Splunk modular input plugin to fetch the enterprise audit log from GitHub Enterprise
Support for modular inputs in Splunk Enterprise 5.0 and later enables you to add new types of inputs to Splunk Enterprise that are treated as native Splunk Enterprise inputs.
This modular input makes an HTTPS request to the GitHub Enterprise’s Audit Log REST API endpoint at a definable interval to fetch audit log data.
These are the required scopes for the personal access token allowing the module to fetch the audit log entries successfully:
Full control of enterprises
Read and write enterprise billing data
Read enterprise profile data
#monitoring #github #logging