감사 이벤트 유형
GitLab v19.1Tier: Premium, Ultimate
Offering: GitLab.com, GitLab Self-Managed, GitLab Dedicated
Offering: GitLab.com, GitLab Self-Managed, GitLab Dedicated
요약
감사 이벤트 유형은 스트리밍된 감사 이벤트를 필터링하는 데 사용됩니다: 모든 감사 이벤트는 이벤트 유형과 연결됩니다. 대부분의 감사 이벤트를 데이터베이스에 저장. 모든 감사 이벤트를 외부 대상으로 스트리밍. 감사 이벤트 유형의 범위는 감사 이벤트 유형의 가용성을 다음 중 하나로 제한합니다:
History
- Introduced in GitLab 17.7, all audit events can be streamed.
감사 이벤트 유형은 스트리밍된 감사 이벤트를 필터링하는 데 사용됩니다:
모든 감사 이벤트는 이벤트 유형과 연결됩니다. 감사 이벤트 유형은 다음을 허용할 수 있습니다:
-
대부분의 감사 이벤트를 데이터베이스에 저장. Premium 및 Ultimate 티어에서 사용 가능합니다. 감사 이벤트 대시보드 또는 감사 이벤트 API를 사용하여 이러한 유형과 관련된 감사 이벤트를 검색할 수 있습니다.
-
모든 감사 이벤트를 외부 대상으로 스트리밍. Ultimate 티어에서 사용 가능합니다. 대상이 설정된 경우 이러한 유형과 관련된 감사 이벤트를 외부 대상으로 스트리밍할 수 있습니다.
감사 이벤트 유형의 범위는 감사 이벤트 유형의 가용성을 다음 중 하나로 제한합니다:
-
프로젝트, 그룹 또는 사용자 감사 이벤트.
-
인스턴스 감사 이벤트.
사용 가능한 감사 이벤트 유형#
감사 이벤트 유형은 다음 제품 카테고리에 속합니다.
Agent foundations#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| feature_access_rules_updated | GitLab Duo feature access rules were updated | check-sm | GitLab 18.8 | Instance |
| namespace_feature_access_rules_updated | GitLab Duo namespace feature access rules were updated | check-sm | GitLab 18.8 | Group |
| ai_usage_data_collection_enabled_updated | Collect usage data setting on group changed | check-sm | GitLab 19.0 | Group |
AI abstraction layer#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| ai_setting_updated | An AI setting is updated | check-sm | GitLab 19.0 | Instance |
AI framework#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| auto_duo_code_review_enabled_updated | GitLab Duo automatic code review enabled setting on group changed | check-sm | GitLab 18.11 | Group |
| duo_features_enabled_updated | GitLab Duo Features enabled setting on group or project changed | check-sm | GitLab 16.10 | Group, Project |
| duo_foundational_flows_enabled_updated | GitLab Duo foundational flows enabled setting on group changed | check-sm | GitLab 18.11 | Group |
| duo_remote_flows_enabled_updated | GitLab Duo remote flows enabled setting on group changed | check-sm | GitLab 18.11 | Group |
| enabled_foundational_flows_updated | Enabled foundational flows selection on group changed | check-sm | GitLab 18.11 | Group |
| q_onbarding_updated | Amazon Q instance settings changed | check-sm | GitLab 17.8 | Instance |
Audit events#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| amazon_s3_configuration_created | Amazon S3 configuration for audit events streaming is created | check-sm | GitLab 16.5 | Group |
| amazon_s3_configuration_deleted | Amazon S3 configuration for audit events streaming is deleted | check-sm | GitLab 16.5 | Group |
| amazon_s3_configuration_updated | Amazon S3 configuration for audit events streaming is updated | check-sm | GitLab 16.5 | Group |
| audit_events_streaming_headers_create | A streaming header for audit events is created | check-sm | GitLab 15.3 | Group |
| audit_events_streaming_headers_destroy | A streaming header for audit events is deleted | check-sm | GitLab 15.3 | Group |
| audit_events_streaming_instance_headers_create | A streaming header for instance level external audit event destination is created | check-sm | GitLab 16.3 | Instance |
| audit_events_streaming_instance_headers_destroy | A streaming header for instance level external audit event destination is deleted | check-sm | GitLab 16.3 | Instance |
| audit_events_streaming_instance_headers_update | A streaming header for instance level external audit event destination is updated | check-sm | GitLab 16.3 | Instance |
| create_event_streaming_destination | An external audit event destination is created | check-sm | GitLab 14.6 | Group |
| create_http_namespace_filter | A namespace filter for an external audit event destination for a top-level group is created | check-sm | GitLab 16.6 | Group |
| create_instance_event_streaming_destination | An external audit event destination for an instance is created | check-sm | GitLab 16.2 | Instance |
| created_group_audit_event_streaming_destination | An external audit event destination for a top-level group is created | check-sm | GitLab 16.11 | Group |
| created_group_namespace_filter | A namespace filter for an external audit event destination for a top-level group is created | check-sm | GitLab 17.0 | Group |
| created_instance_audit_event_streaming_destination | An external audit event destination for an instance is created | check-sm | GitLab 16.11 | Instance |
| created_instance_namespace_filter | A namespace filter for an external audit event destination for an instance is created | check-sm | GitLab 17.2 | Instance |
| delete_http_namespace_filter | A namespace filter for an external audit event destination for a top-level group is deleted | check-sm | GitLab 16.7 | Group |
| deleted_group_audit_event_streaming_destination | An external audit event destination for a top-level group is deleted | check-sm | GitLab 16.11 | Group |
| deleted_group_namespace_filter | A namespace filter for an external audit event destination for a top-level group is deleted | check-sm | GitLab 17.0 | Group |
| deleted_instance_audit_event_streaming_destination | An external audit event destination for a GitLab instance is deleted | check-sm | GitLab 16.11 | Instance |
| deleted_instance_namespace_filter | A namespace filter for an external audit event destination for a GitLab instance is deleted | check-sm | GitLab 17.2 | Instance |
| destroy_event_streaming_destination | An external audit event destination is deleted | check-sm | GitLab 14.6 | Group |
| destroy_instance_event_streaming_destination | An instance level external audit event destination is deleted | check-sm | GitLab 16.2 | Instance |
| event_type_filters_created | A new audit events streaming event type filter is created | check-sm | GitLab 15.10 | Group |
| event_type_filters_deleted | An audit events streaming event type filter is deleted | check-sm | GitLab 15.10 | Group |
| google_cloud_logging_configuration_created | Google Cloud Logging configuration is created | check-sm | GitLab 16.1 | Group |
| google_cloud_logging_configuration_deleted | Google Cloud Logging configuration is deleted | check-sm | GitLab 16.1 | Group |
| google_cloud_logging_configuration_updated | Google Cloud Logging configuration is updated | check-sm | GitLab 16.1 | Group |
| instance_amazon_s3_configuration_created | Instance Amazon S3 configuration for audit events streaming is created | check-sm | GitLab 16.7 | Instance |
| instance_amazon_s3_configuration_deleted | Instance-level Amazon S3 configuration for audit events streaming is deleted | check-sm | GitLab 16.7 | Instance |
| instance_amazon_s3_configuration_updated | Instance-level Amazon S3 configuration for audit events streaming is updated | check-sm | GitLab 16.7 | Instance |
| instance_google_cloud_logging_configuration_created | Instance-level Google Cloud Logging configuration is created | check-sm | GitLab 16.4 | Instance |
| instance_google_cloud_logging_configuration_deleted | Instance-level Google Cloud Logging configuration is deleted | check-sm | GitLab 16.5 | Instance |
| instance_google_cloud_logging_configuration_updated | Instance-level Google Cloud Logging configuration is updated | check-sm | GitLab 16.5 | Instance |
| update_event_streaming_destination | An external audit event destination is updated | check-sm | GitLab 14.6 | Group |
| update_instance_event_streaming_destination | An instance level external audit event destination is updated | check-sm | GitLab 16.2 | Instance |
| updated_group_audit_event_streaming_destination | An external audit event destination for a top-level group is updated | check-sm | GitLab 16.11 | Group |
| updated_instance_audit_event_streaming_destination | An external audit event destination for a GitLab instance is updated | check-sm | GitLab 16.11 | Instance |
Authorization#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| oauth_application_created | User creates an OAuth application | check-sm | GitLab 18.2 | User |
| secure_ci_job_token_policies_updated | Permissions are updated for a CI_JOB_TOKEN scope | check-sm | GitLab 17.6 | Project |
| user_authorized_oauth_application | User authorized an OAuth application | check-sm | GitLab 17.9 | User |
Build artifacts#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| job_artifact_downloaded | A user downloads a job artifact from a project | No | GitLab 16.8 | Project |
Ci variables#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| variable_viewed_api | A CI/CD variable is accessed with the API | No | GitLab 18.3 | Project, Group |
| group_ci_cd_settings_accessed | Log an audit event when a user loads the CI/CD Settings page of a group. | No | GitLab 18.4 | Group |
| project_ci_cd_settings_accessed | Log an audit event when a user loads the CI/CD Settings page of a project. | No | GitLab 18.4 | Project |
Code review#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| delete_merge_request | A merge request is successfully deleted | No | GitLab 15.4 | Project |
| group_merge_request_approval_setting_created | Merge request approval settings are added to a group | check-sm | GitLab 15.1 | Group |
Code review workflow#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| merge_request_approval_operation | A merge request is approved | No | GitLab 15.3 | Project |
| merge_request_closed_by_project_bot | A merge request is closed using a project access token | check-sm | GitLab 16.1 | Project |
| merge_request_created_by_project_bot | A merge request is created using a project access token | check-sm | GitLab 16.1 | Project |
| merge_request_invalid_approver_rules | An invalid rule when merge request is approved | check-sm | GitLab 15.5 | Project |
| merge_request_merged_by_project_bot | A merge request is merged using a project access token | check-sm | GitLab 16.1 | Project |
