- 필수 기능
- 시작하기
- Glossary
- 표준 속성
- Guides
- Agent
- 통합
- 개방형텔레메트리
- 개발자
- API
- Datadog Mobile App
- CoScreen
- Cloudcraft
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- APM
- Continuous Profiler
- 스팬 시각화
- 데이터 스트림 모니터링
- 데이터 작업 모니터링
- 디지털 경험
- 소프트웨어 제공
- 보안
- AI Observability
- 로그 관리
- 관리
Detect when anomalous organizational activity is occurring from a bot account inside the GitHub organization.
This rule monitors GitHub audit logs for when a bot takes an action outside of Git operations and pull requests.
Review audit logs to determine if the bot’s activity is out of character.
Check for anomalies in the bot’s access patterns:
@actor_location.country_code
unexpected or different from typical locations?@http.useragent
or @network.client.ip
differ from usual activity?@network.client.geoip.as.domain
or IP address aligns with known bot activity.Contact the bot owner to confirm if the bot should be performing these actions, especially from the observed user agent or IP address.