Skip to content

[GitHub Advanced Security Alerts] - create v2 connector which supports Log Analytics CLv2 #14111

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
hassanchawiche merged 17 commits into from
Apr 27, 2026
Merged

[GitHub Advanced Security Alerts] - create v2 connector which supports Log Analytics CLv2 #14111

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
17 commits
Select commit Hold shift + click to select a range
099dbb9
backup
Apr 8, 2026
b94f488
Changes to table name and providing function package
Apr 21, 2026
49eba21
update date on release notes
Apr 21, 2026
102e0f7
Delete plans/github-webhook-clv1-to-clv2-migration.md
jlheard Apr 21, 2026
2bd556b
Delete Sample Data/GitHubAdvancedSecurityAlerts_CL.json
jlheard Apr 21, 2026
c676473
Rename GitHubWebhookEvents_CL.json to GitHubAdvancedSecurityAlerts_CL…
jlheard Apr 21, 2026
0c3525a
package latest solution
Apr 21, 2026
6fc9d65
Merge branch 'user/jlheard/github-alerts-to-clv2' of https://github.c…
Apr 21, 2026
1471574
fix PR validation checks
Apr 23, 2026
f7721d3
Add alias parser to fix KQL validation check
Apr 23, 2026
872da12
Change Az func website package to aka.ms link to avoid PR builds when…
Apr 23, 2026
6477760
package with the latest
Apr 23, 2026
d18df1a
force isPreview to true
Apr 23, 2026
588d2a8
update requirements and test
Apr 23, 2026
280a312
fix TimeGenerated transform KQL
Apr 23, 2026
be7d7c7
minor version bump
Apr 24, 2026
bcede57
remove
Apr 24, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
102 changes: 102 additions & 0 deletions .script/tests/KqlvalidationsTests/CustomFunctions/githubscanaudit.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,102 @@
{
"FunctionName": "githubscanaudit",
"FunctionParameters": [],
"FunctionResultColumns": [
{
"Name": "TimeGenerated",
"Type": "datetime"
},
{
"Name": "action_s",
"Type": "string"
},
{
"Name": "alert_s",
"Type": "string"
},
{
"Name": "repository_s",
"Type": "string"
},
{
"Name": "organization_s",
"Type": "string"
},
{
"Name": "sender_s",
"Type": "string"
},
{
"Name": "commits_s",
"Type": "string"
},
{
"Name": "commit_oid_s",
"Type": "string"
},
{
"Name": "ref_s",
"Type": "string"
},
{
"Name": "ref_type_s",
"Type": "string"
},
{
"Name": "rule_s",
"Type": "string"
},
{
"Name": "comment_s",
"Type": "string"
},
{
"Name": "deployment_s",
"Type": "string"
},
{
"Name": "deployment_status_s",
"Type": "string"
},
{
"Name": "discussion_s",
"Type": "string"
},
{
"Name": "check_run_s",
"Type": "string"
},
{
"Name": "key_s",
"Type": "string"
},
{
"Name": "changes_s",
"Type": "string"
},
{
"Name": "master_branch_s",
"Type": "string"
},
{
"Name": "pusher_type_s",
"Type": "string"
},
{
"Name": "description_s",
"Type": "string"
},
{
"Name": "event_s",
"Type": "string"
},
{
"Name": "number_d",
"Type": "real"
},
{
"Name": "forced_b",
"Type": "bool"
}
]
}
117 changes: 117 additions & 0 deletions .script/tests/KqlvalidationsTests/CustomTables/GitHubAdvancedSecurityAlerts_CL.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,117 @@
{
"Name": "GitHubAdvancedSecurityAlerts_CL",
"Properties": [
{
"Name": "TenantId",
"Type": "string"
},
{
"Name": "SourceSystem",
"Type": "string"
},
{
"Name": "TimeGenerated",
"Type": "datetime"
},
{
"Name": "Type",
"Type": "string"
},
{
"Name": "_ResourceId",
"Type": "string"
},
{
"Name": "action_s",
"Type": "string"
},
{
"Name": "alert_s",
"Type": "string"
},
{
"Name": "repository_s",
"Type": "string"
},
{
"Name": "organization_s",
"Type": "string"
},
{
"Name": "sender_s",
"Type": "string"
},
{
"Name": "commits_s",
"Type": "string"
},
{
"Name": "commit_oid_s",
"Type": "string"
},
{
"Name": "ref_s",
"Type": "string"
},
{
"Name": "ref_type_s",
"Type": "string"
