Add GHES enterprise audit log events, add redirect (github#26777)

vgrl · lucascosti · web-flow · commit 83af859da487 · 2022-04-08T02:47:25.000Z
Co-authored-by: Lucas Costi &lt;lucascosti@users.noreply.github.com&gt;
diff --git a/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/accessing-the-audit-log-for-your-enterprise.md b/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/accessing-the-audit-log-for-your-enterprise.md
@@ -9,6 +9,7 @@ redirect_from:
   - /articles/viewing-the-audit-logs-for-organizations-in-your-enterprise-account
   - /github/setting-up-and-managing-your-enterprise-account/viewing-the-audit-logs-for-organizations-in-your-enterprise-account
   - /github/setting-up-and-managing-your-enterprise/viewing-the-audit-logs-for-organizations-in-your-enterprise-account
+  - /admin/user-management/managing-organizations-in-your-enterprise/viewing-the-audit-logs-for-organizations-in-your-enterprise
 versions:
   ghec: '*'
   ghes: '*'
diff --git a/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/audit-log-events-for-your-enterprise.md b/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/audit-log-events-for-your-enterprise.md
@@ -192,6 +192,16 @@ Action                        | Description
 | `commit_comment.update` | A commit comment was updated.
 {%- endif %}
 
+{%- ifversion ghes %}
+### `config_entry` category actions
+
+| Action | Description
+|--------|-------------
+| `config_entry.create` | A configuration setting was created. These events are only visible in the site admin audit log. The type of events recorded relate to:</br>- Enterprise settings and policies</br>- Organization and repository permissions and settings</br>- Git, Git LFS, {% data variables.product.prodname_github_connect %}, {% data variables.product.prodname_registry %}, project, and code security settings.
+| `config_entry.destroy` | A configuration setting was deleted. These events are only visible in the site admin audit log. The type of events recorded relate to:</br>- Enterprise settings and policies</br>- Organization and repository permissions and settings</br>- Git, Git LFS, {% data variables.product.prodname_github_connect %}, {% data variables.product.prodname_registry %}, project, and code security settings.
+| `config_entry.update` | A configuration setting was edited. These events are only visible in the site admin audit log. The type of events recorded relate to:</br>- Enterprise settings and policies</br>- Organization and repository permissions and settings</br>- Git, Git LFS, {% data variables.product.prodname_github_connect %}, {% data variables.product.prodname_registry %}, project, and code security settings.
+{%- endif %}
+
 {%- ifversion fpt or ghec or ghes > 3.2 or ghae-issue-4864 %}
 ### `dependabot_alerts` category actions
 
@@ -367,6 +377,14 @@ Action                        | Description
 | `external_identity.update` | An Okta user's settings were updated. For more information, see "[Mapping Okta groups to teams](/admin/identity-and-access-management/configuring-authentication-and-provisioning-with-your-identity-provider/mapping-okta-groups-to-teams)."
 {%- endif %}
 
+### `gist` category actions
+
+| Action | Description
+|--------|-------------
+| `gist.create` | A gist is created.
+| `gist.destroy` | A gist is deleted.
+| `gist.visibility_change` | The visibility of a gist is changed.
+
 ### `git` category actions
 
 | Action | Description
@@ -1075,6 +1093,14 @@ Action                        | Description
 | `repository_image.create` | An image to represent a repository was uploaded.
 | `repository_image.destroy` | An image to represent a repository was deleted.
 
+### `repository_invitation` category actions
+
+| Action | Description
+|--------|-------------
+| `repository_invitation.accept` | An invitation to join a repository was accepted.
+| `repository_invitation.create` | An invitation to join a repository was sent.
+| `repository_invitation.reject` | An invitation to join a repository was canceled.
+
 ### `repository_projects_change` category actions
 
 | Action | Description
@@ -1242,10 +1268,18 @@ Action                        | Description
 {%- endif %}
 | `staff.repo_lock`             | An organization{% ifversion ghes %}, repository or site{% else %} or repository{% endif %} administrator locked (temporarily gained full access to) a user's private repository.
 | `staff.repo_unlock`           | An organization{% ifversion ghes %}, repository or site{% else %} or repository{% endif %} administrator unlocked (ended their temporary access to) a user's private repository.
-| `staff.unlock`                | An enterprise owner{% ifversion ghes %} or site administrator{% endif %} unlocked (temporarily gained full access to) all of a user's private repositories.
+{%- ifversion ghes %}
+| `staff.search_audit_log` | A site administrator performed a search of the site admin audit log.
+{%- endif %}
 | `staff.set_domain_token_expiration` | {% ifversion ghes %}A site administrator or {% endif %}GitHub staff set the verification code expiry time for an organization or enterprise domain. {% ifversion ghec or ghes > 3.1 %}For more information, see "[Verifying or approving a domain for your organization](/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization)" and "[Verifying or approving a domain for your enterprise](/admin/configuration/configuring-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise)."{% endif %}
+{%- ifversion ghes %}
+| `staff.unlock`                | A site administrator unlocked (temporarily gained full access to) all of a user's private repositories.
+{%- endif %}
 | `staff.unverify_domain` | {% ifversion ghes %}A site administrator or {% endif %}GitHub staff unverified an organization or enterprise domain. {% ifversion ghec or ghes > 3.1 %}For more information, see "[Verifying or approving a domain for your organization](/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization)" and "[Verifying or approving a domain for your enterprise](/admin/configuration/configuring-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise)."{% endif %}
 | `staff.verify_domain` | {% ifversion ghes %}A site administrator or {% endif %}GitHub staff verified an organization or enterprise domain. {% ifversion ghec or ghes > 3.1 %}For more information, see "[Verifying or approving a domain for your organization](/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization)" and "[Verifying or approving a domain for your enterprise](/admin/configuration/configuring-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise)."{% endif %}
+{%- ifversion ghes %}
+| `staff.view_audit_log` | A site administrator viewed the site admin audit log.
+{%- endif %}
 
 ### `team` category actions
 
diff --git a/data/reusables/audit_log/audit-log-action-categories.md b/data/reusables/audit_log/audit-log-action-categories.md
@@ -25,6 +25,9 @@
 | `codespaces` | Contains activities related to an organization's codespaces.
 {%- endif %}
 | `commit_comment` | Contains activities related to updating or deleting commit comments.
+{%- ifversion ghes %}
+| `config_entry` |  Contains activities related to configuration settings. These events are only visible in the site admin audit log.
+{%- endif %}
 {%- ifversion fpt or ghec or ghes > 3.2 or ghae-issue-4864 %} |
 | `dependabot_alerts`  | Contains organization-level configuration activities for {% data variables.product.prodname_dependabot_alerts %} in existing repositories. For more information, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)."
 | `dependabot_alerts_new_repos`   | Contains organization-level configuration activities for  {% data variables.product.prodname_dependabot_alerts %} in new repositories created in the organization.
@@ -59,6 +62,7 @@
 | `external_group` | Contains activities related to Okta groups.
 | `external_identity` | Contains activities related to a user in an Okta group.
 {%- endif %}
+| `gist` | Contains activities related to Gists.
 | `git` | Contains activities related to Git events.
 | `hook` | Contains activities related to webhooks.
 | `integration` | Contains activities related to integrations in an account.
@@ -138,7 +142,8 @@
 | `repository_content_analysis`   | Contains activities related to [enabling or disabling data use for a private repository](/articles/about-github-s-use-of-your-data).
 | `repository_dependency_graph`   | Contains repository-level activities related to enabling or disabling the dependency graph for a {% ifversion fpt or ghec %}private {% endif %}repository. For more information, see "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)."
 {%- endif %}
-| `repository_image` | Contains activities related images for a repository.
+| `repository_image` | Contains activities related to images for a repository.
+| `repository_invitation` | Contains activities related to invitations to join a repository.
 | `repository_projects_change` | Contains activities related to enabling projects for a repository or for all repositories in an organization.
 {%- ifversion ghec or ghes or ghae %}
 | `repository_secret_scanning`  | Contains repository-level activities related to secret scanning. For more information, see "[About secret scanning](/github/administering-a-repository/about-secret-scanning)."
