Accessing your security log
The security log lists all actions performed within the last 90 days.
-
En la esquina superior derecha de cualquier página, haga clic en la foto del perfil y, luego, en Settings (Configuración).
-
In the user settings sidebar, click Security log.
Searching your security log
El nombre de cada entrada del registro de auditoría se compone del calificador de objeto o categoría action
, seguido de un tipo de operación. Por ejemplo, la entrada repo.create
hace referencia a la operación create
de la categoría repo
.
Cada entrada del registro de auditoría muestra información vigente acerca de un evento, como:
- La empresa u organización en la que se ha realizado una acción
- El usuario (actor) que ha realizado la acción
- El usuario afectado por la acción
- En qué repositorio se realizó una acción
- La acción que se realizó
- En qué país se realizó la acción
- Fecha y hora en que se produjo la acción
Nota que no puedes buscar entradas utilizando texto. Sin embargo, puedes construir consultas de búsqueda utilizando una variedad de filtros. Muchos operadores que se utilizan cuando se consulta el registro, tales como -
, >
o <
, coinciden con el mismo formato de búsqueda en GitHub Enterprise Server. Para obtener más información, vea "Buscar en GitHub."
Búsqueda basada en la operación
Use el calificador operation
para limitar las acciones a tipos específicos de operaciones. Por ejemplo:
operation:access
busca todos los eventos en los que se ha accedido a un recurso.operation:authentication
busca todos los eventos en los que se ha realizado un evento de autenticación.operation:create
busca todos los eventos en los que se ha creado un recurso.operation:modify
busca todos los eventos en los que se ha modificado un recurso existente.operation:remove
busca todos los eventos en los que se ha quitado un recurso existente.operation:restore
busca todos los eventos en los que se ha restaurado un recurso existente.operation:transfer
busca todos los eventos en los que se ha transferido un recurso existente.
Búsqueda basada en el repositorio
Use el calificador repo
para limitar las acciones a un repositorio específico. Por ejemplo:
repo:my-org/our-repo
busca todos los eventos que se han producido para el repositorioour-repo
de la organizaciónmy-org
.repo:my-org/our-repo repo:my-org/another-repo
busca todos los eventos que se han producido para los repositoriosour-repo
yanother-repo
de la organizaciónmy-org
.-repo:my-org/not-this-repo
excluye todos los eventos que se han producido para el repositorionot-this-repo
de la organizaciónmy-org
.
Tenga en cuenta que debe incluir el nombre de la cuenta en el calificador repo
; la búsqueda de solo repo:our-repo
no funcionará.
Búsqueda basada en el usuario
El calificador actor
puede incluir eventos en función de quién haya realizado la acción. Por ejemplo:
actor:octocat
busca todos los eventos realizados poroctocat
.actor:octocat actor:hubot
busca todos los eventos realizados poroctocat
yhubot
.-actor:hubot
excluye todos los eventos realizados porhubot
.
Ten en cuenta que solo puedes utilizar un nombre de usuario GitHub Enterprise Server, no el nombre real de una persona.
Search based on the action performed
The events listed in your security log are triggered by your actions. Actions are grouped into the following categories:
Category name | Description |
---|---|
oauth_access | Contains all activities related to OAuth Apps you've connected with. |
profile_picture | Contains all activities related to your profile picture. |
project | Contains all activities related to project boards. |
public_key | Contains all activities related to your public SSH keys. |
repo | Contains all activities related to the repositories you own. |
team | Contains all activities related to teams you are a part of. |
two_factor_authentication | Contains all activities related to two-factor authentication. |
user | Contains all activities related to your account. |
Security log actions
An overview of some of the most common actions that are recorded as events in the security log.
oauth_authorization
category actions
Action | Description |
---|---|
create | Triggered when you grant access to an OAuth App. |
destroy | Triggered when you revoke an OAuth App's access to your account. |
profile_picture
category actions
Action | Description |
---|---|
update | Triggered when you set or update your profile picture. |
project
category actions
Action | Description |
---|---|
access | Triggered when a project board's visibility is changed. |
create | Triggered when a project board is created. |
rename | Triggered when a project board is renamed. |
update | Triggered when a project board is updated. |
delete | Triggered when a project board is deleted. |
link | Triggered when a repository is linked to a project board. |
unlink | Triggered when a repository is unlinked from a project board. |
update_user_permission | Triggered when an outside collaborator is added to or removed from a project board or has their permission level changed. |
public_key
category actions
Action | Description |
---|---|
create | Triggered when you add a new public SSH key to your account on your GitHub Enterprise Server instance. |
delete | Triggered when you remove a public SSH key to your account on your GitHub Enterprise Server instance. |
repo
category actions
Action | Description |
---|---|
access | Triggered when you a repository you own is switched from "private" to "public" (or vice versa). |
add_member | Triggered when a GitHub Enterprise Server user is given collaboration access to a repository. |
add_topic | Triggered when a repository owner adds a topic to a repository. |
archived | Triggered when a repository owner archives a repository. |
config.disable_anonymous_git_access | Triggered when anonymous Git read access is disabled in a public repository. |
config.enable_anonymous_git_access | Triggered when anonymous Git read access is enabled in a public repository. |
config.lock_anonymous_git_access | Triggered when a repository's anonymous Git read access setting is locked. |
config.unlock_anonymous_git_access | Triggered when a repository's anonymous Git read access setting is unlocked. |
create | Triggered when a new repository is created. |
destroy | Triggered when a repository is deleted. |
remove_member | Triggered when a GitHub Enterprise Server user is removed from a repository as a collaborator. |
remove_topic | Triggered when a repository owner removes a topic from a repository. |
rename | Triggered when a repository is renamed. |
transfer | Triggered when a repository is transferred. |
transfer_start | Triggered when a repository transfer is about to occur. |
unarchived | Triggered when a repository owner unarchives a repository. |
team
category actions
Action | Description |
---|---|
add_member | Triggered when a member of an organization you belong to adds you to a team. |
add_repository | Triggered when a team you are a member of is given control of a repository. |
create | Triggered when a new team in an organization you belong to is created. |
destroy | Triggered when a team you are a member of is deleted from the organization. |
remove_member | Triggered when a member of an organization is removed from a team you are a member of. |
remove_repository | Triggered when a repository is no longer under a team's control. |
two_factor_authentication
category actions
Action | Description |
---|---|
enabled | Triggered when two-factor authentication is enabled. |
disabled | Triggered when two-factor authentication is disabled. |
user
category actions
Action | Description |
---|---|
add_email | Triggered when you add a new email address. |
create | Triggered when you create a new personal account. |
change_password | Triggered when you change your password. |
forgot_password | Triggered when you ask for a password reset. |
hide_private_contributions_count | Triggered when you hide private contributions on your profile. |
login | Triggered when you log in to your GitHub Enterprise Server instance. |
mandatory_message_viewed | Triggered when you view a mandatory message (see "Customizing user messages" for details) |
failed_login | Triggered when you failed to log in successfully. |
remove_email | Triggered when you remove an email address. |
rename | Triggered when you rename your account. |
show_private_contributions_count | Triggered when you publicize private contributions on your profile. |
two_factor_requested | Triggered when GitHub Enterprise Server asks you for your two-factor authentication code. |
user_status
category actions
Action | Description |
---|---|
update | Triggered when you set or change the status on your profile. For more information, see "Setting a status." |
destroy | Triggered when you clear the status on your profile. |