Skip to main content

Displaying IP addresses in the audit log for your organization

You can display the source IP address for events in your organization's audit log.

Who can use this feature?

Organization owners can display IP addresses in the audit log for an enterprise.

Note

Displaying IP addresses in the audit log for an organization is in public preview and subject to change.

About display of IP addresses in the audit log

By default, GitHub does not display the source IP address for events in your organization's audit log. Optionally, to ensure compliance and respond to threats, you can display the full IP address associated with the actor responsible for each event. Actors are typically users, but can also be apps or integrations.

You are responsible for meeting any legal obligations that accompany the viewing or storage of IP addresses displayed within your organization's audit log.

When anyone creates an account on GitHub, the person agrees to GitHub's collection of basic information about connections to GitHub's services, including source IP address. For more information, see "GitHub General Privacy Statement."

After you enable the feature, you can access the audit log to view events that include IP addresses. For more information, see "Reviewing the audit log for your organization."

Events that display IP addresses in the audit log

GitHub displays an IP address for each event in the organization audit log that meets these criteria.

  • The actor is an organization member or owner
  • The target is either an organization-owned repository that is private or internal, or an organization resource that is not a repository, such as a project.

Enabling display of IP addresses in the audit log

  1. In the upper-right corner of GitHub, select your profile photo, then click Your organizations.

  2. Next to the organization, click Settings.

  3. Click Source IP disclosure.

    Screenshot of the "Audit log" page for an organization. A tab, labeled "Source IP disclosure," is outlined in dark orange.

  4. Under "Disclose actor IP addresses in audit logs", select Enable source IP disclosure.

  5. Click Save.