| merge_request_reopened_by_project_bot | A merge request is reopened using a project access token | check-sm | GitLab 16.1 | Project |
| project_merge_method_updated | A project’s merge request method is updated | check-sm | GitLab 14.10 | Project |
| project_merge_requests_author_approval_updated | A project’s MR author approval setting is updated | check-sm | GitLab 15.7 | Project |
| project_merge_requests_disable_committers_approval_updated | A project’s setting for disabling committers approval on merge requests is updated | check-sm | GitLab 15.7 | Project |
| project_merge_requests_template_updated | A merge request template for a project is updated | check-sm | GitLab 15.0 | Project |
| project_only_allow_merge_if_all_discussions_are_resolved_updated | A project’s setting for allowing merge only when all discussions are resolved is updated | check-sm | GitLab 15.7 | Project |
| project_only_allow_merge_if_pipeline_succeeds_updated | A project’s only allow merge if pipeline succeeds setting is updated | check-sm | GitLab 15.7 | Project |
| project_remove_source_branch_after_merge_updated | A project has its setting to remove branches after merges updated | check-sm | GitLab 14.10 | Project |
| project_require_password_to_approve_updated | A project’s setting for requiring a user’s password for approval of merge request is updated | check-sm | GitLab 15.7 | Project |
| project_reset_approvals_on_push_updated | A project has its setting on whether approvals are reset on a push is updated | check-sm | GitLab 14.2 | Project |
| project_resolve_outdated_diff_discussions_updated | A project’s resolve outdated diff discussions setting is updated | check-sm | GitLab 15.7 | Project |
| show_diff_preview_in_email_updated | Setting Email notification to include diff preview is updated | check-sm | GitLab 17.4 | Group, Project |
| selective_code_owner_removals_updated | Selective code owner removal is updated | check-sm | GitLab 17.0 | Project |
Code suggestions#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| project_suggestion_commit_message_updated | A project has its suggested commit message updated | check-sm | GitLab 14.10 | Project |
Compliance management#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| add_gpg_key | A GPG key is added | check-sm | GitLab 15.9 | User |
| allow_author_approval_updated | Prevent approval by merge request creator setting is updated | check-sm | GitLab 15.6 | Group |
| allow_committer_approval_updated | Prevent approvals by users who add commits setting is updated | check-sm | GitLab 15.6 | Group |
| allow_overrides_to_approver_list_per_merge_request_updated | Prevent editing approval rules in projects and merge requests setting is updated | check-sm | GitLab 15.6 | Group |
| audit_events_streaming_headers_update | A streaming header for audit events is updated | check-sm | GitLab 15.3 | Group |
| compliance_control_status_fail | A compliance control status is updated to fail | check-sm | GitLab 17.10 | Project |
| compliance_control_status_pass | A compliance control status is updated to pass | check-sm | GitLab 17.10 | Project |
| compliance_framework_added | A compliance framework is applied to a project | check-sm | GitLab 17.2 | Project |
| compliance_framework_deleted | A compliance framework is removed from a project | check-sm | GitLab 14.1 | Project |
| compliance_framework_id_updated | A compliance framework is updated for a project | check-sm | GitLab 15.7 | Project |
| compliance_framework_removed | A compliance framework is removed from a project | check-sm | GitLab 17.2 | Project |
| create_compliance_framework | A compliance framework is successfully created | check-sm | GitLab 14.6 | Group |
| create_status_check | An external status check is created | check-sm | GitLab 15.9 | Project |
| created_compliance_requirement | A requirement is added to a compliance framework | check-sm | GitLab 17.6 | Group |
| created_compliance_requirement_control | A control is added to a compliance requirement. | check-sm | GitLab 17.9 | Group |
| delete_status_check | An external status check is deleted | check-sm | GitLab 15.9 | Project |
| destroy_compliance_framework | A compliance framework is successfully deleted | check-sm | GitLab 14.6 | Group |
| destroyed_compliance_requirement | A compliance framework requirement is destroyed | check-sm | GitLab 17.7 | Group |
| destroyed_compliance_requirement_control | A compliance requirement control is destroyed. | check-sm | GitLab 17.9 | Group |
| external_status_check_name_updated | The name of an external status check is updated | check-sm | GitLab 15.7 | Project |
| external_status_check_url_updated | The URL that is used for external status checks for a pipeline is updated | check-sm | GitLab 15.0 | Project |
| group_saml_member_added | A user was added as a SAML group member | check-sm | GitLab 18.4 | Group |
| group_saml_provider_create | A group SAML provider is created | check-sm | GitLab 15.9 | Group |
| group_saml_provider_update | A group SAML provider is updated | check-sm | GitLab 15.9 | Group |
| inactive_project_scheduled_for_deletion | An inactive project is scheduled for deletion | check-sm | GitLab 16.4 | Project |
| merge_request_create | A merge request is created | No | GitLab 15.9 | Project |
| merge_request_merged | A merge request is merged | check-sm | GitLab 17.5 | Project |
| omniauth_login_failed | An OmniAuth login fails | check-sm | GitLab 16.3 | User |
| password_reset_requested | A user requests a password reset using a registered email address | check-sm | GitLab 15.11 | User |
| pending_compliance_external_control_failed | A project’s compliance external control status is updated to fail because of timeout. | check-sm | GitLab 17.9 | Project |
| personal_access_token_created | A user creates a personal access token | check-sm | GitLab 15.9 | User |
| personal_access_token_revoked | A personal access token is revoked | check-sm | GitLab 15.9 | User |
| project_archived | A project is archived | check-sm | GitLab 15.11 | Project |
| project_deletion_marked | A project is marked for deletion | check-sm | GitLab 15.11 | Group, Instance |
| project_destroyed | A project is destroyed | check-sm | GitLab 15.11 | Group, Instance |
| project_export_file_download_started | A download of a project export file is started | check-sm | GitLab 15.11 | Project |
| project_feature_security_and_compliance_access_level_updated | A project’s security and compliance access level setting is updated | check-sm | GitLab 15.7 | Project |
| project_group_link_created | A group is invited to a project | check-sm | GitLab 15.9 | Group |
| project_group_link_deleted | A project group link is deleted | check-sm | GitLab 15.9 | Group |
| project_group_link_updated | A project group link is updated | check-sm | GitLab 15.9 | Project |
| project_imported | A project is imported | check-sm | GitLab 15.11 | Group |
| project_restored | A project is restored | check-sm | GitLab 15.11 | Project |
| protected_branch_allow_force_push_updated | A protected branch has its ability to allow force pushes is updated | check-sm | GitLab 14.3 | Project |
| public_repository_download_operation | A Git repository for a public project is downloaded | No | GitLab 17.0 | Project |
| registration_created | A user registers for instance access | check-sm | GitLab 16.3 | User |
| release_created | A release is created | check-sm | GitLab 15.9 | Project |
| release_deleted_audit_event | A release is deleted | check-sm | GitLab 15.9 | Project |
| release_milestones_updated | A release’s associated milestones are updated | check-sm | GitLab 15.9 | Project |
| release_updated | A release is updated | check-sm | GitLab 15.9 | Project |
| remove_gpg_key | A GPG key is deleted | check-sm | GitLab 15.9 | User |
| repository_download_operation | A Git repository for a private or internal project is downloaded | check-sm | GitLab 15.9 | Project |
| request_to_compliance_external_control_failed | Request to compliance external control failed | check-sm | GitLab 17.9 | Project |
| request_to_compliance_external_control_successful | Request to compliance external control successful | No | GitLab 17.9 | Project |
| require_password_to_approve_updated | Require user password for approvals from group merge request setting is updated | check-sm | GitLab 15.6 | Group |
| retain_approvals_on_push_updated | Require new approvals when new commits are added to an MR from group merge request setting is updated | check-sm | GitLab 15.6 | Group |
| saml_group_links_created | A SAML Group Link is created | check-sm | GitLab 15.9 | Group |
| saml_group_links_removed | A SAML Group Link is removed | check-sm | GitLab 15.9 | Group |
| smartcard_authentication_created | A user authenticates with smartcard | check-sm | GitLab 16.0 | User |
| update_approval_rules | Updating a merge approval rule | check-sm | GitLab 15.2 | Project |
| update_compliance_framework | A compliance framework is updated | check-sm | GitLab 14.6 | Group |
| update_compliance_requirement | A compliance framework requirement is updated. | check-sm | GitLab 17.7 | Group |
| update_project_compliance_violation | Project compliance violation is updated | check-sm | GitLab 18.2 | Project |
| update_status_check | An external status check is updated | check-sm | GitLab 15.9 | Project |
| updated_compliance_requirement_control | Compliance requirement control updated. | check-sm | GitLab 17.9 | Group |
Consumables cost management#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| usage_billing_updated | The namespace owner changes GitLab Credits dashboard settings | check-sm | GitLab 18.7 | Group |
