github
Audit log streaming (Server)
Summary
Audit log streaming enables customers to stream a high-fidelity set of audit log and git event data to a log collection point of their choosing. Customers will be able to stream to Splunk, Azure Event Hub, Amazon S3 and Google Cloud Storage.
Intended Outcome
Audit and compliance objectives are increasing in importance to enterprise customers. We want enterprise administrators to be able to use the right tools for the job they need to do, whether that be short term investigation or longer term threat analysis and prevention. With audit log streaming, customers can be assured that no audit log event will be lost, and that they will be able to satisfy longer term data retention goals by storing streamed events within their own log aggregation systems. Administrators will also be able to analyze GitHub audit log data using the SIEM tool of their choosing.
How will it work?
An enterprise owner will be able to configure a destination domain, port, and token with write authorization to the streaming endpoint. Stream data will be retained by GitHub for at least 7 days when the stream is paused or if otherwise unable to write to the configured location.
