explanation, user, user_id, org_id, action, actor_id, token_scopes, actor_is_bot, oauth_application_name
Справочные материалы
Reviewing and revoking authorization of GitHub Apps
oauth_authorization.update
An authorization for an OAuth application was updated.
Поля
org_id, request_id, user_id, actor, actor_id, user_agent, @timestamp, operation_type, action, user, created_at, _document_id, actor_is_bot, request_access_security_header, oauth_application_name
Справочные материалы
/apps/oauth-apps/using-oauth-apps/authorizing-oauth-apps

org

org.accept_business_invitation
An invitation sent to an organization to join an enterprise was accepted.
Поля
user_agent, request_id, actor, actor_id, org, org_id, business, business_id, action, _document_id, @timestamp, created_at, operation_type
Справочные материалы
Adding organizations to your enterprise
org.add_billing_manager
A billing manager was added to an organization.
Поля
operation_type, _document_id, user_agent, org, user_id, action, created_at, org_id, user, actor, actor_id, @timestamp, request_id, request_access_security_header
Справочные материалы
/organizations/managing-peoples-access-to-your-organization-with-roles/adding-a-billing-manager-to-your-organization
org.add_member
A user joined an organization.
Поля
permission, _document_id, org, operation_type, request_id, actor, user, @timestamp, created_at, user_agent, org_id, user_id, actor_id, action, programmatic_access_type, actor_is_bot
org.add_outside_collaborator
An outside collaborator was added to a repository.
Поля
actor, actor_id, user_agent, request_id, inviter, org, org_id, repo, repo_id, public_repo, permission, invitee, action, _document_id, @timestamp, created_at, operation_type, request_access_security_header
org.advanced_security_disabled_for_new_repos
GitHub Advanced Security was disabled for new repositories in an organization.
Поля
user_agent, request_id, actor, actor_id, org, org_id, action, operation_type, @timestamp, created_at, _document_id, business, business_id, token_scopes
org.advanced_security_disabled_on_all_repos
GitHub Advanced Security was disabled for all repositories in an organization.
Поля
user_agent, request_id, actor, actor_id, user, user_id, org, org_id, business, business_id, action, operation_type, @timestamp, created_at, _document_id, token_scopes
org.advanced_security_enabled_for_new_repos
GitHub Advanced Security was enabled for new repositories in an organization.
Поля
user_agent, request_id, actor, actor_id, org, org_id, action, operation_type, @timestamp, created_at, _document_id, business, business_id, token_scopes
org.advanced_security_enabled_on_all_repos
GitHub Advanced Security was enabled for all repositories in an organization.
Поля
user_agent, request_id, actor, actor_id, user, user_id, org, org_id, business, business_id, action, operation_type, @timestamp, created_at, _document_id, token_scopes
org.advanced_security_policy_selected_member_disabled
An enterprise owner prevented GitHub Advanced Security features from being enabled for repositories owned by the organization.
Поля
user_agent, request_id, actor, actor_id, org, org_id, action, operation_type, @timestamp, created_at, _document_id, business, business_id
Справочные материалы
Enforcing policies for code security and analysis for your enterprise
org.advanced_security_policy_selected_member_enabled
An enterprise owner allowed GitHub Advanced Security features to be enabled for repositories owned by the organization.
Поля
user_agent, request_id, actor, actor_id, org, org_id, action, operation_type, @timestamp, created_at, _document_id, business, business_id, actor_is_bot
Справочные материалы
Enforcing policies for code security and analysis for your enterprise
org.async_delete
A user initiated a background job to delete an organization.
Поля
_document_id, actor, actor_id, action, operation_type, @timestamp, request_id, org, org_id, user_agent, created_at
org.block_user
An organization owner blocked a user from accessing the organization's repositories.
Поля
actor, user_agent, org_id, created_at, _document_id, blocked_user, action, operation_type, actor_id, org, @timestamp, request_id
Справочные материалы
/communities/maintaining-your-safety-on-github/blocking-a-user-from-your-organization
org.cancel_business_invitation
An invitation for an organization to join an enterprise was revoked
Поля
user_agent, request_id, actor, actor_id, org, org_id, business, business_id, action, operation_type, @timestamp, created_at, _document_id, initiated_from
Справочные материалы
Adding organizations to your enterprise
org.cancel_invitation
An invitation sent to a user to join an organization was revoked.
Поля
actor_id, org_id, request_id, email, @timestamp, actor, action, operation_type, user_agent, org, invitation_id, _document_id, created_at, invitee_email, token_scopes, programmatic_access_type
org.code_scanning_autofix_disabled
Autofix for code scanning alerts was disabled for an organization.
Поля
actor, actor_id, user_agent, request_id, user, user_id, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, actor_is_bot, request_access_security_header
org.code_scanning_autofix_enabled
Autofix for code scanning alerts was enabled for an organization.
Поля
actor, actor_id, user_agent, request_id, user, user_id, org, org_id, action, _document_id, @timestamp, created_at, operation_type, actor_is_bot, request_access_security_header
org.codeql_disabled
Code scanning using the default setup was disabled for an organization.
Поля
actor, actor_id, user_agent, request_id, user, user_id, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id
Справочные материалы
/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning-at-scale
org.codeql_enabled
Code scanning using the default setup was enabled for an organization.
Поля
actor, actor_id, user_agent, request_id, user, user_id, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id
Справочные материалы
/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning-at-scale
org.config.disable_collaborators_only
The interaction limit for collaborators only for an organization was disabled.
Поля
request_id, org, action, operation_type, _document_id, actor, actor_id, @timestamp, user_agent, org_id, created_at
Справочные материалы
/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization
org.config.disable_contributors_only
The interaction limit for prior contributors only for an organization was disabled.
Поля
operation_type, @timestamp, created_at, user_agent, action, actor_id, org, _document_id, actor, org_id, request_id
Справочные материалы
/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization
org.config.disable_sockpuppet_disallowed
The interaction limit for existing users only for an organization was disabled.
Поля
_document_id, operation_type, actor_id, org_id, action, created_at, actor, org, @timestamp, user_agent, request_id
Справочные материалы
/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization
org.config.enable_collaborators_only
The interaction limit for collaborators only for an organization was enabled.
Поля
@timestamp, created_at, _document_id, actor_id, actor, org, org_id, request_id, operation_type, action, user_agent
Справочные материалы
/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization
org.config.enable_contributors_only
The interaction limit for prior contributors only for an organization was enabled.
Поля
actor, actor_id, org_id, action, operation_type, @timestamp, user_agent, request_id, org, created_at, _document_id
Справочные материалы
/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization
org.config.enable_sockpuppet_disallowed
The interaction limit for existing users only for an organization was enabled.
Поля
actor_id, request_id, action, created_at, user_agent, actor, _document_id, org_id, operation_type, org, @timestamp
Справочные материалы
/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization
org.confirm_business_invitation
An invitation for an organization to join an enterprise was confirmed.
Поля
user_agent, request_id, actor, actor_id, org, org_id, business, business_id, action, _document_id, @timestamp, created_at, operation_type
Справочные материалы
Adding organizations to your enterprise
org.create
An organization was created.
Поля
request_id, org, actor_id, actor, action, @timestamp, _document_id, user_agent, operation_type, org_id, created_at, request_access_security_header
Справочные материалы
/organizations/collaborating-with-groups-in-organizations/creating-a-new-organization-from-scratch
org.delete
An organization was deleted by a user or staff.
Поля
user_agent, @timestamp, _document_id, created_at, actor, org_id, org, action, actor_id, operation_type, request_id, request_access_security_header
org.disable_member_team_creation_permission
Team creation was limited to owners.
Поля
actor, @timestamp, _document_id, user, user_id, action, created_at, actor_id, user_agent, org, org_id, operation_type, request_id, request_access_security_header
Справочные материалы
/organizations/managing-organization-settings/setting-team-creation-permissions-in-your-organization
org.disable_reader_discussion_creation_permission
An organization owner limited discussion creation to users with at least triage permission in an organization.
Поля
user_agent, request_id, actor, actor_id, org, org_id, user, user_id, action, operation_type, @timestamp, created_at, _document_id
Справочные материалы
/organizations/managing-organization-settings/managing-discussion-creation-for-repositories-in-your-organization
org.disable_saml
SAML single sign-on was disabled for an organization.
Поля
org_id, sso_url, issuer, action, @timestamp, _document_id, created_at, org, operation_type
org.disable_two_factor_requirement
A two-factor authentication requirement was disabled for the organization.
Поля
created_at, org, org_id, action, actor, actor_id, operation_type, request_id, @timestamp, _document_id, user_agent
org.display_commenter_full_name_disabled
An organization owner disabled the display of a commenter's full name in an organization. Members cannot see a comment author's full name.
Поля
actor, user_id, user, action, operation_type, @timestamp, _document_id, created_at, user_agent, org, actor_id, org_id, request_id
org.display_commenter_full_name_enabled
An organization owner enabled the display of a commenter's full name in an organization. Members can see a comment author's full name.
Поля
org, user_agent, request_id, actor, _document_id, user_id, operation_type, @timestamp, created_at, user, action, actor_id, org_id
org.enable_member_team_creation_permission
Team creation by members was allowed.
Поля
org_id, user, actor, operation_type, _document_id, user_id, created_at, user_agent, actor_id, org, request_id, action, @timestamp
Справочные материалы
/organizations/managing-organization-settings/setting-team-creation-permissions-in-your-organization
org.enable_reader_discussion_creation_permission
An organization owner allowed users with read access to create discussions in an organization
Поля
user_agent, request_id, actor, actor_id, created_at, org, org_id, user, user_id, action, operation_type, @timestamp, _document_id
Справочные материалы
/organizations/managing-organization-settings/managing-discussion-creation-for-repositories-in-your-organization
org.enable_saml
SAML single sign-on was enabled for the organization.
Поля
actor_id, action, operation_type, actor, sso_url, org, created_at, @timestamp, issuer, org_id, _document_id, user_agent, request_id
Справочные материалы
Enabling and testing SAML single sign-on for your organization
org.enable_two_factor_requirement
Two-factor authentication is now required for the organization.
Поля
actor_id, action, _document_id, org, @timestamp, actor, user_agent, org_id, operation_type, created_at, request_id
Справочные материалы
/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/requiring-two-factor-authentication-in-your-organization
org.integration_manager_added
An organization owner granted a member access to manage all GitHub Apps owned by an organization.
Поля
user_agent, org_id, manager, @timestamp, request_id, actor, operation_type, _document_id, actor_id, org, action, created_at
org.integration_manager_removed
An organization owner removed access to manage all GitHub Apps owned by an organization from an organization member.
Поля
org_id, @timestamp, org, user_agent, request_id, action, actor, actor_id, manager, operation_type, created_at, _document_id
org.invite_member
A new user was invited to join an organization.
Поля
org, user_id, invitation_id, org_id, user, action, operation_type, _document_id, actor, @timestamp, created_at, user_agent, actor_id, request_id, invitee_email, token_scopes, programmatic_access_type
Справочные материалы
/organizations/managing-membership-in-your-organization/inviting-users-to-join-your-organization
org.invite_to_business
An organization was invited to join an enterprise.
Поля
user_agent, request_id, actor, actor_id, org, org_id, business, business_id, action, _document_id, @timestamp, created_at, operation_type
org.members_can_update_protected_branches.disable
The ability for enterprise members to update protected branches was disabled. Only enterprise owners can update protected branches.
Поля
user_agent, request_id, actor, actor_id, org, org_id, user, user_id, action, operation_type, @timestamp, created_at, _document_id
org.members_can_update_protected_branches.enable
The ability for enterprise members to update protected branches was enabled. Members of an organization can update protected branches.
Поля
org, org_id, user_agent, actor_id, user_id, operation_type, @timestamp, created_at, request_id, _document_id, actor, user, action
org.recreate
An organization was restored.
Поля
created_at, org, action, operation_type, _document_id, user_agent, actor_id, @timestamp, request_id, actor, org_id
org.register_self_hosted_runner
A new self-hosted runner was registered.
Поля
actor, operation_type, @timestamp, _document_id, request_id, org, org_id, action, created_at, user_agent, actor_id, actor_is_bot, request_access_security_header
Справочные материалы
Adding self-hosted runners
org.remove_billing_manager
A billing manager was removed from an organization, either manually or due to a two-factor authentication requirement.
Поля
user_id, user_agent, org_id, user, action, _document_id, operation_type, @timestamp, actor, org, actor_id, request_id, created_at
Справочные материалы
/organizations/managing-peoples-access-to-your-organization-with-roles/removing-a-billing-manager-from-your-organization, /organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/requiring-two-factor-authentication-in-your-organization
org.remove_member
A member was removed from an organization, either manually or due to a two-factor authentication requirement.
Поля
_document_id, request_id, actor_id, user_agent, actor, action, user_id, @timestamp, created_at, user, operation_type, org_id, org, token_scopes, programmatic_access_type
org.remove_outside_collaborator
An outside collaborator was removed from an organization, either manually or due to a two-factor authentication requirement.
Поля
org, user, org_id, created_at, request_id, @timestamp, action, operation_type, user_agent, _document_id, actor, actor_id, user_id, programmatic_access_type, request_access_security_header
org.remove_self_hosted_runner
A self-hosted runner was removed.
Поля
operation_type, org_id, @timestamp, _document_id, user_agent, request_id, actor_id, org, created_at, actor, action, programmatic_access_type
Справочные материалы
Removing self-hosted runners
org.rename
An organization was renamed.
Поля
user_agent, _document_id, @timestamp, org, action, actor, old_login, org_id, request_id, actor_id, operation_type, created_at, request_access_security_header
org.restore_member
An organization member was restored.
Поля
user, actor, user_id, _document_id, action, created_at, org_id, operation_type, request_id, @timestamp, user_agent, org, actor_id, request_access_security_header
Справочные материалы
/organizations/managing-membership-in-your-organization/reinstating-a-former-member-of-your-organization
org.runner_group_created
A self-hosted runner group was created.
Поля
user_agent, request_id, actor, actor_id, runner_group_id, org, org_id, action, operation_type, @timestamp, created_at, _document_id, runner_group_restricted_to_workflows, runner_group_selected_workflow_refs, programmatic_access_type, network_configuration_id
Справочные материалы
Managing access to self-hosted runners using groups
org.runner_group_removed
A self-hosted runner group was removed.
Поля
user_agent, request_id, actor, actor_id, runner_group_id, org, org_id, action, operation_type, @timestamp, created_at, _document_id, business, business_id, programmatic_access_type
Справочные материалы
Managing access to self-hosted runners using groups
org.runner_group_runner_removed
The REST API was used to remove a self-hosted runner from a group.
Поля
user_agent, request_id, actor, actor_id, oauth_application_id, runner_group_id, runner_id, org, org_id, action, operation_type, @timestamp, created_at, _document_id, token_scopes, programmatic_access_type, request_access_security_header
Справочные материалы
/rest/actions#remove-a-self-hosted-runner-from-a-group-for-an-organization
org.runner_group_runners_added
A self-hosted runner was added to a group.
Поля
user_agent, request_id, actor, actor_id, runner_group_id, org, org_id, action, operation_type, @timestamp, created_at, _document_id, business, business_id, token_scopes, programmatic_access_type, request_access_security_header
Справочные материалы
Managing access to self-hosted runners using groups
org.runner_group_runners_updated
A runner group's list of members was updated.
Поля
user_agent, request_id, actor, actor_id, oauth_application_id, runner_group_id, org, org_id, action, operation_type, @timestamp, created_at, _document_id
Справочные материалы
/rest/actions#set-self-hosted-runners-in-a-group-for-an-organization
org.runner_group_updated
The configuration of a self-hosted runner group was changed.
Поля
user_agent, request_id, actor, actor_id, runner_group_id, runner_group_name, runner_group_allow_public, org, org_id, action, operation_type, @timestamp, created_at, _document_id, runner_group_restricted_to_workflows, runner_group_selected_workflow_refs, programmatic_access_type, network_configuration_id, request_access_security_header
Справочные материалы
Managing access to self-hosted runners using groups
org.secret_scanning_custom_pattern_push_protection_disabled
Push protection for a custom pattern for secret scanning was disabled for an organization.
Поля
actor, actor_id, user_agent, request_id, user, user_id, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id
Справочные материалы
Defining custom patterns for secret scanning
org.secret_scanning_custom_pattern_push_protection_enabled
Push protection for a custom pattern for secret scanning was enabled for an organization.
Поля
actor, actor_id, user_agent, request_id, user, user_id, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, request_access_security_header
Справочные материалы
Defining custom patterns for secret scanning
org.secret_scanning_push_protection_custom_message_disabled
The custom message triggered by an attempted push to a push-protected repository was disabled for an organization.
Поля
user_agent, request_id, actor, actor_id, user, user_id, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, programmatic_access_type
Справочные материалы
About push protection
org.secret_scanning_push_protection_custom_message_enabled
The custom message triggered by an attempted push to a push-protected repository was enabled for an organization.
Поля
user_agent, request_id, actor, actor_id, user, user_id, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, programmatic_access_type
Справочные материалы
About push protection
org.secret_scanning_push_protection_custom_message_updated
The custom message triggered by an attempted push to a push-protected repository was updated for an organization.
Поля
user_agent, request_id, actor, actor_id, user, user_id, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, programmatic_access_type
Справочные материалы
About push protection
org.secret_scanning_push_protection_disable
Push protection for secret scanning was disabled.
Поля
user_agent, request_id, actor, actor_id, user, user_id, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id
Справочные материалы
About push protection
org.secret_scanning_push_protection_enable
Push protection for secret scanning was enabled.
Поля
user_agent, request_id, actor, actor_id, user, user_id, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id
Справочные материалы
About push protection
org.secret_scanning_push_protection_new_repos_disable
Push protection for secret scanning was disabled for all new repositories in the organization.
Поля
user_agent, request_id, actor, actor_id, user, user_id, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, token_scopes
Справочные материалы
About push protection
org.secret_scanning_push_protection_new_repos_enable
Push protection for secret scanning was enabled for all new repositories in the organization.
Поля
user_agent, request_id, actor, actor_id, user, user_id, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, token_scopes
Справочные материалы
About push protection
org.self_hosted_runner_offline
The runner application was stopped. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.
Поля
org_id, org, runner_id, runner_name, action, _document_id, operation_type, created_at, @timestamp
Справочные материалы
Monitoring and troubleshooting self-hosted runners
org.self_hosted_runner_online
The runner application was started. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.
Поля
org_id, org, runner_id, runner_name, action, _document_id, operation_type, created_at, @timestamp
Справочные материалы
Monitoring and troubleshooting self-hosted runners
org.self_hosted_runner_updated
The runner application was updated. This event is not included in the JSON/CSV export.
Поля
org_id, runner_id, runner_name, source_version, target_version, runner_group_id, runner_group_name
Справочные материалы
Self-hosted runners
org.set_actions_fork_pr_approvals_policy
The setting for requiring approvals for workflows from public forks was changed for an organization.
Поля
user_agent, request_id, actor, actor_id, policy, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id
Справочные материалы
/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#requiring-approval-for-workflows-from-public-forks
org.set_actions_private_fork_pr_approvals_policy
The policy for requiring approval for fork pull request workflows from collaborators without write access to private repos was changed for an organization.
Поля
actor, actor_id, user_agent, request_id, policy, org, org_id, action, _document_id, @timestamp, created_at, operation_type
Справочные материалы
/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#enabling-workflows-for-private-repository-forks
org.set_actions_retention_limit
The retention period for GitHub Actions artifacts and logs in an organization was changed.
Поля
user_agent, request_id, actor, actor_id, limit, org, org_id, action, operation_type, @timestamp, created_at, _document_id
Справочные материалы
/organizations/managing-organization-settings/configuring-the-retention-period-for-github-actions-artifacts-and-logs-in-your-organization
org.set_default_workflow_permissions
The default permissions granted to the GITHUB_TOKEN when running workflows were changed for an organization.
Поля
actor, actor_id, user_agent, request_id, org, org_id, action, _document_id, @timestamp, created_at, operation_type, request_access_security_header
Справочные материалы
/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#setting-the-permissions-of-the-github_token-for-your-organization
org.set_fork_pr_workflows_policy
The policy for workflows on private repository forks was changed.
Поля
user_agent, request_id, actor, actor_id, policy, org, org_id, action, operation_type, @timestamp, created_at, _document_id
Справочные материалы
/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#enabling-workflows-for-private-repository-forks
org.set_workflow_permission_can_approve_pr
The policy for allowing GitHub Actions to create and approve pull requests was changed for an organization.
Поля
actor, actor_id, user_agent, request_id, org, org_id, action, _document_id, @timestamp, created_at, operation_type, request_access_security_header
Справочные материалы
/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#preventing-github-actions-from-creating-or-approving-pull-requests
org.sso_response
A SAML single sign-on (SSO) response was generated when a member attempted to authenticate with your organization. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.
Поля
action, user_agent, actor, actor_id, org_id, @timestamp, org, issuer, business, operation_type, created_at, request_id, business_id, _document_id, actor_is_bot, request_access_security_header
org.transform
A user account was converted into an organization.
Поля
actor, _document_id, request_id, operation_type, actor_id, org_id, org, action, @timestamp, created_at, user_agent, owner, request_access_security_header
Справочные материалы
/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-personal-account/converting-a-user-into-an-organization
org.unblock_user
A user was unblocked from an organization.
Поля
oauth_application_id, _document_id, blocked_user, action, operation_type, @timestamp, request_id, created_at, actor, actor_id, org, org_id, user_agent
Справочные материалы
/communities/maintaining-your-safety-on-github/unblocking-a-user-from-your-organization
org.update_actions_settings
An organization owner or site administrator updated GitHub Actions policy settings for an organization.
Поля
user_agent, request_id, actor, actor_id, org, org_id, action, operation_type, @timestamp, created_at, _document_id, new_policy, updated_allowed_types, old_policy, updated_access_policy, programmatic_access_type, request_access_security_header
Справочные материалы
/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization
org.update_default_repository_permission
The default repository permission level for organization members was changed.
Поля
actor, action, operation_type, created_at, org, org_id, request_id, @timestamp, user_agent, permission, actor_id, old_permission, _document_id, programmatic_access_type
org.update_member
A person's role was changed from owner to member or member to owner.
Поля
@timestamp, org_id, created_at, _document_id, user, user_id, action, request_id, actor_id, old_permission, permission, actor, user_agent, operation_type, org
org.update_member_repository_creation_permission
The create repository permission for organization members was changed.
Поля
actor, action, @timestamp, request_id, actor_id, permission, created_at, user_agent, org, org_id, _document_id, visibility, operation_type
org.update_member_repository_invitation_permission
An organization owner changed the policy setting for organization members inviting outside collaborators to repositories.
Поля
actor_id, permission, action, org_id, actor, created_at, _document_id, business_id, operation_type, org, user_agent, request_id, business, @timestamp
Справочные материалы
Setting permissions for adding outside collaborators
org.update_saml_provider_settings
An organization's SAML provider settings were updated.
Поля
user_agent, sso_url, actor_id, operation_type, @timestamp, issuer, org, _document_id, actor, org_id, created_at, request_id, action
org.update_terms_of_service
An organization changed between the Standard Terms of Service and the GitHub Customer Agreement.
Поля
request_id, org_id, actor, actor_id, user_agent, operation_type, _document_id, org, action, @timestamp, created_at, request_access_security_header
Справочные материалы
/organizations/managing-organization-settings/upgrading-to-the-github-customer-agreement

