jprdonnelly/docs
1
0
Fork 0
mirror of synced 2025-12-22 03:16:52 -05:00
Code Issues Projects Releases Wiki Activity
Files
copilot/add-changelog-file
docs/content/code-security/secret-scanning/managing-alerts-from-secret-scanning/monitoring-alerts.md
Kevin Heis 39beae4778 Add aria-labels to octicons (#55740)
2025-05-20 16:45:25 -07:00

55 lines
2.6 KiB
Markdown
Raw Permalink Blame History

---
title: Monitoring alerts from secret scanning
intro: 'Learn how and when {% data variables.product.github %} will notify you about a secret scanning alert.'
permissions: '{% data reusables.permissions.secret-scanning-alerts %}'
versions:
fpt: '*'
ghes: '*'
ghec: '*'
type: how_to
topics:
- Secret scanning
- Secret Protection
- Alerts
- Repositories
shortTitle: Monitor alerts
allowTitleToDifferFromFilename: true
---
## Configuring notifications for {% data variables.secret-scanning.alerts %}
In addition to displaying an alert in the **Security** tab of the repository, {% data variables.product.github %} can also send email notifications for alerts. These notifications are different for incremental scans and historical scans.
### Incremental scans
{% data reusables.secret-scanning.secret-scanning-configure-notifications %}
{% data reusables.repositories.navigate-to-repo %}
1. To start watching the repository, select **{% octicon "eye" aria-hidden="true" aria-label="eye" %} Watch**.
![Screenshot of the repository's main page. A dropdown menu, titled "Watch", is highlighted with an orange outline.](/assets/images/help/repository/repository-watch-dropdown.png)
1. In the dropdown menu, click **All Activity**. Alternatively, to only subscribe to security alerts, click **Custom**, then click **Security alerts**.
1. Navigate to the notification settings for your personal account. These are available at [https://github.com/settings/notifications](https://github.com/settings/notifications).
1. On your notification settings page, under "Subscriptions", then under "Watching", select the **Notify me** dropdown.
1. Select "Email" as a notification option, then click **Save**.
![Screenshot of the notification settings for a user account. Under "Subscriptions" and "Watching" a checkbox, titled "Email", is outlined in orange.](/assets/images/help/notifications/repository-watching-notification-options.png)
{% data reusables.notifications.watch-settings %}
### Historical scans
For historical scans, {% data variables.product.github %} notifies the following users:
* Organization owners, enterprise owners, and security managers—whenever a historical scan is complete, even if no secrets are found.
* Repository administrators, security managers, and users with custom roles with read/write access—whenever a historical scan detects a secret, and according to their notification preferences.
We do _not_ notify commit authors.
{% data reusables.notifications.watch-settings %}
## Auditing responses to secret scanning alerts
{% data reusables.secret-scanning.audit-secret-scanning-events %}
Reference in New Issue View Git Blame Copy Permalink