Merge remote-tracking branch 'docs-internal/main'

heiskr · heiskr · commit 0123cbae92b2 · 2026-02-20T12:53:50.000-08:00
diff --git a/src/audit-logs/data/fpt/organization.json b/src/audit-logs/data/fpt/organization.json
@@ -9633,6 +9633,40 @@
       "created_at"
     ]
   },
+  {
+    "action": "org.members_limit_warning",
+    "description": "An organization is approaching its members limit.",
+    "docs_reference_links": "N/A",
+    "fields": [
+      "@timestamp",
+      "_document_id",
+      "action",
+      "actor",
+      "actor_id",
+      "business",
+      "business_id",
+      "hashed_token",
+      "org",
+      "org_id",
+      "programmatic_access_type",
+      "repo",
+      "repo_id",
+      "repository",
+      "repository_id",
+      "request_access_security_header",
+      "request_id",
+      "token_id",
+      "token_scopes",
+      "user",
+      "user_id",
+      "user_agent",
+      "limit",
+      "count",
+      "created_at",
+      "operation_type",
+      "actor_is_bot"
+    ]
+  },
   {
     "action": "org.oauth_app_access_approved",
     "description": "Access to an organization was granted for an OAuth App.",
diff --git a/src/audit-logs/data/ghec/enterprise.json b/src/audit-logs/data/ghec/enterprise.json
@@ -2986,6 +2986,41 @@
       "actor_is_bot"
     ]
   },
+  {
+    "action": "business.organizations_limit_reached",
+    "description": "An enterprise has reached its organizations limit.",
+    "docs_reference_links": "N/A",
+    "fields": [
+      "@timestamp",
+      "_document_id",
+      "action",
+      "actor",
+      "actor_id",
+      "business",
+      "business_id",
+      "hashed_token",
+      "org",
+      "org_id",
+      "programmatic_access_type",
+      "repo",
+      "repo_id",
+      "repository",
+      "repository_id",
+      "request_access_security_header",
+      "request_id",
+      "token_id",
+      "token_scopes",
+      "user",
+      "user_id",
+      "user_agent",
+      "name",
+      "limit",
+      "count",
+      "created_at",
+      "operation_type",
+      "actor_is_bot"
+    ]
+  },
   {
     "action": "business.organizations_limit_warning",
     "description": "An enterprise is approaching its organizations limit.",
@@ -15233,6 +15268,40 @@
       "created_at"
     ]
   },
+  {
+    "action": "org.members_limit_warning",
+    "description": "An organization is approaching its members limit.",
+    "docs_reference_links": "N/A",
+    "fields": [
+      "@timestamp",
+      "_document_id",
+      "action",
+      "actor",
+      "actor_id",
+      "business",
+      "business_id",
+      "hashed_token",
+      "org",
+      "org_id",
+      "programmatic_access_type",
+      "repo",
+      "repo_id",
+      "repository",
+      "repository_id",
+      "request_access_security_header",
+      "request_id",
+      "token_id",
+      "token_scopes",
+      "user",
+      "user_id",
+      "user_agent",
+      "limit",
+      "count",
+      "created_at",
+      "operation_type",
+      "actor_is_bot"
+    ]
+  },
   {
     "action": "org.oauth_app_access_approved",
     "description": "Access to an organization was granted for an OAuth App.",
diff --git a/src/audit-logs/data/ghec/organization.json b/src/audit-logs/data/ghec/organization.json
@@ -9633,6 +9633,40 @@
       "created_at"
     ]
   },
+  {
+    "action": "org.members_limit_warning",
+    "description": "An organization is approaching its members limit.",
+    "docs_reference_links": "N/A",
+    "fields": [
+      "@timestamp",
+      "_document_id",
+      "action",
+      "actor",
+      "actor_id",
+      "business",
+      "business_id",
+      "hashed_token",
+      "org",
+      "org_id",
+      "programmatic_access_type",
+      "repo",
+      "repo_id",
+      "repository",
+      "repository_id",
+      "request_access_security_header",
+      "request_id",
+      "token_id",
+      "token_scopes",
+      "user",
+      "user_id",
+      "user_agent",
+      "limit",
+      "count",
+      "created_at",
+      "operation_type",
+      "actor_is_bot"
+    ]
+  },
   {
     "action": "org.oauth_app_access_approved",
     "description": "Access to an organization was granted for an OAuth App.",
diff --git a/src/audit-logs/lib/config.json b/src/audit-logs/lib/config.json
@@ -9,5 +9,5 @@
     "git": "Note: Git events have special access requirements and retention policies that differ from other audit log events. For GitHub Enterprise Cloud, access Git events via the REST API only with 7-day retention. For GitHub Enterprise Server, Git events must be enabled in audit log configuration and are not included in search results.",
     "sso_redirect": "Note: Automatically redirecting users to sign in is currently in beta for Enterprise Managed Users and subject to change."
   },
-  "sha": "6ed0bc555c656abf9f2edbf21ec746a6b1d0b3f0"
+  "sha": "cf5a23d9a51d5f395ce6d7ab89e8d78bb464efc0"
 }

Original file line number	Diff line number	Diff line change
`@@ -9,5 +9,5 @@`
`9`	`9`	`"git": "Note: Git events have special access requirements and retention policies that differ from other audit log events. For GitHub Enterprise Cloud, access Git events via the REST API only with 7-day retention. For GitHub Enterprise Server, Git events must be enabled in audit log configuration and are not included in search results.",`
`10`	`10`	`"sso_redirect": "Note: Automatically redirecting users to sign in is currently in beta for Enterprise Managed Users and subject to change."`
`11`	`11`	`},`
`12`		`- "sha": "6ed0bc555c656abf9f2edbf21ec746a6b1d0b3f0"`
	`12`	`+ "sha": "cf5a23d9a51d5f395ce6d7ab89e8d78bb464efc0"`
`13`	`13`	`}`