org_secret_scanning_automatic_validity_checks

org_secret_scanning_automatic_validity_checks.disabled
Automatic partner validation checks have been disabled at the organization level
Поля
actor, actor_id, user_agent, request_id, user, user_id, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, actor_is_bot
Справочные материалы
/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#allowing-validity-checks-for-partner-patterns-in-an-organization
org_secret_scanning_automatic_validity_checks.enabled
Automatic partner validation checks have been enabled at the organization level
Поля
actor, actor_id, user_agent, request_id, user, user_id, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, actor_is_bot
Справочные материалы
/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#allowing-validity-checks-for-partner-patterns-in-an-organization

org_secret_scanning_custom_pattern

org_secret_scanning_custom_pattern.create
A custom pattern was created for secret scanning in an organization.
Поля
user_agent, request_id, actor, actor_id, user, user_id, org, org_id, action, _document_id, @timestamp, created_at, operation_type, request_access_security_header
Справочные материалы
Defining custom patterns for secret scanning
org_secret_scanning_custom_pattern.delete
A custom pattern was removed from secret scanning in an organization.
Поля
user_agent, request_id, actor, actor_id, user, user_id, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, request_access_security_header
Справочные материалы
Defining custom patterns for secret scanning
org_secret_scanning_custom_pattern.publish
A custom pattern was published for secret scanning in an organization.
Поля
actor, actor_id, user_agent, request_id, user, user_id, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id
Справочные материалы
Defining custom patterns for secret scanning
org_secret_scanning_custom_pattern.update
Changes to a custom pattern were saved and a dry run was executed for secret scanning in an organization.
Поля
user_agent, request_id, actor, actor_id, user, user_id, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id
Справочные материалы
Defining custom patterns for secret scanning

org_secret_scanning_non_provider_patterns

org_secret_scanning_non_provider_patterns.disabled
Secret scanning for non-provider patterns was disabled at the organization level.
Поля
actor, actor_id, user_agent, request_id, user, user_id, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, actor_is_bot
Справочные материалы
Supported secret scanning patterns
org_secret_scanning_non_provider_patterns.enabled
Secret scanning for non-provider patterns was enabled at the organization level.
Поля
actor, actor_id, user_agent, request_id, user, user_id, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, actor_is_bot
Справочные материалы
Supported secret scanning patterns

org_secret_scanning_push_protection_bypass_list

org_secret_scanning_push_protection_bypass_list.add
A role or team was added to the push protection bypass list at the organization level.
Поля
actor, actor_id, user_agent, request_id, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, actor_is_bot
Справочные материалы
About push protection
org_secret_scanning_push_protection_bypass_list.disable
Push protection settings for "Users who can bypass push protection for secret scanning" changed from "Specific roles or teams" to "Anyone with write access" at the organization level.
Поля
actor, actor_id, user_agent, request_id, user, user_id, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, actor_is_bot
Справочные материалы
About push protection
org_secret_scanning_push_protection_bypass_list.enable
Push protection settings for "Users who can bypass push protection for secret scanning" changed from "Anyone with write access" to "Specific roles or teams" at the organization level.
Поля
actor, actor_id, user_agent, request_id, user, user_id, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, actor_is_bot
Справочные материалы
About push protection
org_secret_scanning_push_protection_bypass_list.remove
A role or team was removed from the push protection bypass list at the organization level.
Поля
actor, actor_id, user_agent, request_id, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, actor_is_bot
Справочные материалы
About push protection

org_secret_scanning_push_protection_pattern_configuration

org_secret_scanning_push_protection_pattern_configuration.push_protection_setting_changed
The push protection setting was changed for a secret type for your org.
Поля
actor, actor_id, user_agent, request_id, user, user_id, org, org_id, business, business_id, action, _document_id, @timestamp, created_at, secret_type, secret_type_display_name, push_protection_setting
Справочные материалы
Managing GitHub Advanced Security features for your enterprise
org_secret_scanning_push_protection_pattern_configuration.updated
The push protection pattern configuration was updated for your org.
Поля
actor, actor_id, user_agent, request_id, user, user_id, org, org_id, business, business_id, action, _document_id, @timestamp
Справочные материалы
Managing GitHub Advanced Security features for your enterprise

organization_domain

organization_domain.approve
A domain was approved for an organization.
Поля
user_agent, request_id, actor, actor_id, owner_type, domain_name, org_id, business_id, owner, action, operation_type, @timestamp, created_at, _document_id
Справочные материалы
/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization#approving-a-domain-for-your-organization
organization_domain.create
A domain was added to an organization.
Поля
created_at, _document_id, domain_name, action, request_id, actor_id, operation_type, @timestamp, user_agent, actor
Справочные материалы
/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization#verifying-a-domain-for-your-organization
organization_domain.destroy
A domain was removed from an organization.
Поля
action, domain_name, @timestamp, _document_id, user_agent, request_id, actor, actor_id, operation_type, created_at
Справочные материалы
/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization#removing-an-approved-or-verified-domain
organization_domain.verify
A domain was verified for an organization.
Поля
operation_type, domain_name, @timestamp, user_agent, request_id, actor, action, created_at, _document_id, actor_id
Справочные материалы
/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization#verifying-a-domain-for-your-organization

packages

packages.package_deleted
An entire package was deleted.
Поля
actor_id, actor, org, org_id, repo, repo_id, package, action, operation_type, @timestamp, created_at, _document_id, business, business_id, actor_is_bot
Справочные материалы
/packages/learn-github-packages/deleting-and-restoring-a-package
packages.package_published
A package was published or republished to an organization.
Поля
actor_id, actor, org, org_id, repo, repo_id, package, ecosystem, version_count, is_republished, action, operation_type, @timestamp, created_at, _document_id, business, business_id, actor_is_bot
packages.package_version_deleted
A specific package version was deleted.
Поля
actor_id, actor, org, org_id, repo, repo_id, package, version, action, operation_type, @timestamp, created_at, _document_id, business, business_id, ecosystem, actor_is_bot
Справочные материалы
/packages/learn-github-packages/deleting-and-restoring-a-package
packages.package_version_published
A specific package version was published or republished to a package.
Поля
org_id, ecosystem, package, version, actor_id, user_agent, is_republished, actor, action, operation_type, @timestamp, created_at, _document_id, business, business_id, actor_is_bot

