Gitlab recently released Streaming Audit Events to provide you real-time visibility into what happens inside your GitLab groups and projects. Whenever something happens, an event will be sent to the HTTPS destination of your choice. This is a great way to understand immediately when something has changed and if there is an action that needs to be taken.
These events are often used to drive automation to update GitLab in response to certain actions, such as creating a new issue to onboard a team member when an account is added to a group, or to restore the correct value of a merge request approval setting if it is changed. We know that many users want to combine the streaming audit events with other data sets and tools they already work with. Taking automatic action in response to audit events happening can help ensure your GitLab groups and projects are always in the correct, compliant state.
Pipedream simplifies the streaming audit event process
Driving automation off of these events or combining the events with other data sets means the destination which will receive the events needs to be running and have logic in place for how to handle the events as they come in. This normally would require setting up and maintaining a server with high availability to receive events as they happen, run any automation scripts, and then process the events if they needed to be sent to another tool or combined with another data set. This is tricky to do right and an extra step that takes time.
Enter our partner, Pipedream.
Pipedream lets you connect APIs, remarkably fast. This includes the new streaming audit events from GitLab. When you select the GitLab New Audit Events trigger in a Pipedream workflow, Pipedream will automatically register an HTTPS endpoint for audit events in your GitLab group:
From there, Pipedream allows you to transform the data, forward it to any other tools using Pipedream’s prebuilt actions, or write any custom automation with code (i.e., Node.js, Python, Go, or Bash).
Getting started with Pipedream and GitLab
The video below shows an example of how to use GitLab streaming audit events and Pipedream together to automatically alert your security team if a sensitive project setting is changed. This is powerful because it ensures that your security teams can immediately take action when a change occurs and understand why it happened.
This is just one example of what you can do with Pipedream and GitLab together. Pipedream allows you to use any GitLab API in response to an audit event: You can change the setting to its original value, add comments to issues, kick off pipelines, and more. You can also trigger any action in any of the 700+ other apps that it has built-in integrations with.
Open source integration means everyone can contribute
Pipedream and GitLab are both strong believers in open source. The integration is publicly available at the Pipedream repository, and contributions are welcome! We are excited to see what sort of workflows you create with Pipedream and GitLab together.
In this post, we talked about the power of GitLab’s Streaming Audit Events to give you immediate visibility into your groups and projects and how Pipedream makes it easy to build and automate workflows based on those audit events. This was just a preview of what is possible though, as you can use the entire GitLab API within Pipedream in response to audit events or interact with other tools supported by Pipedream.
We are excited to see the workflows you build with GitLab and Pipedream together. We showed how you can create a GitLab issue to alert the security team when settings are changed, but the sky is the limit - you might also create issues when new user accounts are created to onboard new team members, automatically restore changed settings, or forward data to a security information and event management, a.k.a. SIEM, system. With Pipedream and Gitlab, you can automatically take the actions necessary when things change to ensure you remain secure and compliant.
“GitLab and Pipedream enable automation that gives your DevSecOps team the logic they need to handle audit events.” – Sam Kerr, Dylan Sather
Click to tweet