Does Gitlab EE Have Audit Logs for "git clone", "git push", and "git pull" commands?

The audit events page of gitlab says that I can find “Project repository was downloaded” action in Project > Settings > Audit Events.

So I tried running git clone http://gitlab.example.com/testauditlog.git to download one of my projects. But then I can’t find anything related to the download in the audit events. Why does this happen?

The only logs belonging to git clone I found is in /var/log/gitlab/nginx/gitlab_access.log

172.17.0.1 - - [03/Jan/2020:03:28:56 +0000] "GET /testauditlog.git/info/refs?service=git-upload-pack HTTP/1.1" 200 254 "" "git/2.21.0 (Apple Git-122.2)"
172.17.0.1 - - [03/Jan/2020:03:28:56 +0000] "POST /testauditlog.git/git-upload-pack HTTP/1.1" 200 949 "" "git/2.21.0 (Apple Git-122.2)"

But this log doesn’t say which account cloned the repository. So it is not that useful for the compliance team in my company.

I used gitlab/gitlab-ee at dockerhub with a 30-day evaluation license to try the audit events feature of gitlab.

Hi,

project download refers to the action to get a zip/tar archive.

If you trigger this, you can see it in the audit log.

Specific git actions for fetch/pull/clone are not logged to the audit log yet AFAIK. There’s an epic for tracking this, please add your feedback over there :slight_smile:

Cheers,
Michael

Thank you for your reply. So there’re no audit logs for “git clone”, and “git push” commands? Is that right?

1 Like