pages_protected_domain

pages_protected_domain.create
A GitHub Pages verified domain was created for an organization or enterprise.
Поля
user_agent, request_id, actor, actor_id, owner, owner_type, domain, state, action, _document_id, @timestamp, created_at, operation_type, request_access_security_header
Справочные материалы
/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages
pages_protected_domain.delete
A GitHub Pages verified domain was deleted from an organization or enterprise.
Поля
user_agent, request_id, actor, actor_id, owner, owner_type, domain, state, action, _document_id, @timestamp, created_at, operation_type
Справочные материалы
/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages
pages_protected_domain.verify
A GitHub Pages domain was verified for an organization or enterprise.
Поля
user_agent, request_id, actor, actor_id, owner, owner_type, domain, state, action, _document_id, @timestamp, created_at, operation_type, request_access_security_header
Справочные материалы
/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages

passkey

passkey.register
A new passkey was added.
Поля
actor, actor_id, user_agent, request_id, nickname, user, user_id, action, _document_id, @timestamp, created_at, operation_type, request_access_security_header
passkey.remove
A new passkey was removed.
Поля
actor, actor_id, user_agent, request_id, nickname, user, user_id, action, _document_id, @timestamp, created_at, operation_type, request_access_security_header

payment_method

payment_method.create
A new payment method was added, such as a new credit card or PayPal account.
Поля
user_agent, request_id, user, operation_type, user_id, _document_id, action, actor, actor_id, @timestamp, created_at, request_access_security_header
payment_method.remove
A payment method was removed.
Поля
user, created_at, actor_id, @timestamp, user_id, action, operation_type, actor, _document_id, request_access_security_header
payment_method.update
An existing payment method was updated.
Поля
operation_type, request_id, org_id, created_at, actor_id, @timestamp, action, actor, org, user_agent, _document_id, request_access_security_header

personal_access_token

personal_access_token.access_granted
A fine-grained personal access token was granted access to resources.
Поля
user_agent, request_id, actor, actor_id, user_programmatic_access_id, user_programmatic_access_name, repository_selection, user, user_id, action, _document_id, @timestamp, created_at, operation_type
Справочные материалы
/organizations/managing-programmatic-access-to-your-organization/managing-requests-for-personal-access-tokens-in-your-organization
personal_access_token.access_revoked
A fine-grained personal access token was revoked. The token can still read public organization resources.
Поля
user_agent, request_id, actor, actor_id, user_programmatic_access_id, user_programmatic_access_name, repository_selection, user, user_id, action, _document_id, @timestamp, created_at, operation_type
Справочные материалы
/organizations/managing-programmatic-access-to-your-organization/reviewing-and-revoking-personal-access-tokens-in-your-organization
personal_access_token.create
Triggered when you create a fine-grained personal access token.
Поля
user_agent, request_id, actor, actor_id, user_programmatic_access_name, user, user_id, repository_selection, action, _document_id, @timestamp, created_at, operation_type
personal_access_token.credential_regenerated
Triggered when you regenerate a fine-grained personal access token.
Поля
user_agent, request_id, actor, actor_id, user_programmatic_access_name, user, user_id, action, _document_id, @timestamp, created_at, operation_type, request_access_security_header
personal_access_token.credential_revoked
A fine-grained personal access token was revoked by GitHub Advanced Security.
Поля
user_programmatic_access_name, user, user_id, action, _document_id, @timestamp, created_at, operation_type
Справочные материалы
/code-security/getting-started/github-security-features#secret-scanning-alerts-for-users
personal_access_token.destroy
Triggered when you delete a fine-grained personal access token.
Поля
user_agent, request_id, actor, actor_id, user_programmatic_access_name, user, user_id, explanation, action, _document_id, @timestamp, created_at, operation_type, request_access_security_header
personal_access_token.request_cancelled
A pending request for a fine-grained personal access token to access organization resources was canceled.
Поля
user_agent, request_id, actor, actor_id, user_programmatic_access_name, org, org_id, repository_selection, action, _document_id, @timestamp, created_at, operation_type, user_programmatic_access_request_id
personal_access_token.request_created
Triggered when a fine-grained personal access token was created to access organization resources and the organization requires approval before the token can access organization resources.
Поля
user_agent, request_id, actor, actor_id, user_programmatic_access_id, user_programmatic_access_name, user, user_id, repository_selection, action, _document_id, @timestamp, created_at, operation_type, user_programmatic_access_request_id
Справочные материалы
/organizations/managing-programmatic-access-to-your-organization/managing-requests-for-personal-access-tokens-in-your-organization
personal_access_token.request_denied
A request for a fine-grained personal access token to access organization resources was denied.
Поля
actor, actor_id, user_agent, request_id, user_programmatic_access_name, org, org_id, repository_selection, action, _document_id, @timestamp, created_at, operation_type, user_programmatic_access_request_id
Справочные материалы
/organizations/managing-programmatic-access-to-your-organization/managing-requests-for-personal-access-tokens-in-your-organization
personal_access_token.update
A fine-grained personal access token was updated.
Поля
user_agent, request_id, actor, actor_id, user_programmatic_access_name, user, user_id, repository_selection, action, _document_id, @timestamp, created_at, operation_type
Справочные материалы
/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens#fine-grained-personal-access-tokens

profile_picture

profile_picture.update
A profile picture was updated.
Поля
user, actor_id, user_id, @timestamp, created_at, owner, action, _document_id, request_id, user_agent, actor, operation_type
Справочные материалы
/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/personalizing-your-profile

project

project.access
A project board visibility was changed.
Поля
actor_id, actor, user_agent, operation_type, user, created_at, user_id, action, request_id, _document_id, @timestamp
project.close
A project board was closed.
Поля
org_id, user_agent, request_id, operation_type, @timestamp, created_at, repo_id, org, _document_id, project_id, action, actor, actor_id, repo, project_kind
Справочные материалы
Closing a project (classic)
project.create
A project board was created.
Поля
operation_type, user, _document_id, request_id, user_id, user_agent, @timestamp, actor_id, action, created_at, actor
project.delete
A project board was deleted.
Поля
request_id, action, actor_id, operation_type, actor, user_id, @timestamp, created_at, _document_id, user_agent, user
project.link
A repository was linked to a project board.
Поля
repo_id, action, actor_id, org_id, user_agent, request_id, actor, operation_type, @timestamp, _document_id, created_at, org, repo
project.open
A project board was reopened.
Поля
actor, request_id, actor_id, action, user_id, project_id, _document_id, user_agent, operation_type, user, @timestamp, created_at, project_kind, project_name
Справочные материалы
Reopening a closed project (classic)
project.rename
A project board was renamed.
Поля
action, created_at, request_id, actor_id, old_name, operation_type, @timestamp, repo, _document_id, user_agent, org_id, business_id, actor, repo_id, org, business
project.unlink
A repository was unlinked from a project board.
Поля
repo, repo_id, operation_type, actor, action, created_at, actor_id, _document_id, request_id, @timestamp, user_agent, org, org_id
project.update_org_permission
The project's base-level permission for all organization members was changed or removed.
Поля
actor, org, @timestamp, _document_id, operation_type, created_at, request_id, actor_id, action, org_id, user_agent
project.update_team_permission
A team's project board permission level was changed or when a team was added or removed from a project board.
Поля
created_at, org_id, operation_type, org, actor_id, _document_id, request_id, team, @timestamp, action, user_agent, actor
project.update_user_permission
A user was added to or removed from a project board or had their permission level changed.
Поля
request_id, user_id, operation_type, @timestamp, actor_id, user, user_agent, actor, created_at, org, _document_id, org_id, action, programmatic_access_type

project_field

project_field.create
A field was created in a project board.
Поля
user_agent, request_id, actor, actor_id, org, org_id, action, _document_id, @timestamp, created_at, operation_type, request_access_security_header
Справочные материалы
/issues/planning-and-tracking-with-projects/understanding-fields
project_field.delete
A field was deleted in a project board.
Поля
user_agent, request_id, actor, actor_id, org, org_id, action, _document_id, @timestamp, created_at, operation_type, request_access_security_header
Справочные материалы
/issues/planning-and-tracking-with-projects/understanding-fields/deleting-custom-fields

project_view

project_view.create
A view was created in a project board.
Поля
user_agent, request_id, actor, actor_id, org, org_id, action, _document_id, @timestamp, created_at, operation_type, request_access_security_header
Справочные материалы
/issues/planning-and-tracking-with-projects/customizing-views-in-your-project/managing-your-views
project_view.delete
A view was deleted in a project board.
Поля
user_agent, request_id, actor, actor_id, org, org_id, action, _document_id, @timestamp, created_at, operation_type, request_access_security_header
Справочные материалы
/issues/planning-and-tracking-with-projects/customizing-views-in-your-project/managing-your-views

protected_branch

protected_branch.authorized_users_teams
The users, teams, or integrations allowed to bypass a branch protection were changed.
Поля
repo, action, org_id, user_agent, name, created_at, _document_id, operation_type, actor, repo_id, org, request_id, actor_id, oauth_application_id, @timestamp, programmatic_access_type
Справочные материалы
/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches
protected_branch.branch_allowances
A protected branch allowance was given to a specific user, team or integration.
Поля
user_agent, request_id, token_id, hashed_token, programmatic_access_type, actor, actor_id, name, authorized_actors, policy, repo, repo_id, public_repo, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, request_access_security_header
protected_branch.create
Branch protection was enabled on a branch.
Поля
operation_type, repo_id, user_id, @timestamp, user_agent, repo, name, org_id, user, _document_id, request_id, actor, actor_id, org, action, created_at, authorized_actor_names, token_scopes, required_deployments_enforcement_level, merge_queue_enforcement_level, create_protected
protected_branch.destroy
Branch protection was disabled on a branch.
Поля
name, repo, @timestamp, actor, org, actor_id, request_id, repo_id, org_id, operation_type, action, user_agent, created_at, _document_id, token_scopes, required_deployments_enforcement_level, merge_queue_enforcement_level, create_protected
protected_branch.dismiss_stale_reviews
Enforcement of dismissing stale pull requests was updated on a branch.
Поля
user_agent, dismiss_stale_reviews_on_push, org_id, action, created_at, request_id, _document_id, @timestamp, actor_id, repo_id, operation_type, actor, repo, org, name, programmatic_access_type
protected_branch.dismissal_restricted_users_teams
Enforcement of restricting users and/or teams who can dismiss reviews was updated on a branch.
Поля
repo, repo_id, actor, oauth_application_id, authorized_actors_only, authorized_actors, created_at, user_agent, name, _document_id, org_id, request_id, @timestamp, actor_id, org, action, operation_type, programmatic_access_type
protected_branch.policy_override
A branch protection requirement was overridden by a repository administrator.
Поля
repo_id, created_at, actor, reasons, @timestamp, before, after, actor_id, repo, operation_type, user_agent, branch, overridden_codes, org, org_id, action, _document_id, request_id, referrer, business, business_id, deploy_key_fingerprint, token_scopes, programmatic_access_type, compliant_pull_request_ids, rule_suite_id
protected_branch.rejected_ref_update
A branch update attempt was rejected.
Поля
repo, org, @timestamp, created_at, _document_id, business, org_id, operation_type, request_id, repo_id, actor, branch, before, overridden_codes, after, action, reasons, actor_id, business_id, deploy_key_fingerprint, token_scopes, programmatic_access_type, compliant_pull_request_ids, actor_is_bot, rule_suite_id
protected_branch.update_admin_enforced
Branch protection was enforced for repository administrators.
Поля
request_id, actor_id, admin_enforced, operation_type, user_agent, actor, org, name, repo, @timestamp, action, repo_id, org_id, _document_id, created_at, token_scopes, programmatic_access_type
protected_branch.update_allow_deletions_enforcement_level
Branch deletion was enabled or disabled for a protected branch.
Поля
name, operation_type, request_id, repo, @timestamp, org_id, org, action, allow_deletions_enforcement_level, _document_id, created_at, actor_id, user_agent, actor, repo_id, request_access_security_header
protected_branch.update_allow_force_pushes_enforcement_level
Force pushes were enabled or disabled for a branch.
Поля
org_id, actor_id, name, _document_id, actor, repo, operation_type, request_id, allow_force_pushes_enforcement_level, @timestamp, org, action, created_at, user_agent, repo_id, token_scopes, programmatic_access_type
protected_branch.update_ignore_approvals_from_contributors
Ignoring of approvals from contributors to a pull request was enabled or disabled for a branch.
Поля
actor, actor_id, user_agent, request_id, name, ignore_approvals_from_contributors, repo, repo_id, public_repo, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id
Справочные материалы
/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/managing-a-branch-protection-rule
protected_branch.update_linear_history_requirement_enforcement_level
Required linear commit history was enabled or disabled for a branch.
Поля
actor_id, action, user_agent, operation_type, actor, linear_history_requirement_enforcement_level, repo, request_id, name, org_id, repo_id, org, @timestamp, created_at, _document_id, programmatic_access_type
protected_branch.update_lock_allows_fetch_and_merge
Fork syncing was enabled or disabled for a read-only branch
Поля
actor, actor_id, user_agent, request_id, name, lock_allows_fetch_and_merge, repo, repo_id, public_repo, org, org_id, action, _document_id, @timestamp, created_at, operation_type, programmatic_access_type, request_access_security_header
Справочные материалы
repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#lock-branch
protected_branch.update_lock_branch_enforcement_level
The enforcement of a branch lock was updated.
Поля
actor, actor_id, user_agent, request_id, name, enforcement_level, lock_branch_enforcement_level, repo, repo_id, public_repo, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, programmatic_access_type, request_access_security_header
Справочные материалы
/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#lock-branch
protected_branch.update_merge_queue_enforcement_level
Enforcement of the merge queue was modified for a branch.
Поля
actor, actor_id, user_agent, request_id, name, merge_queue_enforcement_level, repo, repo_id, public_repo, action, _document_id, @timestamp, created_at, operation_type
Справочные материалы
/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#require-merge-queue
protected_branch.update_name
A branch name pattern was updated for a branch.
Поля
user_agent, request_id, actor, actor_id, name, old_name, repo, repo_id, org, org_id, action, operation_type, @timestamp, created_at, _document_id, public_repo, programmatic_access_type, request_access_security_header
protected_branch.update_pull_request_reviews_enforcement_level
Enforcement of required pull request reviews was updated for a branch. Can be 0 (deactivated), 1 (non-admins), or 2 (everyone).
Поля
name, org_id, _document_id, actor_id, @timestamp, business_id, request_id, pull_request_reviews_enforcement_level, org, repo, action, business, user_agent, created_at, repo_id, operation_type, actor, token_scopes, programmatic_access_type
protected_branch.update_require_code_owner_review
Enforcement of required code owner review was updated for a branch.
Поля
org_id, created_at, require_code_owner_review, operation_type, name, user_agent, action, @timestamp, actor, actor_id, repo, request_id, org, repo_id, _document_id, programmatic_access_type
protected_branch.update_require_last_push_approval
Someone other than the person who pushed the last code-modifying commit to the branch must approve pull requests for the branch.
Поля
actor, actor_id, user_agent, request_id, name, require_last_push_approval, repo, repo_id, public_repo, action, _document_id, @timestamp, created_at, operation_type, programmatic_access_type, request_access_security_header
Справочные материалы
/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#require-pull-request-reviews-before-merging
protected_branch.update_required_approving_review_count
Enforcement of the required number of approvals before merging was updated on a branch.
Поля
required_approving_review_count, repo, request_id, repo_id, created_at, actor, operation_type, user_agent, name, org_id, action, actor_id, _document_id, org, @timestamp, programmatic_access_type
protected_branch.update_required_status_checks_enforcement_level
Enforcement of required status checks was updated for a branch.
Поля
actor, org_id, user_agent, @timestamp, _document_id, name, repo, action, business_id, repo_id, business, actor_id, operation_type, created_at, request_id, required_status_checks_enforcement_level, org, token_scopes, programmatic_access_type
protected_branch.update_signature_requirement_enforcement_level
Enforcement of required commit signing was updated for a branch.
Поля
operation_type, name, @timestamp, created_at, _document_id, request_id, repo_id, org, org_id, action, actor, actor_id, signature_requirement_enforcement_level, repo, user_agent, programmatic_access_type
protected_branch.update_strict_required_status_checks_policy
Enforcement of required status checks was updated for a branch.
Поля
request_id, actor_id, _document_id, org, @timestamp, created_at, repo_id, org_id, user_agent, name, actor, repo, operation_type, action, strict_required_status_checks_policy, programmatic_access_type

