Skip to main content
我们经常发布文档更新,此页面的翻译可能仍在进行中。 有关最新信息,请访问英语文档

Filtering alerts in security overview

Use filters to view specific categories of alerts

谁可以使用此功能

组织所有者和安全管理员可以访问组织级安全概览,还可以通过企业级安全概览跨多个组织查看警报。 企业所有者只能查看添加为组织所有者或安全管理员的组织的存储库和警报。 组织成员可以访问组织级安全概览,以查看他们拥有管理员权限或已被授予安全警报访问权限的存储库的结果。

所有组织和企业都有安全概览。 如果使用 GitHub Advanced Security 功能(对公共存储库免费),你将看到其他信息。 有关详细信息,请参阅“关于 GitHub 高级安全性”。

About filtering security overview

You can use filters in a security overview to narrow your focus based on a range of factors, like alert risk level, alert type, and feature enablement. Different filters are available depending on the specific view and whether you are viewing data at the enterprise or organization level.

安全概览中显示的信息根据你对存储库的访问以及 GitHub Advanced Security 是否由这些存储库使用而有所不同。

Filter by repository

QualifierDescription
repo:REPOSITORY-NAMEDisplays data for the specified repository.

Filter by whether security features are enabled

In the examples below, replace :enabled with :not-enabled to see repositories where security features are not enabled. These qualifiers are available in the main summary views.

QualifierDescription
code-scanning:enabledDisplay repositories that have configured code scanning.
dependabot:enabledDisplay repositories that have enabled Dependabot alerts.
secret-scanning:enabledDisplay repositories that have enabled 机密扫描警报.
any-feature:enabledDisplay repositories where at least one security feature is enabled.

The organization-level "Security coverage" view includes extra filters.

注意:“安全风险”和“安全范围”视图目前为 beta 版本,可能会随时发生更改。

QualifierDescription
advanced-security:enabledDisplay repositories that have enabled GitHub Advanced Security.
code-scanning-pull-request-alerts:enabledDisplay repositories that have configured code scanning to run on pull requests.
dependabot-security-updates:enabledDisplay repositories that have enabled Dependabot security updates.
secret-scanning-push-protection:enabledDisplay repositories that have enabled push protection for secret scanning.

Filter by repository type

These qualifiers are available in the main summary views.

QualifierDescription
is:publicDisplay public repositories.
is:internalDisplay internal repositories.
is:privateDisplay private repositories.
archived:trueDisplay archived repositories.
archived:falseOmit archived repositories.

Filter by level of risk for repositories

The level of risk for a repository is determined by the number and severity of alerts from security features. If one or more security features are not enabled for a repository, the repository will have an unknown level of risk. If a repository has no risks that are detected by security features, the repository will have a clear level of risk.

These qualifiers are available in the enterprise-level view.

QualifierDescription
risk:highDisplay repositories that are at high risk.
risk:mediumDisplay repositories that are at medium risk.
risk:lowDisplay repositories that are at low risk.
risk:unknownDisplay repositories that are at an unknown level of risk.
risk:clearDisplay repositories that have no detected level of risk.

Filter by number of alerts

These qualifiers are available in the enterprise-level "Overview" and in the organization-level "Security risk" view.

QualifierDescription
code-scanning:NUMBERDisplay repositories that have NUMBER code scanning alerts. This qualifier can use =, > and < comparison operators.
secret-scanning:NUMBERDisplay repositories that have NUMBER 机密扫描警报. This qualifier can use =, > and < comparison operators.
dependabot:NUMBERDisplay repositories that have NUMBER Dependabot alerts. This qualifier can use =, > and < comparison operators.

Filter by team

These qualifiers are available in the main summary views.

QualifierDescription
team:TEAM-NAMEDisplays repositories that TEAM-NAME has write access or admin access to.

Filter by topic

These qualifiers are available in the main summary views.

QualifierDescription
topic:TOPIC-NAMEDisplays repositories that are classified with TOPIC-NAME.

Additional filters for code scanning alert views

All code scanning alerts have one of the categories shown below. You can click any result to see full details of the relevant query and the line of code that triggered the alert.

QualifierDescription
severity:criticalDisplays code scanning alerts categorized as critical.
severity:highDisplays code scanning alerts categorized as high.
severity:mediumDisplays code scanning alerts categorized as medium.
severity:lowDisplays code scanning alerts categorized as low.
severity:errorDisplays code scanning alerts categorized as errors.
severity:warningDisplays code scanning alerts categorized as warnings.
severity:noteDisplays code scanning alerts categorized as notes.

Additional filters for Dependabot alert views

You can filter the view to show Dependabot alerts that are ready to fix or where additional information about exposure is available. You can click any result to see full details of the alert.

QualifierDescription
has:patchDisplays Dependabot alerts for vulnerabilities where a secure version is already available.
has:vulnerable-callsDisplays Dependabot alerts where at least one call from the repository to a vulnerable function is detected. For more information, see "查看和更新 Dependabot 警报."

Additional filters for secret scanning alert views

QualifierDescription
provider:PROVIDER_NAMEDisplays alerts for all secrets issues by the specified provider.
secret-type:SERVICE_PROVIDERDisplays alerts for the specified secret and provider.
secret-type:CUSTOM-PATTERNDisplays alerts for secrets matching the specified custom pattern.

For more information, see "机密扫描模式."