This version of GitHub Enterprise will be discontinued on This version of GitHub Enterprise was discontinued on 2020-05-23. No patch releases will be made, even for critical security issues. For better performance, improved security, and new features, upgrade to the latest version of GitHub Enterprise. For help with the upgrade, contact GitHub Enterprise support.

Article version: Enterprise Server 2.17

Audited actions

You can search the audit log for a wide variety of actions.

Authentication

NameDescription
oauth_access.createAn OAuth access token was generated for a user account.
oauth_access.destroyAn OAuth access token was deleted from a user account.
oauth_application.destroyAn OAuth application was deleted from a user or organization account.
oauth_application.reset_secretAn OAuth application's secret key was reset.
oauth_application.transferAn OAuth application was transferred from one user or organization account to another.
public_key.createAn SSH key was added to a user account or a deploy key was added to a repository.
public_key.deleteAn SSH key was removed from a user account or a deploy key was removed from a repository.
public_key.updateA user account's SSH key or a repository's deploy key was updated.
two_factor_authentication.enabledTwo-factor authentication was enabled for a user account.
two_factor_authentication.disabledTwo-factor authentication was disabled for a user account.

Hooks

NameDescription
hook.createA new hook was added to a repository.
hook.config_changedA hook's configuration was changed.
hook.destroyA hook was deleted.
hook.events_changedA hook's configured events were changed.

Instance configuration settings

NameDescription
business.update_member_repository_creation_permissionA site admin restricts repository creation in organizations on the instance. For more information, see "Restricting repository creation in your instance."
business.clear_members_can_create_reposA site admin clears a restriction on repository creation in organizations on the instance. For more information, see "Restricting repository creation in your instance."
enterprise.config.lock_anonymous_git_accessA site admin locks anonymous Git read access to prevent repository admins from changing existing anonymous Git read access settings for repositories on the instance. For more information, see "Preventing users from changing anonymous Git read access."
enterprise.config.unlock_anonymous_git_accessA site admin unlocks anonymous Git read access to allow repository admins to change existing anonymous Git read access settings for repositories on the instance. For more information, see "Preventing users from changing anonymous Git read access."

Issues and pull requests

NameDescription
issue.updateAn issue's body text (initial comment) changed.
issue_comment.updateA comment on an issue (other than the initial one) changed.
pull_request_review_comment.deleteA comment on a pull request was deleted.
issue.destroyAn issue was deleted from the repository. For more information, see "Deleting an issue."

Organizations

NameDescription
org.async_deleteA user initiated a background job to delete an organization.
org.deleteAn organization was deleted by a user-initiated background job.
org.transformA user account was converted into an organization. For more information, see Converting a user into an organization.

Protected branches

NameDescription
protected_branch.create Branch protection is enabled on a branch.
protected_branch.destroyBranch protection is disabled on a branch.
protected_branch.update_admin_enforced Branch protection is enforced for repository administrators.
protected_branch.update_require_code_owner_review Enforcement of required Code Owner review is updated on a branch.
protected_branch.dismiss_stale_reviews Enforcement of dismissing stale pull requests is updated on a branch.
protected_branch.update_signature_requirement_enforcement_level Enforcement of required commit signing is updated on a branch.
protected_branch.update_pull_request_reviews_enforcement_level Enforcement of required pull request reviews is updated on a branch.
protected_branch.update_required_status_checks_enforcement_level Enforcement of required status checks is updated on a branch.
protected_branch.rejected_ref_update A branch update attempt is rejected.
protected_branch.policy_override A branch protection requirement is overridden by a repository administrator.

Repositories

NameDescription
repo.accessA private repository was made public, or a public repository was made private.
repo.archiveA repository was archived. For more information, see Archiving and unarchiving repositories.
repo.add_memberA collaborator was added to a repository.
repo.configA site admin blocked force pushes. For more information, see Blocking force pushes to a repository to a repository.
repo.createA repository was created.
repo.destroyA repository was deleted.
repo.remove_memberA collaborator was removed from a repository.
repo.renameA repository was renamed.
repo.transferA user accepted a request to receive a transferred repository.
repo.transfer_startA user sent a request to transfer a repository to another user or organization.
repo.unarchiveA repository was unarchived. For more information, see Archiving and unarchiving repositories.
repo.config.disable_anonymous_git_accessAnonymous Git read access is disabled for a public repository. For more information, see "Enabling anonymous Git read access for a repository."
repo.config.enable_anonymous_git_accessAnonymous Git read access is enabled for a public repository. For more information, see "Enabling anonymous Git read access for a repository."
repo.config.lock_anonymous_git_accessA repository's anonymous Git read access setting is locked, preventing repository administrators from changing (enabling or disabling) this setting. For more information, see "Preventing users from changing anonymous Git read access."
repo.config.unlock_anonymous_git_accessA repository's anonymous Git read access setting is unlocked, allowing repository administrators to change (enable or disable) this setting. For more information, see "Preventing users from changing anonymous Git read access."

Site admin tools

NameDescription
staff.disable_repoA site admin disabled access to a repository and all of its forks.
staff.enable_repoA site admin re-enabled access to a repository and all of its forks.
staff.fake_loginA site admin signed into GitHub Enterprise as another user.
staff.repo_unlockA site admin unlocked (temporarily gained full access to) one of a user's private repositories.
staff.unlockA site admin unlocked (temporarily gained full access to) all of a user's private repositories.

Teams

NameDescription
team.createA user account or repository was added to a team.
team.deleteA user account or repository was removed from a team.
team.destroyA team was deleted.

Users

NameDescription
user.add_emailAn email address was added to a user account.
user.async_deleteAn asynchronous job was started to destroy a user account, eventually triggering user.delete.
user.change_passwordA user changed his or her password.
user.createA new user account was created.
user.deleteA user account was destroyed by an asynchronous job.
user.demoteA site admin was demoted to an ordinary user account.
user.destroyA user deleted his or her account, triggering user.async_delete.
user.failed_loginA user tried to sign in with an incorrect username, password, or two-factor authentication code.
user.forgot_passwordA user requested a password reset via the sign-in page.
user.loginA user signed in.
user.promoteAn ordinary user account was promoted to a site admin.
user.remove_emailAn email address was removed from a user account.
user.renameA username was changed.
user.suspendA user account was suspended by a site admin.
user.two_factor_requestedA user was prompted for a two-factor authentication code.
user.unsuspendA user account was unsuspended by a site admin.

Ask a human

Can't find what you're looking for?

Contact us