Skip to main content

GitHub

Introduction 

The GitHub integration collects events from the GitHub API. 

Logs 

Audit 

The GitHub audit log records all events related to the GitHub organization.  

To use this integration, you must be an organization owner, and you must use an Personal Access Token with the admin:org scope. 

This integration is not compatible with GitHub Enterprise server. 

 

Code Scanning 

The Code Scanning lets you retrieve all security vulnerabilities and coding errors from a repository setup using Github Advanced Security Code Scanning feature.  

To use this integration, GitHub Apps must have the security_events read permission. Or use a personal access token with the security_events scope for private repos or public_repo scope for public repos.  

 

Secret Scanning 

The Github Secret Scanning lets you retrieve secret scanning for advanced security alerts from a repository setup using Github Advanced Security Secret Scanning feature.  

To use this integration, GitHub Apps must have the secret_scanning_alerts read permission. Or you must be an administrator for the repository or for the organization that owns the repository, and you must use a personal access token with the repo scope or security_events scope. For public repositories, you may instead use the public_repo scope.  

 

Dependabot 

The Github Dependabot lets you retrieve known vulnerabilities in dependencies from a repository setup using Github Advanced Security Dependabot feature.  

 

To use this integration, you must be an administrator for the repository or for the organization that owns the repository, and you must use a personal access token with the repo scope or security_events scope. For public repositories, you may instead use the public_repo scope.  

 

Issues 

The Github Issues datastream lets you retrieve github issues, including pull requests, issue assignees, comments, labels, and milestones. See About Issues for more details. You can retrieve issues for specific repository or for entire organization. Since Github API considers pull requests as issues, users can use github.issues.is_pr field to filter for only pull requests.

All issues including closed are retrieved by default. If users want to retrieve only open requests, you need to change State parameter to open. 

To use this integration, users must use Github Apps or Personal Access Token with read permission to repositories or organization. Please refer to Github Apps Permissions Required and Personal Access Token Permissions Required for more details. 

 


AssumptionsGitHub Integration Procedures 


The procedures described in Section 2.1 assumes that a Log Collector has already been setup.   


  1. Compatibility 


This integration is not compatible with GitHub Enterprise server. 

 

 

 

 


  1. GitHub Integration Procedures 


Please provide the following information to CyTech: 

1.Select Settings 

2. Select Developer Settings 

 

 

3. Select token (classic) 

4. Select scope admin:scope 

3.1 Collect GitHub logs via API 


  1. Personal Access Token - the GitHub Personal Access Token. Requires the 'admin:org' scope 

  1. Organization Name - The GitHub organization name/ID 


 

    3.2 GHAS Code Scanning 


  1. Personal Access Token - the GitHub Personal Access Token. Requires the 'public_repo' scope for public repositories and 'security_events' scope for private repositories. \nSee List code scanning alerts for a repository 

  1. Repository owner - The owner of GitHub Repository. If repository belongs to an organization, owner is name of the organization 


 

    3.3 GHAS Dependabot 


  1. Personal Access Token - The GitHub Personal Access Token. \nSee Authenticating with GraphQL 

  1. Repository owner - The owner of GitHub Repository 


 

    3.4 Github Issues 

1. Personal Access Token - the GitHub Personal Access Token. 

2. Repository owner - The owner of GitHub Repository. If repository belongs to an organization, owner is name of the organization.

 

    3.5 GHAS Secret Scanning 

1. Personal Access Token - the GitHub Personal Access Token. Requires admin access to the repository or organization owning the repository along with a personal access token with 'public_repo' scope for public repositories and repo or security_events scope for private repositories. \nSee List secret scanning alerts for a repository 

2. Repository owner - The owner of GitHub Repository 

Back to top