},
{
"Name": "rule_s",
"Type": "string"
},
{
"Name": "comment_s",
"Type": "string"
},
{
"Name": "deployment_s",
"Type": "string"
},
{
"Name": "deployment_status_s",
"Type": "string"
},
{
"Name": "discussion_s",
"Type": "string"
},
{
"Name": "check_run_s",
"Type": "string"
},
{
"Name": "key_s",
"Type": "string"
},
{
"Name": "changes_s",
"Type": "string"
},
{
"Name": "master_branch_s",
"Type": "string"
},
{
"Name": "pusher_type_s",
"Type": "string"
},
{
"Name": "description_s",
"Type": "string"
},
{
"Name": "event_s",
"Type": "string"
},
{
"Name": "number_d",
"Type": "real"
},
{
"Name": "forced_b",
"Type": "bool"
}
]
}
133 changes: 133 additions & 0 deletions Sample Data/GitHubAdvancedSecurityAlerts_CL.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,133 @@
[
{
"TimeGenerated": "2024-06-01T10:15:00Z",
"action_s": "reopened",
"alert_s": "{\"number\":10,\"created_at\":\"2024-06-01T10:00:00Z\",\"updated_at\":\"2024-06-01T10:15:00Z\",\"url\":\"https://api.github.com/repos/Codertocat/Hello-World/code-scanning/alerts/10\",\"html_url\":\"https://github.com/Codertocat/Hello-World/security/code-scanning/10\",\"state\":\"open\",\"rule\":{\"id\":\"Style/FrozenStringLiteralComment\",\"severity\":\"note\",\"description\":\"Add the frozen_string_literal comment to the top of files to help transition to frozen string literals by default.\"},\"tool\":{\"name\":\"Rubocop\",\"version\":null}}",
"commit_oid_s": "d6e4c75c141dbacecc279b721b8b9393d5405795",
"ref_s": "refs/heads/main",
"repository_s": "{\"id\":186853002,\"name\":\"Hello-World\",\"full_name\":\"Codertocat/Hello-World\",\"private\":false,\"owner\":{\"login\":\"Codertocat\",\"type\":\"User\"},\"url\":\"https://api.github.com/repos/Codertocat/Hello-World\",\"html_url\":\"https://github.com/Codertocat/Hello-World\",\"default_branch\":\"main\"}",
"organization_s": "{\"login\":\"Octocoders\",\"id\":6,\"url\":\"https://api.github.com/orgs/Octocoders\"}",
"sender_s": "{\"login\":\"github\",\"id\":9919,\"type\":\"Organization\",\"site_admin\":false}",
"event_s": "code_scanning_alert",
"rule_s": "",
"alert_s_event": "code_scanning_alert",
"commits_s": "",
"ref_type_s": "",
"comment_s": "",
"deployment_s": "",
"deployment_status_s": "",
"discussion_s": "",
"check_run_s": "",
"key_s": "",
"changes_s": "",
"master_branch_s": "",
"pusher_type_s": "",
"description_s": "",
"number_d": 10,
"forced_b": false
},
{
"TimeGenerated": "2024-06-01T11:30:00Z",
"action_s": "create",
"alert_s": "{\"number\":5,\"created_at\":\"2024-06-01T11:25:00Z\",\"affected_range\":\">= 1.0.0, < 1.8.0\",\"external_identifier\":\"CVE-2024-12345\",\"ghsa_id\":\"GHSA-xxxx-yyyy-zzzz\",\"severity\":\"high\",\"url\":\"https://api.github.com/repos/Codertocat/Hello-World/vulnerability-alerts/5\"}",
"commit_oid_s": "",
"ref_s": "",
"repository_s": "{\"id\":186853002,\"name\":\"Hello-World\",\"full_name\":\"Codertocat/Hello-World\",\"private\":false,\"owner\":{\"login\":\"Codertocat\",\"type\":\"User\"},\"url\":\"https://api.github.com/repos/Codertocat/Hello-World\",\"html_url\":\"https://github.com/Codertocat/Hello-World\",\"default_branch\":\"main\"}",
"organization_s": "{\"login\":\"Octocoders\",\"id\":6,\"url\":\"https://api.github.com/orgs/Octocoders\"}",
"sender_s": "{\"login\":\"dependabot[bot]\",\"id\":49699333,\"type\":\"Bot\",\"site_admin\":false}",
"event_s": "repository_vulnerability_alert",
"rule_s": "",
"commits_s": "",
"ref_type_s": "",
"comment_s": "",
"deployment_s": "",
"deployment_status_s": "",
"discussion_s": "",
"check_run_s": "",
"key_s": "",
"changes_s": "",
"master_branch_s": "",
"pusher_type_s": "",
"description_s": "",
"number_d": 5,
"forced_b": false
},
{
"TimeGenerated": "2024-06-01T12:45:00Z",
