🔥 3-day streak
GitHub Enterprise Administrator (GH-100)6 / 79
Question 6 of 79

An enterprise owner is reviewing suspicious activity where several repositories had their visibility changed to public overnight. Using the audit log, they need to determine whether these changes were performed by a human clicking in the web UI or by an automated integration acting on a user's behalf. Which audit log field or approach best allows them to distinguish programmatic (token-based) actions from interactive web sessions?

Reviewed for accuracy · Report an issueNext question