Skip to main content

GitHub Audit logs

The GitHub audit logs managed log source lets you ingest your GitHub audit logs directly into Matano.

The Github audit log tracks events triggered by activities that affect your GitHub organization. For a complete list of supported events, consult the GitHub audit log documentation.


Use the managed log source by specifying the managed.type property in your log_source as GITHUB_AUDIT.

name: "github_audit"



The GitHub audit logs history managed log source supports a single table containing GitHub audit log data.


S3 (GitHub audit log streaming)

Matano supports ingestion using S3. You can use GitHub's audit log streaming feature to deliver GitHub audit logs to an S3 bucket. Consult the GitHub documentation for more information.


GitHub audit log data is normalized to ECS fields. Custom fields are normalized into the github field. You can view the complete mapping to see the full schema.