Audit Logs
Retrieves audit events from your Buildkite organization for security monitoring, compliance, and operational visibility across your CI/CD pipeline activities.
Sync Type: Incremental
Requirements
- A Buildkite organization with audit log access
- An API token with the required permissions to access audit events via GraphQL API
- Organization slug/identifier
Creating an API Token
To create an API token for accessing Buildkite audit logs:
- Navigate to Personal Settings in your Buildkite account
- Go to API Access Token section
- Click New API Access token
- Fill in a description for the token (e.g., "Monad Audit Logs")
- Select your organization from the dropdown menu
- Check the GraphQL API checkbox to grant GraphQL access permissions
- Press Create New API token
- Copy the generated token and use it in the configuration
Note: Store the token securely as it won't be shown again once you leave the page.
Details
The Buildkite Audit Logs input collects comprehensive audit trail information from your Buildkite organization. It tracks all significant activities including user actions, pipeline changes, agent management, security events, and administrative activities. This input provides detailed information about who performed what actions, when they occurred, and the context in which they happened.
The input uses Buildkite's GraphQL API to retrieve audit events and implements incremental syncing to efficiently collect only new events since the last run. Each audit event includes detailed information about the actor (who), subject (what), type of event, timestamp, and additional contextual data.
Configuration
The following configuration defines the input parameters. Each field's specifications, such as type, requirements, and descriptions, are detailed below.
Settings
| Setting | Type | Required | Description |
|---|---|---|---|
| Organization Slug | string | Yes | The URL slug of your Buildkite organizations |
| Backfill Start Time | string | No | The date to start fetching data from. If not specified, no past records will be fetched. |
Secrets
| Secret | Type | Required | Description |
|---|---|---|---|
| API Token | string | Yes | Buildkite API token with permissions to read audit events via GraphQL API |