GitHub Enterprise Cloud customers can now join a private beta which allows API request events to be streamed as part of their enterprise audit log.
In this private beta, REST API calls against enterprise private repositories can be streamed to one of GitHub's supported streaming endpoints. Further iterations on this feature are planned to expand the API events captured and make this data available via the audit log API.
Many GitHub users leverage GitHub's APIs to extend and customize their GitHub experience. However, use of APIs can create unique security and operational challenges for Enterprises.
With the introduction of targeted audit log streaming API requests, Enterprise owners are now able to:
- Better understand and analyze API usage targeting their private repositories;
- Identify and diagnose potentially misconfigured applications or integrations;
- Troubleshoot API activity targeting private repositories that may be contributing to API rate limiting; and
- Develop API specific anomaly detection algorithms to identify potentially malicious activity.
Enterprise owners interested in participating in the private beta should reach out to your GitHub account manager or contact our sales team to have this feature enabled for your enterprise. Once enabled, you should begin seeing API request events in your audit log stream. Feedback can be provided at our beta feedback community discussion post.