Previous

Next

GitHub Code Snippet in Datadog UI

Automated Comments in GitHub Pull Request

Datadog’s Action Catalog for GitHub

GitHub Overview Dashboard

Overview

The Datadog GitHub integration collects four main types of data:

• Audit Records - Enterprise-level security and compliance data tracking organization-wide activities, user access changes, and security settings through Audit Log Streaming.

• Repository Events - Real-time tracking of repository activities including pull requests, issues, commits, and branch changes through webhooks.

• Source Code Information - Gives access to source code to power bi-directional features between Datadog and GitHub such as displaying code snippets in APM traces, Error Tracking, and Security tools, or enabling automated PR comments from Code Security and Test Optimization.

• Telemetry Data - Automated collection of Code Scan Alerts, Secret Scan Alerts, and repository metrics to track security trends and workflow patterns.

GitHub Apps

Datadog’s GitHub Apps integration allows you to connect your GitHub organization or personal account to access source code-related functionality and collect valuable data to help you monitor and secure your GitHub environment. Manage your GitHub Apps through the Configuration tab to get started.

Set up the GitHub integration to configure GitHub Apps that connect your GitHub organization or personal account to Datadog, allowing you to access source code-related functionality, collect valuable data, and help you monitor and secure your GitHub environment.

Source Code Functionality: When installed with the correct permissions, the GitHub integration powers several different source code features across Datadog products to help you with troubleshooting and taking action on your code. Some examples include:

• Speed up investigations in Error Tracking, Continuous Profiler, and Code Security using in-line code snippets to contextualize where a problem is coming from in your code.
• Power up your code reviews with automated feedback and suggested changes directly on your pull requests from Code Security and Test Optimization.
• Take action on your codebase with custom automations built with Datadog Actions and Remediations.

For example, once the GitHub App is installed with the relevant permissions enabled, you can use the Datadog source code integration to see code snippets in your stack traces, get automated feedback and suggested changes through pull request comments from CI Visibility and Code Security, and access multiple service definitions in GitHub from the Software Catalog.

You can now integrate your GitHub Teams with your Datadog Teams—join the Preview:

Repository Events

Consume Events related to your actions in specific repositories and/or branches including:

Telemetry Data

Automated data collection through metrics and logs crawlers:

• Code Scan Alert metrics
• Secret Scan Alert metrics
• Repository metrics
• Alert state tracking
• Workflow trends

Audit Records

Enterprise-level security and compliance data:

• Audit Log Streaming (recommended for new customers)
  • Real-time organization-wide activity monitoring
  • User access changes
  • Security setting modifications
  • Organization-level events
• Legacy Audit Log Crawler (available only for customers who have previously configured it)
  • Historical audit log data
  • Organization security events

Note: Datadog has transitioned to Audit Log Streaming as the preferred method for audit log collection. While code scan and security crawlers remain active parts of GitHub Telemetry, the legacy Audit Log Crawler is only available for customers who previously had it installed.

Setup

Configuration

Each data type requires specific permissions and setup steps. See the setup section for each data type to configure each portion of the integration.

• Audit Logs
• GitHub Apps
• Metrics
• Repository Events

GitHub Apps

1. In the GitHub integration tile, navigate to the Configuration tab.

2. Click Connect GitHub Account to create a new GitHub App.

3. In Configure App, either select Organization and enter the name of your organization in GitHub, or select Personal Account.

4. For self-hosted GitHub deployments, select Running GitHub enterprise server and enter the URL of your GitHub Enterprise Server instance (version 2.22 or above). Make sure that Datadog servers can connect to your GitHub instance. Server IPs are available in the Webhooks section of IP Ranges.

5. Optionally, if you do not wish to use Datadog’s recommended configuration, expand Edit GitHub App permissions to view and customize the GitHub permissions you want to grant to Datadog. The summary contains these sections:

   • Datadog Features lists the general and product-specific features in Datadog that require specific GitHub permissions. Expand each feature for details on functionality and requirements.

   • GitHub Permissions lists the related GitHub permissions. You can use the Access Level drop-downs to change the access allowed for specific aspects of your GitHub environment.

   By default, Datadog selects the recommended permissions needed for all source code-related features. Changing the permissions will impact feature functionality. The Datadog Features section identifies any unavailable features and their missing requirements.

6. Click Create App in GitHub. If needed, you are prompted to authenticate into GitHub.
7. In GitHub, enter a name for your GitHub App and click Create GitHub App.
8. Choose whether to install the GitHub App for All repositories or Only select repositories, then click Install & Authorize.

You’re returned to where you left off in Datadog once you finish installing the GitHub App. To enable inline code snippets in APM, consider setting up Source Code Integration.

Update an existing GitHub App

If an installed GitHub App doesn’t have the required permissions or webhooks for a feature, Datadog indicates any missing requirements on the Configuration tab of the integration page. This alert also appears in other areas of Datadog where you can enable and use GitHub-powered features, such as Test Optimization.

To update your GitHub App with missing requirements from the integration page:

1. Click Review Missing Requirements.
2. Select your desired Datadog features. The list only includes features that are missing requirements.
3. As you select each feature, note the specific Repository Permissions, Organization Permissions, or Webhooks listed in the next step of the instructions.
4. Click Go to GitHub App Settings, and authenticate with GitHub.
5. In GitHub, update the necessary permissions and webhooks. Review the instructions in Datadog if necessary.
6. Make sure to click Save changes at the bottom of the page in GitHub.
7. Datadog will attempt to verify that you made the correct changes. Return to Datadog to confirm that the verification passed with a green check mark. If you only need to update webhooks, you can close the instructions and stop here.

