Professional Documents
Culture Documents
Steps to generate Personal Access token on Gitlab Cloud Edition
Steps to generate Personal Access token on Gitlab Cloud Edition
(Vipul Dabhi)
1. Log In to GitLab:
Open your web browser and log in to your GitLab account.
5. While adding the Personal Access token, provide the scope/permission and the Expiration
Day:
With the free trial of GitLab, you have access to various logs and events through the API. However,
the availability of certain logs, especially audit logs, might be limited depending on your GitLab plan.
Here is example I tested to fetch the events you can access with the GitLab API:
User Events
You can retrieve events related to a specific user, such as activities performed by the user.
Endpoint:
https://gitlab.com/api/v4/users/:id/events
Create a Data collection Endpoint in advance prior creating the Data Collection Rule:
For creating a DCE navigate to monitor in global search:
You can fetch the schema either from gitlab official website or the json output which you got
from the postman api request:
Copy the Json output from postman, and save the same in json format as guided below:
Upload the json file on the schema page od DCR:
If Timegenrated field error comes up, try changing the time field in json as:
Re-upload the json file :
Rectify if there is any error like here the error is usage of a reserved keyword id:
Hence replace the same in json and reupload the file and save the DCR
Creating Azure Logic app to fetch the logs from Gitlab to Microsoft Sentinel
Ensure you have the PAT and the required API endpoint URL in place prior creating the Logic
app as a pre-requisites:
Start with a Blank logic app in Microsoft Sentinel as:
Create the Logic app with Consumption plan as with Resource group and other key
requirements:
Deploy the logic app:
Open the logic app designer and add the steps for Recurrence, HTTP, Send to log analytics as:
HTTP Action:
Enter the URL, Method, Headers, as defined while accessing the content in postman:
Send log to log analytics Workspace and select or add the custom table which is created
previously