GitHub

Download 33
Last updated Oct 5, 2024

Install Guide

Log In With GitHub Enterprise Account

The GitHub Audit Log API is also supported for Organization-level accounts, but in this case the actor IP is not queried. Logpresso recommends using a GitHub Enterprise Cloud account, as audit logs are meaningless if you can't change settings or see the actual IP address from which code was downloaded. GitHub Enterprise Cloud requires annual billing on an invoice basis, so please discuss switching accounts with GitHub Sales.

Your Enterprise Cloud plan is active if Your Enterprises is in the panel menu that appears when you click on your GitHub profile in the top right, as shown below.

Enterprise account

GitHub Enterprise Audit Log Settings

In Settings > Audit log > Settings or https://github.com/enterprises/ENTERPRISE_ID/settings/audit-log/event_settings (where ENTERPRISE_ID is your enterprise account ID), you can Enable source IP disclosure as shown below.

Enable source IP disclosure

Create GitHub Personal Access Token

The GitHub app needs a personal access token to communicate with GitHub.

  1. Click your GitHub profile in the top right corner, and navigate to Settings > Developer Settings > Personal access tokens from the pop-up menu, or by clicking the link.

  2. Click the Generate new token (classic) button.

    Generate GitHub personal access token

  3. On the New personal access token (classic) screen, set the permissions you want to grant to the access token. After granting the permissions, click the Generate token button to generate the token.

    ScopePermission
    reposecurity_events
    admin:orgread:org
    userread:user
    useruser:email
    audit_logread:audit_log
    • Specify the Expiration according to your organization's security policy.

      If your access token expires, the GitHub app will not work properly, so renew your token before it expires.
      
  4. An access token starting with ghp_ is now generated and displayed on the screen. Copy it to the clipboard and keep the key in a safe place.

    GitHub personal access token

Set Up GitHub Connect Profile

Refer to this article to add a connect profile

Add GitHub Connect profile

The following are required fields when setting up a connect profile

  • Name: A unique name to identify the connection profile
  • Identifier: A unique identifier for the connect profile to use in logpresso queries, etc.
  • Type: GitHub
  • Enterprise ID: Github enterprise account ID
  • Personal access token: GitHub personal access token

Set up GitHub Logger

Refer to the this article to add a logger.

GitHub Logger

The following are required fields.

  • Name: A unique name to identify the collector
  • Interval: 5 seconds (default). Change it as needed
  • Storage: Select the appropriate node based on your Logpresso platform configuration
  • Logger Model**: GitHub audit logs
  • Table**: Enter GITHUB
  • Connect profile: The identifier you entered when configuring the connect profile

In addition, you can change the following properties

Now you can activate the logger: go to your dashboard to monitor your GitHub usage.