public_key

public_key.create
An SSH key was added to a user account or a deploy key was added to a repository.
Поля
read_only, user_agent, actor_id, operation_type, created_at, _document_id, key, fingerprint, actor, action, user, user_id, @timestamp, request_id, title, token_scopes, programmatic_access_type
Справочные материалы
/authentication/connecting-to-github-with-ssh/adding-a-new-ssh-key-to-your-github-account
public_key.delete
An SSH key was removed from a user account or a deploy key was removed from a repository.
Поля
fingerprint, user_agent, read_only, explanation, repo, @timestamp, action, key, operation_type, _document_id, actor, title, request_id, actor_id, repo_id, created_at, token_scopes, programmatic_access_type
Справочные материалы
/authentication/keeping-your-account-and-data-secure/reviewing-your-ssh-keys
public_key.unverification_failure
A user account's SSH key or a repository's deploy key was unable to be unverified.
Поля
user_agent, request_id, title, key, fingerprint, read_only, user, user_id, action, _document_id, @timestamp, created_at, operation_type, token_scopes
Справочные материалы
/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys
public_key.unverify
A user account's SSH key or a repository's deploy key was unverified.
Поля
created_at, operation_type, _document_id, title, request_id, key, action, actor, read_only, explanation, repo_id, @timestamp, actor_id, repo, user_agent, fingerprint
Справочные материалы
/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys
public_key.update
A user account's SSH key or a repository's deploy key was updated.
Поля
actor, user_agent, key, fingerprint, read_only, repo_id, operation_type, created_at, actor_id, repo, action, _document_id, request_id, title, @timestamp, programmatic_access_type
Справочные материалы
/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys
public_key.verification_failure
A user account's SSH key or a repository's deploy key was unable to be verified.
Поля
repo_id, actor, key, fingerprint, @timestamp, request_id, actor_id, oauth_application_id, title, action, user_agent, created_at, repo, read_only, operation_type, _document_id, user, user_id, programmatic_access_type
Справочные материалы
/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys
public_key.verify
A user account's SSH key or a repository's deploy key was verified.
Поля
operation_type, user, @timestamp, _document_id, action, created_at, key, fingerprint, actor_id, actor, title, user_agent, user_id, request_id, read_only, token_scopes, programmatic_access_type
Справочные материалы
/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys

pull_request

pull_request.close
A pull request was closed without being merged.
Поля
user_agent, request_id, actor, actor_id, pull_request_id, action, operation_type, @timestamp, created_at, _document_id, pull_request_url, programmatic_access_type, actor_is_bot
Справочные материалы
/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/closing-a-pull-request
pull_request.converted_to_draft
A pull request was converted to a draft.
Поля
user_agent, request_id, actor, actor_id, pull_request_id, business_id, action, operation_type, @timestamp, created_at, _document_id, pull_request_url, token_scopes, programmatic_access_type, request_access_security_header
Справочные материалы
/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/changing-the-stage-of-a-pull-request#converting-a-pull-request-to-a-draft
pull_request.create
A pull request was created.
Поля
user_agent, request_id, actor, actor_id, pull_request_id, user_id, action, operation_type, @timestamp, created_at, _document_id, pull_request_url, programmatic_access_type, actor_is_bot
Справочные материалы
/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-a-pull-request
pull_request.create_review_request
A review was requested on a pull request.
Поля
user_agent, request_id, actor, actor_id, pull_request_id, business_id, org_id, reviewer_type, reviewer, reviewer_id, action, operation_type, @timestamp, created_at, _document_id, pull_request_url, programmatic_access_type
Справочные материалы
/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/about-pull-request-reviews
pull_request.in_progress
A pull request was marked as in progress.
Поля
user_agent, request_id, actor, actor_id, pull_request_id, business_id, action, operation_type, @timestamp, created_at, _document_id
pull_request.indirect_merge
A pull request was considered merged because the pull request's commits were merged into the target branch.
Поля
user_agent, request_id, actor, actor_id, pull_request_id, business_id, action, operation_type, @timestamp, created_at, _document_id, pull_request_url, programmatic_access_type
pull_request.merge
A pull request was merged.
Поля
user_agent, request_id, actor, actor_id, pull_request_id, action, operation_type, @timestamp, created_at, _document_id, pull_request_url, token_scopes, programmatic_access_type, actor_is_bot
Справочные материалы
/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/merging-a-pull-request
pull_request.ready_for_review
A pull request was marked as ready for review.
Поля
user_agent, request_id, actor, actor_id, pull_request_id, business_id, action, operation_type, @timestamp, created_at, _document_id, pull_request_url, token_scopes, programmatic_access_type, request_access_security_header
Справочные материалы
/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/changing-the-stage-of-a-pull-request#marking-a-pull-request-as-ready-for-review
pull_request.remove_review_request
A review request was removed from a pull request.
Поля
user_agent, request_id, actor, actor_id, pull_request_id, business_id, org_id, reviewer_type, reviewer, reviewer_id, action, operation_type, @timestamp, created_at, _document_id, pull_request_url, programmatic_access_type
Справочные материалы
/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/about-pull-request-reviews
pull_request.reopen
A pull request was reopened after previously being closed.
Поля
user_agent, request_id, actor, actor_id, pull_request_id, action, operation_type, @timestamp, created_at, _document_id, pull_request_url, programmatic_access_type

pull_request_review_comment

pull_request_review_comment.create
A review comment was added to a pull request.
Поля
user_agent, request_id, actor, actor_id, comment_id, action, operation_type, @timestamp, created_at, _document_id, token_scopes, programmatic_access_type, request_access_security_header
Справочные материалы
/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/about-pull-request-reviews
pull_request_review_comment.delete
A review comment on a pull request was deleted.
Поля
user_agent, actor, @timestamp, _document_id, repo, created_at, request_id, comment_id, actor_id, repo_id, action, operation_type, token_scopes, programmatic_access_type
pull_request_review_comment.update
A review comment on a pull request was changed.
Поля
operation_type, user_agent, request_id, actor_id, action, created_at, actor, _document_id, @timestamp, comment_id, token_scopes, programmatic_access_type

pull_request_review

pull_request_review.delete
A review on a pull request was deleted.
Поля
user_agent, request_id, actor, actor_id, pull_request_id, review_id, action, operation_type, @timestamp, created_at, _document_id, pull_request_url, token_scopes, programmatic_access_type, request_access_security_header
pull_request_review.dismiss
A review on a pull request was dismissed.
Поля
user_agent, request_id, actor, actor_id, pull_request_id, business_id, review_id, action, operation_type, @timestamp, created_at, _document_id, pull_request_url, programmatic_access_type
Справочные материалы
/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/dismissing-a-pull-request-review
pull_request_review.submit
A review on a pull request was submitted.
Поля
user_agent, request_id, actor, actor_id, pull_request_id, review_id, action, operation_type, @timestamp, created_at, _document_id, pull_request_url, programmatic_access_type
Справочные материалы
/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-proposed-changes-in-a-pull-request#submitting-your-review

repo

repo.access
The visibility of a repository changed.
Поля
repo_id, user, request_id, operation_type, @timestamp, actor_id, user_id, created_at, user_agent, actor, action, repo, visibility, _document_id, previous_visibility, programmatic_access_type
Справочные материалы
/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/setting-repository-visibility
repo.actions_enabled
GitHub Actions was enabled for a repository.
Поля
user_agent, request_id, actor, actor_id, created_at, repo, repo_id, org, org_id, action, operation_type, @timestamp, _document_id, token_scopes, programmatic_access_type
Справочные материалы
organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization#using-the-audit-log-api
repo.add_member
A collaborator was added to a repository.
Поля
visibility, repo, created_at, user_agent, operation_type, @timestamp, _document_id, actor, actor_id, repo_id, user, request_id, action, user_id, oauth_application_id, org, org_id, token_scopes, programmatic_access_type
Справочные материалы
/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/inviting-collaborators-to-a-personal-repository
repo.add_topic
A topic was added to a repository.
Поля
action, user_agent, actor, repo, repo_id, user, org, org_id, request_id, actor_id, topic, @timestamp, _document_id, user_id, created_at, operation_type, programmatic_access_type
Справочные материалы
/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/classifying-your-repository-with-topics
repo.advanced_security_disabled
GitHub Advanced Security was disabled for a repository.
Поля
user_agent, request_id, actor, actor_id, org, org_id, repository, repository_id, business, business_id, action, operation_type, @timestamp, created_at, _document_id, programmatic_access_type, actor_is_bot, request_access_security_header
Справочные материалы
/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository
repo.advanced_security_enabled
GitHub Advanced Security was enabled for a repository.
Поля
user_agent, request_id, actor, actor_id, org, org_id, repository, repository_id, business, business_id, action, operation_type, @timestamp, created_at, _document_id, public_repo, programmatic_access_type, actor_is_bot
Справочные материалы
/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository
repo.archived
A repository was archived.
Поля
repo_id, user_agent, user_id, created_at, @timestamp, repo, user, operation_type, visibility, action, actor_id, actor, _document_id, request_id, token_scopes, programmatic_access_type
Справочные материалы
/repositories/archiving-a-github-repository
repo.change_merge_setting
Pull request merge options were changed for a repository.
Поля
actor, oauth_application_id, user_agent, request_id, created_at, @timestamp, _document_id, actor_id, operation_type, action, public_repo, token_scopes, programmatic_access_type, actor_is_bot
repo.code_scanning_analysis_deleted
Code scanning analysis for a repository was deleted.
Поля
user_agent, request_id, actor, actor_id, oauth_application_id, repo, repo_id, org, org_id, action, operation_type, @timestamp, created_at, _document_id, public_repo, tool, category, request_access_security_header
Справочные материалы
/rest/code-scanning#delete-a-code-scanning-analysis-from-a-repository
repo.code_scanning_autofix_disabled
Autofix for code scanning alerts was disabled for a repository.
Поля
actor, actor_id, user_agent, request_id, repo, repo_id, public_repo, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, actor_is_bot, request_access_security_header
repo.code_scanning_autofix_enabled
Autofix for code scanning alerts was enabled for a repository.
Поля
actor, actor_id, user_agent, request_id, repo, repo_id, public_repo, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, actor_is_bot, request_access_security_header
repo.code_scanning_configuration_for_branch_deleted
A code scanning configuration for a branch of a repository was deleted.
Поля
actor, actor_id, user_agent, request_id, tool, branch, category, repo, repo_id, public_repo, org, org_id, business, business_id, action, _document_id, @timestamp, created_at, operation_type
Справочные материалы
Resolving code scanning alerts
repo.codeql_disabled
Code scanning using the default setup was disabled for a repository.
Поля
user_agent, request_id, hashed_token, programmatic_access_type, actor, actor_id, token_id, token_scopes, repo, repo_id, public_repo, org, org_id, action, _document_id, @timestamp, created_at, operation_type, request_access_security_header
Справочные материалы
/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning
repo.codeql_enabled
Code scanning using the default setup was enabled for a repository.
Поля
actor, actor_id, user_agent, request_id, repo, repo_id, public_repo, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, query_suite, threat_model, languages, request_access_security_header
Справочные материалы
/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning
repo.codeql_updated
Code scanning using the default setup was updated for a repository.
Поля
actor, actor_id, user_agent, request_id, query_suite, threat_model, languages, repo, repo_id, public_repo, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, actor_is_bot
Справочные материалы
/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning
repo.config.disable_collaborators_only
The interaction limit for collaborators only was disabled.
Поля
user_agent, actor, actor_id, repo_id, _document_id, action, created_at, repo, operation_type, @timestamp, request_id
Справочные материалы
/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository
repo.config.disable_contributors_only
The interaction limit for prior contributors only was disabled in a repository.
Поля
repo, @timestamp, request_id, actor, _document_id, user_agent, actor_id, repo_id, action, operation_type, created_at
Справочные материалы
/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository
repo.config.disable_sockpuppet_disallowed
The interaction limit for existing users only was disabled in a repository.
Поля
actor, request_id, repo_id, action, user_agent, _document_id, @timestamp, created_at, actor_id, repo, operation_type
Справочные материалы
/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository
repo.config.enable_collaborators_only
The interaction limit for collaborators only was enabled in a repository Users that are not collaborators or organization members were unable to interact with a repository for a set duration.
Поля
actor, oauth_application_id, created_at, action, request_id, repo_id, repo, @timestamp, _document_id, user_agent, actor_id, operation_type
Справочные материалы
/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository
repo.config.enable_contributors_only
The interaction limit for prior contributors only was enabled in a repository Users that are not prior contributors, collaborators or organization members were unable to interact with a repository for a set duration.
Поля
user_agent, request_id, operation_type, created_at, actor, org, action, actor_id, repo, repo_id, org_id, @timestamp, _document_id
Справочные материалы
/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository
repo.config.enable_sockpuppet_disallowed
The interaction limit for existing users was enabled in a repository New users aren't able to interact with a repository for a set duration Existing users of the repository, contributors, collaborators or organization members are able to interact with a repository.
Поля
actor, operation_type, created_at, user_agent, request_id, action, actor_id, repo, repo_id, @timestamp, _document_id
Справочные материалы
/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository
repo.create
A repository was created.
Поля
repo, user_id, visibility, repo_id, user, request_id, actor_id, action, operation_type, request_category, @timestamp, created_at, _document_id, actor, user_agent, org, oauth_application_id, org_id, request_method, business, business_id, public_repo, token_scopes, programmatic_access_type, actor_is_bot
Справочные материалы
/repositories/creating-and-managing-repositories/creating-a-new-repository
repo.create_actions_secret
A GitHub Actions secret was created for a repository.
Поля
user_agent, request_id, actor, actor_id, key, repo, repo_id, action, operation_type, @timestamp, created_at, _document_id, token_scopes, programmatic_access_type
Справочные материалы
Using secrets in GitHub Actions
repo.create_actions_variable
A GitHub Actions variable was created for a repository.
Поля
actor, actor_id, user_agent, request_id, key, visibility, repo, repo_id, public_repo, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, request_access_security_header
Справочные материалы
Store information in variables
repo.create_integration_secret
A Codespaces or Dependabot secret was created for a repository.
Поля
user_agent, request_id, actor, actor_id, key, visibility, integration, repo, repo_id, action, operation_type, @timestamp, created_at, _document_id, public_repo, programmatic_access_type, request_access_security_header
repo.destroy
A repository was deleted.
Поля
repo, _document_id, user_agent, user_id, actor, action, user, repo_id, operation_type, request_category, actor_id, visibility, request_id, created_at, @timestamp, request_method, oauth_application_id, token_scopes, programmatic_access_type, actor_is_bot
Справочные материалы
/repositories/creating-and-managing-repositories/deleting-a-repository
repo.disk_archive
A repository was archived on disk.
Поля
actor_id, repo, operation_type, @timestamp, created_at, request_id, _document_id, repo_id, actor, action, user_agent
Справочные материалы
/repositories/archiving-a-github-repository/archiving-repositories
repo.download_zip
A source code archive of a repository was downloaded as a ZIP file.
Поля
user_agent, request_id, actor, actor_id, visibility, repo, repo_id, org, org_id, action, _document_id, @timestamp, created_at, operation_type, public_repo, token_scopes, programmatic_access_type, actor_is_bot
Справочные материалы
/repositories/working-with-files/using-files/downloading-source-code-archives
repo.override_unlock
The repository was unlocked.
Поля
user_agent, request_id, actor, actor_id, user, user_id, repo, repo_id, action, operation_type, @timestamp, created_at, _document_id
repo.pages_cname
A GitHub Pages custom domain was modified in a repository.
Поля
actor, @timestamp, visibility, repo, repo_id, user, request_id, actor_id, cname, user_agent, user_id, created_at, _document_id, action, operation_type, old_cname, programmatic_access_type
repo.pages_create
A GitHub Pages site was created.
Поля
actor_id, user, _document_id, user_id, visibility, action, user_agent, operation_type, repo_id, created_at, @timestamp, request_id, actor, repo, programmatic_access_type
repo.pages_destroy
A GitHub Pages site was deleted.
Поля
created_at, user_id, action, request_id, user, repo, user_agent, _document_id, actor_id, @timestamp, actor, visibility, operation_type, repo_id, programmatic_access_type
repo.pages_https_redirect_disabled
HTTPS redirects were disabled for a GitHub Pages site.
Поля
user, actor_id, repo_id, _document_id, user_agent, actor, visibility, user_id, request_id, repo, @timestamp, operation_type, action, created_at, programmatic_access_type, request_access_security_header
repo.pages_https_redirect_enabled
HTTPS redirects were enabled for a GitHub Pages site.
Поля
request_id, @timestamp, user_agent, user_id, created_at, visibility, actor, actor_id, user, operation_type, repo_id, action, repo, _document_id, request_access_security_header
repo.pages_private
A GitHub Pages site visibility was changed to private.
Поля
user_agent, request_id, actor, actor_id, visibility, repo, repo_id, org, org_id, action, operation_type, @timestamp, created_at, _document_id
repo.pages_public
A GitHub Pages site visibility was changed to public.
Поля
user_agent, request_id, actor, actor_id, visibility, repo, repo_id, org, org_id, action, operation_type, @timestamp, created_at, _document_id, programmatic_access_type, request_access_security_header
repo.pages_soft_delete
A GitHub Pages site was soft-deleted because its owner's plan changed.
Поля
visibility, repo, repo_id, public_repo, org, org_id, action, _document_id, @timestamp, created_at, operation_type, request_access_security_header
repo.pages_soft_delete_restore
A GitHub Pages site that was previously soft-deleted was restored.
Поля
actor, actor_id, user_agent, request_id, visibility, repo, repo_id, public_repo, org, org_id, action, _document_id, @timestamp, created_at, operation_type, request_access_security_header
repo.pages_source
A GitHub Pages source was modified.
Поля
user_id, actor_id, operation_type, user_agent, actor, @timestamp, repo_id, user, _document_id, request_id, visibility, repo, created_at, action, programmatic_access_type
repo.register_self_hosted_runner
A new self-hosted runner was registered.
Поля
actor_id, repo, operation_type, action, @timestamp, actor, user_agent, created_at, _document_id, request_id, repo_id, request_access_security_header
Справочные материалы
Adding self-hosted runners
repo.remove_actions_secret
A GitHub Actions secret was deleted for a repository.
Поля
user_agent, request_id, actor, actor_id, key, repo, repo_id, org, org_id, action, operation_type, @timestamp, created_at, _document_id, token_scopes, programmatic_access_type
Справочные материалы
Using secrets in GitHub Actions
repo.remove_actions_variable
A GitHub Actions variable was deleted for a repository.
Поля
actor, actor_id, user_agent, request_id, key, repo, repo_id, public_repo, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, request_access_security_header
Справочные материалы
Store information in variables
repo.remove_integration_secret
A Codespaces or Dependabot secret was deleted for a repository.
Поля
user_agent, request_id, actor, actor_id, key, integration, repo, repo_id, org, org_id, action, operation_type, @timestamp, created_at, _document_id, public_repo, request_access_security_header
repo.remove_member
A collaborator was removed from a repository.
Поля
request_id, user, business, action, actor_id, org, org_id, actor, created_at, repo_id, user_agent, business_id, user_id, operation_type, @timestamp, _document_id, visibility, repo, token_scopes, programmatic_access_type
Справочные материалы
/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/removing-a-collaborator-from-a-personal-repository
repo.remove_self_hosted_runner
A self-hosted runner was removed.
Поля
request_id, actor_id, repo_id, @timestamp, _document_id, repo, org_id, action, operation_type, user_agent, actor, created_at, org, token_scopes, programmatic_access_type
Справочные материалы
Removing self-hosted runners
repo.remove_topic
A topic was removed from a repository.
Поля
user, action, repo_id, user_agent, topic, operation_type, user_id, org, org_id, actor, business, request_id, repo, @timestamp, created_at, _document_id, actor_id, business_id, programmatic_access_type
repo.rename
A repository was renamed.
Поля
user_agent, @timestamp, request_id, actor_id, actor, old_name, repo, user_id, created_at, user, action, operation_type, visibility, repo_id, _document_id, programmatic_access_type
Справочные материалы
/repositories/creating-and-managing-repositories/renaming-a-repository
repo.self_hosted_runner_offline
The runner application was stopped. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.
Поля
repo_id, repo, org_id, org, runner_id, runner_name, action, _document_id, operation_type, created_at, @timestamp
Справочные материалы
Monitoring and troubleshooting self-hosted runners
repo.self_hosted_runner_online
The runner application was started. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.
Поля
repo_id, repo, org_id, org, runner_id, runner_name, action, _document_id, operation_type, created_at, @timestamp
Справочные материалы
Monitoring and troubleshooting self-hosted runners
repo.self_hosted_runner_updated
The runner application was updated. This event is not included in the JSON/CSV export.
Поля
repo_id, runner_id, runner_name, source_version, target_version, runner_group_id, runner_group_name
Справочные материалы
Self-hosted runners
repo.set_actions_fork_pr_approvals_policy
The setting for requiring approvals for workflows from public forks was changed for a repository.
Поля
user_agent, request_id, actor, actor_id, visibility, policy, repo, repo_id, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, public_repo
Справочные материалы
/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#configuring-required-approval-for-workflows-from-public-forks
repo.set_actions_private_fork_pr_approvals_policy
The policy for requiring approval for fork pull request workflows from collaborators without write access to private repos was changed for a repository.
Поля
actor, actor_id, user_agent, request_id, visibility, policy, repo, repo_id, public_repo, org, org_id, action, _document_id, @timestamp, created_at, operation_type
Справочные материалы
/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#enabling-workflows-for-forks-of-private-repositories
repo.set_actions_retention_limit
The retention period for GitHub Actions artifacts and logs in a repository was changed.
Поля
user_agent, request_id, actor, actor_id, visibility, limit, repo, repo_id, user, user_id, action, operation_type, @timestamp, created_at, _document_id
Справочные материалы
/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#configuring-the-retention-period-for-github-actions-artifacts-and-logs-in-your-repository
repo.set_default_workflow_permissions
The default permissions granted to the GITHUB_TOKEN when running workflows were changed for a repository.
Поля
actor, actor_id, user_agent, request_id, visibility, repo, repo_id, public_repo, user, user_id, action, _document_id, @timestamp, created_at, operation_type, request_access_security_header
Справочные материалы
/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#setting-the-permissions-of-the-github_token-for-your-repository
repo.set_fork_pr_workflows_policy
Triggered when the policy for workflows on private repository forks is changed.
Поля
user_agent, request_id, actor, actor_id, visibility, policy, repo, repo_id, user, user_id, action, operation_type, @timestamp, created_at, _document_id
Справочные материалы
/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#enabling-workflows-for-private-repository-forks
repo.set_workflow_permission_can_approve_pr
The policy for allowing GitHub Actions to create and approve pull requests was changed for a repository.
Поля
actor, actor_id, user_agent, request_id, visibility, repo, repo_id, public_repo, user, user_id, action, _document_id, @timestamp, created_at, operation_type, request_access_security_header
Справочные материалы
/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#preventing-github-actions-from-creating-or-approving-pull-requests
repo.staff_unlock
An enterprise owner or GitHub staff (with permission from a repository administrator) temporarily unlocked the repository.
Поля
@timestamp, _document_id, user_agent, actor_id, created_at, actor, repo_id, action, org, org_id, request_id, repo, operation_type
repo.temporary_access_granted
Temporary access was enabled for a repository.
Поля
actor, actor_id, user_agent, request_id, user, user_id, repo, repo_id, public_repo, action, _document_id, @timestamp, created_at, operation_type, business, business_id
Справочные материалы
Accessing user-owned repositories in your enterprise
repo.transfer
A user accepted a request to receive a transferred repository.
Поля
@timestamp, user_id, _document_id, request_id, actor_id, repo_id, owner, user, old_user, action, operation_type, created_at, user_agent, repo, visibility, repo_was, actor
Справочные материалы
/repositories/creating-and-managing-repositories/transferring-a-repository
repo.transfer_outgoing
A repository was transferred to another repository network.
Поля
user_agent, request_id, actor, actor_id, repo, repo_id, new_nwo, visibility, org, org_id, action, _document_id, @timestamp, created_at, operation_type, public_repo, request_access_security_header
repo.transfer_start
A user sent a request to transfer a repository to another user or organization.
Поля
@timestamp, _document_id, operation_type, user_id, request_id, user, action, user_agent, created_at, actor, visibility, repo_id, actor_id, repo, request_access_security_header
repo.unarchived
A repository was unarchived.
Поля
actor, request_id, actor_id, repo, operation_type, created_at, _document_id, repo_id, user, @timestamp, visibility, user_agent, user_id, action, programmatic_access_type
Справочные материалы
/repositories/archiving-a-github-repository
repo.update_actions_access_settings
The setting to control how a repository was used by GitHub Actions workflows in other repositories was changed.
Поля
user_agent, request_id, actor, actor_id, visibility, policy, old_policy, repo, repo_id, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id
repo.update_actions_secret
A GitHub Actions secret was updated for a repository.
Поля
user_agent, request_id, actor, actor_id, oauth_application_id, key, repo, repo_id, org, org_id, action, operation_type, @timestamp, created_at, _document_id, business, business_id, token_scopes, programmatic_access_type
Справочные материалы
Using secrets in GitHub Actions
repo.update_actions_settings
A repository administrator changed GitHub Actions policy settings for a repository.
Поля
user_agent, request_id, actor, actor_id, visibility, repo, repo_id, org, org_id, action, operation_type, @timestamp, created_at, _document_id, new_policy, old_policy, updated_access_policy, programmatic_access_type, actor_is_bot
repo.update_actions_variable
A GitHub Actions variable was updated for a repository.
Поля
actor, actor_id, user_agent, request_id, key, visibility, repo, repo_id, public_repo, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, request_access_security_header
Справочные материалы
Store information in variables
repo.update_default_branch
The default branch for a repository was changed.
Поля
user_agent, request_id, actor, actor_id, visibility, repo, repo_id, user, user_id, action, operation_type, @timestamp, created_at, _document_id, token_scopes, programmatic_access_type, actor_is_bot
repo.update_integration_secret
A Codespaces or Dependabot secret was updated for a repository.
Поля
user_agent, request_id, actor, actor_id, key, visibility, integration, repo, repo_id, org, org_id, action, operation_type, @timestamp, created_at, _document_id, public_repo, token_scopes, programmatic_access_type, request_access_security_header
repo.update_member
A user's permission to a repository was changed.
Поля
user_agent, action, _document_id, actor, repo_id, created_at, oauth_application_id, user, @timestamp, repo, operation_type, request_id, org_id, actor_id, visibility, old_permission, org, user_id, old_base_role, old_repo_permission, old_repo_base_role, new_repo_base_role, new_repo_permission, token_scopes, programmatic_access_type, actor_is_bot

repository_branch_protection_evaluation

repository_branch_protection_evaluation.disable
Branch protections were disabled for the repository.
Поля
actor, actor_id, user_agent, request_id, repo, repo_id, org, org_id, business_id, user, user_id, business, action, _document_id, @timestamp, created_at, operation_type, request_access_security_header
Справочные материалы
/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/managing-a-branch-protection-rule
repository_branch_protection_evaluation.enable
Branch protections were enabled for this repository.
Поля
actor, actor_id, user_agent, request_id, repo, repo_id, org, org_id, business_id, user, user_id, business, action, _document_id, @timestamp, created_at, operation_type, request_access_security_header
Справочные материалы
/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/managing-a-branch-protection-rule

repository_image

repository_image.create
An image to represent a repository was uploaded.
Поля
user_agent, operation_type, created_at, actor_id, repo_id, action, request_id, actor, content_type, repo, @timestamp, _document_id, user, user_id, request_access_security_header
repository_image.destroy
An image to represent a repository was deleted.
Поля
content_type, created_at, actor_id, user_id, operation_type, request_id, _document_id, actor, repo_id, user_agent, repo, user, action, @timestamp, request_access_security_header

repository_invitation

repository_invitation.accept
An invitation to join a repository was accepted.
Поля
actor_id, created_at, request_id, repo, invitee, operation_type, actor, repo_id, _document_id, action, user_agent, inviter, @timestamp, token_scopes, programmatic_access_type
repository_invitation.cancel
An invitation to join a repository was canceled.
Поля
inviter, action, operation_type, _document_id, repo_id, repo, @timestamp, user_agent, invitee, created_at, request_id, actor, actor_id, request_access_security_header
repository_invitation.create
An invitation to join a repository was sent.
Поля
_document_id, actor, actor_id, @timestamp, invitee, action, request_id, inviter, repo, created_at, user_agent, repo_id, operation_type, token_scopes, programmatic_access_type
repository_invitation.reject
An invitation to join a repository was declined.
Поля
repo, _document_id, actor, invitee, action, @timestamp, request_id, actor_id, operation_type, created_at, inviter, user_agent, repo_id

repository_ruleset

repository_ruleset.create
A repository ruleset was created.
Поля
actor, actor_id, user_agent, request_id, name, repo, repo_id, public_repo, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, ruleset_id, ruleset_name, ruleset_enforcement, ruleset_source_type, ruleset_rules, ruleset_conditions, ruleset_bypass_actors, request_access_security_header
Справочные материалы
/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/creating-rulesets-for-a-repository
repository_ruleset.destroy
A repository ruleset was deleted.
Поля
actor, actor_id, user_agent, request_id, name, repo, repo_id, public_repo, org, org_id, action, _document_id, @timestamp, created_at, operation_type, ruleset_id, ruleset_name, ruleset_enforcement, ruleset_source_type, ruleset_rules, ruleset_bypass_actors, request_access_security_header
Справочные материалы
/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/managing-rulesets-for-a-repository#deleting-a-ruleset
repository_ruleset.update
A repository ruleset was edited.
Поля
actor, actor_id, user_agent, request_id, old_name, repo, repo_id, public_repo, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, ruleset_id, ruleset_name, ruleset_enforcement, ruleset_source_type, ruleset_rules_updated, ruleset_conditions_added, ruleset_conditions_deleted, ruleset_old_enforcement, ruleset_rules_added, ruleset_rules_deleted, ruleset_old_name, ruleset_conditions_updated, ruleset_bypass_actors_added, ruleset_bypass_actors_deleted, ruleset_bypass_actors_updated, actor_is_bot
Справочные материалы
/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/managing-rulesets-for-a-repository#editing-a-ruleset

repository_secret_scanning_automatic_validity_checks

repository_secret_scanning_automatic_validity_checks.disabled
Automatic partner validation checks have been disabled at the repository level
Поля
actor, actor_id, user_agent, request_id, user, user_id, repo, repo_id, public_repo, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, actor_is_bot, request_access_security_header
Справочные материалы
/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#allowing-validity-checks-for-partner-patterns-in-a-repository
repository_secret_scanning_automatic_validity_checks.enabled
Automatic partner validation checks have been enabled at the repository level
Поля
actor, actor_id, user_agent, request_id, user, user_id, repo, repo_id, public_repo, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, actor_is_bot, request_access_security_header
Справочные материалы
/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#allowing-validity-checks-for-partner-patterns-in-a-repository

repository_secret_scanning_custom_pattern

repository_secret_scanning_custom_pattern.create
A custom pattern was created for secret scanning in a repository.
Поля
user_agent, request_id, actor, actor_id, user, user_id, repo, repo_id, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, public_repo
Справочные материалы
Defining custom patterns for secret scanning
repository_secret_scanning_custom_pattern.delete
A custom pattern was removed from secret scanning in a repository.
Поля
user_agent, request_id, actor, actor_id, user, user_id, repo, repo_id, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, public_repo
Справочные материалы
Defining custom patterns for secret scanning
repository_secret_scanning_custom_pattern.publish
A custom pattern was published for secret scanning in a repository.
Поля
actor, actor_id, user_agent, request_id, user, user_id, repo, repo_id, public_repo, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, actor_is_bot
Справочные материалы
Defining custom patterns for secret scanning
repository_secret_scanning_custom_pattern.update
Changes to a custom pattern were saved and a dry run was executed for secret scanning in a repository.
Поля
user_agent, request_id, actor, actor_id, user, user_id, repo, repo_id, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, public_repo
Справочные материалы
Defining custom patterns for secret scanning

repository_secret_scanning_custom_pattern_push_protection

repository_secret_scanning_custom_pattern_push_protection.disabled
Push protection for a custom pattern for secret scanning was disabled for your repository.
Поля
actor, actor_id, user_agent, request_id, user, user_id, repo, repo_id, public_repo, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id
Справочные материалы
Defining custom patterns for secret scanning
repository_secret_scanning_custom_pattern_push_protection.enabled
Push protection for a custom pattern for secret scanning was enabled for your repository.
Поля
actor, actor_id, user_agent, request_id, user, user_id, repo, repo_id, public_repo, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, actor_is_bot
Справочные материалы
Defining custom patterns for secret scanning

repository_secret_scanning

repository_secret_scanning.disable
Secret scanning was disabled for a repository.
Поля
user_agent, request_id, actor, actor_id, created_at, user, user_id, repo, repo_id, org, org_id, action, operation_type, @timestamp, _document_id, public_repo, programmatic_access_type
Справочные материалы
About secret scanning
repository_secret_scanning.enable
Secret scanning was enabled for a repository.
Поля
user_agent, request_id, actor, actor_id, created_at, user, user_id, repo, repo_id, org, org_id, action, operation_type, @timestamp, _document_id, programmatic_access_type

repository_secret_scanning_non_provider_patterns

repository_secret_scanning_non_provider_patterns.disabled
Secret scanning for non-provider patterns was disabled at the repository level.
Поля
actor, actor_id, user_agent, request_id, repo, repo_id, public_repo, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, actor_is_bot, request_access_security_header
Справочные материалы
Supported secret scanning patterns
repository_secret_scanning_non_provider_patterns.enabled
Secret scanning for non-provider patterns was enabled at the repository level.
Поля
actor, actor_id, user_agent, request_id, repo, repo_id, public_repo, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, actor_is_bot, request_access_security_header
Справочные материалы
Supported secret scanning patterns

repository_secret_scanning_push_protection_bypass_list

repository_secret_scanning_push_protection_bypass_list.add
A role or team was added to the push protection bypass list at the repository level.
Поля
actor, actor_id, user_agent, request_id, repo, repo_id, public_repo, action, _document_id, @timestamp, created_at, operation_type, request_access_security_header
Справочные материалы
About push protection
repository_secret_scanning_push_protection_bypass_list.disable
Push protection settings for "Users who can bypass push protection for secret scanning" changed from "Specific roles or teams" to "Anyone with write access" at the repository level.
Поля
actor, actor_id, user_agent, request_id, repo, repo_id, public_repo, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, actor_is_bot, request_access_security_header
Справочные материалы
About push protection
repository_secret_scanning_push_protection_bypass_list.enable
Push protection settings for "Users who can bypass push protection for secret scanning" changed from "Anyone with write access" to "Specific roles or teams" at the repository level.
Поля
actor, actor_id, user_agent, request_id, repo, repo_id, public_repo, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, actor_is_bot, request_access_security_header
Справочные материалы
About push protection
repository_secret_scanning_push_protection_bypass_list.remove
A role or team was removed from the push protection bypass list at the repository level.
Поля
actor, actor_id, user_agent, request_id, repo, repo_id, public_repo, action, _document_id, @timestamp, created_at, operation_type, request_access_security_header
Справочные материалы
About push protection

repository_secret_scanning_push_protection

repository_secret_scanning_push_protection.disable
Secret scanning push protection was disabled for a repository.
Поля
user_agent, request_id, actor, actor_id, user, user_id, repo, repo_id, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, public_repo, programmatic_access_type, request_access_security_header
Справочные материалы
About push protection
repository_secret_scanning_push_protection.enable
Secret scanning push protection was enabled for a repository.
Поля
user_agent, request_id, actor, actor_id, user, user_id, repo, repo_id, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, public_repo, programmatic_access_type, request_access_security_header
Справочные материалы
About push protection

restrict_notification_delivery

restrict_notification_delivery.disable
Email notification restrictions for an organization or enterprise were disabled.
Поля
user_agent, request_id, actor, actor_id, business, business_id, owner, action, operation_type, @timestamp, created_at, _document_id
Справочные материалы
Restricting email notifications for your organization, Restricting email notifications for your enterprise
restrict_notification_delivery.enable
Email notification restrictions for an organization or enterprise were enabled.
Поля
user_agent, request_id, actor, actor_id, org, org_id, business_id, owner, action, operation_type, @timestamp, created_at, _document_id
Справочные материалы
Restricting email notifications for your organization, Restricting email notifications for your enterprise

secret_scanning_alert

secret_scanning_alert.create
GitHub detected a secret and created a secret scanning alert.
Поля
repo_id, repo, actor_id, actor, org_id, org, business, business_id, number, secret_type, secret_type_display_name, publicly_leaked, multi_repo
Справочные материалы
/code-security/secret-scanning/managing-alerts-from-secret-scanning
secret_scanning_alert.reopen
A secret scanning alert was reopened.
Поля
user_agent, request_id, actor, actor_id, number, user, user_id, repo, repo_id, public_repo, action, _document_id, @timestamp, created_at, operation_type, token_scopes, secret_type_display_name
secret_scanning_alert.resolve
A secret scanning alert was resolved.
Поля
user_agent, request_id, actor, actor_id, number, resolution, user, user_id, repo, repo_id, public_repo, action, _document_id, @timestamp, created_at, operation_type, token_scopes, secret_type, secret_type_display_name, publicly_leaked, multi_repo, request_access_security_header
secret_scanning_alert.revoke
A secret scanning alert was revoked.
Поля
user_agent, request_id, actor, actor_id, number, user, user_id, repo, repo_id, public_repo, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id
secret_scanning_alert.validate
A secret scanning alert was validated.
Поля
repo_id, repo, actor_id, actor, org_id, org, business, business_id, number, created_at, previous_validity, current_validity, secret_type, secret_type_display_name, publicly_leaked, multi_repo
Справочные материалы
/code-security/secret-scanning/managing-alerts-from-secret-scanning

secret_scanning

secret_scanning.disable
Secret scanning was disabled for all existing repositories.
Поля
user_agent, request_id, actor, actor_id, user, user_id, org, org_id, action, operation_type, @timestamp, created_at, _document_id
Справочные материалы
About secret scanning
secret_scanning.enable
Secret scanning was enabled for all existing repositories.
Поля
user_agent, request_id, actor, actor_id, created_at, user, user_id, org, org_id, action, operation_type, @timestamp, _document_id
Справочные материалы
About secret scanning

secret_scanning_new_repos

secret_scanning_new_repos.disable
Secret scanning was disabled for all new repositories.
Поля
user_agent, request_id, actor, actor_id, user, user_id, org, org_id, action, operation_type, @timestamp, created_at, _document_id, token_scopes
Справочные материалы
About secret scanning
secret_scanning_new_repos.enable
Secret scanning was enabled for all new repositories.
Поля
user_agent, request_id, actor, actor_id, created_at, user, user_id, org, org_id, action, operation_type, @timestamp, _document_id
Справочные материалы
About secret scanning

secret_scanning_push_protection

secret_scanning_push_protection.bypass
Triggered when a user bypasses the push protection on a secret detected by secret scanning.
Поля
repo_id, repo, actor_id, actor, org_id, org, business, business_id, number, created_at, push_protection_bypass_reason, secret_type, secret_type_display_name, publicly_leaked, multi_repo, request_reviewer, request_reviewer_id
Справочные материалы
About push protection

secret_scanning_push_protection_request

secret_scanning_push_protection_request.approve
A request to bypass secret scanning push protection was approved by a user.
Поля
actor, actor_id, user_agent, request_id, number, repository, repository_id, public_repo, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, actor_is_bot, request_access_security_header
Справочные материалы
About push protection
secret_scanning_push_protection_request.deny
A request to bypass secret scanning push protection was denied by a user.
Поля
actor, actor_id, user_agent, request_id, number, repository, repository_id, public_repo, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, actor_is_bot, request_access_security_header, request_reviewer_comment
Справочные материалы
About push protection
secret_scanning_push_protection_request.request
A user requested to bypass secret scanning push protection.
Поля
actor, actor_id, user_agent, request_id, number, repository, repository_id, public_repo, org, org_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, actor_is_bot, request_access_security_header
Справочные материалы
Working with secret scanning and push protection

security_key

security_key.register
A security key was registered for an account.
Поля
actor_id, user, created_at, user_id, action, operation_type, request_id, @timestamp, _document_id, actor, user_agent, request_access_security_header
security_key.remove
A security key was removed from an account.
Поля
actor, user_id, operation_type, _document_id, user_agent, @timestamp, request_id, actor_id, action, created_at, user, request_access_security_header

