Related Answers
Download topic as PDF
Configure your GitHub Enterprise server to send data to the Splunk Add-on for GitHub
To let the Splunk Add-on for GitHub collect data from your GitHub Enterprise server, configure your GitHub Enterprise server to forward logs and push it to your Splunk platform installation. For more detailed information, see the GitHub log forwarding documentation.
- On the Management Console page, click Monitoring.
- Select Enable log forwarding.
- For Server address, type the address of the server to which you want to forward logs. You can specify multiple addresses in a comma-separated list.
- In the Protocol menu, select the protocol to use to communicate with the log server, we recommend TCP. The protocol will apply to all specified log destinations.
Collect data in the add-on using GitHub Enterprise
Splunk Connect for Syslog
All production deployments should utilize Splunk Connect For Syslog to forward syslog data into the Splunk platform for GitHub Enterprise data. This solution provides improved simplicity and scalability, among other benefits. For more information, see the Splunk Connect for Syslog manual.
Validate data collection
Once you have configured the input, run this search to check that you are ingesting the correct expected data.
sourcetype=github:enterprise:audit
|
PREVIOUS Install the Splunk Add-on for GitHub |
NEXT Configure GitHub Cloud to send data to the Splunk Add-on for GitHub |
This documentation applies to the following versions of Splunk® Supported Add-ons: released
Feedback submitted, thanks!