Group-level audit events for SAML SSO login activity

Problem

Understanding access activity is one of the most fundamental audit events when investigating a security event. Currently, we track sign in events at the instance level, which doesn't do much good for users on GitLab.com.

Proposal

• When a user logs into a group using SAML SSO, log a group-level audit event. This event should include device, browser, and IP address.