Skip to content

Retrieve audit events via API: MVC

Problem to solve

Organizations need assurance that users of GitLab are in compliance with policies they've set on the instance. Currently, instances use application and audit logs to solve for this need; however, neither are available through an API. This makes manual exploration the primary method for investigation, and GitLab should enable proactive monitoring of audit events.

Proposal

  • Create an API endpoint for fetching audit events.
  • The endpoint's response should be all relevant audit events that match the query in the get request.
  • Return all relevant events for a group, project, user, or time range.

References

Zendesk issue: https://gitlab.zendesk.com/agent/tickets/13199 GitHub: https://help.github.com/en/articles/reviewing-the-audit-log-for-your-organization#using-the-audit-log-api

Edited by Jeremy Watson (ex-GitLab)