Release history for the Splunk Add-on for Github
The latest version of the Splunk Add-on for Github is version 3.1.0. See Release notes for the Splunk Add-on for Github for the release notes of this latest version.
Version 3.0.0
Version 3.0.0 of the Splunk Add-on for GitHub was released on July 23, 2024.
Compatibility
Version 3.0.0 of the Splunk Add-on for GitHub is compatible with the following software, CIM versions, and platforms.
| Splunk platform versions | 9.0.x 9.1.x, 9.2.x |
| CIM | 5.3.2 |
| Platforms | Platform independent |
| Vendor Products | GitHub Enterprise v3.2, v3.13, Github Enterprise Cloud |
New Features
- Added a new modinput to collect Code Scanning Alerts from GitHub Cloud.
- The events collected via new modinput will fall under new sourcetype
github:cloud:code:scanning:alertsand is tagged with Alerts CIM data model
- The events collected via new modinput will fall under new sourcetype
- Added support for the "Start Date" field in GitHub Audit Input
- This will enable the user to start the data collection of Audit logs from a specific date
- Added support for the latest version of GitHub Enterprise Server - v3.13
- Added support of 68 new events in the sourcetype
github:enterprise:auditby providing CIM tagging to the events - The new events are mapped with CIM data models and appropriate CIM fields are extracted
- Added support of 68 new events in the sourcetype
- Updated the data model mapping and CIM fields for many of the events in both the sourcetypes -
github:cloud:audit&github:enterprise:audit- All the events that were earlier mapped to the Change:Auditing_Changes data model are now mapped with Change:All_Changes as the events were better fit with the Change:All_Changes dataset
- The values of the CIM fields like object_category, object_attrs, command, src, src_user, and object are added or updated in the events across the sourcetype
- Verified IPv6 compliance checks for the add-on and enhanced TA functionality accordingly
- Added support of latest CIM version - v5.3.2
- Fixed the security vulnerability found in the urllib3 and certifi libraries by upgrading the libraries to their version from 1.26.18 to 1.26.19 and from 2023.11.17 to 2024.7.4 respectively
Breaking changes
| Sourcetype | vendor_action | Fields | v1 | v2 | ||
|---|---|---|---|---|---|---|
| Added Fields | Modified Fields | Removed Fields | ||||
['github:enterprise:audit']
|
business.add_admin | object, eventtype, change_type, action, tag::eventtype, event_group, object_id, status, object_category, tag | src_user, user | null, null | github-admin, github-admin | |
['github:enterprise:audit']
|
org.async_delete, business.add_organization | object_category, event_group, eventtype, tag, tag::eventtype | organization, change_audit, github_audit_changes, audit, audit | Group Management, change_all, github_all_changes | ||
['github:enterprise:audit']
|
business.update_member_repository_creation_permission, business.advanced_security_policy_update | event_group, eventtype, tag, tag::eventtype | change_audit, github_audit_changes, audit, audit | change_all, github_all_changes | ||
['github:enterprise:audit']
|
business.clear_members_can_create_repos | object_category, event_group, eventtype, tag, tag::eventtype | Policy Management, change_audit, github_audit_changes, audit, audit | Group Management, change_all, github_all_changes | ||
['github:enterprise:audit']
|
business.referrer_override_enable, business.referrer_override_disable | object_category, event_group, eventtype, tag, tag::eventtype | Policy Management, change_audit, github_audit_changes, audit, audit | Other, change_all, github_all_changes | ||
['github:enterprise:audit']
|
business.remove_organization, private_repository_forking.disable, private_repository_forking.enable, org.delete, org.create | object_category, event_group, eventtype, tag, tag::eventtype | organization, change_audit, github_audit_changes, audit, audit | Resource Management, change_all, github_all_changes | ||
['github:enterprise:audit']
|
business.update_default_repository_permission | object, eventtype, change_type, action, tag::eventtype, event_group, object_path, object_id, status, object_category, tag | ||||
['github:enterprise:audit']
|
business.update_terms_of_service | object, eventtype, dvc, change_type, action, tag::eventtype, event_group, dest, src, object_id, status, object_category, tag | ||||
['github:enterprise:audit']
|
config_entry.destroy, config_entry.create, config_entry.update | object_category, event_group, eventtype, tag, tag::eventtype | business, change_audit, github_audit_changes, audit, audit | Other, change_all, github_all_changes | ||
['github:enterprise:audit']
|
discussion_post.destroy | object, eventtype, change_type, action, tag::eventtype, event_group, object_path, object_id, status, object_category, tag | ||||
['github:enterprise:audit']
|
oauth_access.destroy, enterprise.config.disable_anonymous_git_access, email_role.create, enterprise.config.lock_anonymous_git_access, oauth_access.create | object_category, event_group, eventtype, tag, tag::eventtype | user, change_audit, github_audit_changes, audit, audit | Other, change_all, github_all_changes | ||
['github:enterprise:audit']
|
enterprise_domain.approve | object, eventtype, change_type, action, tag::eventtype, event_group, object_path, object_id, status, object_category, tag | ||||
['github:enterprise:audit']
|
enterprise_domain.create | object, eventtype, change_type, action, tag::eventtype, event_group, object_path, object_id, status, object_category, tag | ||||
['github:enterprise:audit']
|
enterprise_domain.destroy | object, eventtype, change_type, action, tag::eventtype, event_group, object_path, object_id, status, object_category, tag | ||||
['github:enterprise:audit']
|
hook.active_changed | object, eventtype, change_type, action, tag::eventtype, event_group, object_path, object_id, status, object_category, tag | ||||
['github:enterprise:audit']
|
hook.config_changed | object_category, event_group, eventtype, tag, tag::eventtype | hook, change_audit, github_audit_changes, audit, audit | Policy Management, change_all, github_all_changes | ||
['github:enterprise:audit']
|
hook.create, hook.destroy, hook.events_changed | object_category, event_group, eventtype, tag, tag::eventtype | hook, change_audit, github_audit_changes, audit, audit | Resource Management, change_all, github_all_changes | ||
['github:enterprise:audit']
|
integration.create | object, eventtype, dvc, change_type, action, tag::eventtype, event_group, command, src, dest, object_id, status, object_category, tag | ||||
['github:enterprise:audit']
|
issue.update, issue.destroy | object_category, event_group, eventtype, tag, tag::eventtype | issue, change_audit, github_audit_changes, audit, audit | Resource Management, change_all, github_all_changes | ||
['github:enterprise:audit']
|
issue_comment.update | object, object_category, event_group, eventtype, tag, tag::eventtype | 1, issue, change_audit, github_audit_changes, audit, audit | https://1.2.3.4/GitHub-Admin/test/issue_comments/1, Resource Management, change_all, github_all_changes | ||
['github:enterprise:audit']
|
lockout.remove | object_category | user | Other | ||
['github:enterprise:audit']