Container registry#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| container_repository_created | A container repository is first pushed to the registry | check-sm | GitLab 17.5 | Project |
| container_repository_deleted | A project’s container registry is deleted | check-sm | GitLab 17.2 | Project |
| container_repository_deletion_marked | A project’s container repository is marked for deletion | check-sm | GitLab 17.2 | Project |
| container_repository_tags_deleted | A project’s container repository tag is deleted | check-sm | GitLab 17.2 | Project |
| project_feature_container_registry_access_level_updated | A project’s container registry access level setting is updated | check-sm | GitLab 15.7 | Project |
Continuous delivery#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| deploy_key_added | A deploy key is added | check-sm | GitLab 15.3 | Project |
| deploy_key_removed | A deploy key is removed | check-sm | GitLab 15.3 | Project |
| deploy_token_created | A deploy token is created | check-sm | GitLab 15.1 | Project |
| deploy_token_creation_failed | A deploy token fails to create | check-sm | GitLab 15.1 | Project |
| deploy_token_destroyed | A deploy token is destroyed | check-sm | GitLab 15.1 | Project |
| deploy_token_revoked | A project deploy token is revoked | check-sm | GitLab 15.1 | Project |
| deployment_approved | A deployment is approved | check-sm | GitLab 17.1 | Project |
| deployment_rejected | A deployment is rejected | check-sm | GitLab 17.1 | Project |
| deployment_started | A deployment to a protected environment is started | check-sm | GitLab 17.2 | Project |
| group_deploy_token_created | A group deploy token is created | check-sm | GitLab 15.3 | Group |
| group_deploy_token_creation_failed | Creating a group deploy token failed | check-sm | GitLab 15.3 | Group |
| group_deploy_token_destroyed | A group deploy token is destroyed | check-sm | GitLab 15.3 | Group |
| group_deploy_token_revoked | A group deploy token is revoked | check-sm | GitLab 15.3 | Group |
Continuous integration#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| allow_merge_on_skipped_pipeline_updated | Skipped pipelines are considered successful setting is updated | check-sm | GitLab 14.10 | Project |
| ci_group_variable_created | A CI/CD variable is created for a group | check-sm | GitLab 15.2 | Group |
| ci_group_variable_deleted | A CI/CD variable is deleted for a group | check-sm | GitLab 15.2 | Group |
| ci_group_variable_updated | A CI/CD variable is updated for a group | check-sm | GitLab 15.2 | Group |
| ci_instance_variable_created | A CI/CD variable is created for an instance | check-sm | GitLab 16.5 | Instance |
| ci_instance_variable_deleted | A CI/CD variable is deleted for an instance | check-sm | GitLab 16.5 | Instance |
| ci_instance_variable_updated | A CI/CD variable is updated for an instance | check-sm | GitLab 16.5 | Instance |
| ci_variable_created | A CI/CD variable is created for a project | check-sm | GitLab 15.2 | Project |
| ci_variable_deleted | A CI/CD variable is deleted for a project | check-sm | GitLab 15.2 | Project |
| ci_variable_updated | A CI/CD variable is updated for a project | check-sm | GitLab 15.2 | Project |
| destroy_pipeline | A pipeline is deleted | check-sm | GitLab 16.6 | Project |
| multi_project_downstream_pipeline_created | Multi project downstream pipeline is created | No | GitLab 17.6 | Project |
| project_cicd_merge_pipelines_enabled_updated | The CI/CD merge pipelines setting for a project is updated | check-sm | GitLab 15.8 | Project |
| runner_controller_created | A runner controller is created | check-sm | GitLab 18.9 | Instance |
| runner_controller_deleted | A runner controller is deleted | check-sm | GitLab 18.9 | Instance |
| runner_controller_instance_scope_added | Instance-level scope is added to a runner controller | check-sm | GitLab 18.9 | Instance |
| runner_controller_instance_scope_removed | Instance-level scope is removed from a runner controller | check-sm | GitLab 18.9 | Instance |
| runner_controller_runner_scope_added | Runner-level scope is added to a runner controller | check-sm | GitLab 18.10 | Instance |
| runner_controller_runner_scope_removed | Runner-level scope is removed from a runner controller | check-sm | GitLab 18.10 | Instance |
| runner_controller_token_created | A runner controller token is created | check-sm | GitLab 18.9 | Instance |
| runner_controller_token_revoked | A runner controller token is revoked | check-sm | GitLab 18.9 | Instance |
| runner_controller_token_rotated | A runner controller token is rotated | check-sm | GitLab 18.9 | Instance |
| runner_controller_updated | A runner controller is updated | check-sm | GitLab 18.9 | Instance |
Delivery#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| project_feature_releases_access_level_updated | A project’s releases access level setting is updated | check-sm | GitLab 15.7 | Project |
Dependency firewall#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| dependency_firewall_allowed | A dependency is allowed by the dependency firewall policy | check-sm | GitLab 19.0 | Project |
| dependency_firewall_blocked | A dependency is blocked by the dependency firewall policy | check-sm | GitLab 19.0 | Project |
| dependency_firewall_warned | A dependency matched an advisory (warn-mode) dependency firewall policy | check-sm | GitLab 19.0 | Project |
Deployment management#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| cluster_agent_create_failed | A user attempts to create a cluster agent but it failed | check-sm | GitLab 17.3 | Project |
| cluster_agent_created | A user creates a cluster agent | check-sm | GitLab 17.3 | Project |
| cluster_agent_delete_failed | A user attempts to delete a cluster agent but it failed | check-sm | GitLab 17.3 | Project |
| cluster_agent_deleted | A user deletes a cluster agent | check-sm | GitLab 17.3 | Project |
| cluster_agent_token_created | A user creates a cluster agent token | check-sm | GitLab 15.10 | Project |
| cluster_agent_token_revoked | A user revokes a cluster agent token | check-sm | GitLab 15.10 | Project |
Dora metrics#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| project_feature_metrics_dashboard_access_level_updated | A project’s metrics dashboard access level setting is updated | check-sm | GitLab 15.7 | Project |
Duo agent platform#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| ai_agent_session_ended | An AI agent workflow session has ended. | check-sm | GitLab 19.0 | Project, Group |
| ai_agent_session_started | An AI agent workflow session has started. | check-sm | GitLab 19.0 | Project, Group |
| ai_llm_input_sent | A prompt was sent to an LLM by an AI agent. | check-sm | GitLab 19.0 | Project, Group |
| ai_llm_request_failed | An LLM request by an AI agent has failed. | check-sm | GitLab 19.0 | Project, Group |
| ai_llm_response_received | An LLM response was received by an AI agent. | check-sm | GitLab 19.0 | Project, Group |
| ai_tool_execution_failed | A tool execution by an AI agent has failed. | check-sm | GitLab 19.0 | Project, Group |
| ai_tool_execution_retried | A failed tool execution was retried by an AI agent. | check-sm | GitLab 19.0 | Project, Group |
| ai_tool_invoked | A tool was invoked by an AI agent. | check-sm | GitLab 19.0 | Project, Group |
| ai_tool_response_received | A tool response was received by an AI agent. | check-sm | GitLab 19.0 | Project, Group |
| ai_user_input_received | User input was received by an AI agent. | check-sm | GitLab 19.0 | Project, Group |
| ai_user_output_displayed | AI agent output was displayed to the user. | check-sm | GitLab 19.0 | Project, Group |
| composite_oauth_token_created | A composite OAuth token was created for a Duo workflow | check-sm | GitLab 19.0 | Group, Project, User |
| duo_agent_platform_enabled_updated | Duo Agent Platform enabled setting on group changed | check-sm | GitLab 19.0 | Group |
| duo_session_created | Duo session is created | check-sm | GitLab 18.8 | Group, Project |
| duo_session_deleted | Duo session is deleted | check-sm | GitLab 19.0 | Group, Project |
| duo_session_failed | Duo session has failed | check-sm | GitLab 18.8 | Project |
| duo_session_finished | Duo session is finished | check-sm | GitLab 18.8 | Project |
| duo_session_resumed | Duo session is resumed | check-sm | GitLab 18.9 | Project |
| duo_session_started | Duo session is started | check-sm | GitLab 18.8 | Project |
| duo_session_stopped | Duo session is stopped | check-sm | GitLab 18.8 | Project |
| duo_workflow_mcp_enabled_updated | Duo Workflow MCP enabled setting on group changed | check-sm | GitLab 19.0 | Group |
| flow_trigger_created | A flow trigger was created for a project | check-sm | GitLab 19.0 | Project |
| flow_trigger_deleted | A flow trigger was deleted from a project | check-sm | GitLab 19.0 | Project |
| flow_trigger_updated | A flow trigger was updated for a project | check-sm | GitLab 19.0 | Project |
| lock_duo_features_enabled_updated | Added when lock_duo_features_enabled is changed. | check-sm | GitLab 19.0 | Group |
| mcp_server_oauth_token_stored | A user connected to an MCP server and an OAuth token was stored | check-sm | GitLab 19.0 | User |
| prompt_injection_protection_level_updated | Prompt injection protection level setting on group changed | check-sm | GitLab 19.0 | Group |
| third_party_agent_token_created | A third-party agent access token was generated | check-sm | GitLab 18.11 | User |
| api_request_access_with_scope | A subset of API requests authenticated by a token with an audited scope | check-sm | GitLab 17.7 | User |
Dynamic application security testing#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| dast_profile_create | A dynamic application security testing profile is created | check-sm | GitLab 14.1 | Project |