"action_s": "created",
"alert_s": "{\"number\":3,\"created_at\":\"2024-06-01T12:40:00Z\",\"url\":\"https://api.github.com/repos/Codertocat/Hello-World/secret-scanning/alerts/3\",\"html_url\":\"https://github.com/Codertocat/Hello-World/security/secret-scanning/3\",\"state\":\"open\",\"secret_type\":\"github_personal_access_token\",\"resolution\":null,\"resolved_by\":null,\"resolved_at\":null}",
"commit_oid_s": "",
"ref_s": "",
"repository_s": "{\"id\":186853002,\"name\":\"Hello-World\",\"full_name\":\"Codertocat/Hello-World\",\"private\":false,\"owner\":{\"login\":\"Codertocat\",\"type\":\"User\"},\"url\":\"https://api.github.com/repos/Codertocat/Hello-World\",\"html_url\":\"https://github.com/Codertocat/Hello-World\",\"default_branch\":\"main\"}",
"organization_s": "{\"login\":\"Octocoders\",\"id\":6,\"url\":\"https://api.github.com/orgs/Octocoders\"}",
"sender_s": "{\"login\":\"Codertocat\",\"id\":21031067,\"type\":\"User\",\"site_admin\":false}",
"event_s": "secret_scanning_alert",
"rule_s": "",
"commits_s": "",
"ref_type_s": "",
"comment_s": "",
"deployment_s": "",
"deployment_status_s": "",
"discussion_s": "",
"check_run_s": "",
"key_s": "",
"changes_s": "",
"master_branch_s": "",
"pusher_type_s": "",
"description_s": "",
"number_d": 3,
"forced_b": false
},
{
"TimeGenerated": "2024-06-01T13:00:00Z",
"action_s": "completed",
"alert_s": "",
"commit_oid_s": "",
"ref_s": "refs/heads/main",
"ref_type_s": "",
"repository_s": "{\"id\":186853002,\"name\":\"Hello-World\",\"full_name\":\"Codertocat/Hello-World\",\"private\":false,\"owner\":{\"login\":\"Codertocat\",\"type\":\"User\"},\"url\":\"https://api.github.com/repos/Codertocat/Hello-World\",\"html_url\":\"https://github.com/Codertocat/Hello-World\",\"default_branch\":\"main\"}",
"organization_s": "{\"login\":\"Octocoders\",\"id\":6,\"url\":\"https://api.github.com/orgs/Octocoders\"}",
"sender_s": "{\"login\":\"Codertocat\",\"id\":21031067,\"type\":\"User\",\"site_admin\":false}",
"check_run_s": "{\"id\":128620228,\"name\":\"Octocoders-linter\",\"status\":\"completed\",\"conclusion\":\"success\",\"started_at\":\"2024-06-01T12:55:00Z\",\"completed_at\":\"2024-06-01T13:00:00Z\",\"url\":\"https://api.github.com/repos/Codertocat/Hello-World/check-runs/128620228\"}",
"event_s": "check_run",
"rule_s": "",
"commits_s": "",
"comment_s": "",
"deployment_s": "",
"deployment_status_s": "",
"discussion_s": "",
"key_s": "",
"changes_s": "",
"master_branch_s": "",
"pusher_type_s": "",
"description_s": "",
"number_d": 0,
"forced_b": false
},
{
"TimeGenerated": "2024-06-01T14:00:00Z",
"action_s": "push",
"alert_s": "",
"commit_oid_s": "",
"ref_s": "refs/heads/main",
"ref_type_s": "",
"repository_s": "{\"id\":186853002,\"name\":\"Hello-World\",\"full_name\":\"Codertocat/Hello-World\",\"private\":false,\"owner\":{\"login\":\"Codertocat\",\"type\":\"User\"},\"url\":\"https://api.github.com/repos/Codertocat/Hello-World\",\"html_url\":\"https://github.com/Codertocat/Hello-World\",\"default_branch\":\"main\"}",
"organization_s": "{\"login\":\"Octocoders\",\"id\":6,\"url\":\"https://api.github.com/orgs/Octocoders\"}",
"sender_s": "{\"login\":\"Codertocat\",\"id\":21031067,\"type\":\"User\",\"site_admin\":false}",
"commits_s": "[{\"id\":\"abc1234\",\"message\":\"Fix: update dependency versions\",\"timestamp\":\"2024-06-01T14:00:00Z\",\"author\":{\"name\":\"Codertocat\",\"email\":\"sanitized@sanitized.com\"}}]",
"event_s": "push",
"rule_s": "",
"comment_s": "",
"check_run_s": "",
"deployment_s": "",
"deployment_status_s": "",
"discussion_s": "",
"key_s": "",
"changes_s": "",
"master_branch_s": "main",
"pusher_type_s": "user",
"description_s": "",
"number_d": 0,
"forced_b": false
}
]
Loading
Loading