|
management_console.save_settings | object, eventtype, dvc, change_type, action, tag::eventtype, event_group, command, object_path, dest, object_id, user, status, object_category, tag | ||||
['github:enterprise:audit']
|
management_console.user_sign_in | eventtype, dvc, tag::eventtype, action, src_user, event_group, dest, user, object_category, tag | ||||
['github:enterprise:audit']
|
newsletter_preference.create | object, eventtype, change_type, action, tag::eventtype, event_group, object_id, status, object_category, tag | ||||
['github:enterprise:audit']
|
oauth_application.create, oauth_application.transfer, oauth_application.destroy | object_category, event_group, eventtype, tag, tag::eventtype | oauth_application, change_audit, github_audit_changes, audit, audit | Application Management, change_all, github_all_changes | ||
['github:enterprise:audit']
|
oauth_application.remove_client_secret, oauth_application.revoke_all_tokens, oauth_application.generate_client_secret | object_category, event_group, eventtype, tag, tag::eventtype | oauth_application, change_audit, github_audit_changes, audit, audit | Password Management, change_all, github_all_changes | ||
['github:enterprise:audit']
|
oauth_application.revoke_tokens | object_category | oauth_application | Password Management | ||
['github:enterprise:audit']
|
oauth_authorization.destroy, oauth_authorization.create | object_category, event_group, eventtype, tag, tag::eventtype | oauth_application, change_audit, github_audit_changes, audit, audit | Authorization, change_all, github_all_changes | ||
['github:enterprise:audit']
|
org.add_member | object_category | organization | Group Management | ||
['github:enterprise:audit']
|
org.advanced_security_policy_selected_member_enabled, org.enable_member_team_creation_permission, org.update_member_repository_creation_permission | object_category, event_group, eventtype, tag, tag::eventtype | organization, change_audit, github_audit_changes, audit, audit | Policy Management, change_all, github_all_changes | ||
['github:enterprise:audit']
|
org.display_commenter_full_name_enabled | object, eventtype, change_type, action, tag::eventtype, event_group, object_path, object_id, status, object_category, tag | ||||
['github:enterprise:audit']
|
org.set_workflow_permission_can_approve_pr | object, eventtype, change_type, action, tag::eventtype, event_group, object_id, status, object_category, tag | ||||
['github:enterprise:audit']
|
organization_default_label.create | object, eventtype, change_type, action, tag::eventtype, event_group, object_id, status, object_category, tag | ||||
['github:enterprise:audit']
|
personal_access_token.access_granted | object, eventtype, change_type, action, tag::eventtype, event_group, object_id, status, object_category, tag | ||||
['github:enterprise:audit']
|
personal_access_token.access_revoked | object, eventtype, change_type, action, tag::eventtype, event_group, object_id, status, object_category, tag | ||||
['github:enterprise:audit']
|
personal_access_token.create | object, eventtype, change_type, action, tag::eventtype, event_group, object_path, object_id, status, object_category, tag | ||||
['github:enterprise:audit']
|
personal_access_token.credential_regenerated | object, eventtype, change_type, action, tag::eventtype, event_group, object_path, object_id, status, object_category, tag | ||||
['github:enterprise:audit']
|
personal_access_token.destroy | object, eventtype, change_type, action, tag::eventtype, event_group, object_path, object_id, status, object_category, tag | ||||
['github:enterprise:audit']
|
personal_access_token.request_created | object, eventtype, change_type, action, tag::eventtype, event_group, object_path, object_id, status, object_category, tag | ||||
['github:enterprise:audit']
|
project.close, project.update | object, eventtype, change_type, action, tag::eventtype, event_group, object_path, object_id, status, object_category, tag | ||||
['github:enterprise:audit']
|
project_view.create, project.create | object, eventtype, change_type, action, tag::eventtype, event_group, object_id, status, object_category, tag | ||||
['github:enterprise:audit']
|
project_field.create | object, eventtype, change_type, action, tag::eventtype, event_group, object_id, status, object_category, tag | ||||
['github:enterprise:audit']
|
protected_branch.create | object_category, event_group, eventtype, tag, tag::eventtype | branch, change_audit, github_audit_changes, audit, audit | Resource Management, change_all, github_all_changes | ||
['github:enterprise:audit']
|
protected_branch.dismiss_stale_reviews | object, eventtype, change_type, action, tag::eventtype, event_group, object_id, status, object_category, tag | ||||
['github:enterprise:audit']
|
protected_branch.update_admin_enforced, protected_branch.update_linear_history_requirement_enforcement_level, protected_branch.update_signature_requirement_enforcement_level, protected_branch.update_required_status_checks_enforcement_level, protected_branch.update_pull_request_reviews_enforcement_level | object_category, event_group, eventtype, tag, tag::eventtype | branch, change_audit, github_audit_changes, audit, audit | Policy Management, change_all, github_all_changes | ||
['github:enterprise:audit']
|
protected_branch.update_allow_deletions_enforcement_level, protected_branch.update_require_code_owner_review, protected_branch.update_allow_force_pushes_enforcement_level | object, eventtype, change_type, action, tag::eventtype, event_group, object_id, status, object_category, tag | ||||
['github:enterprise:audit']
|
public_key.delete, public_key.create | object_category, event_group, eventtype, tag, tag::eventtype | public_key, change_audit, github_audit_changes, audit, audit | Key Management, change_all, github_all_changes | ||
['github:enterprise:audit']
|
public_key.verify | object_category | ||||
['github:enterprise:audit']
|
pull_request.close, pull_request.reopen, pull_request.merge | object, object_category, event_group, eventtype, tag, tag::eventtype | 2, pull_request, change_audit, github_audit_changes, audit, audit | https://1.2.3.4/GitHub-Admin/test/pull/2, Resource Management, change_all, github_all_changes | ||
['github:enterprise:audit']
|
pull_request.converted_to_draft, pull_request.ready_for_review | object, object_category, event_group, eventtype, tag, tag::eventtype | 5, pull_request, change_audit, github_audit_changes, audit, audit | https://1.2.3.4/GitHub-Admin/test/pull/5, Resource Management, change_all, github_all_changes | ||
['github:enterprise:audit']
|
pull_request.create | object, object_category, event_group, eventtype, tag, tag::eventtype | 1, pull_request, change_audit, github_audit_changes, audit, audit | https://1.2.3.4/GitHub-Admin/test/compare/test2?expand=1, Resource Management, change_all, github_all_changes | ||
['github:enterprise:audit']
|
pull_request_review.submit | object, object_category, event_group, eventtype, tag, tag::eventtype | 2, pull_request, change_audit, github_audit_changes, audit, audit | https://1.2.3.4/GitHub-Admin/test/pull/2/files, Resource Management, change_all, github_all_changes | ||
['github:enterprise:audit']
|