| dast_profile_destroy | A dynamic application security profile is removed | check-sm | GitLab 14.1 | Project |
| dast_profile_schedule_create | A dynamic application security testing profile schedule is created | check-sm | GitLab 14.3 | Project |
| dast_profile_schedule_update | A dynamic application security testing profile schedule is updated | check-sm | GitLab 14.3 | Project |
| dast_profile_update | A dynamic application security profile is updated | check-sm | GitLab 14.1 | Project |
| dast_scanner_profile_create | A dynamic application security testing scanner profile is created | check-sm | GitLab 14.0 | Project |
| dast_scanner_profile_destroy | A dynamic application security testing scanner profile is removed | check-sm | GitLab 14.0 | Project |
| dast_scanner_profile_update | A dynamic application security testing scanner profile is updated | check-sm | GitLab 14.0 | Project |
| dast_site_profile_create | A dynamic application security testing site profile is created | check-sm | GitLab 14.0 | Project |
| dast_site_profile_destroy | A dynamic application security testing site profile is removed | check-sm | GitLab 14.0 | Project |
| dast_site_profile_update | A dynamic application security testing site profile is updated | check-sm | GitLab 14.0 | Project |
Environment management#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| environment_protected | A protected environment is created | check-sm | GitLab 15.8 | Group, Project |
| environment_unprotected | A protected environment is unprotected | check-sm | GitLab 15.8 | Group, Project |
| project_feature_environments_access_level_updated | A project’s environments access level setting is updated | check-sm | GitLab 15.7 | Project |
| protected_environment_approval_rule_added | An approval rule is added to a protected environment | check-sm | GitLab 16.5 | Group, Project |
| protected_environment_approval_rule_deleted | An approval rule is removed from a protected environment | check-sm | GitLab 16.5 | Project, Group |
| protected_environment_approval_rule_updated | An approval rule of a protected environment is updated | check-sm | GitLab 16.5 | Project, Group |
| protected_environment_deploy_access_level_added | A deploy access level is added to a protected environment | check-sm | GitLab 16.5 | Group, Project |
| protected_environment_deploy_access_level_deleted | A deploy access level is removed from a protected environment | check-sm | GitLab 16.5 | Group, Project |
| protected_environment_deploy_access_level_updated | A deploy access level of a protected environment is updated | check-sm | GitLab 16.5 | Project |
| protected_environment_updated | A protected environment is updated | check-sm | GitLab 16.5 | Group, Project |
Feature flags#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| project_feature_feature_flags_access_level_updated | A project’s feature flags access level setting is updated | check-sm | GitLab 15.7 | Project |
| feature_flag_created | A feature flag is created | check-sm | GitLab 15.10 | Project |
| feature_flag_deleted | A feature flag is deleted | check-sm | GitLab 15.10 | Project |
| feature_flag_updated | A feature flag is updated | check-sm | GitLab 15.10 | Project |
Fleet visibility#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| ci_runner_created | Triggered when a runner is created | check-sm | GitLab 17.8 | Instance, Group, Project |
| ci_runner_usage_export | A runner usage report is generated | check-sm | GitLab 16.8 | Instance |
| ci_runners_bulk_deleted | Runners are deleted in bulk | check-sm | GitLab 17.7 | User |
Fuzz testing#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| coverage_fuzzing_corpus_create | A corpus action is added | check-sm | GitLab 14.5 | Project |
Groups and projects#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| create_ssh_certificate | An SSH certificate is created | check-sm | GitLab 16.6 | Group |
| delete_ssh_certificate | An SSH certificate is deleted | check-sm | GitLab 16.6 | Group |
| emails_enabled_updated | Setting Enable email notifications is updated | check-sm | GitLab 17.4 | Group |
| enabled_git_access_protocol_updated | Setting Enabled Git access protocols is updated | check-sm | GitLab 17.4 | Group |
| enforce_ssh_certificates_updated | Setting Enforce SSH Certificates is updated | check-sm | GitLab 17.4 | Group |
| group_archived | A group is archived | check-sm | GitLab 18.3 | Group |
| group_created | A group is created | check-sm | GitLab 16.3 | Group |
| group_deletion_marked | A group is marked for deletion | check-sm | GitLab 15.11 | Group |
| group_description_updated | Group description is updated | check-sm | GitLab 17.4 | Group |
| group_destroyed | A group is destroyed | check-sm | GitLab 15.11 | Group |
| group_lfs_enabled_updated | LFS enabled for a group is updated | check-sm | GitLab 15.7 | Group |
| group_membership_lock_updated | Membership lock for a group is updated | check-sm | GitLab 15.7 | Group |
| group_mentions_disabled_updated | A group’s setting to notify group members on group mention is updated | check-sm | GitLab 17.4 | Group |
| group_name_updated | A group’s name is updated | check-sm | GitLab 15.7 | Group |
| group_path_updated | A group’s path is updated | check-sm | GitLab 15.7 | Group |
| group_project_creation_level_updated | A group’s project creation level is updated | check-sm | GitLab 15.7 | Group |
| group_request_access_enabled_updated | A group’s request access enabled is updated | check-sm | GitLab 15.7 | Group |
| group_restored | A group is restored | check-sm | GitLab 15.11 | Group |
| group_share_with_group_link_created | You invite a group to another group by using the group’s membership page | check-sm | GitLab 15.10 | Group |
| group_share_with_group_link_removed | You remove a group from another group by using the group’s membership page | check-sm | GitLab 15.10 | Group |
| group_share_with_group_link_updated | You update a group’s access settings to another group by using the group’s membership page | check-sm | GitLab 15.10 | Group |
| group_shared_with_group_lock_updated | Group can be shared with other group setting is updated | check-sm | GitLab 17.4 | Group |
| group_unarchived | A group is unarchived | check-sm | GitLab 18.3 | Group |
| group_visibility_level_updated | A group’s visibility level is updated | check-sm | GitLab 15.7 | Group |
| prevent_sharing_groups_outside_hierarchy_updated | A group’s setting to Members cannot invite groups outside of group and its subgroup updated | check-sm | GitLab 17.4 | Group |
| project_created | A project is created | check-sm | GitLab 16.0 | Project |
| project_description_updated | A project’s description is updated | No | GitLab 16.3 | Project |
| project_feature_operations_access_level_updated | A project’s operation access level setting is updated | check-sm | GitLab 15.7 | Project |
| project_feature_requirements_access_level_updated | A project’s requirements access level setting is updated | check-sm | GitLab 15.7 | Project |
| project_name_updated | A project has its name updated | check-sm | GitLab 10.2 | Project |
| project_namespace_updated | A project’s namespace is updated | check-sm | GitLab 15.7 | Project |
| project_path_updated | A project’s path is updated | check-sm | GitLab 15.5 | Project |
| project_topics_updated | A project’s topics assignments are changed | check-sm | GitLab 17.4 | Project |
| project_unarchived | A project is unarchived | check-sm | GitLab 15.11 | Project |
| project_visibility_level_updated | A project’s visibility level setting is updated | check-sm | GitLab 15.7 | Project |
| remove_dormant_members_period_updated | Setting Days of inactivity before removal is updated | check-sm | GitLab 17.4 | Group |
| remove_dormant_members_updated | Setting Dormant members is updated | check-sm | GitLab 17.4 | Group |
Importers#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| direct_transfer_relation_export_batch_downloaded | Direct Transfer relation export batch downloaded | check-sm | GitLab 18.2 | Group, Project |
| direct_transfer_relation_export_downloaded | Direct Transfer relation export downloaded | check-sm | GitLab 18.2 | Group, Project |
| direct_transfer_relations_export_initiated | Direct Transfer relations export initiated | check-sm | GitLab 18.2 | Group, Project |
| group_export_created | A group file export is created | check-sm | GitLab 17.0 | Group |
| project_export_created | A project file export is created | check-sm | GitLab 17.0 | Project |
Incident management#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| incident_closed_by_project_bot | An incident is closed using a project access token | check-sm | GitLab 16.1 | Project |
| incident_created_by_project_bot | An incident is created using a project access token | check-sm | GitLab 16.1 | Project |
| incident_reopened_by_project_bot | An incident is reopened using a project access token | check-sm | GitLab 16.1 | Project |
Mcp server#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| mcp_server_enabled_updated | MCP server enabled setting on group changed | check-sm | GitLab 19.0 | Group |
Merge trains#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| project_cicd_merge_trains_enabled_updated | The CI/CD merge trains settings for a project is updated | check-sm | GitLab 15.8 | Project |
MLOps#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| project_feature_model_experiments_access_level_updated | A project’s model experiments access level is updated | check-sm | GitLab 16.1 | Project |
| ml_model_created | ML model is created | check-sm | GitLab 17.4 | Project |
| ml_model_destroyed | ML model destroyed | check-sm | GitLab 17.4 | Project |
| ml_model_version_created | ML model version is created | check-sm | GitLab 17.4 | Project |
| ml_model_version_destroyed | ML model version destroyed | check-sm | GitLab 17.4 | Project |
| project_feature_model_registry_access_level_updated | Model registry access level was updated | check-sm | GitLab 16.7 | Project |
Not categorized#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| experiment_features_enabled_updated | Enabling experiment AI features setting is toggled | check-sm | GitLab 16.0 | Group |
Observability#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| project_feature_monitor_access_level_updated | A project’s monitor access level setting is updated | check-sm | GitLab 15.7 | Project |
Organization#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| organization_deletion_marked | An organization is marked for deletion | check-sm | GitLab 19.0 | Instance |
Package registry#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| package_registry_package_deleted | A package was deleted from GitLab package registry. Available only when the namespace’s package setting audit_events_enabled is true. | check-sm | GitLab 17.10 | Project, Group |
| package_registry_package_published | A package was published to GitLab package registry. Available only when the namespace’s package setting audit_events_enabled is true. | check-sm | GitLab 17.9 | Project, Group |
| project_feature_package_registry_access_level_updated | A project’s package registry access level setting is updated | check-sm | GitLab 15.7 | Project |
| project_packages_enabled_updated | The setting that controls packages for a project is updated | check-sm | GitLab 11.5 | Project |
Pages#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| group_force_pages_access_control_updated | A group’s Pages public access control setting is updated | check-sm | GitLab 18.11 | Group |
| project_feature_pages_access_level_updated | A project’s page access level setting is updated | check-sm | GitLab 15.7 | Project |
Permissions#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| custom_admin_role_assigned_to_user | A custom admin role is assigned to a user | check-sm | GitLab 18.0 | User |
| custom_admin_role_created | A custom admin role is created | check-sm | GitLab 18.0 | Instance |
| custom_admin_role_deleted | A custom admin role is deleted | check-sm | GitLab 18.0 | Instance |
| custom_admin_role_unassigned_from_user | A custom admin role is unassigned from a user | check-sm | GitLab 18.0 | User |
| custom_admin_role_updated | A custom admin role is updated | check-sm | GitLab 18.0 | Instance |
| member_created | A member is added and assigned a default or custom role | check-sm | GitLab 15.9 | Group, Project |
| member_destroyed | A member is removed | check-sm | GitLab 15.9 | Group, Project |
| member_role_created | A custom role is created | check-sm | GitLab 16.7 | Group, Instance |
| member_role_deleted | A custom role is deleted | check-sm | GitLab 16.9 | Group, Instance |
| member_role_updated | A custom role is updated | check-sm | GitLab 16.9 | Group, Instance |
| member_updated | A member’s default or custom role or expiration date is updated | check-sm | GitLab 15.9 | Group, Project |
Portfolio management#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| delete_epic | An epic is successfully deleted | No | GitLab 15.4 | Group |
| epic_closed_by_project_bot | An epic is closed by a group access token | check-sm | GitLab 16.1 | Group |
| epic_created_by_project_bot | An epic is created by a group access token | check-sm | GitLab 16.1 | Group |
| epic_reopened_by_project_bot | An epic is reopened by a group access token | check-sm | GitLab 16.1 | Group |
Product analytics data management#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| product_analytics_settings_update | Product analytics settings are changed | check-sm | GitLab 17.1 | Project |
Quality management#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| test_case_closed_by_project_bot | A test case is closed using a project access token | check-sm | GitLab 16.1 | Project |
| test_case_created_by_project_bot | A test case is created using a project access token | check-sm | GitLab 16.1 | Project |
| test_case_reopened_by_project_bot | A test case is reopened using a project access token | check-sm | GitLab 16.1 | Project |
Runner#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| allow_runner_registration_token_updated | Setting Allow members of projects and groups to create runners with runner registration tokens is updated | check-sm | GitLab 16.0 | Group, Project |
| ci_runner_assigned_to_project | A runner is assigned to a project | check-sm | GitLab 14.9 | Project |
| ci_runner_registered | An instance, group, or project runner is registered | check-sm | GitLab 14.8 | Instance, Group, Project |
| ci_runner_token_reset | A runner’s token is reset | check-sm | GitLab 15.0 | Instance, Group, Project |
| ci_runner_unassigned_from_project | A runner is unassigned from a project | check-sm | GitLab 14.9 | Project |
| ci_runner_unregistered | An instance, group, or project runner is unregistered | check-sm | GitLab 14.9 | Instance, Group, Project |
| group_shared_runners_minutes_limit_updated | A group’s shared runners minutes limit is updated | check-sm | GitLab 15.7 | Group |
| runner_registration_enabled_updated | Setting Runner registration is updated | check-sm | GitLab 17.4 | Group |
| set_runner_associated_projects | Associated projects are successfully assigned to a CI/CD runner | check-sm | GitLab 15.4 | Project |
Seat cost management#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| seat_control_updated | Setting Seat control is updated | check-sm | GitLab 17.4 | Group |
| group_minimal_access_role_adjusted_seat_limit | A group member is assigned the Minimal Access role due to seat limit | check-sm | GitLab 19.0 | Group |
Secret detection#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| group_secret_push_protection_updated | Secret push protection is enabled or disabled for a group and its child groups and projects, except those projects specified as excluded | check-sm | GitLab 17.7 | Group |
| group_validity_checks_updated | Validity checks is enabled or disabled for a group and its child groups and projects, except those projects specified as excluded | check-sm | GitLab 18.5 | Group |
| project_security_exclusion_applied | A project security exclusion is applied in one of the security scanners | check-sm | GitLab 17.6 | Project |
| project_security_exclusion_created | A project security exclusion is created | check-sm | GitLab 17.5 | Project |
| project_security_exclusion_deleted | A project security exclusion is deleted | check-sm | GitLab 17.5 | Project |
| project_security_exclusion_updated | A project security exclusion is updated | check-sm | GitLab 17.5 | Project |
| project_security_setting_updated | A project’s security setting is updated | check-sm | GitLab 17.0 | Project |
| skip_secret_push_protection | Secret push protection is skipped by the user | check-sm | GitLab 16.11 | Project |
Secrets management#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| user_authenticated_using_job_token | A user is authenticated using job token | No | GitLab 17.4 | Project |
| secrets_manager_create_group_secret | This event is triggered when a group level secret is created by a user | check-sm | GitLab 18.9 | Group |
| secrets_manager_create_project_secret | This event is triggered when a project level secret is created by a user | check-sm | GitLab 18.6 | Project |
| secrets_manager_delete_group_secret | This event is triggered when a group level secret is deleted by a user | check-sm | GitLab 18.9 | Group |
| secrets_manager_delete_project_secret | This event is triggered when a project level secret is deleted by a user | check-sm | GitLab 18.6 | Project |
| secrets_manager_read_group_secret | This event is triggered when a CI pipeline job reads the value of a group level secret from Openbao | No | GitLab 18.9 | Group |
| secrets_manager_read_project_secret | This event is triggered when a CI pipeline job reads the value of a project level secret from Openbao | No | GitLab 18.6 | Project |
| secrets_manager_instance_enroll | Triggered when the Secrets Manager is enrolled at the instance level | check-sm | GitLab 19.0 | Instance |
| secrets_manager_instance_unenroll | Triggered when the Secrets Manager is unenrolled at the instance level | check-sm | GitLab 19.0 | Instance |
| secrets_manager_namespace_enroll | Triggered when a namespace is enrolled in the Secrets Manager | check-sm | GitLab 19.0 | Group |
| secrets_manager_namespace_unenroll | Triggered when a namespace is unenrolled from the Secrets Manager | check-sm | GitLab 19.0 | Group |
| secrets_manager_update_group_secret | This event is triggered when a group level secret is updated by a user | check-sm | GitLab 18.9 | Group |
| secrets_manager_update_project_secret | This event is triggered when a project level secret is updated by a user | check-sm | GitLab 18.6 | Project |
Security policy management#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| policy_project_updated | The security policy project is updated for a project | check-sm | GitLab 15.6 | Group, Project |
| policy_warn_mode_group_protected_branch_modification_override | A group is affected by a warn mode policy that prevents modification of the group’s protected branches if the policy changes from warn mode to strictly enforced. | No | GitLab 18.7 | Group |
| policy_warn_mode_merge_request_approval | A merge request approval would have been prevented by a security policy in warn mode. | check-sm | GitLab 18.6 | Project |
| policy_warn_mode_merge_request_approval_settings_overrides | A merge request’s target branch is affected by a policy in warn mode that sets more restrictive approval settings if the policy changes from warn mode to enforced. | No | GitLab 18.7 | Project |
