Audit log streaming will enable customers to stream a high-fidelity set of audit log and git event data to a log collection point of their choosing. This capability will sit alongside our existing audit log and git events APIs and UI.
Intended Outcome
Audit and compliance objectives are increasing in importance to enterprise customers. We want enterprise administrators to be able to use the right tools for the job they need to do, whether that be short term investigation or longer term threat analysis and prevention. With audit log streaming, customers can be assured that no audit log event will be lost, and that they will be able to satisfy longer term data retention goals by storing streamed events within their own log aggregation systems. Administrators will also be able to analyze GitHub audit log data using the SIEM tool of their choosing.
How will it work?
We will support integration within multiple ecosystems including, but not limited to, Splunk and Azure. An enterprise owner will be able to configure a destination domain, port, and token with write authorization to the streaming endpoint. Stream data will be retained by GitHub for at least 7 days when the stream is paused or if otherwise unable to write to the configured location.
The text was updated successfully, but these errors were encountered:
Summary
Audit log streaming will enable customers to stream a high-fidelity set of audit log and git event data to a log collection point of their choosing. This capability will sit alongside our existing audit log and git events APIs and UI.
Intended Outcome
Audit and compliance objectives are increasing in importance to enterprise customers. We want enterprise administrators to be able to use the right tools for the job they need to do, whether that be short term investigation or longer term threat analysis and prevention. With audit log streaming, customers can be assured that no audit log event will be lost, and that they will be able to satisfy longer term data retention goals by storing streamed events within their own log aggregation systems. Administrators will also be able to analyze GitHub audit log data using the SIEM tool of their choosing.
How will it work?
We will support integration within multiple ecosystems including, but not limited to, Splunk and Azure. An
enterprise ownerwill be able to configure a destination domain, port, and token with write authorization to the streaming endpoint. Stream data will be retained by GitHub for at least 7 days when the stream is paused or if otherwise unable to write to the configured location.The text was updated successfully, but these errors were encountered: