@@ -15,7 +15,7 @@ A standard response is available in ZenDesk as a macro [`Support::SaaS::Gitlab.c
If required, you can escalate the ticket/issue by following our [escalation process](/handbook/support/internal-support/support-ticket-attention-requests).
You can consider using the [kibana workflow](/handbook/support/workflows/kibana/) page for tips on retrieving logs for requests within the last 30 days. Log requests beyond a summary (similar to the examples below) or where logs are not readily available on Kibana should be handled according to the process outlined in the handbook page dedicated to [providing assistance to GitLab.com customers during customer-based security incidents](/handbook/security/customer-requests/). GitLab's Security Incident Response Team handles complex, extensive requests according to an internal [runbook](https://internal.gitlab.com/handbook/security/cross_functional_runbooks/customer_security_incidents/) for customer response operations.
You can consider using the [Kibana workflow](/handbook/support/workflows/kibana/) page for tips on retrieving logs for requests within the last 30 days. Log requests beyond a summary (similar to the examples below) or where logs are not readily available on Kibana should be handled according to the process outlined in the handbook page dedicated to [providing assistance to GitLab.com customers during customer-based security incidents](/handbook/security/customer-requests/). GitLab's Security Incident Response Team handles complex, extensive requests according to an internal [runbook](https://internal.gitlab.com/handbook/security/cross_functional_runbooks/customer_security_incidents/) for customer response operations.
### Who can make a request
@@ -28,7 +28,16 @@ You can consider using the [kibana workflow](/handbook/support/workflows/kibana/
#### Free Users
Free users should reference [GitLab.com rate limits documentation](https://docs.gitlab.com/user/gitlab_com/#rate-limits-on-gitlabcom). Support will provide information [when GitLab initiates contact due to an incident](https://about.gitlab.com/support/statement-of-support/#free-users).
Support will only provide information [when GitLab initiates contact due to an incident](https://about.gitlab.com/support/statement-of-support/#free-users).
If a free user/group needs information for an investigation their options are:
- Access audit events by either requesting an [Ultimate trial](https://gitlab.com/-/trials/new) or purchasing a subscription.
Audit events are locked behind a valid subscription, so even GitLab admins are unable to view events of a free group.
The user will need to perform their own investigation using the audit events whether they use a trial or purchase a subscription.
- Review events from the group activity overview (`https://gitlab.com/groups/<group-name>/-/activity`).