| policy_warn_mode_push_settings_overrides | Approval settings from a security policy in warn mode will override branch protections | No | GitLab 18.7 | Project |
| security_policy_access_token_branch_deletion_bypass | Access token deleted a protected branch by using a bypass | check-sm | GitLab 18.9 | Project |
| security_policy_access_token_push_bypass | Branch push that is blocked by a security policy is bypassed for configured access token | check-sm | GitLab 18.2 | Project |
| security_policy_create | A security policy is created | check-sm | GitLab 18.1 | Project |
| security_policy_delete | A security policy is deleted | check-sm | GitLab 18.1 | Project |
| security_policy_limit_exceeded | Enabled policies count exceeded the maximum allowed limit for policy type | check-sm | GitLab 18.2 | Project |
| security_policy_merge_request_merged_with_policy_violations | A merge request merged with security policy violations | check-sm | GitLab 18.2 | Project |
| security_policy_pipeline_failed | A pipeline with security policy jobs failed | No | GitLab 18.3 | Project |
| security_policy_pipeline_skipped | A security policy pipeline is skipped | No | GitLab 18.2 | Project |
| security_policy_protected_branch_bypass | Protected branch push restriction that is overridden by a security policy is bypassed | check-sm | GitLab 18.10 | Project |
| security_policy_scheduled_scans_not_enforced | A scheduled pipeline with security policy could not be created | No | GitLab 18.4 | Project |
| security_policy_service_account_branch_deletion_bypass | Service account deleted a protected branch by using a bypass | check-sm | GitLab 18.9 | Project |
| security_policy_service_account_push_bypass | Branch push that is blocked by a security policy is bypassed for configured service account | check-sm | GitLab 18.2 | Project |
| security_policy_update | A security policy is updated | check-sm | GitLab 18.1 | Project |
| security_policy_user_push_bypass | Branch push that is blocked by a security policy is bypassed for configured users | check-sm | GitLab 18.4 | Project |
| security_policy_violations_detected | Security policy violation is detected in the merge request | No | GitLab 18.2 | Project |
| security_policy_violations_resolved | Security policy violations are resolved in the merge request | No | GitLab 18.2 | Project |
| security_policy_yaml_invalidated | The policy YAML is invalidated in security policy project | check-sm | GitLab 18.2 | Project |
| status_check_response_update | A user updates external status check response for merge request | No | GitLab 18.2 | Project |
| merge_request_branch_bypassed_by_security_policy | The merge request’s approval is bypassed by the branches configured in the security policy | check-sm | GitLab 18.2 | Project |
| merge_request_merged_with_dismissed_security_policy | When a merge request violated a security policy in warn-mode that was dismissed and the MR was merged | check-sm | GitLab 18.5 | Project |
| security_policy_merge_request_bypass | A security policy is bypassed for a merge request | check-sm | GitLab 18.5 | Project |
Security risk management#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| security_attribute_attached_to_project | A security attribute is attached to a project | check-sm | GitLab 18.6 | Project |
| security_attribute_created | A security attribute is created | check-sm | GitLab 18.6 | Group |
| security_attribute_deleted | A security attribute is deleted | check-sm | GitLab 18.6 | Group |
| security_attribute_detached_from_project | A security attribute is detached from a project | check-sm | GitLab 18.6 | Project |
| security_attribute_updated | A security attribute is updated | check-sm | GitLab 18.6 | Group |
| security_category_created | A security category is created | check-sm | GitLab 18.6 | Group |
| security_category_deleted | A security category is deleted | check-sm | GitLab 18.6 | Group |
| security_category_updated | A security category is updated | check-sm | GitLab 18.6 | Group |
| security_scan_profile_attached_to_project | A security scan profile is attached to a project | check-sm | GitLab 18.9 | Project |
| security_scan_profile_detached_from_project | A security scan profile is detached from a project | check-sm | GitLab 18.9 | Project |
Security testing configuration#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| vulnerability_severity_override | When user overrides vulnerability severity | check-sm | GitLab 17.10 | Project |
Self-hosted models#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| model_selection_feature_changed | A model selection feature had its configuration changed | check-sm | GitLab 18.2 | Instance, Group, Project, User |
| self_hosted_model_created | A new self-hosted model configuration was added | check-sm | GitLab 17.4 | Instance |
| self_hosted_model_destroyed | A new self-hosted model configuration was destroyed | check-sm | GitLab 17.4 | Instance |
| self_hosted_model_feature_changed | A self-hosted model feature had its configuration changed | check-sm | GitLab 17.4 | Instance |
| self_hosted_model_terms_accepted | Terms for usage of self-hosted models were accepted | check-sm | GitLab 17.4 | Instance |
| self_hosted_model_updated | A self-hosted model configuration was updated | check-sm | GitLab 17.4 | Instance |
Service Desk#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| ticket_closed_by_project_bot | A Service Desk ticket is closed using a project access token | check-sm | GitLab 18.10 | Project |
| ticket_created_by_project_bot | A Service Desk ticket is created using a project access token | check-sm | GitLab 18.10 | Project |
| ticket_reopened_by_project_bot | A Service Desk ticket is reopened using a project access token | check-sm | GitLab 18.10 | Project |
Source code management#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| approval_rule_created | A merge request approval rule is created | check-sm | GitLab 15.2 | Project |
| approval_rule_deleted | A merge request approval rule is deleted | check-sm | GitLab 14.9 | Project |
| default_branch_name_updated | Default branch name for the group repository is changed | check-sm | GitLab 17.4 | Group |
| group_push_rules_author_email_regex_updated | A group’s push rules settings is changed for author email regex | check-sm | GitLab 15.7 | Group |
| group_push_rules_branch_name_regex_updated | A group’s push rules settings is changed for branch name regex | check-sm | GitLab 15.7 | Group |
| group_push_rules_commit_committer_check_updated | A group’s push rule setting is updated for reject unverified users | check-sm | GitLab 15.0 | Group |
| group_push_rules_commit_message_negative_regex_updated | A group’s push rules settings is changed for commit message negative regex | check-sm | GitLab 15.7 | Group |
| group_push_rules_commit_message_regex_updated | A group’s push rules settings is changed for commit message regex | check-sm | GitLab 15.7 | Group |
| group_push_rules_file_name_regex_updated | A group’s push rules settings is changed for filename regex | check-sm | GitLab 15.7 | Group |
| group_push_rules_max_file_size_updated | A group’s push rules settings is changed for max file size | check-sm | GitLab 15.7 | Group |
| group_push_rules_prevent_secrets_updated | A group’s push rule setting is updated to prevent pushing secret files | check-sm | GitLab 15.0 | Group |
| group_push_rules_reject_deny_delete_tag_updated | A group’s push rule setting is updated to deny deletion of tags using Git push | check-sm | GitLab 15.0 | Group |
| group_push_rules_reject_member_check_updated | A group’s push rule setting is updated to check if commit author is a GitLab user | check-sm | GitLab 15.0 | Group |
| group_push_rules_reject_non_dco_commits_updated | A group’s push rule setting is updated for reject non DCO certified commits | check-sm | GitLab 15.0 | Group |
| group_push_rules_reject_unsigned_commits_updated | A group push’s rule setting is updated for reject unsigned commits | check-sm | GitLab 15.0 | Group |
| group_repository_size_limit_updated | A group’s repository size limit is updated | check-sm | GitLab 15.7 | Group |
| merge_commit_template_updated | Merge commit template is updated | check-sm | GitLab 15.8 | Project |
| merged_merge_request_deleted | A merged merge request is deleted | No | GitLab 16.0 | Project |
| merged_merge_request_deletion_started | A merged merge request’s deletion is started | No | GitLab 16.1 | Project |
| prevent_forking_outside_group_updated | Setting for Prevent forking outside current group is changed | check-sm | GitLab 17.4 | Group |
| project_default_branch_updated | Default branch of a project’s repository is updated | check-sm | GitLab 16.0 | Project |
| project_disable_overriding_approvers_per_merge_request_updated | The disable overriding approvers per MR setting for a project is updated | check-sm | GitLab 15.7 | Project |
| project_feature_builds_access_level_updated | A project’s builds access level setting is updated | check-sm | GitLab 15.7 | Project |
| project_feature_forking_access_level_updated | A project’s feature forking access level setting is updated | check-sm | GitLab 15.7 | Project |
| project_feature_merge_requests_access_level_updated | A project’s merge request access level setting is updated | check-sm | GitLab 15.7 | Project |
| project_feature_repository_access_level_updated | A project’s repository access level setting is updated | check-sm | GitLab 15.7 | Project |
| project_feature_snippets_access_level_updated | A project’s snippet access level setting is updated | check-sm | GitLab 15.7 | Project |
| project_fork_operation | A project is forked | check-sm | GitLab 15.2 | Project |
| project_fork_relationship_removed | A project’s fork relationship is successfully removed | check-sm | GitLab 15.6 | Project |
| project_printing_merge_request_link_enabled_updated | The setting for projects for enabling printing merge request link is updated | check-sm | GitLab 15.7 | Project |
| project_push_rules_author_email_regex_updated | A project’s push rule setting for author email regex is updated | check-sm | GitLab 18.6 | Project |
| project_push_rules_branch_name_regex_updated | A project’s push rule setting for branch name regex is updated | check-sm | GitLab 18.6 | Project |
| project_push_rules_commit_committer_check_updated | A project’s push rule setting for reject unverified users is updated | check-sm | GitLab 16.5 | Project |
| project_push_rules_commit_message_negative_regex_updated | A project’s push rule setting for commit message negative regex is updated | check-sm | GitLab 18.6 | Project |
| project_push_rules_commit_message_regex_updated | A project’s push rule setting for commit message regex is updated | check-sm | GitLab 18.6 | Project |
| project_push_rules_file_name_regex_updated | A project’s push rule setting for file name regex is updated | check-sm | GitLab 18.6 | Project |
| project_push_rules_max_file_size_updated | A project’s push rule setting for maximum file size is updated | check-sm | GitLab 18.6 | Project |
| project_push_rules_prevent_secrets_updated | A project’s push rule setting for preventing secrets is updated | check-sm | GitLab 18.6 | Project |
| project_push_rules_reject_deny_delete_tag_updated | A project’s push rule setting for rejecting tag deletion is updated | check-sm | GitLab 18.6 | Project |
| project_push_rules_reject_member_check_updated | A project’s push rule setting for member check is updated | check-sm | GitLab 18.6 | Project |
| project_push_rules_reject_non_dco_commits_updated | A project’s push rule setting for rejecting non-DCO commits is updated | check-sm | GitLab 18.6 | Project |
| project_push_rules_reject_unsigned_commits_updated | A project’s push rule setting for rejecting unsigned commits is updated | check-sm | GitLab 18.6 | Project |
| project_repository_size_limit_updated | The repository size limit of a project is updated | check-sm | GitLab 15.7 | Project |
| protected_branch_code_owner_approval_required_updated | The protected branch code owner approval required setting is updated | check-sm | GitLab 15.8 | Project |
| protected_branch_created | A protected branch is created | check-sm | GitLab 15.2 | Project |
| protected_branch_removed | A protected branch is removed | check-sm | GitLab 15.2 | Project |
| protected_branch_updated | The setting for protected branches is updated | check-sm | GitLab 15.8 | Project |
| repository_git_operation | Authenticated users push, pull, or clone a project using SSH, HTTP(S), or the UI | No | GitLab 14.9 | Project |
| require_reauthentication_to_approve_updated | The setting for requiring reauthentication for merge request approvals is updated | check-sm | GitLab 17.1 | Group, Project |
| squash_commit_template_updated | The merge request squash commit template for a project is updated | check-sm | GitLab 15.8 | Project |
| squash_option_updated | Squash option setting is updated | check-sm | GitLab 15.0 | Project |
| manually_trigger_housekeeping | Manually triggering housekeeping via API or admin UI | check-sm | GitLab 15.9 | Project |
| project_blobs_removal | Removing blobs by using the GraphQL API or project settings UI | check-sm | GitLab 17.0 | Project |
| project_text_replacement | Replacing text by using the GraphQL API or project settings UI | check-sm | GitLab 17.1 | Project |
| repository_file_accessed_api | Log an audit event when an authenticated user reads a repository file via the API. | No | GitLab 19.0 | Project |
| repository_file_accessed_web | Log an audit event when an authenticated user views a repository file via the Web UI. | No | GitLab 19.0 | Project |
System access#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| allow_mfa_for_subgroups_updated | Setting for Subgroups can set up their own two-factor authentication rules updated | check-sm | GitLab 17.4 | Group |
| allowed_email_domain_updated | Group setting allowed email domain entry is updated | check-sm | GitLab 17.5 | Group |
| application_setting_updated | An application setting is updated | check-sm | GitLab 16.3 | Instance |
| disable_personal_access_tokens_updated | Setting Disable personal access tokens is updated | check-sm | GitLab 17.4 | Group |
| disable_ssh_keys_updated | Setting Disable SSH Keys is updated | check-sm | GitLab 18.6 | Group |
| email_created | An email is created | check-sm | GitLab 15.11 | User |
| email_destroyed | An email is destroyed | check-sm | GitLab 15.11 | User |
| group_access_token_created | A group access token is created | check-sm | GitLab 15.2 | Group |
| group_access_token_creation_failed | Creating a group access token failed | check-sm | GitLab 15.2 | Group |
| group_access_token_deleted | A group access token is deleted | check-sm | GitLab 15.2 | Group |
| group_access_token_deletion_failed | Deleting a group access token failed | check-sm | GitLab 15.2 | Group |
| group_require_two_factor_authentication_updated | A group’s require two factor authentication setting is updated | check-sm | GitLab 15.7 | Group |
| group_two_factor_grace_period_updated | A group’s two factor grace period is updated | check-sm | GitLab 15.7 | Group |
| ip_restrictions_changed | Any changes in the IP allowlist | check-sm | GitLab 15.0 | Group |
| ldap_group_sync_failed | LDAP group sync failed due to a connection or server error | check-sm | GitLab 18.10 | Group |
| login_failed_with_otp_authentication | Sign-in fails because of an incorrect OTP | check-sm | GitLab 16.4 | User |
| login_failed_with_standard_authentication | Sign-in to GitLab fails with standard authentication, such as password | check-sm | GitLab 16.4 | Instance |
| login_failed_with_webauthn_authentication | Sign-in fails when using a WebAuthn device | check-sm | GitLab 16.4 | User |
| new_user_signups_cap_updated | Setting Number of users for user cap is updated | check-sm | GitLab 17.4 | Group |
| project_access_token_created | A project access token is created | check-sm | GitLab 15.2 | Project |
| project_access_token_creation_failed | Creating a project access token fails | check-sm | GitLab 15.2 | Project |
| project_access_token_deleted | A project access token is deleted | check-sm | GitLab 15.2 | Project |
| project_access_token_deletion_failed | Deleting a project access token fails | check-sm | GitLab 15.2 | Project |
| resource_access_token_creation_allowed_updated | Setting for Users can create project access tokens and group access tokens in this group is updated | check-sm | GitLab 17.4 | Group, Project |
| service_access_tokens_expiration_enforced_updated | Setting Service account token expiration is updated | check-sm | GitLab 17.4 | Group |
| update_mismatched_group_saml_extern_uid | The external UID is changed on a SAML identity | check-sm | GitLab 15.7 | User |
| user_access_locked | User access to the instance is locked | check-sm | GitLab 16.2 | User |
| user_access_unlocked | User access to the instance is unlocked | check-sm | GitLab 16.2 | User |
| user_disable_passkey | A user disables passkey. Group scope is only available for enterprise users. | check-sm | GitLab 18.7 | User, Group |
| user_disable_two_factor | A user disables two factor authentication. Group scope was introduced in GitLab 17.6. | check-sm | GitLab 15.1 | User, Group |
| user_enable_admin_mode | Admin Mode enabled | check-sm | GitLab 15.7 | User |
| user_enable_passkey | A user enables passkey. Group scope is only available for enterprise users. | check-sm | GitLab 18.7 | User, Group |
| user_enable_two_factor | A user enables two factor authentication. Group scope is only available for enterprise users. | check-sm | GitLab 18.5 | User, Group |
| authenticated_with_ldap | User successfully signed in with LDAP | check-sm | GitLab 17.11 | User |
| authenticated_with_oauth | User successfully signed in with OAuth | check-sm | GitLab 17.11 | User |
| authenticated_with_password | User successfully signed in with password | check-sm | GitLab 18.3 | User |
| authenticated_with_two_factor | User successfully signed in with two-factor authentication | check-sm | GitLab 18.3 | User |
| authenticated_with_webauthn | User successfully signed in with WebAuthn device | check-sm | GitLab 18.3 | User |
| step_up_auth_required_oauth_provider_updated | Step-up authentication OAuth provider requirement is updated | check-sm | GitLab 18.4 | Group |
Team planning#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| comment_by_project_bot | A comment is added to an issue or a merge request when using a project access token | No | GitLab 16.1 | Project |
| comment_created | A comment is added to an issue, merge request, or other objects | No | GitLab 18.5 | Project, Group |
| comment_deleted | A comment is deleted | No | GitLab 18.5 | Project, Group |
| comment_updated | A comment is updated | No | GitLab 18.5 | Project, Group |
| delete_issue | An issue is successfully deleted | No | GitLab 15.4 | Project |
| delete_work_item | A work item is successfully deleted | No | GitLab 15.4 | Project |
| issue_closed_by_project_bot | An issue is closed using a project access token | check-sm | GitLab 16.1 | Project |
| issue_created_by_project_bot | An issue is created using a project access token | check-sm | GitLab 16.1 | Project |
| issue_reopened_by_project_bot | An issue is reopened using a project access token | check-sm | GitLab 16.1 | Project |
| label_created | A project or group label is created | check-sm | GitLab 18.11 | Project, Group |
| label_deleted | A project or group label is deleted | check-sm | GitLab 18.11 | Project, Group |
