[#79] - [Feature] Package and send GitHub audit log to a SIEM
The Government of Canada uses SIEM (Security Information and Event Management) technology to analyze audit logs. We need to ensure that the GitHub audit logs can be packaged up, in a well-understood format, for consumption in SIEM tooling.
CHANGES
This PR adds:
A COMPLIANCE.md file outlining all of the compliance features of the toolkit, and how they relate to GH settings and ITSG-33 controls
An action to grab audit logs for all managed organizations, for the previous day
A refactoring of a previous action, to extract common python code
ISSUE
[#79] - [Feature] Package and send GitHub audit log to a SIEM
The Government of Canada uses SIEM (Security Information and Event Management) technology to analyze audit logs. We need to ensure that the GitHub audit logs can be packaged up, in a well-understood format, for consumption in SIEM tooling.
CHANGES
This PR adds:
COMPLIANCE.mdfile outlining all of the compliance features of the toolkit, and how they relate to GH settings and ITSG-33 controls