sponsors

sponsors.agreement_sign
A GitHub Sponsors agreement was signed on behalf of an organization.
Поля
user_agent, request_id, actor, actor_id, user, user_id, sponsors_listing_id, action, _document_id, @timestamp, created_at, operation_type
sponsors.custom_amount_settings_change
Custom amounts for GitHub Sponsors were enabled or disabled, or the suggested custom amount was changed.
Поля
user_agent, request_id, actor, actor_id, org, org_id, sponsors_listing_id, action, operation_type, @timestamp, created_at, _document_id
Справочные материалы
/sponsors/receiving-sponsorships-through-github-sponsors/managing-your-sponsorship-tiers
sponsors.fiscal_host_change
The fiscal host for a GitHub Sponsors listing was updated.
Поля
user_agent, request_id, actor, actor_id, org, org_id, sponsors_listing_id, action, _document_id, @timestamp, created_at, operation_type
sponsors.repo_funding_links_file_action
The FUNDING file in a repository was changed.
Поля
@timestamp, action, created_at, _document_id, request_id, repository, repository_id, actor, user_agent, actor_id, operation_type
Справочные материалы
/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/displaying-a-sponsor-button-in-your-repository
sponsors.sponsor_sponsorship_cancel
A sponsorship was canceled.
Поля
operation_type, _document_id, created_at, actor, user, action, actor_id, user_id, @timestamp
Справочные материалы
Downgrading a sponsorship
sponsors.sponsor_sponsorship_create
A sponsorship was created, by sponsoring an account.
Поля
actor, user_id, action, @timestamp, user_agent, request_id, user, operation_type, created_at, actor_id, _document_id
Справочные материалы
/sponsors/sponsoring-open-source-contributors/about-sponsorships-fees-and-taxes
sponsors.sponsor_sponsorship_payment_complete
After you sponsor an account and a payment has been processed, the sponsorship payment was marked as complete.
Поля
active, user, user_id, actor, actor_id, action, _document_id, @timestamp, created_at, operation_type, request_access_security_header
Справочные материалы
/sponsors/sponsoring-open-source-contributors/about-sponsorships-fees-and-taxes
sponsors.sponsor_sponsorship_preference_change
The option to receive email updates from a sponsored account was changed.
Поля
actor_id, action, @timestamp, request_id, user_id, created_at, user, _document_id, user_agent, actor, operation_type
Справочные материалы
/sponsors/sponsoring-open-source-contributors/managing-your-sponsorship
sponsors.sponsor_sponsorship_tier_change
A sponsorship was upgraded or downgraded.
Поля
user_id, actor, actor_id, action, user, operation_type, @timestamp, _document_id, created_at
Справочные материалы
Upgrading a sponsorship, Downgrading a sponsorship
sponsors.sponsored_developer_approve
A GitHub Sponsors account was approved.
Поля
user_id, action, user_agent, request_id, actor, user, operation_type, @timestamp, created_at, actor_id, _document_id
Справочные материалы
/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account
sponsors.sponsored_developer_create
A GitHub Sponsors account was created.
Поля
user_id, operation_type, request_id, actor_id, @timestamp, _document_id, user, action, created_at, user_agent, actor
Справочные материалы
/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account
sponsors.sponsored_developer_disable
A GitHub Sponsors account was disabled.
Поля
user_agent, request_id, actor, actor_id, user, user_id, sponsors_listing_id, action, operation_type, @timestamp, created_at, _document_id
sponsors.sponsored_developer_profile_update
The profile for GitHub Sponsors account was edited.
Поля
@timestamp, actor_id, operation_type, created_at, user_agent, request_id, actor, action, _document_id, request_access_security_header
Справочные материалы
/sponsors/receiving-sponsorships-through-github-sponsors/editing-your-profile-details-for-github-sponsors
sponsors.sponsored_developer_redraft
A GitHub Sponsors account was returned to draft state from approved state.
Поля
@timestamp, created_at, request_id, user, action, user_agent, operation_type, _document_id, actor, actor_id, user_id
sponsors.sponsored_developer_request_approval
An application for GitHub Sponsors was submitted for approval.
Поля
user_agent, user, @timestamp, actor_id, user_id, request_id, _document_id, actor, action, operation_type, created_at
Справочные материалы
/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account
sponsors.sponsored_developer_tier_description_update
The description for a sponsorship tier was changed.
Поля
operation_type, request_id, actor, user_id, action, @timestamp, _document_id, user_agent, actor_id, user, created_at
Справочные материалы
/sponsors/receiving-sponsorships-through-github-sponsors/managing-your-sponsorship-tiers
sponsors.sponsored_developer_update_newsletter_send
Triggered when you send an email update to your sponsors.
Поля
request_id, actor, action, user_agent, operation_type, _document_id, created_at, actor_id, user, user_id, @timestamp
Справочные материалы
/sponsors/receiving-sponsorships-through-github-sponsors/contacting-your-sponsors
sponsors.sponsors_patreon_user_create
A Patreon account was linked to a user account for use with GitHub Sponsors.
Поля
actor, actor_id, user_agent, request_id, patreon_email, patreon_username, user, user_id, action, _document_id, @timestamp, created_at, operation_type
Справочные материалы
/sponsors/receiving-sponsorships-through-github-sponsors/enabling-sponsorships-through-patreon#linking-your-patreon-account-to-your-github-account
sponsors.sponsors_patreon_user_destroy
A Patreon account for use with GitHub Sponsors was unlinked from a user account.
Поля
actor, actor_id, user_agent, request_id, patreon_email, patreon_username, user, user_id, action, _document_id, @timestamp, created_at, operation_type
Справочные материалы
Unlinking your Patreon account from GitHub
sponsors.update_tier_repository
A GitHub Sponsors tier changed access for a repository.
Поля
user_agent, request_id, actor, actor_id, user, user_id, sponsors_listing_id, repo, repo_id, action, _document_id, @timestamp, created_at, operation_type
sponsors.update_tier_welcome_message
The welcome message for a GitHub Sponsors tier for an organization was updated.
Поля
user_agent, request_id, actor, actor_id, user, user_id, sponsors_listing_id, action, _document_id, @timestamp, created_at, operation_type
sponsors.waitlist_join
You join the waitlist to join GitHub Sponsors.
Поля
request_id, actor, user_id, user_agent, actor_id, action, operation_type, created_at, user, @timestamp, _document_id
Справочные материалы
/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account
sponsors.withdraw_agreement_signature
A signature was withdrawn from a GitHub Sponsors agreement that applies to an organization.
Поля
user_agent, request_id, actor, actor_id, user, user_id, sponsors_listing_id, action, _document_id, @timestamp, created_at, operation_type

ssh_certificate_authority

ssh_certificate_authority.create
An SSH certificate authority for an organization or enterprise was created.
Поля
@timestamp, _document_id, fingerprint, operation_type, openssh_public_key, org_id, actor, created_at, org, action, user_agent, actor_id, request_id
Справочные материалы
Managing your organization's SSH certificate authorities, Enforcing policies for security settings in your enterprise
ssh_certificate_authority.destroy
An SSH certificate authority for an organization or enterprise was deleted.
Поля
created_at, _document_id, fingerprint, operation_type, actor, org_id, openssh_public_key, org, action, user_agent, actor_id, @timestamp, request_id
Справочные материалы
Managing your organization's SSH certificate authorities, Enforcing policies for security settings in your enterprise

ssh_certificate_requirement

ssh_certificate_requirement.disable
The requirement for members to use SSH certificates to access an organization resources was disabled.
Поля
user, user_agent, operation_type, _document_id, request_id, org, org_id, created_at, actor, action, user_id, business, business_id, @timestamp, actor_id
Справочные материалы
Managing your organization's SSH certificate authorities, Enforcing policies for security settings in your enterprise
ssh_certificate_requirement.enable
The requirement for members to use SSH certificates to access an organization resources was enabled.
Поля
actor_id, user_id, org, operation_type, request_id, @timestamp, _document_id, actor, user, action, org_id, created_at, user_agent
Справочные материалы
Managing your organization's SSH certificate authorities, Enforcing policies for security settings in your enterprise

staff

staff.set_domain_token_expiration
The verification code expiry time for an organization or enterprise domain was set.
Поля
user_agent, request_id, actor, actor_id, owner_type, domain_name, business_id, token_expires_at, owner, action, operation_type, @timestamp, created_at, _document_id
staff.unverify_domain
An organization or enterprise domain was unverified.
Поля
user_agent, request_id, actor, actor_id, created_at, owner_type, domain_name, owner, action, operation_type, @timestamp, _document_id
staff.verify_domain
An organization or enterprise domain was verified.
Поля
user_agent, request_id, actor, actor_id, domain_name, action, operation_type, @timestamp, created_at, _document_id

successor_invitation

successor_invitation.accept
Triggered when you accept a succession invitation.
Поля
user_agent, request_id, actor, actor_id, action, operation_type, @timestamp, created_at, _document_id
Справочные материалы
/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/maintaining-ownership-continuity-of-your-personal-accounts-repositories
successor_invitation.cancel
Triggered when you cancel a succession invitation.
Поля
user_agent, request_id, actor, actor_id, action, operation_type, @timestamp, created_at, _document_id
Справочные материалы
/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/maintaining-ownership-continuity-of-your-personal-accounts-repositories
successor_invitation.create
Triggered when you create a succession invitation.
Поля
user_agent, request_id, actor, actor_id, action, operation_type, @timestamp, created_at, _document_id
Справочные материалы
/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/maintaining-ownership-continuity-of-your-personal-accounts-repositories
successor_invitation.decline
Triggered when you decline a succession invitation.
Поля
user_agent, request_id, actor, actor_id, action, operation_type, @timestamp, created_at, _document_id
Справочные материалы
/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/maintaining-ownership-continuity-of-your-personal-accounts-repositories
successor_invitation.revoke
Triggered when you revoke a succession invitation.
Поля
user_agent, request_id, actor, actor_id, action, operation_type, @timestamp, created_at, _document_id
Справочные материалы
/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/maintaining-ownership-continuity-of-your-personal-accounts-repositories

team

team.add_member
A member of an organization was added to a team.
Поля
user_agent, request_id, org_id, user_id, team, user, @timestamp, actor_id, created_at, operation_type, _document_id, org, action, actor, programmatic_access_type
Справочные материалы
/organizations/organizing-members-into-teams/adding-organization-members-to-a-team
team.add_repository
A team was given access and permissions to a repository.
Поля
actor, team, action, operation_type, request_id, created_at, @timestamp, org, repo, actor_id, _document_id, repo_id, user_agent, org_id, token_scopes, programmatic_access_type, actor_is_bot
team.change_parent_team
A child team was created or a child team's parent was changed.
Поля
org, @timestamp, created_at, _document_id, team, action, operation_type, actor, request_id, actor_id, user_agent, org_id, programmatic_access_type, request_access_security_header
Справочные материалы
/organizations/organizing-members-into-teams/moving-a-team-in-your-organizations-hierarchy
team.change_privacy
A team's privacy level was changed.
Поля
user_agent, request_id, org, action, team, created_at, operation_type, actor_id, org_id, @timestamp, actor, _document_id
Справочные материалы
/organizations/organizing-members-into-teams/changing-team-visibility
team.create
A new team is created.
Поля
request_id, actor_id, oauth_application_id, action, operation_type, @timestamp, org_id, user_agent, team, org, actor, created_at, _document_id, token_scopes, programmatic_access_type
team.demote_maintainer
A user was demoted from a team maintainer to a team member.
Поля
user_agent, request_id, actor, actor_id, team, org, org_id, user, user_id, action, operation_type, @timestamp, created_at, _document_id, token_scopes
Справочные материалы
/organizations/organizing-members-into-teams/assigning-the-team-maintainer-role-to-a-team-member
team.destroy
A team was deleted.
Поля
created_at, org, team, org_id, actor_id, actor, action, @timestamp, user_agent, request_id, operation_type, _document_id, programmatic_access_type
team.promote_maintainer
A user was promoted from a team member to a team maintainer.
Поля
user_agent, request_id, actor, actor_id, team, org, org_id, user, user_id, action, operation_type, @timestamp, created_at, _document_id, programmatic_access_type, request_access_security_header
Справочные материалы
/organizations/organizing-members-into-teams/assigning-the-team-maintainer-role-to-a-team-member#promoting-an-organization-member-to-team-maintainer
team.remove_member
An organization member was removed from a team.
Поля
request_id, operation_type, created_at, actor_id, org, org_id, team, user_id, actor, user, action, @timestamp, user_agent, _document_id, token_scopes, programmatic_access_type
Справочные материалы
/organizations/organizing-members-into-teams/removing-organization-members-from-a-team
team.remove_repository
A repository was removed from a team's control.
Поля
request_id, org_id, repo, repo_id, action, _document_id, actor, @timestamp, actor_id, user_agent, created_at, team, org, operation_type, programmatic_access_type
team.rename
A team's name was changed.
Поля
name, user_agent, created_at, team, operation_type, actor_id, org, action, request_id, actor, org_id, @timestamp, _document_id, programmatic_access_type, request_access_security_header
team.update_repository_permission
A team's permission to a repository was changed.
Поля
actor_id, team, org_id, @timestamp, org, _document_id, old_permission, request_id, repo, action, repo_id, actor, operation_type, created_at, user_agent, permission, new_repo_permission, new_repo_base_role, old_repo_permission, old_repo_base_role, token_scopes, programmatic_access_type

team_discussions

team_discussions.clear
An organization owner cleared the setting to allow team discussions for an organization or enterprise.
Поля
business_id, operation_type, @timestamp, user_agent, actor, actor_id, user, business, action, request_id, created_at, user_id, _document_id
team_discussions.disable
Team discussions were disabled for an organization.
Поля
org_id, action, operation_type, request_id, actor, org, created_at, actor_id, user, user_id, @timestamp, user_agent, _document_id
Справочные материалы
Organizations and teams documentation
team_discussions.enable
Team discussions were enabled for an organization.
Поля
actor_id, @timestamp, action, _document_id, user_agent, user_id, business_id, request_id, user, business, operation_type, actor, created_at

team_sync_tenant

team_sync_tenant.disabled
Team synchronization with a tenant was disabled.
Поля
action, created_at, actor, request_id, org_id, actor_id, operation_type, _document_id, @timestamp, org, user_agent
Справочные материалы
Managing team synchronization for your organization, Managing team synchronization for organizations in your enterprise
team_sync_tenant.enabled
Team synchronization with a tenant was enabled.
Поля
org_id, business_id, actor, created_at, user_agent, @timestamp, operation_type, business, actor_id, org, request_id, action, _document_id
Справочные материалы
Managing team synchronization for your organization, Managing team synchronization for organizations in your enterprise

trusted_device

trusted_device.register
A new trusted device was added.
Поля
user_agent, request_id, actor, actor_id, user, user_id, action, operation_type, @timestamp, created_at, _document_id
trusted_device.remove
A trusted device was removed.
Поля
user_agent, request_id, actor, actor_id, user, user_id, action, operation_type, @timestamp, created_at, _document_id

two_factor_authentication

two_factor_authentication.add_factor
A secondary authentication factor was added to a user account.
Поля
actor, actor_id, user_agent, request_id, user, user_id, action, _document_id, @timestamp, created_at, operation_type, request_access_security_header
Справочные материалы
/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication
two_factor_authentication.disabled
Two-factor authentication was disabled for a user account.
Поля
actor, action, _document_id, user_agent, user, user_id, actor_id, created_at, operation_type, request_id, @timestamp, request_access_security_header
Справочные материалы
Disabling two-factor authentication for your personal account
two_factor_authentication.enabled
Two-factor authentication was enabled for a user account.
Поля
actor, operation_type, user_agent, action, created_at, actor_id, @timestamp, request_id, user, user_id, _document_id, request_access_security_header
Справочные материалы
Configuring two-factor authentication
two_factor_authentication.password_reset_fallback_sms
A one-time password code was sent to a user account fallback phone number.
Поля
operation_type, created_at, user, user_id, action, @timestamp, request_id, _document_id, user_agent
two_factor_authentication.recovery_codes_regenerated
Two factor recovery codes were regenerated for a user account.
Поля
request_id, actor, operation_type, _document_id, user_id, action, user, user_agent, actor_id, @timestamp, created_at
two_factor_authentication.remove_factor
A secondary authentication factor was removed from a user account.
Поля
actor, actor_id, user_agent, request_id, user, user_id, action, _document_id, @timestamp, created_at, operation_type, request_access_security_header
Справочные материалы
/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication
two_factor_authentication.sign_in_fallback_sms
A one-time password code was sent to a user account fallback phone number.
Поля
request_id, operation_type, user_id, user, user_agent, created_at, _document_id, action, @timestamp
two_factor_authentication.update_fallback
The two-factor authentication fallback for a user account was changed.
Поля
@timestamp, created_at, _document_id, user, user_id, operation_type, user_agent, action, request_id, actor, actor_id