| label_updated | A project or group label is updated | check-sm | GitLab 18.11 | Project, Group |
| project_feature_issues_access_level_updated | A project’s issues access level setting is updated | check-sm | GitLab 15.7 | Project |
| task_closed_by_project_bot | A task is closed using a project access token | check-sm | GitLab 16.1 | Project |
| task_created_by_project_bot | A task is created using a project access token | check-sm | GitLab 16.1 | Project |
| task_reopened_by_project_bot | A task is reopened using a project access token | check-sm | GitLab 16.1 | Project |
User management#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| authenticated_with_group_saml | Successfully signing in with SAML authentication | check-sm | GitLab 12.10 | Group |
| ban_user | A user is banned, unbanned, blocked, or unblocked | check-sm | GitLab 15.11 | User |
| change_membership_state | A user’s membership is updated | check-sm | GitLab 15.1 | Group |
| inactive_scim_user_cannot_be_added | A user cannot be added to a group during SAML authentication when their SCIM identity is inactive | check-sm | GitLab 17.7 | Group |
| password_reset_failed | A password reset fails for a user | No | GitLab 16.4 | User |
| unban_user | A user is unbanned | check-sm | GitLab 15.11 | User |
| unblock_user | A user is banned | check-sm | GitLab 15.11 | User |
| user_activate | A user is activated | check-sm | GitLab 16.1 | User |
| user_approved | A user is approved for an instance | check-sm | GitLab 15.11 | User |
| user_blocked | A user is blocked | check-sm | GitLab 15.11 | User |
| user_created | A user is created | check-sm | GitLab 15.10 | User |
| user_deactivate | A user is deactivated | check-sm | GitLab 16.0 | User |
| user_destroyed | A user is scheduled for removal from the instance. Group and Project scopes were introduced in GitLab 17.5. | check-sm | GitLab 15.11 | User, Group, Project |
| user_email_changed_and_user_signed_in | User email changed and user signed in | check-sm | GitLab 15.8 | User |
| user_impersonation | An instance administrator starts or stops impersonating a user | check-sm | GitLab 14.8 | User, Group |
| user_password_updated | A user password is updated | check-sm | GitLab 15.7 | User |
| user_provisioned_by_scim | A user is provisioned by SCIM | check-sm | GitLab 17.8 | Group |
| user_records_migrated_to_ghost | Event triggered when user records are migrated to a ghost user during batch processing | check-sm | GitLab 18.4 | User |
| user_rejected | A user registration is rejected | check-sm | GitLab 15.11 | User |
| user_external_status_updated | A user is either flagged as external or has the external flag removed. | check-sm | GitLab 18.5 | User |
| user_signed_in_from_unseen_ip | User signed in from a previously unseen IP address | check-sm | GitLab 19.0 | User |
User profile#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| add_ssh_key | An SSH key is added to a user’s profile. Group scope is only available for enterprise users. | check-sm | GitLab 18.2 | User, Group |
| email_confirmation_sent | Users add or change an email address and it must be confirmed | No | GitLab 16.3 | User |
| remove_ssh_key | An SSH key is removed from a user’s profile. Group scope was introduced for enterprise users in GitLab 18.2. | check-sm | GitLab 14.1 | User, Group |
| user_admin_status_updated | A user is either made an administrator or removed as an administrator | check-sm | GitLab 14.1 | User |
| user_auditor_status_updated | A user is either made an auditor or removed as an auditor | check-sm | GitLab 16.6 | User |
| user_email_address_updated | A user updates their email address | check-sm | GitLab 10.1 | User |
| user_name_updated | A user’s name is updated | check-sm | GitLab 17.5 | User |
| user_profile_visibility_updated | User toggles private profile user setting | No | GitLab 17.11 | User |
| user_profile_visiblity_updated | User toggles private profile user setting (DEPRECATED). Use user_profile_visibility_updated instead. | No | GitLab 16.3 | User |
| user_username_updated | A user’s username is updated | check-sm | GitLab 15.7 | User |
Value stream management#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| project_feature_analytics_access_level_updated | A project’s analytics access level setting is updated | check-sm | GitLab 15.7 | Project |
Verify security#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| secure_ci_job_token_group_added | Group added to CI_JOB_TOKEN scope | check-sm | GitLab 17.3 | Project |
| secure_ci_job_token_group_removed | Group removed from CI_JOB_TOKEN scope | check-sm | GitLab 17.3 | Project |
| secure_ci_job_token_inbound_disabled | CI_JOB_TOKEN permissions disabled for inbound | check-sm | GitLab 16.0 | Project |
| secure_ci_job_token_inbound_enabled | CI_JOB_TOKEN permissions enabled for inbound | check-sm | GitLab 16.0 | Project |
| secure_ci_job_token_project_added | Project added to inbound CI_JOB_TOKEN scope | check-sm | GitLab 16.0 | Project |
| secure_ci_job_token_project_removed | Project removed from inbound CI_JOB_TOKEN scope | check-sm | GitLab 16.0 | Project |
Virtual registry#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| virtual_registries_container_cache_remote_entry_deleted | A virtual registry container cache remote entry was deleted | check-sm | GitLab 18.9 | Group |
| virtual_registries_packages_maven_cache_remote_entry_deleted | A virtual registry Maven cache remote entry was deleted | check-sm | GitLab 18.6 | Group |
| virtual_registries_packages_maven_upstream_artifact_denied | A virtual registry Maven upstream denied an artifact due to filtration rules | check-sm | GitLab 18.10 | Group |
Vulnerability management#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| project_feature_infrastructure_access_level_updated | A project’s infrastructure access level setting is updated | check-sm | GitLab 15.7 | Project |
| remove_vulnerability_false_positive_flag | A user removes a false positive flag from a vulnerability. | check-sm | GitLab 18.7 | Project |
Webhooks#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| webhook_created | A webhook is created | check-sm | GitLab 17.1 | Project, Group, Instance |
| webhook_destroyed | A webhook is destroyed | check-sm | GitLab 17.0 | Project, Group, Instance |
Wiki#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| project_feature_wiki_access_level_updated | A project’s wiki access level setting is updated | check-sm | GitLab 15.7 | Project |
Workflow catalog#
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|---|---|---|---|---|
| ai_catalog_restricted_to_group_hierarchy_updated | In a group, the AI Catalog restricted to group hierarchy setting is changed | check-sm | GitLab 19.0 | Group |
| create_ai_catalog_agent | A user creates an AI Catalog agent. | check-sm | GitLab 18.6 | Project |
| create_ai_catalog_flow | A user creates an AI Catalog flow. | check-sm | GitLab 18.6 | Project |
| create_ai_catalog_mcp_server | A user creates an AI Catalog MCP server. | check-sm | GitLab 18.11 | Instance |
| create_ai_catalog_third_party_flow | A user creates an AI Catalog external agent (formerly third-party flow). | check-sm | GitLab 18.6 | Project |
| delete_ai_catalog_agent | A user deletes an AI Catalog agent. | check-sm | GitLab 18.6 | Project |
| delete_ai_catalog_flow | A user deletes an AI Catalog flow. | check-sm | GitLab 18.6 | Project |
| delete_ai_catalog_third_party_flow | A user deletes an AI Catalog external agent (formerly third-party flow). | check-sm | GitLab 18.6 | Project |
| disable_ai_catalog_agent | A user disables an AI Catalog agent in a project or group. | check-sm | GitLab 18.6 | Project, Group |
| disable_ai_catalog_flow | A user disables an AI Catalog flow in a project or group. | check-sm | GitLab 18.6 | Project, Group |
| disable_ai_catalog_third_party_flow | A user disables an AI Catalog external agent (formerly third-party flow) in a project or group. | check-sm | GitLab 18.6 | Project, Group |
| duo_custom_agents_enabled_updated | GitLab Duo custom agents enabled setting on group changed | check-sm | GitLab 19.0 | Group |
| duo_custom_flows_enabled_updated | GitLab Duo custom flows enabled setting on group changed | check-sm | GitLab 19.0 | Group |
| duo_external_agents_enabled_updated | GitLab Duo external agents enabled setting on group changed | check-sm | GitLab 19.0 | Group |
| enable_ai_catalog_agent | A user enables an AI Catalog agent in a project or group. | check-sm | GitLab 18.6 | Project, Group |
| enable_ai_catalog_flow | A user enables an AI Catalog flow in a project or group. | check-sm | GitLab 18.6 | Project, Group |
| enable_ai_catalog_third_party_flow | A user enables an AI Catalog external agent (formerly third-party flow) in a project or group. | check-sm | GitLab 18.6 | Project, Group |
| update_ai_catalog_agent | A user updates an AI Catalog agent. | check-sm | GitLab 18.6 | Project |
| update_ai_catalog_flow | A user updates an AI Catalog flow. | check-sm | GitLab 18.6 | Project |
| update_ai_catalog_mcp_server | A user updates an AI Catalog MCP server. | check-sm | GitLab 18.11 | Instance |
| update_ai_catalog_third_party_flow | A user updates an AI Catalog external agent (formerly third-party flow). | check-sm | GitLab 18.6 | Project |
| update_enabled_ai_catalog_agent | A user updates an enabled AI Catalog agent in a project or group. | check-sm | GitLab 18.10 | Project, Group |
| update_enabled_ai_catalog_flow | A user updates an enabled AI Catalog flow in a project or group. | check-sm | GitLab 18.10 | Project, Group |
| update_enabled_ai_catalog_third_party_flow | A user updates an enabled AI Catalog external agent in a project or group. | check-sm | GitLab 18.10 | Project, Group |