Viewing metrics for secret scanning push protection

Monitor push protection's performance across your organization to identify repositories where you may need to take action.

Who can use this feature?

Access requires:

  • Organization views: write access to repositories in the organization
  • Enterprise views: organization owners and security managers

Organizations owned by a GitHub Team account with GitHub Secret Protection, or owned by a GitHub Enterprise account

In this article

Note

Secret scanning metrics for push protection is currently in public preview and subject to change.

Viewing metrics for secret scanning push protection for an organization

  1. On GitHub, navigate to the main page of the organization.

  2. Under your organization name, click Security.

    Screenshot of the horizontal navigation bar for an organization. A tab, labeled with a shield icon and "Security," is outlined in dark orange.

  3. In the sidebar, under "Metrics", click Secret scanning.

  4. Click on an individual secret type or repository to see the associated secret scanning alerts for your organization.

  5. You can use the options at the top of the page to filter the group of repositories that you want to see secret scanning metrics for.

    • Use the date picker to set the time range that you want to view metrics for. Note that the date used by the date picker corresponds to the date a secret was bypassed on.
    • Click in the search box to add further filters on the secret scanning metrics displayed. For more information, see Filtering alerts in security overview.

Viewing metrics for secret scanning push protection for an enterprise

You can view metrics for secret scanning push protection across organizations in an enterprise. The information shown by security overview varies according to your access to repositories and organizations, and according to whether Advanced Security features are used by those repositories and organizations. For more information, see About security overview.

  1. Navigate to your enterprise. For example, from the Enterprises page on GitHub.com.
  2. At the top of the page, click Security.
  3. In the sidebar, click Secret scanning metrics.
  4. Click on an individual secret type or repository to see the associated secret scanning alerts for your enterprise.
  5. You can use the options at the top of the page to filter the group of repositories that you want to see secret scanning metrics for.
    • Use the date picker to set the time range that you want to view metrics for. Note that the date used by the date picker corresponds to the date a secret was bypassed on.
    • Click in the search box to add further filters on the secret scanning metrics displayed. For more information, see Filtering alerts in security overview.

Tip

You can use the owner filter in the search field to filter the data by organization. For more information, see Filtering alerts in security overview.