Skip to main content
 
 
Splunk Lantern

GitHub

 

GitHub is a cloud-based service that helps developers store and manage their code, as well as track and control changes to their code. Audit logs in GitHub allow administrators to track important events and quickly review the actions performed by members of their organization. These actions include:

  • The organization an action was performed in
  • The user (actor) who performed the action
  • The user affected by the action
  • Which repository an action was performed in
  • The action that was performed
  • Which country the action took place in
  • The date and time the action occurred

In the Common Information Model, GitHub data can be mapped to the Authentication and Change data models.

Before looking at documentation for specific data sources, review the Splunk Docs information on general data ingestion: 

Getting data in

Source Add-ons and Apps Guidance
GitHub

Splunk platform

Splunk SOAR

Configuration

Use Cases