GitLab

Inspect your DevOps activity for signs of suspicious behavior.

Request a DemoRead the Docs

App Info

Monitor GitLab logs to gain complete visibility into your DevOps lifecycle with Panther’s GitLab integration.

GitLab provides a Git-repository manager with a wiki, issue-tracking, and continuous integration and continuous deployment functionality. Panther can collect, normalize, and monitor GitLab logs to help you identify suspicious activity in real-time. Your normalized data is then retained to power future security investigations in a serverless data lake powered by AWS or the cloud-native data platform, Snowflake.

Use Panther’s built-in rules to monitor activity, or write your own detections in Python to fit your internal business use cases.

Use Cases

Common security use cases for GitLab with Panther include:

  • Monitor changes to group or project settings
  • See all failed requests from GitLab to Git repositories
  • Monitor API requests and information about integration activities

How it Works

The integration is simple and fast:

  • Send your GitLab Logs to S3 with a log forwarding agent like Fluentd or Logstash
  • Add your S3 Bucket as a data source in Panther
  • Panther will parse, normalize, and analyze your log data in real-time
  • As rules are triggered, alerts are sent to your configured destinations
  • Normalized logs can be searched from Panther’s Data Explorer (Enterprise only)
  • Sit back and monitor your activity!

Learn more about Panther's supported log schema for GitLab.