[EDI] Viewing code scanning logs (#59984)

Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>

Author: isaacmbrown

content/code-security/how-tos/scan-code-for-vulnerabilities/manage-your-configuration/codeql-code-scanning-for-compiled-languages.md

@@ -333,7 +333,7 @@ When you enable default setup for a repository that contains C# code, the build
 
 {% data variables.product.prodname_codeql %} restores dependencies and generates a few additional source files, to give more accurate results, before creating a database from all the source files and dependencies.
 
-Dependencies are restored using multiple heuristics and strategies. The following files are the primary source of information: `*.csproj`, `*.sln`, `nuget.config`, `packages.config`, `global.json`, and `project.assets.json`. {% ifversion org-private-registry %}If a private NuGet feed is defined for the organization, this is also used, see [Code scanning default setup access to private registries](/code-security/securing-your-organization/enabling-security-features-in-your-organization/giving-org-access-private-registries#code-scanning-default-setup-access-to-private-registries) and [Diagnostic information for private package registries](/code-security/code-scanning/managing-your-code-scanning-configuration/viewing-code-scanning-logs#diagnostic-information-for-private-package-registries).{% endif %}
+Dependencies are restored using multiple heuristics and strategies. The following files are the primary source of information: `*.csproj`, `*.sln`, `nuget.config`, `packages.config`, `global.json`, and `project.assets.json`. {% ifversion org-private-registry %}If a private NuGet feed is defined for the organization, this is also used, see [Code scanning default setup access to private registries](/code-security/securing-your-organization/enabling-security-features-in-your-organization/giving-org-access-private-registries#code-scanning-default-setup-access-to-private-registries) and [AUTOTITLE](/code-security/reference/code-scanning/code-scanning-logs#diagnostic-information-for-private-package-registries).{% endif %}
 
 The following generated source files are optional, but significantly increase the correctness of the {% data variables.product.prodname_codeql %} database:
 
@@ -464,7 +464,7 @@ If you later add Kotlin code to a repository that uses the `none` build mode, {%
 
 {% data variables.product.prodname_codeql %} will attempt to run Gradle or Maven to extract accurate dependency information (but not to invoke a build), before creating a database from all Java files present. Every root Maven or Gradle project file (a build script without any build script present in an ancestor directory) is queried for dependency information, and more recent dependency versions are preferred if there is a clash. For information about the runner requirements to run Maven or Gradle, see [Runner requirements for Java](#runner-requirements-for-java).
 
- {% ifversion org-private-registry %}If a private Maven registry is defined for the organization, this is also used, see [Code scanning default setup access to private registries](/code-security/securing-your-organization/enabling-security-features-in-your-organization/giving-org-access-private-registries#code-scanning-default-setup-access-to-private-registries) and [Diagnostic information for private package registries](/code-security/code-scanning/managing-your-code-scanning-configuration/viewing-code-scanning-logs#diagnostic-information-for-private-package-registries).{% endif %}
+{% ifversion org-private-registry %}If a private Maven registry is defined for the organization, this is also used, see [Code scanning default setup access to private registries](/code-security/securing-your-organization/enabling-security-features-in-your-organization/giving-org-access-private-registries#code-scanning-default-setup-access-to-private-registries) and [AUTOTITLE](/code-security/reference/code-scanning/code-scanning-logs##diagnostic-information-for-private-package-registries).{% endif %}
 
 #### Accuracy of no build analysis for Java
 

…eql/codeql-for-vs-code/accessing-logs.md …ties/scan-from-vs-code/accessing-logs.mdcontent/code-security/reference/code-scanning/codeql/codeql-for-vs-code/accessing-logs.md renamed to content/code-security/how-tos/scan-code-for-vulnerabilities/scan-from-vs-code/accessing-logs.md content/code-security/reference/code-scanning/codeql/codeql-for-vs-code/accessing-logs.md renamed to content/code-security/how-tos/scan-code-for-vulnerabilities/scan-from-vs-code/accessing-logs.md

@@ -1,5 +1,5 @@
 ---
-title: Accessing logs
+title: Accessing logs for {% data variables.product.prodname_codeql %} in {% data variables.product.prodname_vscode %}
 shortTitle: Access logs
 versions:
   fpt: '*'
@@ -14,28 +14,10 @@ allowTitleToDifferFromFilename: true
 redirect_from:
   - /code-security/codeql-for-vs-code/troubleshooting-codeql-for-vs-code/accessing-logs
   - /code-security/how-tos/scan-code-for-vulnerabilities/troubleshooting/troubleshooting-codeql-for-vs-code/accessing-logs
-contentType: reference
+  - /code-security/reference/code-scanning/codeql/codeql-for-vs-code/accessing-logs
+contentType: how-tos
 ---
 
-## About logs
-
-Progress and error messages are displayed as notifications in the bottom right corner of the {% data variables.product.prodname_vscode %} workspace. These link to more detailed logs and error messages in the "Output" window.
-
-You can access the following logs:
-
-* {% data variables.product.prodname_codeql %} Extension
-
-* {% data variables.product.prodname_codeql %} Language Server
-
-* {% data variables.product.prodname_codeql %} Query Server
-
-* {% data variables.product.prodname_codeql %} Tests
-
-> [!NOTE]
-> The {% data variables.product.prodname_codeql %} Language Server log contains more advanced debug logs for {% data variables.product.prodname_codeql %} language maintainers. You should only need these to provide details in a bug report.
-
-## Accessing logs
-
 1. In {% data variables.product.prodname_vscode %}, open the "Output" window.
 