pull_request_review.update | object, eventtype, change_type, action, tag::eventtype, event_group, object_path, object_id, status, object_category, tag | ||||
['github:enterprise:audit']
|
pull_request_review_comment.create | object, eventtype, change_type, action, tag::eventtype, event_group, object_id, status, object_category, tag | ||||
['github:enterprise:audit']
|
pull_request_review_comment.delete | object, eventtype, change_type, action, tag::eventtype, event_group, object_id, status, object_category, tag | ||||
['github:enterprise:audit']
|
pull_request_review_comment.update | object, eventtype, change_type, action, tag::eventtype, event_group, object_id, status, object_category, tag | ||||
['github:enterprise:audit']
|
pull_request_review_thread.create | object, eventtype, change_type, action, tag::eventtype, event_group, object_id, status, object_category, tag | ||||
['github:enterprise:audit']
|
release.destroy | object, eventtype, change_type, action, tag::eventtype, event_group, object_id, status, object_category, tag | ||||
['github:enterprise:audit']
|
repo.access | object, eventtype, change_type, action, tag::eventtype, event_group, object_path, object_id, status, object_category, tag | ||||
['github:enterprise:audit']
|
repo.update_member, repo.add_member | object, eventtype, change_type, action, tag::eventtype, event_group, object_path, object_id, status, object_category, tag | ||||
['github:enterprise:audit']
|
repo.archived, repo.unarchived | object, eventtype, change_type, action, tag::eventtype, event_group, object_id, status, object_category, tag | ||||
['github:enterprise:audit']
|
repo.change_merge_setting | object_category, event_group, eventtype, tag, tag::eventtype | repo, change_audit, github_audit_changes, audit, audit | Policy Management, change_all, github_all_changes | ||
['github:enterprise:audit']
|
repo.create, repository_secret_scanning.disable, repo.destroy, repo.disk_archive | object_category, event_group, eventtype, tag, tag::eventtype | repo, change_audit, github_audit_changes, audit, audit | Resource Management, change_all, github_all_changes | ||
['github:enterprise:audit']
|
repo.remove_member | object, eventtype, change_type, action, tag::eventtype, event_group, object_path, object_id, status, object_category, tag | ||||
['github:enterprise:audit']
|
repo.update_default_branch, repo.rename_branch | object, eventtype, change_type, action, tag::eventtype, event_group, object_id, status, object_category, tag | ||||
['github:enterprise:audit']
|
repo.transfer | object, eventtype, change_type, action, tag::eventtype, event_group, object_path, object_id, status, object_category, tag | ||||
['github:enterprise:audit']
|
repo.transfer_outgoing | object, eventtype, change_type, action, tag::eventtype, event_group, object_id, status, object_category, tag | ||||
['github:enterprise:audit']
|
repository_branch_protection_evaluation.disable | object, eventtype, change_type, action, tag::eventtype, event_group, object_id, status, object_category, tag | ||||
['github:enterprise:audit']
|
repository_projects_change.disable, repository_projects_change.enable | object, eventtype, change_type, action, tag::eventtype, event_group, object_path, object_id, status, object_category, tag | ||||
['github:enterprise:audit']
|
repository_ruleset.create | object, eventtype, change_type, action, tag::eventtype, event_group, object_id, status, object_category, tag | ||||
['github:enterprise:audit']
|
repository_ruleset.destroy | object, eventtype, change_type, action, tag::eventtype, event_group, object_id, status, object_category, tag | ||||
['github:enterprise:audit']
|
repository_ruleset.update | object, eventtype, change_type, action, tag::eventtype, event_group, object_id, status, object_category, tag | ||||
['github:enterprise:audit']
|
role.create | object, eventtype, dvc, change_type, action, tag::eventtype, event_group, command, dest, status, object_category, tag | ||||
['github:enterprise:audit']
|
staff.minimize_comment | object, eventtype, change_type, action, tag::eventtype, event_group, object_id, status, object_category, tag | ||||
['github:enterprise:audit']
|
staff.repo_lock, staff.repo_unlock | object, eventtype, change_type, action, tag::eventtype, event_group, status, object_category, tag | ||||
['github:enterprise:audit']
|
staff.view_audit_log | object, eventtype, change_type, action, tag::eventtype, event_group, status, object_category, tag | ||||
['github:enterprise:audit']
|
staff.view_site_admins | object, eventtype, change_type, action, tag::eventtype, event_group, status, object_category, tag | ||||
['github:enterprise:audit']
|
team.add_member | object, eventtype, change_type, action, tag::eventtype, event_group, object_path, object_id, status, object_category, tag | ||||
['github:enterprise:audit']
|
team.remove_repository, team.update_repository_permission, team.add_repository | object, eventtype, change_type, action, tag::eventtype, event_group, object_id, status, object_category, tag | ||||
['github:enterprise:audit']
|
team.create | object, eventtype, change_type, action, tag::eventtype, event_group, object_id, status, object_category, tag | ||||
['github:enterprise:audit']
|
team_discussions.enable, team_discussions.disable | object, eventtype, change_type, action, tag::eventtype, event_group, status, object_category, tag | ||||
['github:enterprise:audit']
|
user.delete, user.async_delete, user.create | object_category | user | User Management | ||
['github:enterprise:audit']
|
user.failed_login | object_category | ||||
['github:enterprise:audit']
|
user.login | object_category | ||||
['github:enterprise:audit']
|
user.mandatory_message_viewed | object, eventtype, change_type, action, tag::eventtype, event_group, status, object_category, tag | ||||
['github:enterprise:audit']
|
user.minimize_comment | object, eventtype, change_type, action, tag::eventtype, event_group, object_id, status, object_category, tag | ||||
['github:enterprise:audit']
|
user.reset_password | object_category, event_group, eventtype, tag, tag::eventtype | user, change_all, github_all_changes, , | Password Management, change_account, github_account_changes, account, account | ||
['github:enterprise:audit']
|
user_default_label.destroy | object_category, event_group, eventtype, tag, tag::eventtype | user_default_label, change_audit, github_audit_changes, audit, audit | Other, change_all, github_all_changes | ||
['github:enterprise:audit']
|
vulnerability_alert_rule.create | object, eventtype, dvc, change_type, action, tag::eventtype, event_group, command, dest, object_id, status, object_category, tag | ||||
| Sourcetype | vendor_action | Fields | v1 | v2 | ||
|---|---|---|---|---|---|---|
| Added Fields | Modified Fields | Removed Fields | ||||
['github:cloud:audit']
|
business.advanced_security_policy_update | src_user | object_attrs | advanced_security_policy_update | business.advanced_security_policy_update | |
['github:cloud:audit']
|
business.clear_members_can_create_repos | src_user | object_attrs | clear_members_can_create_repos | business.clear_members_can_create_repos | |
['github:cloud:audit']
|
business.disable_two_factor_requirement | src_user | object_attrs | disable_two_factor_requirement | business.disable_two_factor_requirement | |