user

user.add_email
An email address was added to a user account.
Поля
action, request_id, user, user_id, user_agent, operation_type, _document_id, actor_id, actor, email, @timestamp, created_at, request_access_security_header
Справочные материалы
/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-email-preferences/adding-an-email-address-to-your-github-account
user.async_delete
An asynchronous job was started to destroy a user account, eventually triggering a user.delete event.
Поля
actor, user_id, created_at, user, @timestamp, _document_id, request_id, actor_id, operation_type, user_agent, action, request_access_security_header
user.audit_log_export
Audit log entries were exported.
Поля
actor_id, user, action, request_id, actor, @timestamp, _document_id, user_agent, user_id, operation_type, created_at
user.block_user
A user was blocked by another user.
Поля
action, actor, user_id, _document_id, actor_id, @timestamp, user_agent, user, request_id, blocked_user, operation_type, created_at, programmatic_access_type, request_access_security_header
user.change_password
A user changed their password.
Поля
request_id, @timestamp, user_agent, actor_id, operation_type, actor, user, user_id, action, created_at, _document_id, request_access_security_header
user.codespaces_trusted_repo_access_granted
Triggered when you allow the codespaces you create for a repository to access other repositories owned by your personal account.
Поля
user_agent, request_id, actor, actor_id, user, user_id, action, operation_type, @timestamp, created_at, _document_id, programmatic_access_type
Справочные материалы
Managing access to other repositories within your codespace
user.codespaces_trusted_repo_access_revoked
Triggered when you disallow the codespaces you create for a repository to access other repositories owned by your personal account.
Поля
user_agent, request_id, actor, actor_id, user, user_id, action, operation_type, @timestamp, created_at, _document_id
Справочные материалы
Managing access to other repositories within your codespace
user.create
A new user account was created.
Поля
email, user_id, operation_type, @timestamp, request_id, user, created_at, _document_id, user_agent, actor, actor_id, action, programmatic_access_type
user.create_integration_secret
A user secret for Codespaces was created.
Поля
actor, actor_id, user_agent, request_id, key, visibility, integration, user, user_id, action, _document_id, @timestamp, created_at, operation_type, request_access_security_header
user.creation_rate_limit_exceeded
The rate of creation of user accounts, applications, issues, pull requests or other resources exceeded the configured rate limits, or too many users were followed too quickly.
Поля
user, created_at, user_agent, _document_id, operation_type, oauth_application_id, action, actor, actor_id, request_id, user_id, @timestamp, token_scopes, programmatic_access_type
user.delete
A user account was destroyed by an asynchronous job.
Поля
operation_type, created_at, user_agent, action, request_id, user_id, actor, actor_id, user, @timestamp, _document_id, request_access_security_header
user.demote
A site administrator was demoted to an ordinary user account.
Поля
@timestamp, oauth_application_id, action, user, created_at, user_agent, request_id, actor, actor_id, operation_type, _document_id, user_id, programmatic_access_type, request_access_security_header
user.destroy
A user deleted his or her account, triggering user.async_delete.
Поля
request_id, actor, user, _document_id, created_at, user_agent, user_id, operation_type, actor_id, action, @timestamp, request_access_security_header
user.failed_login
A user tried to sign in with an incorrect username, password, or two-factor authentication code.
Поля
user_id, action, operation_type, request_id, created_at, _document_id, @timestamp, user, org_id, actor, actor_id, user_agent
user.flag_as_large_scale_contributor
A user account was flagged as a large scale contributor. Only contributions from public repositories the user owns will be shown in their contribution graph, in order to prevent timeouts.
Поля
actor, actor_id, operation_type, @timestamp, request_id, user, user_id, action, _document_id, user_agent, created_at
user.forgot_password
A user requested a password reset.
Поля
action, _document_id, user_agent, request_id, user, operation_type, @timestamp, email, created_at, user_id, request_access_security_header
Справочные материалы
/authentication/keeping-your-account-and-data-secure/updating-your-github-access-credentials
user.hide_private_contributions_count
A user changed the visibility of their private contributions. The number of contributions to private repositories on the user's profile are now hidden.
Поля
user_agent, request_id, actor, actor_id, user, user_id, action, _document_id, @timestamp, created_at, operation_type, request_access_security_header
Справочные материалы
/account-and-profile/setting-up-and-managing-your-github-profile/managing-contribution-settings-on-your-profile/showing-your-private-contributions-and-achievements-on-your-profile
user.login
A user signed in.
Поля
user_agent, user_id, actor_id, @timestamp, user, action, operation_type, _document_id, request_id, created_at, actor, passkey_nickname, request_access_security_header
user.logout
A user signed out.
Поля
actor, actor_id, user_agent, request_id, user, user_id, action, _document_id, @timestamp, created_at, operation_type, request_access_security_header
user.minimize_comment
A comment made by a user was minimized.
Поля
user_agent, actor, actor_id, @timestamp, created_at, operation_type, _document_id, user, user_id, action, request_id, token_scopes, programmatic_access_type
user.new_device_used
A user signed in from a new device.
Поля
user, user_id, actor, operation_type, created_at, user_agent, actor_id, action, @timestamp, _document_id, request_id, request_access_security_header
user.promote
An ordinary user account was promoted to a site administrator.
Поля
user_id, action, actor, actor_id, user, @timestamp, created_at, user_agent, oauth_application_id, request_id, operation_type, _document_id, token_scopes, programmatic_access_type, request_access_security_header
user.recreate
A user's account was restored.
Поля
user_agent, user, action, actor_id, @timestamp, _document_id, request_id, user_id, created_at, actor, operation_type
user.remove_email
An email address was removed from a user account.
Поля
user_agent, action, @timestamp, _document_id, request_id, user, user_id, operation_type, actor, actor_id, created_at, email, token_scopes, programmatic_access_type
user.remove_integration_secret
A user secret for Codespaces was deleted.
Поля
actor, actor_id, user_agent, request_id, key, integration, user, user_id, action, _document_id, @timestamp, created_at, operation_type, request_access_security_header
user.remove_large_scale_contributor_flag
A user account was no longer flagged as a large scale contributor.
Поля
user_agent, request_id, actor, actor_id, user, user_id, action, operation_type, @timestamp, created_at, _document_id
user.rename
A username was changed.
Поля
user, action, request_id, actor_id, old_login, created_at, _document_id, actor, user_id, @timestamp, operation_type, user_agent, token_scopes, programmatic_access_type
user.report_content
Triggered when you report an issue or pull request, or a comment on an issue, pull request, or commit.
Поля
org_id, request_id, user, user_agent, action, created_at, actor, operation_type, actor_id, user_id, @timestamp, _document_id
Справочные материалы
/communities/maintaining-your-safety-on-github/reporting-abuse-or-spam
user.reset_password
A user reset their account password.
Поля
actor_id, action, user_agent, user, request_id, user_id, created_at, @timestamp, _document_id, actor, operation_type, request_access_security_header
user.show_private_contributions_count
A user changed the visibility of their private contributions. The number of contributions to private repositories on the user's profile are now shown.
Поля
@timestamp, _document_id, request_id, user_id, action, actor, user, operation_type, user_agent, actor_id, created_at, request_access_security_header
Справочные материалы
/account-and-profile/setting-up-and-managing-your-github-profile/managing-contribution-settings-on-your-profile/showing-your-private-contributions-and-achievements-on-your-profile
user.sign_in_from_unrecognized_device
A user signed in from an unrecognized device.
Поля
request_id, action, _document_id, user_agent, user, user_id, operation_type, created_at, actor, actor_id, @timestamp, request_access_security_header
user.sign_in_from_unrecognized_device_and_location
A user signed in from an unrecognized device and location.
Поля
actor, actor_id, user, user_id, @timestamp, user_agent, created_at, _document_id, request_id, action, operation_type, request_access_security_header
user.sign_in_from_unrecognized_location
A user signed in from an unrecognized location.
Поля
request_id, user_id, action, operation_type, user_agent, user, _document_id, actor, created_at, actor_id, @timestamp, request_access_security_header
user.suspend
A user account was suspended.
Поля
oauth_application_id, operation_type, actor_id, user, user_agent, request_id, actor, created_at, _document_id, @timestamp, user_id, action, token_scopes, programmatic_access_type, request_access_security_header
user.two_factor_challenge_failure
A 2FA challenge issued for a user account failed.
Поля
operation_type, created_at, _document_id, user_agent, user, actor_id, actor, user_id, @timestamp, action, request_id, request_access_security_header
user.two_factor_challenge_success
A 2FA challenge issued for a user account succeeded.
Поля
@timestamp, _document_id, user_id, operation_type, actor_id, user, actor, user_agent, request_id, action, created_at, request_access_security_header
user.two_factor_recover
A user used their 2FA recovery codes.
Поля
user_id, operation_type, user_agent, request_id, user, action, actor, actor_id, created_at, @timestamp, _document_id, request_access_security_header
user.two_factor_recovery_codes_downloaded
A user downloaded 2FA recovery codes for their account.
Поля
user_id, operation_type, actor_id, user, request_id, action, @timestamp, created_at, user_agent, actor, _document_id, request_access_security_header
user.two_factor_recovery_codes_printed
A user printed 2FA recovery codes for their account.
Поля
user, action, operation_type, user_agent, request_id, user_id, created_at, _document_id, actor, actor_id, @timestamp
user.two_factor_recovery_codes_viewed
A user viewed 2FA recovery codes for their account.
Поля
actor_id, user_agent, actor, user_id, action, created_at, user, operation_type, @timestamp, request_id, _document_id, request_access_security_header
user.two_factor_requested
A user was prompted for a two-factor authentication code.
Поля
user, actor_id, action, user_agent, request_id, created_at, _document_id, user_id, operation_type, @timestamp, actor
Справочные материалы
/authentication/securing-your-account-with-two-factor-authentication-2fa/accessing-github-using-two-factor-authentication
user.unblock_user
A user was unblocked by another user.
Поля
actor_id, action, request_id, _document_id, blocked_user, operation_type, actor, @timestamp, user_agent, user_id, user, created_at, request_access_security_header
user.unminimize_comment
A comment made by a user was unminimized.
Поля
@timestamp, user_agent, _document_id, actor_id, user, user_id, operation_type, request_id, actor, action, created_at
user.unsuspend
A user account was unsuspended.
Поля
request_id, _document_id, user, action, user_agent, actor, oauth_application_id, operation_type, actor_id, created_at, @timestamp, user_id, token_scopes, programmatic_access_type, request_access_security_header
user.update_integration_secret
A user secret for Codespaces was updated.
Поля
actor, actor_id, user_agent, request_id, key, visibility, integration, user, user_id, action, _document_id, @timestamp, created_at, operation_type, request_access_security_header

user_email

user_email.confirm_claim
An enterprise managed user claimed an email address.
Поля
actor, actor_id, user_agent, request_id, user, user_id, action, _document_id, @timestamp, created_at, operation_type, business, business_id, actor_is_bot, request_access_security_header

user_status

user_status.destroy
Triggered when you clear the status on your profile.
Поля
org, user_id, actor, message, user, actor_id, created_at, request_id, limited_availability, action, emoji, operation_type, user_agent, @timestamp, _document_id, request_access_security_header
user_status.update
Triggered when you set or change the status on your profile.
Поля
limited_availability, user, action, actor_id, message, user_id, created_at, _document_id, request_id, @timestamp, user_agent, emoji, org, actor, operation_type, token_scopes, programmatic_access_type
Справочные материалы
/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/personalizing-your-profile#setting-a-status

workflows

workflows.approve_workflow_job
A workflow job was approved.
Поля
user_agent, request_id, actor, actor_id, workflow_run_id, run_number, user, user_id, repo, repo_id, business, business_id, action, operation_type, @timestamp, created_at, _document_id, public_repo, token_scopes, programmatic_access_type, request_access_security_header
Справочные материалы
Reviewing deployments
workflows.cancel_workflow_run
A workflow run was cancelled.
Поля
user_agent, request_id, actor, actor_id, created_at, started_at, event, name, workflow_run_id, head_branch, head_sha, run_number, cancelled_at, workflow_id, repo, repo_id, org, org_id, action, operation_type, @timestamp, _document_id, business, business_id, trigger_id, public_repo, programmatic_access_type, request_access_security_header
Справочные материалы
Canceling a workflow run
workflows.completed_workflow_run
A workflow status changed to completed. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.
Поля
user_agent, request_id, actor, actor_id, created_at, started_at, event, name, workflow_run_id, head_branch, head_sha, completed_at, conclusion, run_number, workflow_id, repo, repo_id, org, org_id, action, operation_type, @timestamp, _document_id, business, business_id, trigger_id, run_attempt, programmatic_access_type, actor_is_bot
Справочные материалы
Viewing workflow run history
workflows.created_workflow_run
A workflow run was create. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.
Поля
user_agent, request_id, actor, actor_id, created_at, started_at, event, name, workflow_run_id, head_branch, head_sha, workflow_id, repo, repo_id, org, org_id, action, operation_type, @timestamp, _document_id, business, business_id, trigger_id, public_repo, programmatic_access_type, actor_is_bot, request_access_security_header
Справочные материалы
Understanding GitHub Actions
workflows.delete_workflow_run
A workflow run was deleted.
Поля
user_agent, request_id, actor, actor_id, repo, repo_id, action, operation_type, @timestamp, created_at, _document_id, workflow_run_id, started_at, head_branch, head_sha, trigger_id, programmatic_access_type
Справочные материалы
Deleting a workflow run
workflows.disable_workflow
A workflow was disabled.
Поля
user_agent, request_id, actor, actor_id, repo, repo_id, workflow_id, action, operation_type, @timestamp, created_at, _document_id, public_repo, programmatic_access_type, actor_is_bot, request_access_security_header
workflows.enable_workflow
A workflow was enabled, after previously being disabled by disable_workflow.
Поля
user_agent, request_id, actor, actor_id, repo, repo_id, workflow_id, action, operation_type, @timestamp, created_at, _document_id, public_repo, programmatic_access_type, request_access_security_header
workflows.pin_workflow
A workflow was pinned.
Поля
actor, actor_id, user_agent, request_id, repo, repo_id, public_repo, workflow_id, org, org_id, business, business_id, action, _document_id, @timestamp, created_at, operation_type, actor_is_bot, request_access_security_header
workflows.prepared_workflow_job
A workflow job was started. Includes the list of secrets that were provided to the job. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.
Поля
repo_id, repo, org_id, org, business_id, business, workflow_run_id, job_name, runner_labels, is_hosted_runner, environment_name, secrets_passed, action, _document_id, operation_type, created_at, @timestamp, runner_owner_type, job_workflow_ref, calling_workflow_refs, calling_workflow_shas, imposer_repo
Справочные материалы
Events that trigger workflows
workflows.reject_workflow_job
A workflow job was rejected.
Поля
user_agent, request_id, actor, actor_id, workflow_run_id, run_number, user, user_id, repo, repo_id, action, operation_type, @timestamp, created_at, _document_id, public_repo, programmatic_access_type, request_access_security_header
Справочные материалы
Reviewing deployments
workflows.rerun_workflow_run
A workflow run was re-run.
Поля
user_agent, request_id, actor, actor_id, created_at, started_at, event, name, workflow_run_id, head_branch, head_sha, run_number, workflow_id, repo, repo_id, org, org_id, action, operation_type, @timestamp, _document_id, business, business_id, trigger_id, run_attempt, rerun_type, check_run_id, programmatic_access_type, actor_is_bot
Справочные материалы
Re-running workflows and jobs
workflows.unpin_workflow
A workflow was unpinned after previously being pinned.
Поля
actor, actor_id, user_agent, request_id, repo, repo_id, public_repo, workflow_id, org, org_id, business, business_id, action, _document_id, @timestamp, created_at, operation_type, actor_is_bot, request_access_security_header