Splunk® Supported Add-ons

Splunk Add-on for GitHub

Troubleshoot the Splunk Add-on for GitHub

For helpful troubleshooting tips that you can apply to all add-ons, see Troubleshoot add-ons in Splunk Add-ons. For additional resources, see Support and resource links for add-ons in Splunk Add-ons.

If the add-on fails to collect data, check whether the 'gitops' index is created. Then check whether the log monitoring/forwarding is enabled on the GitHub Enterprise Server with the correct splunk instance IP/host and port information.

If the fields are not extracted check whether SC4S and the Splunk add-on for GitHub are installed correctly.

Issues with Data Collection or Configuration via Modinputs

If you experience issues with data collection or addon configuration via mod inputs, you might be setting permissions incorrectly for the Personal Access Token used to collect data. Refer to Configure inputs using Splunk Add-on for GitHub for instructions to set required permissions for Personal Access Token to collect data.

Use the following search query to further troubleshoot any issues: index=_internal source="*Splunk_TA_github*"

Rate Limit for GitHub Cloud Audit Log API

The GitHub Cloud Audit Log API allows 1750 API calls in an hour and each API call allows 100 records to be fetched If the limit is exhausted, the user would have to wait till the API limit resets

Last modified on 23 July, 2024
Configure GitHub Cloud Audit Log Streaming to send data to Splunk Add-on for GitHub   Lookups for the Splunk Add-on for GitHub

This documentation applies to the following versions of Splunk® Supported Add-ons: released


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters