Closed vector-sec closed 1 year ago
Hey @vector-sec - have you installed the Splunk Add-on for GitHub? It's an additional addon which is required to query the GH audit log. It's separate from the GitHub App for Splunk.
No, I had not, sorry for the time waster!
Describe the bug I've installed this add-on from Splunkbase on a 9.0.1 and 9.0.0 environments and in both cases the "GitHub Enterprise Audit Log Monitoring" modular input, as shown in the screenshot in ghe_audit_logs.MD of this repo, is appearing post installation. Am I missing a step?
To Reproduce Steps to reproduce the behavior:
Expected behavior "GitHub Enterprise Audit Log Monitoring" modular input should be listed
Screenshots If applicable, add screenshots to help explain your problem.
Desktop (please complete the following information):
Additional context Add any other context about the problem here.