diff --git a/doc/administration/audit_event_schema.md b/doc/administration/audit_event_schema.md
index be51278f8f8d70311e21b304a6edfe988f2fc0f1..2642d47a2e2fac578f9ea283bdecf2ac7e997cb6 100644
--- a/doc/administration/audit_event_schema.md
+++ b/doc/administration/audit_event_schema.md
@@ -12,23 +12,21 @@ info: To determine the technical writer assigned to the Stage/Group associated w
Audit events have a predictable schema in the body of the response.
-| Field | Description | Notes |
-Streaming Only Field |
-|------------------|------------------------------------------------------------|-----------------------------------------------------------------------------------|
------------------------------------------------------------------------------------|
-| `author_id` | User ID of the user who triggered the event | | |
-| `author_name` | Human-readable name of the author that triggered the event | Helpful when the author no longer exists | :white_check_mark: |
-| `created_at` | Timestamp when event was triggered | | |
-| `details` | JSON object containing additional metadata | Has no defined schema but often contains additional information about an event | |
-| `entity_id` | ID of the audit event's entity | | |
-| `entity_path` | Full path of the entity affected by the auditable event | | :white_check_mark: |
-| `entity_type` | String representation of the type of entity | Acceptable values include `User`, `Group`, and `Key`. This list is not exhaustive | |
-| `event_type` | String representation of the type of audit event | | :white_check_mark: |
-| `id` | Unique identifier for the audit event | Can be used for deduplication if required | |
-| `ip_address` | IP address of the host used to trigger the event | | :white_check_mark: |
-| `target_details` | Additional details about the target | | :white_check_mark: |
-| `target_id` | ID of the audit event's target | | :white_check_mark: |
-| `target_type` | String representation of the target's type | | :white_check_mark: |
+| Field | Description | Notes | Streaming Only Field |
+|------------------|------------------------------------------------------------|-----------------------------------------------------------------------------------|-----------------------------------------------------------------------------------|
+| `author_id` | User ID of the user who triggered the event | | **{dotted-circle}** No |
+| `author_name` | Human-readable name of the author that triggered the event | Helpful when the author no longer exists | **{check-circle}** Yes |
+| `created_at` | Timestamp when event was triggered | | **{dotted-circle}** No |
+| `details` | JSON object containing additional metadata | Has no defined schema but often contains additional information about an event | **{dotted-circle}** No |
+| `entity_id` | ID of the audit event's entity | | **{dotted-circle}** No |
+| `entity_path` | Full path of the entity affected by the auditable event | | **{check-circle}** Yes |
+| `entity_type` | String representation of the type of entity | Acceptable values include `User`, `Group`, and `Key`. This list is not exhaustive | **{dotted-circle}** No |
+| `event_type` | String representation of the type of audit event | | **{check-circle}** Yes |
+| `id` | Unique identifier for the audit event | Can be used for deduplication if required | **{dotted-circle}** No |
+| `ip_address` | IP address of the host used to trigger the event | | **{check-circle}** Yes |
+| `target_details` | Additional details about the target | | **{check-circle}** Yes |
+| `target_id` | ID of the audit event's target | | **{check-circle}** Yes |
+| `target_type` | String representation of the target's type | | **{check-circle}** Yes |
### Audit Event JSON schema
@@ -74,25 +72,9 @@ Streaming Only Field
}
```
-## Example: audit event streaming on Git operations
-
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/332747) in GitLab 14.9 [with a flag](feature_flags.md) named `audit_event_streaming_git_operations`. Disabled by default.
-> - [Enabled on GitLab.com](https://gitlab.com/gitlab-org/gitlab/-/issues/357211) in GitLab 15.0.
-> - [Enabled on self-managed](https://gitlab.com/gitlab-org/gitlab/-/issues/357211) in GitLab 15.1 by default.
-> - `details.author_class` field [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/363876) in GitLab 15.3.
-> - [Generally available](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/101583) in GitLab 15.6. Feature flag `audit_event_streaming_git_operations` removed.
-
-Streaming audit events can be sent when authenticated users push, pull, or clone a project's remote Git repositories:
-
-- [Using SSH](../user/ssh.md).
-- Using HTTP or HTTPS.
-- Using **Download** (**{download}**) in GitLab UI.
-
-Audit events are not captured for users that are not signed in. For example, when downloading a public project.
-
### Headers
-> `X-Gitlab-Audit-Event-Type` [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/86881) in GitLab 15.0.
+> - `X-Gitlab-Audit-Event-Type` [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/86881) in GitLab 15.0.
Headers are formatted as follows:
@@ -104,9 +86,17 @@ X-Gitlab-Event-Streaming-Token: <DESTINATION_TOKEN>
X-Gitlab-Audit-Event-Type: repository_git_operation
```
-### Example payloads for Git over SSH events with Deploy Key
+## Example: audit event streaming on Git operations
+
+Streaming audit events can be sent when authenticated users push, pull, or clone a project's remote Git repositories:
+
+- [Using SSH](../user/ssh.md).
+- Using HTTP or HTTPS.
+- Using **Download** (**{download}**) in GitLab UI.
+
+Audit events are not captured for users that are not signed in. For example, when downloading a public project.
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/363876) in GitLab 15.3.
+### Example: audit event payloads for Git over SSH events with Deploy Key
Fetch:
diff --git a/doc/user/project/deploy_keys/index.md b/doc/user/project/deploy_keys/index.md
index 8418eb4c315769ad46aa5f6c43b76095cf905a7f..c815c347170740772ac5469fcd592a6738b53272 100644
--- a/doc/user/project/deploy_keys/index.md
+++ b/doc/user/project/deploy_keys/index.md
@@ -69,7 +69,7 @@ As with all sensitive information, you should ensure only those who need access
For human interactions, use credentials tied to users such as Personal Access Tokens.
To help detect a potential secret leak, you can use the
-[Audit Event](../../../administration/audit_event_schema.md#example-payloads-for-git-over-ssh-events-with-deploy-key) feature.
+[Audit Event](../../../administration/audit_event_schema.md#example-audit-event-payloads-for-git-over-ssh-events-with-deploy-key) feature.
## View deploy keys