适用于企业审核日志的 REST API 终结点

这些终结点仅支持使用 personal access token (classic) 进行身份验证。有关详细信息，请参阅“管理个人访问令牌”。

Get the audit log for an enterprise

Gets the audit log for an enterprise.

This endpoint has a rate limit of 1,750 queries per hour per user and IP address. If your integration receives a rate limit error (typically a 403 or 429 response), it should wait before making another request to the GitHub API. For more information, see "Rate limits for the REST API" and "Best practices for integrators."

The authenticated user must be an enterprise admin to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the read:audit_log scope to use this endpoint.

“Get the audit log for an enterprise”的细粒度访问令牌

此端点支持以下精细令牌类型:

精细令牌必须具有以下权限集:

"Enterprise administration" business permissions (read)

“Get the audit log for an enterprise”的参数

标头
名称, 类型, 说明
`accept` string Setting to `application/vnd.github+json` is recommended.

路径参数
名称, 类型, 说明
`enterprise` string 必须 The slug version of the enterprise name. You can also substitute this value with the enterprise id.

查询参数
名称, 类型, 说明
`phrase` string A search phrase. For more information, see Searching the audit log.
`include` string The event types to include: `web` - returns web (non-Git) events. `git` - returns Git events. `all` - returns both web and Git events. The default is `web`. 可以是以下选项之一: `web`, `git`, `all`
`after` string A cursor, as given in the Link header. If specified, the query only searches for events after this cursor.
`before` string A cursor, as given in the Link header. If specified, the query only searches for events before this cursor.
`order` string The order of audit log events. To list newest events first, specify `desc`. To list oldest events first, specify `asc`. The default is `desc`. 可以是以下选项之一: `desc`, `asc`
`page` integer The page number of the results to fetch. For more information, see "Using pagination in the REST API." 默认: `1`
`per_page` integer The number of results per page (max 100). For more information, see "Using pagination in the REST API." 默认: `30`

“Get the audit log for an enterprise”的 HTTP 响应状态代码

状态代码	说明
`200`	OK

“Get the audit log for an enterprise”的示例代码

If you access GitHub at GHE.com, replace api.github.com with your enterprise's dedicated subdomain at api.SUBDOMAIN.ghe.com.

请求示例

get/enterprises/{enterprise}/audit-log

curl -L \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer <YOUR-TOKEN>" \
  -H "X-GitHub-Api-Version: 2022-11-28" \
  https://api.github.com/enterprises/ENTERPRISE/audit-log

Response

Status: 200

[
  {
    "@timestamp": 1606929874512,
    "action": "team.add_member",
    "actor": "octocat",
    "created_at": 1606929874512,
    "_document_id": "xJJFlFOhQ6b-5vaAFy9Rjw",
    "org": "octo-corp",
    "team": "octo-corp/example-team",
    "user": "monalisa"
  },
  {
    "@timestamp": 1606507117008,
    "action": "org.create",
    "actor": "octocat",
    "created_at": 1606507117008,
    "_document_id": "Vqvg6kZ4MYqwWRKFDzlMoQ",
    "org": "octocat-test-org"
  },
  {
    "@timestamp": 1605719148837,
    "action": "repo.destroy",
    "actor": "monalisa",
    "created_at": 1605719148837,
    "_document_id": "LwW2vpJZCDS-WUmo9Z-ifw",
    "org": "mona-org",
    "repo": "mona-org/mona-test-repo",
    "visibility": "private"
  }
]