account_password_changedactivity_dashboard_events_by_actionactivity_dashboard_failed_login_trendsactivity_dashboard_failed_loginsactivity_dashboard_integration_summaryactivity_dashboard_mfa_activityactivity_dashboard_total_eventsgpg_key_createdgpg_key_deletedlogin_failed_attemptslogin_from_unrecognized_devicelogin_with_recovery_codemfa_disabledmfa_method_removedmfa_recovery_code_regeneratedoauth_app_authorization_createdoauth_app_authorization_destroyedpersonal_access_token_grantedssh_key_createdssh_key_deleted
Query: personal_access_token_granted
Usage
powerpipe query github_security_log_detections.query.personal_access_token_grantedTailpipe Tables
SQL
select tp_timestamp as timestamp,action as operation,user_programmatic_access_name as resource,actor,tp_source_ip as source_ip,tp_id as source_id,*exclude (actor, timestamp)
from github_security_logwhere action in ('personal_access_token.access_granted')order by tp_timestamp desc;
Detections
The query is being used by the following detections: