Splunk modular input plugin to fetch the enterprise audit log from GitHub Enterprise
GitHub Enterprise Audit Log Monitoring
Splunk modular input plugin to fetch the enterprise audit log from GitHub Enterprise
Support for modular inputs in Splunk Enterprise 5.0 and later enables you to add new types of inputs to Splunk Enterprise that are treated as native Splunk Enterprise inputs.
This modular input makes an HTTPS request to the GitHub Enterprise’s Audit Log REST API endpoint at a definable interval to fetch audit log data.
Prerequisites
- Splunk Heavy Forwarder v8.0+
- Python 3.7+
- GitHub Enterprise Cloud
Installation
-
Download the latest release from Splunkbase.
-
On a Splunk heavy forwarder, go to Apps > Manage Apps.
-
On the Apps page, click Install app from file, and upload the SPL file