Auditing users' push/fetch events on GitLab.
Option 1: Download the released tar ball from GitHub then run:
mkdir -p gitlab-auditor
tar xjvf gitlab-auditor-x64.tar.bz -C gitlab-auditor
cd gitlab-auditor
./gitlab-auditorOption 2: Clone this repository and build it by yourself:
git clone https://github.com/kfei/gitlab-auditor
cd gitlab-auditor
go build
./gitlab-auditorNote that gitlab-auditor will search
/var/log/gitlab/gitlab-shell/gitlab-shell.log by default. To use a different
log file, run ./gitlab-auditor -f <file> instead.
To have gitlab-shell logging more users' information, we have to patch GitLab, both the Rails application and the SSH shell parts.
Step 1: Patch GitLab, so that the internal discover API exposes users' ID. Then restart GitLab rails application.
Step 2: Patch gitlab-shell so that it can log users' name, ID and IP.
Visit http://<your-server-ip>:3000 through a web browser, and click the
config button to paste your GitLab's API token on. Now the web application is
ready to use.
Instead of always inefficiently parsing a log file, send them to a persistent
database with index enabled. In the mean time, you might want to set the log
file's rotate frequency to as long as you can by
logging['logrotate_frequency'] = "yearly" or even longer.
In case your nonsense boss ask you to disable all methods to download code from the GitLab web, have a look at another document.