['github:cloud:audit']
|
business.enable_two_factor_requirement | src_user | object_attrs | enable_two_factor_requirement | business.enable_two_factor_requirement | |
['github:cloud:audit']
|
business.remove_member | src_user | object_attrs | remove_member | business.remove_member | |
['github:cloud:audit']
|
business.set_actions_fork_pr_approvals_policy | src_user | object_attrs | set_actions_fork_pr_approvals_policy | business.set_actions_fork_pr_approvals_policy | |
['github:cloud:audit']
|
business.set_actions_retention_limit | src_user | event_group, object_attrs, eventtype, tag, tag::eventtype | change_audit, set_actions_retention_limit, github_audit_changes, audit, audit | change_all, business.set_actions_retention_limit, github_all_changes | |
['github:cloud:audit']
|
business.set_fork_pr_workflows_policy | src_user | event_group, object_attrs, eventtype, tag, tag::eventtype | change_audit, set_fork_pr_workflows_policy, github_audit_changes, audit, audit | change_all, business.set_fork_pr_workflows_policy, github_all_changes | |
['github:cloud:audit']
|
business.update_actions_settings | src_user | object_attrs | update_actions_settings | business.update_actions_settings | |
['github:cloud:audit']
|
business.update_member_repository_creation_permission | src_user | object_attrs | update_member_repository_creation_permission | business.update_member_repository_creation_permission | |
['github:cloud:audit']
|
business.update_member_repository_invitation_permission | src_user | object_attrs | update_member_repository_invitation_permission | business.update_member_repository_invitation_permission | |
['github:cloud:audit']
|
business_secret_scanning_custom_pattern.create | src_user | object_attrs | business_secret_scanning_custom_pattern | business_secret_scanning_custom_pattern.create | |
['github:cloud:audit']
|
business_secret_scanning_custom_pattern.delete | src_user | object_attrs | business_secret_scanning_custom_pattern | business_secret_scanning_custom_pattern.delete | |
['github:cloud:audit']
|
business_secret_scanning_custom_pattern.update | src_user | object_attrs | business_secret_scanning_custom_pattern | business_secret_scanning_custom_pattern.update | |
['github:cloud:audit']
|
git.clone | object_attrs | ||||
['github:cloud:audit']
|
git.fetch | object_attrs, src_user | ||||
['github:cloud:audit']
|
git.push | object_attrs, src_user | ||||
['github:cloud:audit']
|
hook.create | object_attrs, src_user | ||||
['github:cloud:audit']
|
integration_installation.repositories_added | src_user | object_attrs | integration_installation | integration_installation.repositories_added | |
['github:cloud:audit']
|
issues.deletes_disabled | src_user | object_attrs | deletes_disabled | issues.deletes_disabled | |
['github:cloud:audit']
|
issues.deletes_enabled | src_user | object_attrs | deletes_enabled | issues.deletes_enabled | |
['github:cloud:audit']
|
issues.deletes_policy_cleared | src_user | event_group, object_attrs, eventtype, tag, tag::eventtype | change_audit, deletes_policy_cleared, github_audit_changes, audit, audit | change_all, issues.deletes_policy_cleared, github_all_changes | |
['github:cloud:audit']
|
members_can_delete_repos.clear | src_user | object_attrs | members_can_delete_repos | members_can_delete_repos.clear | |
['github:cloud:audit']
|
members_can_delete_repos.disable | src_user | object_attrs | members_can_delete_repos | members_can_delete_repos.disable | |
['github:cloud:audit']
|
members_can_delete_repos.enable | src_user | object_attrs | members_can_delete_repos | members_can_delete_repos.enable | |
['github:cloud:audit']
|
members_can_view_dependency_insights.clear | src_user | object_attrs | members_can_view_dependency_insights | members_can_view_dependency_insights.clear | |
['github:cloud:audit']
|
members_can_view_dependency_insights.disable | src_user | object_attrs | members_can_view_dependency_insights | members_can_view_dependency_insights.disable | |
['github:cloud:audit']
|
members_can_view_dependency_insights.enable | src_user | object_attrs | members_can_view_dependency_insights | members_can_view_dependency_insights.enable | |
['github:cloud:audit']
|
org.accept_business_invitation | src, src_user | object_attrs | accept_business_invitation | org.accept_business_invitation | |
['github:cloud:audit']
|
org.add_member | src | object_attrs | add_member | org.add_member | |
['github:cloud:audit']
|
org.advanced_security_disabled_for_new_repos | src, src_user | object_attrs | advanced_security_disabled_for_new_repos | org.advanced_security_disabled_for_new_repos | |
['github:cloud:audit']
|
org.advanced_security_disabled_on_all_repos | src, src_user | object_attrs | advanced_security_disabled_on_all_repos | org.advanced_security_disabled_on_all_repos | |
['github:cloud:audit']
|
org.advanced_security_enabled_for_new_repos | src, src_user | object_attrs | advanced_security_enabled_for_new_repos | org.advanced_security_enabled_for_new_repos | |
['github:cloud:audit']
|
org.advanced_security_enabled_on_all_repos | src, src_user | object_attrs | advanced_security_enabled_on_all_repos | org.advanced_security_enabled_on_all_repos | |
['github:cloud:audit']
|
org.advanced_security_policy_selected_member_disabled | src, src_user | object_attrs | advanced_security_policy_selected_member_disabled | org.advanced_security_policy_selected_member_disabled | |
['github:cloud:audit']
|
org.advanced_security_policy_selected_member_enabled | src, src_user | object_attrs | advanced_security_policy_selected_member_enabled | org.advanced_security_policy_selected_member_enabled | |
['github:cloud:audit']
|
org.allow_third_party_access_requests_from_outside_collaborators_disabled | src_user | object_attrs | allow_third_party_access_requests_from_outside_collaborators_disabled | org.allow_third_party_access_requests_from_outside_collaborators_disabled | |
['github:cloud:audit']
|
org.allow_third_party_access_requests_from_outside_collaborators_enabled | src_user | object_attrs | allow_third_party_access_requests_from_outside_collaborators_enabled | org.allow_third_party_access_requests_from_outside_collaborators_enabled | |
['github:cloud:audit']
|
org.block_user | src | object_attrs | block_user | org.block_user | |
['github:cloud:audit']
|
org.cancel_business_invitation | src, src_user | object_attrs | cancel_business_invitation | org.cancel_business_invitation | |
['github:cloud:audit']
|
org.cancel_invitation | src, src_user | object_attrs | cancel_invitation | org.cancel_invitation | |
['github:cloud:audit']
|
org.config.disable_collaborators_only | src, src_user | object_attrs | config.disable_collaborators_only | org.config.disable_collaborators_only | |
['github:cloud:audit']
|
org.config.disable_contributors_only | src, src_user | object_attrs | config.disable_contributors_only | org.config.disable_contributors_only | |
['github:cloud:audit']
|
org.config.disable_sockpuppet_disallowed | src, src_user | object_attrs | config.disable_sockpuppet_disallowed | org.config.disable_sockpuppet_disallowed | |
['github:cloud:audit']
|
org.config.enable_collaborators_only | src, src_user | object_attrs | config.enable_collaborators_only | org.config.enable_collaborators_only | |
['github:cloud:audit']
|
org.config.enable_contributors_only | src, src_user | object_attrs | config.enable_contributors_only | org.config.enable_contributors_only | |
['github:cloud:audit']
|
org.config.enable_sockpuppet_disallowed | src, src_user | object_attrs | config.enable_sockpuppet_disallowed | org.config.enable_sockpuppet_disallowed | |
['github:cloud:audit']
|
org.confirm_business_invitation | src, src_user | object_attrs | confirm_business_invitation | org.confirm_business_invitation | |
['github:cloud:audit']
|
org.create | src, object_attrs, src_user | ||||
['github:cloud:audit']
|
org.create_actions_secret | src, src_user | object_attrs | create_actions_secret | org.create_actions_secret | |
['github:cloud:audit']
|
org.create_integration_secret | src, src_user | object_attrs | create_integration_secret | org.create_integration_secret | |
['github:cloud:audit']
|
org.disable_member_team_creation_permission | src, src_user | object_attrs | disable_member_team_creation_permission | org.disable_member_team_creation_permission | |
['github:cloud:audit']
|
org.disable_oauth_app_restrictions | src, src_user | object_attrs | disable_oauth_app_restrictions | org.disable_oauth_app_restrictions | |
['github:cloud:audit']
|
org.disable_reader_discussion_creation_permission | src, src_user | object_attrs | disable_reader_discussion_creation_permission | org.disable_reader_discussion_creation_permission | |
['github:cloud:audit']
|
org.disable_saml | src_user | object_attrs | disable_saml | org.disable_saml | |
['github:cloud:audit']
|
org.disable_two_factor_requirement | src, src_user | object_attrs | disable_two_factor_requirement | org.disable_two_factor_requirement | |
['github:cloud:audit']
|
org.display_commenter_full_name_disabled | src, src_user | object_attrs | display_commenter_full_name_disabled | org.display_commenter_full_name_disabled | |
['github:cloud:audit']
|
org.display_commenter_full_name_enabled | src, src_user | object_attrs | display_commenter_full_name_enabled | org.display_commenter_full_name_enabled | |
['github:cloud:audit']
|
org.enable_member_team_creation_permission | src, src_user | object_attrs | enable_member_team_creation_permission | org.enable_member_team_creation_permission | |
['github:cloud:audit']
|
org.enable_oauth_app_restrictions | src, src_user | object_attrs | enable_oauth_app_restrictions | org.enable_oauth_app_restrictions | |
['github:cloud:audit']
|
org.enable_reader_discussion_creation_permission | src, src_user | object_attrs | enable_reader_discussion_creation_permission | org.enable_reader_discussion_creation_permission | |
['github:cloud:audit']
|
org.enable_saml | src_user | object_attrs | enable_saml | org.enable_saml | |
['github:cloud:audit']
|
org.enable_two_factor_requirement | src, src_user | object_attrs | enable_two_factor_requirement | org.enable_two_factor_requirement | |
['github:cloud:audit']
|
org.integration_manager_added | src | object_attrs | integration_manager_added | org.integration_manager_added | |
['github:cloud:audit']
|
org.integration_manager_removed | src | object_attrs | integration_manager_removed | org.integration_manager_removed | |
['github:cloud:audit']
|
org.invite_member | src | object_attrs | invite_member | org.invite_member | |
['github:cloud:audit']
|
org.oauth_app_access_approved | src | object_attrs | oauth_app_access_approved | org.oauth_app_access_approved | |
['github:cloud:audit']
|
org.oauth_app_access_denied | src, src_user | object_attrs | oauth_app_access_denied | org.oauth_app_access_denied | |
['github:cloud:audit']
|
org.remove_actions_secret | src, src_user | object_attrs | remove_actions_secret | org.remove_actions_secret | |
['github:cloud:audit']
|
org.remove_integration_secret | src, src_user | object_attrs | remove_integration_secret | org.remove_integration_secret | |
['github:cloud:audit']
|
org.remove_member | src | object_attrs | remove_member | org.remove_member | |
['github:cloud:audit']
|
org.remove_outside_collaborator | src | object_attrs | remove_outside_collaborator | org.remove_outside_collaborator | |
['github:cloud:audit']
|
org.rename | src, object_attrs, src_user | ||||
['github:cloud:audit']
|
org.restore_member | object_attrs | restore_member | org.restore_member | ||
['github:cloud:audit']
|
org.runner_group_created | src, src_user | object_attrs | runner_group_created | org.runner_group_created | |
['github:cloud:audit']
|
org.runner_group_removed | src, src_user | object_attrs | runner_group_removed | org.runner_group_removed | |
['github:cloud:audit']
|
org.runner_group_updated | src, src_user | object_attrs | runner_group_updated | org.runner_group_updated | |
['github:cloud:audit']
|
org.secret_scanning_custom_pattern_push_protection_disabled | src, src_user | object_attrs | secret_scanning_custom_pattern_push_protection_disabled | org.secret_scanning_custom_pattern_push_protection_disabled | |
['github:cloud:audit']
|
org.secret_scanning_custom_pattern_push_protection_enabled | src, src_user | object_attrs | secret_scanning_custom_pattern_push_protection_enabled | org.secret_scanning_custom_pattern_push_protection_enabled | |
['github:cloud:audit']
|
org.secret_scanning_push_protection_custom_message_disabled | src, src_user | object_attrs | secret_scanning_push_protection_custom_message_disabled | org.secret_scanning_push_protection_custom_message_disabled | |
['github:cloud:audit']
|
org.secret_scanning_push_protection_custom_message_enabled | src, src_user | object_attrs | secret_scanning_push_protection_custom_message_enabled | org.secret_scanning_push_protection_custom_message_enabled | |
['github:cloud:audit']
|
org.secret_scanning_push_protection_disable | src, src_user | object_attrs | secret_scanning_push_protection_disable | org.secret_scanning_push_protection_disable | |
['github:cloud:audit']
|
org.secret_scanning_push_protection_enable | src, src_user | object_attrs | secret_scanning_push_protection_enable | org.secret_scanning_push_protection_enable | |
['github:cloud:audit']
|
org.secret_scanning_push_protection_new_repos_enable | src, src_user | object_attrs | secret_scanning_push_protection_new_repos_enable | org.secret_scanning_push_protection_new_repos_enable | |
['github:cloud:audit']
|
org.set_actions_fork_pr_approvals_policy | src, src_user | object_attrs | set_actions_fork_pr_approvals_policy | org.set_actions_fork_pr_approvals_policy | |
['github:cloud:audit']
|
org.set_actions_retention_limit | src, src_user | object_attrs | set_actions_retention_limit | org.set_actions_retention_limit | |
['github:cloud:audit']
|
org.set_default_workflow_permissions | src, src_user | object_attrs | set_default_workflow_permissions | org.set_default_workflow_permissions | |
['github:cloud:audit']
|
org.set_workflow_permission_can_approve_pr | src, src_user | object_attrs | set_workflow_permission_can_approve_pr | org.set_workflow_permission_can_approve_pr | |
['github:cloud:audit']
|
org.unblock_user | src | object_attrs | unblock_user | org.unblock_user | |
['github:cloud:audit']
|
org.update_actions_secret | src, src_user | object_attrs | update_actions_secret | org.update_actions_secret | |
['github:cloud:audit']
|
