Skip to main content

GitLab Event Collector

This Integration is part of the GitLab Pack.#

Supported versions

Supported Cortex XSOAR versions: 6.8.0 and later.

An event collector for Gitlab audit events using Gitlab's API.

Audit events API documentation

Configure Gitlab Event Collector in Cortex#

ParameterDescriptionRequired
Server URLTrue
API KeyThe API Key to use for connection.True
Fetch Instance Audit EventsWhen checked, the fetch mechanism will fetch events from the audit_events endpoint. That endpoint requires a higher level of authorization, see description for more details.
Groups IDsFalse
Projects IDSFalse
First fetch timestamp (<number> <time unit>, for example, 12 hours, 7 days, 3 months, 1 year)True
The maximum number of events per fetch for each event typeEach fetch will bring the `limit` number of events for each type (audits, groups and projects) and each group/project ID. For example, if `limit` is set to 500 and groups/projects IDs are given as well, then the fetch will bring 500 audit events and 500 group/project events for each group/project ID.False
Trust any certificate (not secure)False
Use system proxy settingsFalse

Commands#

You can execute the following command from the Cortex XSOAR CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.

gitlab-get-events#


Manual command to fetch events and display them.

Base Command#

gitlab-get-events

Input#

Argument NameDescriptionRequired
should_push_eventsSet this argument to True in order to create events, otherwise the command will only display them. Default is False.True

Context Output#

There is no context output for this command.