If you updated permissions

1. Click Accept New Permissions to go back to GitHub to accept the permissions changes.

2. In GitHub, click Review request and accept the new permissions.

3. Datadog will attempt to verify your new permissions were successfully accepted. Return to Datadog to confirm that this verification passed with a green check mark, then close the instructions.

   

Notebooks

If you have granted your GitHub App read permissions for issues and pull requests, GitHub issues and pull requests automatically generate a preview hoverbox with details including the commit history, author, and date in Notebooks.

1. Navigate to Notebooks > New Notebook.
2. Add a Text cell and mention an issue or pull request on GitHub in the Edit field. For example: https://github.com/project/repository/pull/#.
3. Click Done. The GitHub icon appears next to your linked issue or pull request.
4. If needed, click Connect to Preview and Authorize.
5. Hover over the linked issue or pull request to see the description preview.

Audit Logs

Requirement: A GitHub Enterprise account is required to collect audit logs.

Audit logs encompass all activities and events across a GitHub organization. Follow the instructions on setting up streaming to Datadog in GitHub’s documentation to forward your audit logs to Datadog. For more information about audit logs, see GitHub’s documentation for audit log actions.

Telemetry Data

1. Set up an app following the instructions in the GitHub Apps Section.
2. Select the respective permissions for read access upon the application’s installation.
3. Navigate to the Telemetry tab on the Datadog tile.
4. Toggle Code Scan Alert and/or Secret Scan Alerts.

To opt-out of Code Scan or Secret Scan metrics:

1. Find the corresponding organization on the Telemetry tab on the integration tile.
2. Click the toggle for the respective sections.
3. Click Update Account.

Repository Events

Prerequisite: You must be a Github Admin for your repository.

From GitHub

1. Click on the Settings page of your GitHub project.

2. Click Webhooks under the Code, planning automation section

3. Click Add Webhook.

4. Add the following URL in the Payload URL field: https:///intake/webhook/github?api_key=<DATADOG_API_KEY>. Don’t forget to replace <DATADOG_API_KEY> with your Datadog API Key. This can also be generated on the tile.

5. Select application/json in the Content type dropdown menu.

6. Optionally, add a secret in the Secret field.

7. Ensure the Active Checkbox is selected

8. Click “Add Webhook”

   

9. In the Which events would you like to trigger this webhook? section, click Let me select individual events. Select events from the following supported options to send events to Datadog:

• pushes
• commits
• issues
• pull requests
• commit comments
• discussion comments
• issue comments
• pull request review comments
• repositories
• repository vulnerability alerts
• collaborator add, remove, or changed
• team adds
• visibility changes

Note If you select an event that’s not listed above, Datadog will not receive it.

Configure the Github Events Integration

After setting up the webhook in GitHub, configure which repositories and events to monitor in Datadog.

1. Navigate to the GitHub integration tile in Datadog.

2. Click the Events tab.

3. In the Repository Configuration section:

   • Enter the repository name(s) you want to monitor
   • Format: organization/repository (e.g., Datadog/documentation)
   • For multiple repositories:
     • Use wildcards: Datadog/* monitors all repositories in the Datadog organization
     • List specific repositories: Datadog/documentation, Datadog/integrations-core

4. In the Branch Configuration section:

   • Enter the branch names to monitor
   • Examples:
     • Single branch: main
     • Multiple branches: main, develop
     • Using wildcards: feature/* monitors all feature branches
     • Common pattern: dev-* monitors all development branches

5. In the Event Types section:

   • Select Commits to track code changes
   • Select Issues to monitor issue activity
   • Both can be selected for comprehensive monitoring

6. Click Update Configuration to save your settings.

After configuration, you can view your repository events in the Events Explorer:

• Filter events using source:github.
• Use the Source facet menu under Core to filter GitHub events.
• The event stream updates in real-time as new events occur.

Note: It may take a few minutes for events to start appearing after initial configuration.

Data Collected

Collect actionable data derived from GitHub Audit Logs, Code Scans, Secret Scans, and Repository Metrics. This telemetry data will enable your engineering teams to understand trends for security workflows and events. This integration also collects repository events.

• Visualize and track repository activity, audit events, and your overall Alert state.
• Set monitors on specific repositories to ensure all new code scan alerts are tracked by your team, and route these straight to Slack or Jira to take immediate action.
• Secure your GitHub organization against threats by using Datadog Cloud SIEM to detect signals that could indicate suspicious activity.

To start ingesting this data, follow the instructions on the Telemetry tab after installing the Datadog GitHub App.

Metrics

This integration collects the following metrics:

• Code Scan Alerts - Collect metrics related to the various types of code scanning alerts and track their trends overtime.

• Secret Scan Alerts - Collect metrics as secret scan alerts are detected and monitor how they are resolved.

These metrics provide an overview of the organization’s Alert state by categorizing their state, repo, and secret type. They also provide long-term insights on Alert trends and their general progress.

Service Checks

The GitHub integration does not include any service checks.

Events

This integration uses webhooks to collect repository events, which you can view in the Events Explorer.

Troubleshooting

Need help? Contact Datadog support.

Further Reading