org.update_actions_settings | src, src_user | object_attrs | update_actions_settings | org.update_actions_settings | |
['github:cloud:audit']
|
org.update_default_repository_permission | src, src_user | object_attrs | update_default_repository_permission | org.update_default_repository_permission | |
['github:cloud:audit']
|
org.update_integration_secret | src, src_user | object_attrs | update_integration_secret | org.update_integration_secret | |
['github:cloud:audit']
|
org.update_member | src | object_attrs | update_member | org.update_member | |
['github:cloud:audit']
|
org.update_member_repository_creation_permission | src, src_user | object_attrs | update_member_repository_creation_permission | org.update_member_repository_creation_permission | |
['github:cloud:audit']
|
org.update_member_repository_invitation_permission | src, src_user | object_attrs | update_member_repository_invitation_permission | org.update_member_repository_invitation_permission | |
['github:cloud:audit']
|
org.update_new_repository_default_branch_setting | src, src_user | object_attrs | update_new_repository_default_branch_setting | org.update_new_repository_default_branch_setting | |
['github:cloud:audit']
|
org.update_saml_provider_settings | src_user | object_attrs | update_saml_provider_settings | org.update_saml_provider_settings | |
['github:cloud:audit']
|
org.update_terms_of_service | src, src_user | object_attrs | update_terms_of_service | org.update_terms_of_service | |
['github:cloud:audit']
|
org_credential_authorization.deauthorize | src_user | object_attrs | org_credential_authorization | org_credential_authorization.deauthorize | |
['github:cloud:audit']
|
org_credential_authorization.grant | src_user | object_attrs | org_credential_authorization | org_credential_authorization.grant | |
['github:cloud:audit']
|
organization_projects_change.clear | src_user | object_attrs | organization_projects_change | organization_projects_change.clear | |
['github:cloud:audit']
|
organization_projects_change.disable | src_user | object_attrs | organization_projects_change | organization_projects_change.disable | |
['github:cloud:audit']
|
organization_projects_change.enable | src_user | object_attrs | organization_projects_change | organization_projects_change.enable | |
['github:cloud:audit']
|
private_repository_forking.clear | src_user | object_attrs | private_repository_forking | private_repository_forking.clear | |
['github:cloud:audit']
|
private_repository_forking.disable | src_user | object_attrs | private_repository_forking | private_repository_forking.disable | |
['github:cloud:audit']
|
private_repository_forking.enable | src_user | object_attrs | private_repository_forking | private_repository_forking.enable | |
['github:cloud:audit']
|
pull_request.close | object_attrs, src_user | ||||
['github:cloud:audit']
|
pull_request.create | object_attrs, src_user | ||||
['github:cloud:audit']
|
pull_request.create_review_request | object_attrs, src_user | ||||
['github:cloud:audit']
|
pull_request.merge | object_attrs, src_user | ||||
['github:cloud:audit']
|
pull_request.ready_for_review | object_attrs, src_user | ||||
['github:cloud:audit']
|
pull_request.reopen | object_attrs, src_user | ||||
['github:cloud:audit']
|
repo.access | object_attrs, src_user | ||||
['github:cloud:audit']
|
repo.actions_enabled | src_user | object_attrs | actions_enabled | repo.actions_enabled | |
['github:cloud:audit']
|
repo.add_member | object_attrs | add_member | repo.add_member | ||
['github:cloud:audit']
|
repo.add_topic | src, src_user | object_attrs | add_topic | repo.add_topic | |
['github:cloud:audit']
|
repo.advanced_security_disabled | src, src_user | object_attrs | advanced_security_disabled | repo.advanced_security_disabled | |
['github:cloud:audit']
|
repo.advanced_security_enabled | src, src_user | object_attrs | advanced_security_enabled | repo.advanced_security_enabled | |
['github:cloud:audit']
|
repo.archived | src, object_attrs, src_user | ||||
['github:cloud:audit']
|
repo.change_merge_setting | src_user | object_attrs | change_merge_setting | repo.change_merge_setting | |
['github:cloud:audit']
|
repo.code_scanning_analysis_deleted | src, src_user | object_attrs | code_scanning_analysis_deleted | repo.code_scanning_analysis_deleted | |
['github:cloud:audit']
|
repo.code_scanning_configuration_for_branch_deleted | src, src_user | object_attrs | code_scanning_configuration_for_branch_deleted | repo.code_scanning_configuration_for_branch_deleted | |
['github:cloud:audit']
|
repo.codeql_enabled | src, src_user | object_attrs | codeql_enabled | repo.codeql_enabled | |
['github:cloud:audit']
|
repo.config.disable_collaborators_only | src_user | object_attrs | config.disable_collaborators_only | repo.config.disable_collaborators_only | |
['github:cloud:audit']
|
repo.config.disable_contributors_only | src_user | object_attrs | config.disable_contributors_only | repo.config.disable_contributors_only | |
['github:cloud:audit']
|
repo.config.disable_sockpuppet_disallowed | src_user | object_attrs | config.disable_sockpuppet_disallowed | repo.config.disable_sockpuppet_disallowed | |
['github:cloud:audit']
|
repo.config.enable_collaborators_only | src_user | object_attrs | config.enable_collaborators_only | repo.config.enable_collaborators_only | |
['github:cloud:audit']
|
repo.config.enable_contributors_only | src_user | object_attrs | config.enable_contributors_only | repo.config.enable_contributors_only | |
['github:cloud:audit']
|
repo.config.enable_sockpuppet_disallowed | src_user | object_attrs | config.enable_sockpuppet_disallowed | repo.config.enable_sockpuppet_disallowed | |
['github:cloud:audit']
|
repo.create | object_attrs, src_user | ||||
['github:cloud:audit']
|
repo.create_actions_secret | src_user | object_attrs | create_actions_secret | repo.create_actions_secret | |
['github:cloud:audit']
|
repo.create_integration_secret | src_user | object_attrs | create_integration_secret | repo.create_integration_secret | |
['github:cloud:audit']
|
repo.destroy | object_attrs, src_user | ||||
['github:cloud:audit']
|
repo.pages_cname | src_user | object_attrs | pages_cname | repo.pages_cname | |
['github:cloud:audit']
|
repo.pages_create | src_user | object_attrs | pages_create | repo.pages_create | |
['github:cloud:audit']
|
repo.pages_destroy | src_user | object_attrs | pages_destroy | repo.pages_destroy | |
['github:cloud:audit']
|
repo.pages_https_redirect_disabled | src_user | object_attrs | pages_https_redirect_disabled | repo.pages_https_redirect_disabled | |
['github:cloud:audit']
|
repo.pages_https_redirect_enabled | src_user | object_attrs | pages_https_redirect_enabled | repo.pages_https_redirect_enabled | |
['github:cloud:audit']
|
repo.pages_private | src, src_user | object_attrs | pages_private | repo.pages_private | |
['github:cloud:audit']
|
repo.pages_public | src_user | object_attrs | pages_public | repo.pages_public | |
['github:cloud:audit']
|
repo.pages_source | src_user | object_attrs | pages_source | repo.pages_source | |
['github:cloud:audit']
|
repo.register_self_hosted_runner | src_user | object_attrs | register_self_hosted_runner | repo.register_self_hosted_runner | |
['github:cloud:audit']
|
repo.remove_actions_secret | src, src_user | object_attrs | remove_actions_secret | repo.remove_actions_secret | |
