Puntos de conexión de API de REST para registros de auditoría de empresa

Usa la API REST para recuperar los registros de auditoría de una empresa.

Estos puntos de conexión solo admiten la autenticación mediante personal access token (classic). Para obtener más información, vea «Administración de tokens de acceso personal».

Get the audit log for an enterprise

Gets the audit log for an enterprise.

This endpoint has a rate limit of 1,750 queries per hour per user and IP address. If your integration receives a rate limit error (typically a 403 or 429 response), it should wait before making another request to the GitHub API. For more information, see "Rate limits for the REST API" and "Best practices for integrators."

The authenticated user must be an enterprise admin to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the read:audit_log scope to use this endpoint.

Tokens de acceso específicos para "Get the audit log for an enterprise"

Este punto de conexión funciona con los siguientes tipos de token pormenorizados:

El token pormenorizado debe tener el siguiente conjunto de permisos:

"Enterprise administration" business permissions (read)

Parámetros para "Get the audit log for an enterprise"

Encabezados
Nombre, Tipo, Descripción
`accept` string Setting to `application/vnd.github+json` is recommended.

Parámetros de la ruta de acceso
Nombre, Tipo, Descripción
`enterprise` string Requerido The slug version of the enterprise name. You can also substitute this value with the enterprise id.

Parámetros de consulta
Nombre, Tipo, Descripción
`phrase` string A search phrase. For more information, see Searching the audit log.
`include` string The event types to include: `web` - returns web (non-Git) events. `git` - returns Git events. `all` - returns both web and Git events. The default is `web`. Puede ser uno de los siguientes: `web`, `git`, `all`
`after` string A cursor, as given in the Link header. If specified, the query only searches for events after this cursor.
`before` string A cursor, as given in the Link header. If specified, the query only searches for events before this cursor.
`order` string The order of audit log events. To list newest events first, specify `desc`. To list oldest events first, specify `asc`. The default is `desc`. Puede ser uno de los siguientes: `desc`, `asc`
`page` integer The page number of the results to fetch. For more information, see "Using pagination in the REST API." Valor predeterminado: `1`
`per_page` integer The number of results per page (max 100). For more information, see "Using pagination in the REST API." Valor predeterminado: `30`

Códigos de estado de respuesta HTTP para "Get the audit log for an enterprise"

status code	Descripción
`200`	OK

Ejemplos de código para "Get the audit log for an enterprise"

If you access GitHub at GHE.com, replace api.github.com with your enterprise's dedicated subdomain at api.SUBDOMAIN.ghe.com.

Ejemplo de solicitud

get/enterprises/{enterprise}/audit-log

curl -L \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer <YOUR-TOKEN>" \
  -H "X-GitHub-Api-Version: 2022-11-28" \
  https://api.github.com/enterprises/ENTERPRISE/audit-log

Response

Status: 200

[
  {
    "@timestamp": 1606929874512,
    "action": "team.add_member",
    "actor": "octocat",
    "created_at": 1606929874512,
    "_document_id": "xJJFlFOhQ6b-5vaAFy9Rjw",
    "org": "octo-corp",
    "team": "octo-corp/example-team",
    "user": "monalisa"
  },
  {
    "@timestamp": 1606507117008,
    "action": "org.create",
    "actor": "octocat",
    "created_at": 1606507117008,
    "_document_id": "Vqvg6kZ4MYqwWRKFDzlMoQ",
    "org": "octocat-test-org"
  },
  {
    "@timestamp": 1605719148837,
    "action": "repo.destroy",
    "actor": "monalisa",
    "created_at": 1605719148837,
    "_document_id": "LwW2vpJZCDS-WUmo9Z-ifw",
    "org": "mona-org",
    "repo": "mona-org/mona-test-repo",
    "visibility": "private"
  }
]