Troubleshoot the Splunk Add-on for GitHub
If the add-on fails to collect data, check whether the 'gitops' index is created. Then check whether the log monitoring/forwarding is enabled on the GitHub Enterprise Server with the correct splunk instance IP/host and port information.
If the fields are not extracted check whether SC4S and the Splunk add-on for GitHub are installed correctly.
Issues with Data Collection or Configuration via Modinputs
If you experiencing issues with data collection or addon configuration via mod inputs, you might be setting permissions incorrectly for the Personal Access Token used to collect data. Refer to Configure inputs using Splunk Add-on for GitHub for instructions to set required permissions for Personal Access Token to collect data.
Use the following search query to further troubleshoot any issues:
Configure GitHub Cloud Audit Log Streaming to send data to Splunk Add-on for GitHub
Lookups for the Splunk Add-on for GitHub
This documentation applies to the following versions of Splunk® Supported Add-ons: released