Blog Security Use Streaming Audit Events to connect your technology stack with GitLab and Pipedream
Published on: June 27, 2022
4 min read

Use Streaming Audit Events to connect your technology stack with GitLab and Pipedream

Automation lets your DevSecOps teams have logic in place for how to handle events as they come in.

gl15.jpg

Gitlab recently released Streaming Audit Events to provide you real-time visibility into what happens inside your GitLab groups and projects. Whenever something happens, an event will be sent to the HTTPS destination of your choice. This is a great way to understand immediately when something has changed and if there is an action that needs to be taken.

These events are often used to drive automation to update GitLab in response to certain actions, such as creating a new issue to onboard a team member when an account is added to a group, or to restore the correct value of a merge request approval setting if it is changed. We know that many users want to combine the streaming audit events with other data sets and tools they already work with. Taking automatic action in response to audit events happening can help ensure your GitLab groups and projects are always in the correct, compliant state.

Pipedream simplifies the streaming audit event process

Driving automation off of these events or combining the events with other data sets means the destination which will receive the events needs to be running and have logic in place for how to handle the events as they come in. This normally would require setting up and maintaining a server with high availability to receive events as they happen, run any automation scripts, and then process the events if they needed to be sent to another tool or combined with another data set. This is tricky to do right and an extra step that takes time.

Enter our partner, Pipedream.

Pipedream lets you connect APIs, remarkably fast. This includes the new streaming audit events from GitLab. When you select the GitLab New Audit Events trigger in a Pipedream workflow, Pipedream will automatically register an HTTPS endpoint for audit events in your GitLab group:

Pipedream registration process

From there, Pipedream allows you to transform the data, forward it to any other tools using Pipedream’s prebuilt actions, or write any custom automation with code (i.e., Node.js, Python, Go, or Bash).

Getting started with Pipedream and GitLab

The video below shows an example of how to use GitLab streaming audit events and Pipedream together to automatically alert your security team if a sensitive project setting is changed. This is powerful because it ensures that your security teams can immediately take action when a change occurs and understand why it happened.

This is just one example of what you can do with Pipedream and GitLab together. Pipedream allows you to use any GitLab API in response to an audit event: You can change the setting to its original value, add comments to issues, kick off pipelines, and more. You can also trigger any action in any of the 700+ other apps that it has built-in integrations with.

Open source integration means everyone can contribute

Pipedream and GitLab are both strong believers in open source. The integration is publicly available at the Pipedream repository, and contributions are welcome! We are excited to see what sort of workflows you create with Pipedream and GitLab together.

Final thoughts

In this post, we talked about the power of GitLab’s Streaming Audit Events to give you immediate visibility into your groups and projects and how Pipedream makes it easy to build and automate workflows based on those audit events. This was just a preview of what is possible though, as you can use the entire GitLab API within Pipedream in response to audit events or interact with other tools supported by Pipedream.

We are excited to see the workflows you build with GitLab and Pipedream together. We showed how you can create a GitLab issue to alert the security team when settings are changed, but the sky is the limit - you might also create issues when new user accounts are created to onboard new team members, automatically restore changed settings, or forward data to a security information and event management, a.k.a. SIEM, system. With Pipedream and Gitlab, you can automatically take the actions necessary when things change to ensure you remain secure and compliant.

We want to hear from you

Enjoyed reading this blog post or have questions or feedback? Share your thoughts by creating a new topic in the GitLab community forum. Share your feedback

Ready to get started?

See what your team could do with a unified DevSecOps Platform.

Get free trial

Find out which plan works best for your team

Learn about pricing

Learn about what GitLab can do for your team

Talk to an expert