['github:cloud:audit']
|
repo.remove_integration_secret | src, src_user | object_attrs | remove_integration_secret | repo.remove_integration_secret | |
['github:cloud:audit']
|
repo.remove_member | src | object_attrs | remove_member | repo.remove_member | |
['github:cloud:audit']
|
repo.remove_self_hosted_runner | src, src_user | object_attrs | remove_self_hosted_runner | repo.remove_self_hosted_runner | |
['github:cloud:audit']
|
repo.remove_topic | src, src_user | object_attrs | remove_topic | repo.remove_topic | |
['github:cloud:audit']
|
repo.rename | src, object_attrs, src_user | ||||
['github:cloud:audit']
|
repo.self_hosted_runner_offline | object_attrs | self_hosted_runner_offline | repo.self_hosted_runner_offline | ||
['github:cloud:audit']
|
repo.self_hosted_runner_online | object_attrs | self_hosted_runner_online | repo.self_hosted_runner_online | ||
['github:cloud:audit']
|
repo.set_actions_fork_pr_approvals_policy | src_user | object_attrs | set_actions_fork_pr_approvals_policy | repo.set_actions_fork_pr_approvals_policy | |
['github:cloud:audit']
|
repo.set_actions_retention_limit | src_user | object_attrs | set_actions_retention_limit | repo.set_actions_retention_limit | |
['github:cloud:audit']
|
repo.transfer | object_attrs, src_user | ||||
['github:cloud:audit']
|
repo.transfer_outgoing | src_user | object_attrs | transfer_outgoing | repo.transfer_outgoing | |
['github:cloud:audit']
|
repo.unarchived | src, object_attrs, src_user | ||||
['github:cloud:audit']
|
repo.update_actions_secret | src_user | object_attrs | update_actions_secret | repo.update_actions_secret | |
['github:cloud:audit']
|
repo.update_actions_settings | src, src_user | object_attrs | update_actions_settings | repo.update_actions_settings | |
['github:cloud:audit']
|
repo.update_default_branch | src_user | object_attrs | update_default_branch | repo.update_default_branch | |
['github:cloud:audit']
|
repo.update_integration_secret | src_user | object_attrs | update_integration_secret | repo.update_integration_secret | |
['github:cloud:audit']
|
repo.update_member | src | object_attrs | update_member | repo.update_member | |
['github:cloud:audit']
|
repository_dependency_graph.enable | src_user | object_attrs | repository_dependency_graph | repository_dependency_graph.enable | |
['github:cloud:audit']
|
repository_projects_change.clear | src_user | object_attrs | repository_projects_change | repository_projects_change.clear | |
['github:cloud:audit']
|
repository_projects_change.disable | src_user | object_attrs | repository_projects_change | repository_projects_change.disable | |
['github:cloud:audit']
|
repository_projects_change.enable | src_user | object_attrs | repository_projects_change | repository_projects_change.enable | |
['github:cloud:audit']
|
repository_secret_scanning.enable | src_user | object_attrs | repository_secret_scanning | repository_secret_scanning.enable | |
['github:cloud:audit']
|
repository_secret_scanning_push_protection.disable | src_user | object_attrs | repository_secret_scanning_push_protection | repository_secret_scanning_push_protection.disable | |
['github:cloud:audit']
|
repository_visibility_change.clear | src_user | object_attrs | repository_visibility_change | repository_visibility_change.clear | |
['github:cloud:audit']
|
repository_visibility_change.disable | src_user | object_attrs | repository_visibility_change | repository_visibility_change.disable | |
['github:cloud:audit']
|
repository_visibility_change.enable | src_user | object_attrs | repository_visibility_change | repository_visibility_change.enable | |
['github:cloud:audit']
|
repository_vulnerability_alert.create | object_attrs, src_user | ||||
['github:cloud:audit']
|
repository_vulnerability_alert.reopen | object_attrs, src_user | ||||
['github:cloud:audit']
|
repository_vulnerability_alerts.enable | src_user | event_group, object_attrs, eventtype, tag, tag::eventtype | change_audit, repository_vulnerability_alerts, github_audit_changes, audit, audit | change_all, repository_vulnerability_alerts.enable, github_all_changes | |
['github:cloud:audit']
|
team.add_member | object_attrs | add_member | team.add_member | ||
['github:cloud:audit']
|
team.add_repository | src_user | object_attrs | add_repository | team.add_repository | |
['github:cloud:audit']
|
team.change_parent_team | src, src_user | object_attrs | change_parent_team | team.change_parent_team | |
['github:cloud:audit']
|
team.change_privacy | src, src_user | object_attrs | change_privacy | team.change_privacy | |
['github:cloud:audit']
|
team.create | src, object_attrs, src_user | ||||
['github:cloud:audit']
|
team.demote_maintainer | src | object_attrs | demote_maintainer | team.demote_maintainer | |
['github:cloud:audit']
|
team.destroy | src, object_attrs, src_user | ||||
['github:cloud:audit']
|
team.promote_maintainer | src | object_attrs | promote_maintainer | team.promote_maintainer | |
['github:cloud:audit']
|
team.remove_member | src | object_attrs | remove_member | team.remove_member | |
['github:cloud:audit']
|
team.remove_repository | src_user | object_attrs | remove_repository | team.remove_repository | |
['github:cloud:audit']
|
team.rename | src, object_attrs, src_user | ||||
['github:cloud:audit']
|
team.update_repository_permission | src, src_user | object_attrs | update_repository_permission | team.update_repository_permission | |
['github:cloud:audit']
|
team_discussions.clear | src_user | object_attrs | team_discussions | team_discussions.clear | |
['github:cloud:audit']
|
team_discussions.disable | src_user | object_attrs | team_discussions | team_discussions.disable | |
['github:cloud:audit']
|
team_discussions.enable | src_user | object_attrs | team_discussions | team_discussions.enable | |
['github:cloud:audit']
|
workflows.completed_workflow_run | src_user | event_group, object_attrs, eventtype, tag, tag::eventtype | change_audit, workflow_run, github_audit_changes, audit, audit | change_all, workflows.completed_workflow_run, github_all_changes | |
['github:cloud:audit']
|
workflows.created_workflow_run | src_user | event_group, object_attrs, eventtype, tag, tag::eventtype | change_audit, workflow_run, github_audit_changes, audit, audit | change_all, workflows.created_workflow_run, github_all_changes | |
['github:cloud:audit']
|
workflows.enable_workflow | src_user | object_attrs | enable_workflow | workflows.enable_workflow | |
['github:cloud:audit']
|
workflows.prepared_workflow_job | event_group, object_attrs, eventtype, tag, tag::eventtype | change_audit, workflow_job, github_audit_changes, audit, audit | change_all, workflows.prepared_workflow_job, github_all_changes | ||
Fixed issues
Version 3.0.0 of the Splunk Add-on for GitHub has the following fixed issues:
Known issues
Version 3.0.0 of the Splunk Add-on for GitHub has the following reported known issues. If no issues appear below, no issues have yet been reported:
Third-party libraries
The Splunk Add-on for GitHub version 3.0.0 uses the following third-party libraries:
Third-party libraries for Splunk Add-on for GitHub version 3.0.0
Version 2.2.1
Version 2.2.1 of the Splunk Add-on for GitHub was released on December 11, 2023.
