7

A few days ago, I got an email from github saying that a personal access token that we used is in an 'outdated format':

We noticed that an application, TeamCity(ci.support.example.com), owned by an organization you are an admin of, ExampleSolutions, used a token with an outdated format to access the GitHub API on May 19th, 2021 at 17:46 (UTC), with a user-agent header of TeamCity Server 20XX.X.X (build XXXXX).

Looking at the github Personal access tokens page for the user in question, it shows that the token was 'Last used within the last 2 weeks'.

I would like to find logs for the use of the personal access token at the same level of granularity in terms of timestamp and accessing server as are given in the email, so that I can match them against the logs in TeamCity and figure out which build config(s) used the token.

I've exported the Security log for the owner of the personal access token, as well as the Audit log for the organization. Neither of these show anything relevant on the date and time in question. Are there any logs that I've missed?

Improve this question
1
  • Were you ever able to find additional logs?
    – Jesusaur
    Commented Sep 26, 2023 at 20:11

1 Answer 1

Reset to default
0

Free GitHub does not publicly log detailed information for each personal access token used, such as exact timestamps and accessing IP addresses.

GitHub Enterprise Cloud and GitHub Enterprise Server, IIRC, do offer this functionality.

Improve this answer

Not the answer you're looking for? Browse other questions tagged or ask your own question.