Skip to main content
Panther Knowledge Base

Choosing the best method to ingest GitHub audit logs into Panther

  1. Last updated
  2. Save as PDF

QUESTION

When ingesting GitHub audit logs, would I choose to use the newer audit log streaming service that uses AWS S3 or GCS, instead of the method where Panther polls the GitHub API every minute? If I'm already using the latter, why invest the time to set up the former?

ANSWER

If you have GitHub Enterprise Cloud, the streaming option lets you simplify down to one integration/log source that fetches all audit logs for your entire enterprise, while the API puller can only work for one organization per integration.

 

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Page type
    Topic
  2. Tags
    This page has no tags.