Xygeni Sensor for GitLab
The Xygeni Sensor for GitLab monitors activity in an Organization (or User) and its repositories.
How it works
The sensor works by registering Audit Event Streaming for GitLab, which will send HTTPS messages to the streaming endpoint URL for the Xygeni platform.
See Audit event streaming examples for further information on the events and payloads sent from GitLab to Xygeni platform.
The Audit Event Streaming feature is only available in the Ultimate tier.
The streaming URL is https://api.xygeni.io/gitlab/streaming
for the Xygeni cloud platform.
The streaming endpoint is secured with a shared secret and TLS, following the recommendations in Verify event authenticity.
Installation
Audit Event Streaming should be set for each top-level group you require to monitor using Xygeni. In case of Gitlab local self-managed instance it will be set once per instance.
Add a new HTTP destination
In Gitlab, follow instruction to setup a streaming destination as describe at Add new HTTP destination
As
Destination Name
write a description for that streamingSet the
Destination URL
(https://api.xygeni.io/gitlab/streaming).
Save Verification token at Xygeni
Once the destination is created, expand the stream to locate the verification token.
Then copy the
Verification Token
, go to Xygeni 'Integrations Configuration' screen, and paste it at 'Verification token' field, 'Sensors' section".
Alerts Tracking
You can navigate to the dashboard to keep track of the all the Unusual Activity detected at the moment, ordered by time of exposure from most recent to less recent. Open Anomalous Activity Summary.
Last updated