Compatibility
Version 2.2.1 of the Splunk Add-on for GitHub is compatible with the following software, CIM versions, and platforms.
| Splunk platform versions | 8.1.x, 8.2.x, 9.0.x |
| CIM | 5.1.1 |
| Platforms | Platform independent |
| Vendor Products | GitHub Enterprise v3.2, Github Enterprise Cloud |
New Features
Fixed a security vulnerability found in the Splunk Add-on for GitHub library by upgrading its version from 1.37.2 to 1.38.0
Fixed issues
Version 2.2.1 of the Splunk Add-on for GitHub has the following fixed issues:
Known issues
Version 2.2.1 of the Splunk Add-on for GitHub has the following reported known issues. If no issues appear below, no issues have yet been reported:
Third-party libraries
The Splunk Add-on for GitHub version 2.2.1 uses the following third-party libraries:
Third-party libraries for Splunk Add-on for GitHub version 2.2.1
Version 2.2.0
Version 2.2.0 of the Splunk Add-on for GitHub was released on July 5, 2023.
Compatibility
Version 2.2.0 of the Splunk Add-on for GitHub is compatible with the following software, CIM versions, and platforms.
| Splunk platform versions | 8.1.x, 8.2.x, 9.0.x |
| CIM | 5.1.1 |
| Platforms | Platform independent |
| Vendor Products | GitHub Enterprise v3.2, Github Enterprise Cloud |
New Features
- Provided support of GitHub Cloud Audit events with category
org,repo, andteamin sourcetypegithub:cloud:audit. - Provided support of GitHub Enterprise Cloud Audit log streaming in sourcetype
github:cloud:auditof the add-on. - Made "Account Type" field uneditable while editing a GitHub Cloud Audit Input to avoid data collection gaps.
Fixed issues
Version 2.2.0 of the Splunk Add-on for GitHub has the following fixed issues:
Known issues
Version 2.2.0 of the Splunk Add-on for GitHub has the following reported known issues. If no issues appear below, no issues have yet been reported:
Third-party libraries
The Splunk Add-on for GitHub version 2.2.0 uses the following third-party libraries:
Third-party libraries for Splunk Add-on for GitHub version 2.2.1
Version 2.1.1
Version 2.1.1 of the Splunk Add-on for GitHub was released on March 2, 2023.
Compatibility
Version 2.1.1 of the Splunk Add-on for GitHub is compatible with the following software, CIM versions, and platforms.
| Splunk platform versions | 8.1.x, 8.2.x, 9.0.x |
| CIM | 5.0.1 |
| Platforms | Platform independent |
| Vendor Products | GitHub Enterprise v3.2, Github Enterprise Cloud |
New Features
There are no new features in this release.There are certain bug fixes mentioned in the below section.
Fixed issues
Version 2.1.1 of the Splunk Add-on for GitHub has the following fixed issues:
- Fixed validation issues for GitHub Cloud Audit Input.
- Upgraded the third-party certifi library to version 2022.12.7
- Fixed a security vulnerability found in the certifi library.
Known issues
Version 2.1.1 of the Splunk Add-on for GitHub has the following reported known issues. If no issues appear below, no issues have yet been reported:
Third-party libraries
The Splunk Add-on for GitHub version 2.1.1 uses the following third-party libraries:
Third-party libraries for Splunk Add-on for GitHub version 2.1.1
Version 2.1.0
Version 2.1.0 of the Splunk Add-on for GitHub was released on October 9, 2022.
Compatibility
Version 2.1.0 of the Splunk Add-on for GitHub is compatible with the following software, CIM versions, and platforms.
| Splunk platform versions | 8.1.x, 8.2.x, 9.0.x |
| CIM | 5.0.1 |
| Platforms | Platform independent |
| Vendor Products | GitHub Enterprise v3.2, Github Enterprise Cloud |
New Features
There are no new feature in this release.
Fixed issues
Version 2.1.0 of the Splunk Add-on for GitHub has the following fixed issues:
- Fixed the checkpoint mechanism for both Audit and User inputs.
- Enhanced input configuration validations for a better user experience.
- Added a retry mechanism for user data collection in case of server errors.
Known issues
Version 2.1.0 of the Splunk Add-on for GitHub has the following reported known issues. If no issues appear below, no issues have yet been reported:
Third-party libraries
The Splunk Add-on for GitHub version 2.1.0 uses the following third-party libraries:
Third-party libraries for Splunk Add-on for GitHub version 2.1.0
Version 2.0.0
Version 2.0.0 of the Splunk Add-on for GitHub was released on May 27, 2022.
Compatibility
Version 2.0.0 of the Splunk Add-on for GitHub is compatible with the following software, CIM versions, and platforms.
| Splunk platform versions | 8.1.x, 8.2.x |
| CIM | 5.0.1 |
| Platforms | Platform independent |
| Vendor Products | GitHub Enterprise v3.2, Github Enterprise Cloud |
New Features
- Integrated the support of data collection from the GitHub Enterprise Cloud.
- Added the add-on UI components for Configuration and Inputs.
- Added support to fetch audit logs for Organization and Enterprise account types.
- Added support to fetch user metadata events from GitHub Cloud via modular inputs.
- Added proxy and logging support in data collection.
- Added compatibility with the latest CIM version 5.1.0 for the newly collected events from GitHub Cloud.
Fixed issues
Version 2.0.0 of the Splunk Add-on for GitHub has the following fixed issues:
Known issues
Version 2.0.0 of the Splunk Add-on for GitHub has the following reported known issues. If no issues appear below, no issues have yet been reported:
Version 1.0.0
Version 1.0.0 of the Splunk Add-on for GitHub was released on December 27, 2021.
Compatibility
Version 1.0.0 of the Splunk Add-on for GitHub is compatible with the following software, CIM versions, and platforms.
| Splunk platform versions | 8.0.x, 8.1.x, 8.2.x |
| CIM | 4.20.2 |
| Platforms | Platform independent |
| Vendor Products | GitHub Enterprise v3.2 |
New Features
- Provides support for audit logs of GitHub Enterprise Server (GHES) for version v3.2.
- Collects GitHub Enterprise audited actions logs using GitHub's Log Forwarding feature on the specified Splunk server with Splunk connect for Syslog (SC4S).
- SC4S assigns
github:enterprise:auditsourcetype to all events and the logs are collected in thegitopsindex.
- Added CIM mapping & extractions from scratch for the latest CIM compatible version 4.20.2.
Known issues
Version 1.0.0 of the Splunk Add-on for GitHub has the following reported known issues. If no issues appear below, no issues have yet been reported:
Last modified on 29 October, 2024
| Release notes for the Splunk Add-on for GitHub |
This documentation applies to the following versions of Splunk® Supported Add-ons: released
Download manual
Feedback submitted, thanks!