 1. Use the dropdown to select the log view you need. For example, "{% data variables.product.prodname_codeql %} Extension Log".

content/code-security/how-tos/scan-code-for-vulnerabilities/scan-from-vs-code/index.md

@@ -27,4 +27,6 @@ children:
   - /customizing-settings
   - /setting-up-a-codeql-workspace
   - /configuring-access-to-the-codeql-cli
+  - /accessing-logs
 ---
+

content/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries.md

@@ -61,7 +61,7 @@ When configuring private registries for the first time, you need to disable and
 
 For languages supporting private package registries, {% data variables.product.prodname_code_scanning %} default setup will produce information on the {% data variables.code-scanning.tool_status_page %}. This shows you which private registry configurations were available to an analysis, but not whether {% data variables.product.prodname_code_scanning %} default setup was able to successfully download private dependencies from them. For more information about the {% data variables.code-scanning.tool_status_page %}, see [AUTOTITLE](/code-security/code-scanning/managing-your-code-scanning-configuration/about-the-tool-status-page).
 
-Alternatively, you can confirm whether private registries were configured for a {% data variables.product.prodname_code_scanning %} analysis by looking in the Actions logs. See [Diagnostic information for private package registries](/code-security/code-scanning/managing-your-code-scanning-configuration/viewing-code-scanning-logs#diagnostic-information-for-private-package-registries).
+Alternatively, you can confirm whether private registries were used successfully by {% data variables.product.prodname_code_scanning %} analysis by looking in the Actions log files, see [AUTOTITLE](/code-security/reference/code-scanning/code-scanning-logs#diagnostic-information-for-private-package-registries).
 
 ## {% data variables.product.prodname_code_scanning_caps %} advanced setup access to private registries
 

content/code-security/how-tos/view-and-interpret-data/index.md

@@ -17,7 +17,7 @@ topics:
 contentType: how-tos
 children:
   - /analyze-organization-data
-  - /viewing-code-scanning-logs
+  - /view-code-scanning-logs
   - /viewing-dependabot-job-logs
   - /view-custom-pattern-metrics
   - /change-used-by-data

content/code-security/how-tos/view-and-interpret-data/view-code-scanning-logs.md

@@ -0,0 +1,47 @@
+---
+title: Viewing code scanning logs from GitHub Actions
+intro: View the output from a {% data variables.product.prodname_code_scanning %} analysis in {% data variables.product.prodname_actions %}.
+permissions: '{% data reusables.permissions.code-scanning-pr-alerts %}'
+redirect_from:
+  - /code-security/secure-coding/automatically-scanning-your-code-for-vulnerabilities-and-errors/viewing-code-scanning-logs
+  - /code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/viewing-code-scanning-logs
+  - /code-security/code-scanning/managing-your-code-scanning-configuration/viewing-code-scanning-logs
+  - /code-security/how-tos/view-and-interpret-data/viewing-code-scanning-logs
+versions:
+  fpt: '*'
+  ghes: '*'
+  ghec: '*'
+contentType: how-tos
+topics:
+  - Security
+shortTitle: View code scanning logs
+---
+
+{% data reusables.code-scanning.enterprise-enable-code-scanning-actions %}
+
+After configuring {% data variables.product.prodname_code_scanning %} using default setup or a custom {% data variables.product.prodname_actions %} workflow, you can watch the output of the actions as they run. For information about logs for other {% data variables.product.prodname_code_scanning %} setups, see [AUTOTITLE](/code-security/reference/code-scanning/code-scanning-logs).
+
+{% data reusables.repositories.actions-tab %}
+
+   You'll see a list that includes an entry for running the {% data variables.product.prodname_code_scanning %} workflow. The text of the entry is the title you gave your commit message.
+
+   ![Screenshot of the "All workflows" page. In the list of workflow runs is a run labeled "Create .github/workflows/codeql.yml."](/assets/images/help/repository/code-scanning-actions-list.png)
+
+1. Click the entry for the {% data variables.product.prodname_code_scanning %} workflow.
+
+   > [!NOTE]
+   > If you are looking for the {% data variables.product.prodname_codeql %} workflow run triggered by enabling default setup, the text of the entry is "{% data variables.product.prodname_codeql %}."
+
+1. Click the job name on the left. For example, **Analyze (LANGUAGE)**.
+
+   ![Screenshot of the log output for the "Analyze (go)" job. In the left sidebar, under the "Jobs" heading, "Analyze (go)" is listed.](/assets/images/help/repository/code-scanning-logging-analyze-action.png)
+
+1. Review the logging output from the actions in this workflow as they run.
+
+1. Optionally, to see more detail about the commit that triggered the workflow run, click the short commit hash. The short commit hash is 7 lowercase characters immediately following the commit author's username.
+
+1. Once all jobs are complete, you can view the details of any {% data variables.product.prodname_code_scanning %} alerts that were identified. For more information, see [AUTOTITLE](/code-security/code-scanning/managing-code-scanning-alerts/assessing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository).
+
+## Further reading
+
+If you're looking for diagnostic information about whether {% data variables.product.prodname_code_scanning %} accessed any private registries, see [AUTOTITLE](/code-security/how-tos/view-and-interpret-data/viewing-code-scanning-logs).