If you're having trouble at any stage please contact us at email@example.com.
GitHub is a version control system delivered either on your server (aka GitHub Enterprise) or in the cloud as a service.
SkyFormation for GitHub connector allows you to get and retain full audit of activities in your GitHub system (either GitHub Enterprise or in the cloud) in your SIEM/Log system of choice.
What is it
SkyFormation Connector for GitHub, is part of the SkyFormation Connectors module. It continuously ingests audit events from your GitHub system, unify the events into a common application events format, enrich the events with needed detection context and send the events to any existing SIEM/SOC system.
How it works
SkyFormation Connector for GitHub retrieves the events from the GitHub system through its APIs. Before sending the events to the existing SIEM/SOC system the connector will
- Unify the events into the SkyFormation unified application events format
- Embed the origin event into the SkyFormation event (no data lose)
- Complement the event with missing security context
- Encode the resulted event into a standard format as CEF
- Send the event to the existing SIEM/SOC system over syslog
GitHub Audit Sources & Events Supported
|Audit Source (API)||Service/
|Event Types||Events included|
Using the GitHub timeline API
Events supported by GitHub timeline APIs
Events as repository/branch/tag created/deleted. Push to repository and more.
The following table shows which type of repositories will be discovered: