diff --git a/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/audit-log-events-for-your-enterprise.md b/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/audit-log-events-for-your-enterprise.md index 6f812473d7..3a3ecfbd44 100644 --- a/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/audit-log-events-for-your-enterprise.md +++ b/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/audit-log-events-for-your-enterprise.md @@ -311,6 +311,21 @@ Action | Description | `config_entry.update` | A configuration setting was edited. These events are only visible in the site admin audit log. The type of events recorded relate to:
- Enterprise settings and policies
- Organization and repository permissions and settings
- Git, Git LFS, {% data variables.product.prodname_github_connect %}, {% data variables.product.prodname_registry %}, project, and code security settings. {%- endif %} +## `copilot` category actions + +| Action | Description +|--------|-------------{% ifversion ghec %} +|`copilot.cfb_enterprise_settings_changed`| Settings for {% data variables.product.prodname_copilot_business_short %} were changed at the enterprise level. +|`copilot.cfb_enterprise_org_enablement_changed` | The {% data variables.product.prodname_copilot_business_short %} enablement policy changed at the enterprise level or for an organization within the enterprise. +|`copilot.clickwrap_save_event`|The {% data variables.product.prodname_copilot %} Product Specific Terms were accepted.{% endif %} +|`copilot.cfb_org_settings_changed`| Settings for {% data variables.product.prodname_copilot_business_short %} were changed at the organization level. +|`cfb_seat_assignment_reused`| A seat assignment was created for a user who already had a seat with no pending cancellation date. +|`cfb_seat_assignment_refreshed`| A seat assignment that was already pending cancellation was created, revoking the cancellation. +|`cfb_seat_assignment_created`| A seat was assigned to a user with no other active seat assignment. +|`cfb_seat_assignment_unassigned`| A seat was unassigned from a user. +|`copilot.cfb_seat_cancelled_by_staff`| A seat was cancelled from the {% data variables.product.prodname_copilot_business_short %} subscription manually by GitHub staff. +|`copilot.cfb_seat_management_changed`| The seat management setting was changed for the {% data variables.product.prodname_copilot_business_short %} subscription. + ## `dependabot_alerts` category actions | Action | Description diff --git a/content/authentication/keeping-your-account-and-data-secure/reviewing-your-security-log.md b/content/authentication/keeping-your-account-and-data-secure/reviewing-your-security-log.md index f7d1ea471e..9e6226cc18 100644 --- a/content/authentication/keeping-your-account-and-data-secure/reviewing-your-security-log.md +++ b/content/authentication/keeping-your-account-and-data-secure/reviewing-your-security-log.md @@ -35,6 +35,7 @@ The events listed in your security log are triggered by your actions. Actions ar |------------------|-------------------{% ifversion fpt or ghec %} | `billing` | Contains all activities related to your billing information. | `codespaces` | Contains all activities related to {% data variables.product.prodname_github_codespaces %}. For more information, see "[AUTOTITLE](/codespaces/overview)." +| `copilot` | Contains all activities related to {% data variables.product.prodname_copilot_business_short %}. For more information, see "[AUTOTITLE](/copilot/overview-of-github-copilot)." | `marketplace_agreement_signature` | Contains all activities related to signing the {% data variables.product.prodname_marketplace %} Developer Agreement. | `marketplace_listing`| Contains all activities related to listing apps in {% data variables.product.prodname_marketplace %}.{% endif %}{% ifversion security-log-oauth-access-tokens %} | `oauth_access` | Contains all activities related to OAuth access tokens.{% endif %} diff --git a/content/authentication/keeping-your-account-and-data-secure/security-log-events.md b/content/authentication/keeping-your-account-and-data-secure/security-log-events.md index b676172d90..a368337da2 100644 --- a/content/authentication/keeping-your-account-and-data-secure/security-log-events.md +++ b/content/authentication/keeping-your-account-and-data-secure/security-log-events.md @@ -36,6 +36,16 @@ topics: | `manage_access_and_security` | Triggered when you update [the repositories a codespace has access to](/codespaces/managing-codespaces-for-your-organization/managing-repository-access-for-your-organizations-codespaces). | `trusted_repositories_access_update` | Triggered when you change your personal account's [access and security setting for {% data variables.product.prodname_codespaces %}](/codespaces/managing-codespaces-for-your-organization/managing-repository-access-for-your-organizations-codespaces). +## `copilot` category actions + +| Action | Description +|------------------|------------------- +|`cfb_seat_assignment_reused`| Triggered when you are assigned a seat through {% data variables.product.prodname_copilot_business_short %}, while you already have a seat with no pending cancellation date. +|`cfb_seat_assignment_refreshed`| Triggered when you are assigned a seat through {% data variables.product.prodname_copilot_business_short %}, while your current seat assignment is pending cancellation, causing the cancellation to be revoked. +|`cfb_seat_assignment_created`| Triggered when you are assigned a seat through {% data variables.product.prodname_copilot_business_short %}, while you have no other active seat assignment. For more information, see "[AUTOTITLE](/copilot/overview-of-github-copilot/about-github-copilot-for-business)." +|`cfb_seat_assignment_unassigned`| Triggered when you are unassigned a seat through {% data variables.product.prodname_copilot_business_short %}. +|`copilot.cfb_seat_cancelled_by_staff`| Triggered when you are unassigned a seat through {% data variables.product.prodname_copilot_business_short %} manually by GitHub staff. + ## `marketplace_agreement_signature` category actions | Action | Description diff --git a/content/copilot/managing-copilot-for-business/index.md b/content/copilot/managing-copilot-for-business/index.md index e30c617f33..81e5d65eac 100644 --- a/content/copilot/managing-copilot-for-business/index.md +++ b/content/copilot/managing-copilot-for-business/index.md @@ -9,7 +9,8 @@ versions: topics: - Copilot children: + - /reviewing-your-organization-or-enterprises-audit-logs-for-copilot-for-business - /managing-access-for-copilot-for-business-in-your-organization - /managing-policies-for-copilot-for-business-in-your-organization - /enabling-and-setting-up-github-copilot-for-business ---- \ No newline at end of file +--- diff --git a/content/copilot/managing-copilot-for-business/reviewing-your-organization-or-enterprises-audit-logs-for-copilot-for-business.md b/content/copilot/managing-copilot-for-business/reviewing-your-organization-or-enterprises-audit-logs-for-copilot-for-business.md new file mode 100644 index 0000000000..c4069a5b9d --- /dev/null +++ b/content/copilot/managing-copilot-for-business/reviewing-your-organization-or-enterprises-audit-logs-for-copilot-for-business.md @@ -0,0 +1,49 @@ +--- +title: Reviewing your organization{% ifversion ghec%} or enterprise{% endif %}'s audit logs for Copilot for Business +intro: 'Review the audit logs for your {% data variables.product.prodname_copilot_business_short %} subscription to understand what actions have been taken and by which users.' +allowTitleToDifferFromFilename: true +versions: + feature: copilot +product: '{% data reusables.gated-features.copilot-audit-logs %}' +permissions: 'Organization{% ifversion ghec %} and enterprise{% endif %} owners can interact with the audit log.' +topics: + - Copilot +shortTitle: Audit logs +--- + +## About audit logs for {% data variables.product.prodname_copilot_business_short %} + +Audit logs for {% data variables.product.prodname_copilot_business_short %} can help you understand what actions have been taken and by whom. You can use the audit logs to review actions taken by users in your organization{% ifversion ghec %} or enterprise{% endif %}, such as changes to an organization's {% data variables.product.prodname_copilot_short %} settings and policies, or the addition or removal of seats from your {% data variables.product.prodname_copilot_business_short %} subscription. The audit log lists events related to your {% data variables.product.prodname_copilot_business_short %} subscription for the current month and previous six months. For more information, see{% ifversion ghec %} "[AUTOTITLE](/enterprise-cloud@latest/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/about-the-audit-log-for-your-enterprise)" or{% endif %} "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization)." + +## Viewing your organization{%- ifversion ghec %} or enterprise{% endif %}'s audit logs +{%- ifversion ghec %} +### Viewing your enterprise's audit logs + +{% data reusables.enterprise-accounts.access-enterprise %} +{% data reusables.enterprise-accounts.settings-tab %} +{% data reusables.enterprise-accounts.audit-log-tab %} + +### Viewing your organization's audit logs{% endif %} + +{% data reusables.profile.access_org %} +{% data reusables.profile.org_settings %} +{% data reusables.audit_log.audit_log_sidebar_for_org_admins %} + +## Audit log events for {% data variables.product.prodname_copilot_business_short %} + +You can search for any of the {% data variables.product.prodname_copilot %} audit log events using the `action` qualifier, and the `copilot` category. For example, `action:copilot.cfb_seat_assignment_created`. Alternatively, you can review all of the {% data variables.product.prodname_copilot %} audit log events for your organization{% ifversion ghec %} or enterprise{% endif %} by searching for `action:copilot`. + +| Action | Description +|------------------|-------------------{% ifversion ghec %} +|`cfb_enterprise_settings_changed`| Settings for {% data variables.product.prodname_copilot_business_short %} were changed at the enterprise level. +|`copilot.cfb_enterprise_org_enablement_changed` | The {% data variables.product.prodname_copilot_business_short %} enablement policy changed at the enterprise level or for an organization within the enterprise. +|`clickwrap_save_event`| The {% data variables.product.prodname_copilot %} Product Specific Terms were accepted.{% endif %} +|`cfb_org_settings_changed`| Settings for {% data variables.product.prodname_copilot_business_short %} were changed at the organization level. +|`copilot.cfb_seat_cancelled_by_staff`| A seat was cancelled from the {% data variables.product.prodname_copilot_business_short %} subscription manually by GitHub staff. +|`cfb_seat_management_changed`| The seat management setting was changed for the {% data variables.product.prodname_copilot_business_short %} subscription. +|`cfb_seat_assignment_reused`| A seat assignment was created for a user who already had a seat with no pending cancellation date. +|`cfb_seat_assignment_refreshed`| A seat assignment that was already pending cancellation was created, revoking the cancellation. +|`cfb_seat_assignment_created`| A seat was assigned to a user with no other active seat assignment. +|`cfb_seat_assignment_unassigned`| A seat was unassigned from a user. +|`editor_chat_setting`| Confirms the status of the editor chat setting. Possible values: `enabled`, `disabled`, `unconfigured`{% ifversion ghec %} `no policy`{% endif %}. +|`code_referencing_setting`| Confirms the status of the code referencing setting. Possible values: `enabled`, `disabled`, `unconfigured`{% ifversion ghec %} `no policy`{% endif %}. diff --git a/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md b/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md index b3c77df623..2ec5f25a35 100644 --- a/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md +++ b/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md @@ -42,6 +42,7 @@ To search for specific events, use the `action` qualifier in your query. Actions | `billing` | Contains all activities related to your organization's billing.{% endif %}{% ifversion fpt or ghec %} | `business` | Contains activities related to business settings for an enterprise. |{% endif %}{% ifversion fpt or ghec %} | `codespaces` | Contains all activities related to your organization's codespaces. |{% endif %} +| `copilot` | Contains all activities related to your {% data variables.product.prodname_copilot_for_business %} subscription. | `dependabot_alerts` | Contains organization-level configuration activities for {% data variables.product.prodname_dependabot_alerts %} in existing repositories. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-alerts/about-dependabot-alerts)." | `dependabot_alerts_new_repos` | Contains organization-level configuration activities for {% data variables.product.prodname_dependabot_alerts %} in new repositories created in the organization.{% ifversion fpt or ghec or ghes %} | `dependabot_security_updates` | Contains organization-level configuration activities for {% data variables.product.prodname_dependabot_security_updates %} in existing repositories. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates)." diff --git a/data/reusables/copilot/differences-cfi-cfb-table.md b/data/reusables/copilot/differences-cfi-cfb-table.md index 6d641dae7f..13df0a83b1 100644 --- a/data/reusables/copilot/differences-cfi-cfb-table.md +++ b/data/reusables/copilot/differences-cfi-cfb-table.md @@ -9,6 +9,7 @@ | Plugs right into your editor | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | Offers multi-line function suggestions | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | Organization-wide policy management | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | +| Audit logs | {% octicon "x" aria-label="Not included" %} |{% octicon "check" aria-label="Included" %} | | HTTP proxy support via custom certificates | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% endrowheaders %} diff --git a/data/reusables/gated-features/copilot-audit-logs.md b/data/reusables/gated-features/copilot-audit-logs.md new file mode 100644 index 0000000000..40c3ddbdcf --- /dev/null +++ b/data/reusables/gated-features/copilot-audit-logs.md @@ -0,0 +1 @@ +Audit logs for {% data variables.product.prodname_copilot %} are available for organizations{% ifversion ghec %} and enterprise accounts{% endif %} with a {% data variables.product.prodname_copilot_business_short %} subscription. \ No newline at end of file