Update audit log event data (#59211)

Co-authored-by: Sarita Iyer <66540150+saritai@users.noreply.github.com>

Author: docs-bot

src/audit-logs/data/fpt/organization.json

@@ -14145,6 +14145,34 @@
       "programmatic_access_type"
     ]
   },
+  {
+    "action": "repository_secret_scanning_extended_metadata.disabled",
+    "description": "Metadata for secret scanning alerts has been disabled at the repository level",
+    "docs_reference_links": "/code-security/secret-scanning/enabling-secret-scanning-features/enabling-extended-metadata-checks-for-your-repository",
+    "fields": [
+      "actor",
+      "actor_id",
+      "user_agent",
+      "request_id",
+      "request_access_security_header",
+      "user",
+      "user_id",
+      "repo",
+      "repo_id",
+      "public_repo",
+      "org",
+      "org_id",
+      "action",
+      "_document_id",
+      "@timestamp",
+      "created_at",
+      "operation_type",
+      "business",
+      "business_id",
+      "actor_is_bot"
+    ],
+    "docs_reference_titles": "Enabling extended metadata checks for your repository"
+  },
   {
     "action": "repository_secret_scanning_generic_secrets.disabled",
     "description": "Generic secrets have been disabled at the repository level",

src/audit-logs/data/ghec/enterprise.json

@@ -1875,6 +1875,29 @@
       "user_id"
     ]
   },
+  {
+    "action": "business.organizations_limit_warning",
+    "description": "An enterprise is approaching its organizations limit.",
+    "docs_reference_links": "N/A",
+    "fields": [
+      "actor",
+      "actor_id",
+      "user_agent",
+      "request_id",
+      "request_access_security_header",
+      "name",
+      "limit",
+      "count",
+      "business",
+      "business_id",
+      "action",
+      "_document_id",
+      "@timestamp",
+      "created_at",
+      "operation_type",
+      "actor_is_bot"
+    ]
+  },
   {
     "action": "business.proxy_security_header_disabled",
     "description": "The proxy security header was disabled for an enterprise. All users on the network can now access GitHub, unless blocked by other means.",
@@ -17545,6 +17568,34 @@
       "programmatic_access_type"
     ]
   },
+  {
+    "action": "repository_secret_scanning_extended_metadata.disabled",
+    "description": "Metadata for secret scanning alerts has been disabled at the repository level",
+    "docs_reference_links": "/code-security/secret-scanning/enabling-secret-scanning-features/enabling-extended-metadata-checks-for-your-repository",
+    "fields": [
+      "actor",
+      "actor_id",
+      "user_agent",
+      "request_id",
+      "request_access_security_header",
+      "user",
+      "user_id",
+      "repo",
+      "repo_id",
+      "public_repo",
+      "org",
+      "org_id",
+      "action",
+      "_document_id",
+      "@timestamp",
+      "created_at",
+      "operation_type",
+      "business",
+      "business_id",
+      "actor_is_bot"
+    ],
+    "docs_reference_titles": "Enabling extended metadata checks for your repository"
+  },
   {
     "action": "repository_secret_scanning_generic_secrets.disabled",
     "description": "Generic secrets have been disabled at the repository level",
@@ -19831,6 +19882,42 @@
     ],
     "docs_reference_titles": "Managing your organization's SSH certificate authorities, Enforcing policies for security settings in your enterprise"
   },
+  {
+    "action": "sso_lockdown.disable",
+    "description": "SSO lockdown for users was disabled.",
+    "docs_reference_links": "N/A",
+    "fields": [
+      "user_agent",
+      "request_id",
+      "actor",
+      "actor_id",
+      "business",
+      "business_id",
+      "action",
+      "_document_id",
+      "@timestamp",
+      "created_at",
+      "operation_type"
+    ]
+  },
+  {
+    "action": "sso_lockdown.enable",
+    "description": "SSO lockdown for users was enabled.",
+    "docs_reference_links": "N/A",
+    "fields": [
+      "user_agent",
+      "request_id",
+      "actor",
+      "actor_id",
+      "business",
+      "business_id",
+      "action",
+      "_document_id",
+      "@timestamp",
+      "created_at",
+      "operation_type"
+    ]
+  },
   {
     "action": "sso_redirect.disable",
     "description": "Automatic redirects for users to single sign-on (SSO) was disabled.",

src/audit-logs/data/ghec/organization.json

@@ -14145,6 +14145,34 @@
       "programmatic_access_type"
     ]
   },
+  {
+    "action": "repository_secret_scanning_extended_metadata.disabled",
+    "description": "Metadata for secret scanning alerts has been disabled at the repository level",
+    "docs_reference_links": "/code-security/secret-scanning/enabling-secret-scanning-features/enabling-extended-metadata-checks-for-your-repository",
+    "fields": [
+      "actor",
+      "actor_id",
+      "user_agent",
+      "request_id",
+      "request_access_security_header",
+      "user",
+      "user_id",
+      "repo",
+      "repo_id",
+      "public_repo",
+      "org",
+      "org_id",
+      "action",
+      "_document_id",
+      "@timestamp",
+      "created_at",
+      "operation_type",
+      "business",
+      "business_id",
+      "actor_is_bot"
+    ],
+    "docs_reference_titles": "Enabling extended metadata checks for your repository"
+  },
   {
     "action": "repository_secret_scanning_generic_secrets.disabled",
     "description": "Generic secrets have been disabled at the repository level",

src/audit-logs/lib/config.json

@@ -9,5 +9,5 @@
     "git": "Note: Git events have special access requirements and retention policies that differ from other audit log events. For GitHub Enterprise Cloud, access Git events via the REST API only with 7-day retention. For GitHub Enterprise Server, Git events must be enabled in audit log configuration and are not included in search results.",
     "sso_redirect": "Note: Automatically redirecting users to sign in is currently in beta for Enterprise Managed Users and subject to change."
   },
-  "sha": "b56a045f081573d27a98c40b4de1e4984095fe92"
+  "sha": "cae0414d457f280b90b251fbf911f44a709d6ca9"
 }