Update audit log event data (#52783)

Co-authored-by: Joe Clark <31087804+jc-clark@users.noreply.github.com>

Author: docs-bot

src/audit-logs/data/fpt/organization.json

@@ -1544,6 +1544,11 @@
     "description": "Push protection for secret scanning was enabled for all new repositories in the organization.",
     "docs_reference_links": "/code-security/secret-scanning/push-protection-for-repositories-and-organizations"
   },
+  {
+    "action": "org.security_center_export_code_scanning_metrics",
+    "description": "A CSV export was requested on the CodeQL pull request alerts page.",
+    "docs_reference_links": "N/A"
+  },
   {
     "action": "org.security_center_export_coverage",
     "description": "A CSV export was requested on the Coverage page.",

src/audit-logs/data/fpt/user.json

@@ -59,6 +59,16 @@
     "description": "N/A",
     "docs_reference_links": "N/A"
   },
+  {
+    "action": "business.security_center_export_code_scanning_metrics",
+    "description": "A CSV export was requested on the \"CodeQL pull request alerts\" page.",
+    "docs_reference_links": "N/A"
+  },
+  {
+    "action": "business.security_center_export_overview_dashboard",
+    "description": "A CSV export was requested on the \"Overview Dashboard\" page.",
+    "docs_reference_links": "N/A"
+  },
   {
     "action": "business.set_actions_fork_pr_approvals_policy",
     "description": "The policy for requiring approvals for workflows from public forks was changed for an enterprise.",
@@ -684,6 +694,11 @@
     "description": "A member was removed from an organization, either manually or due to a two-factor authentication requirement.",
     "docs_reference_links": "N/A"
   },
+  {
+    "action": "org.security_center_export_code_scanning_metrics",
+    "description": "A CSV export was requested on the CodeQL pull request alerts page.",
+    "docs_reference_links": "N/A"
+  },
   {
     "action": "org.security_center_export_coverage",
     "description": "A CSV export was requested on the Coverage page.",

src/audit-logs/data/ghec/enterprise.json

@@ -219,6 +219,11 @@
     "description": "The policy for Code scanning autofix was updated for an enterprise.",
     "docs_reference_links": "N/A"
   },
+  {
+    "action": "business.code_scanning_autofix_third_party_tools_policy_update",
+    "description": "The policy for Code scanning autofix third party tools was updated for an enterprise.",
+    "docs_reference_links": "N/A"
+  },
   {
     "action": "business.connect_usage_metrics_export",
     "description": "Server statistics were exported for the enterprise.",
@@ -554,6 +559,16 @@
     "description": "N/A",
     "docs_reference_links": "N/A"
   },
+  {
+    "action": "business.security_center_export_code_scanning_metrics",
+    "description": "A CSV export was requested on the \"CodeQL pull request alerts\" page.",
+    "docs_reference_links": "N/A"
+  },
+  {
+    "action": "business.security_center_export_overview_dashboard",
+    "description": "A CSV export was requested on the \"Overview Dashboard\" page.",
+    "docs_reference_links": "N/A"
+  },
   {
     "action": "business.set_actions_fork_pr_approvals_policy",
     "description": "The policy for requiring approvals for workflows from public forks was changed for an enterprise.",

src/audit-logs/data/ghec/organization.json

@@ -1544,6 +1544,11 @@
     "description": "Push protection for secret scanning was enabled for all new repositories in the organization.",
     "docs_reference_links": "/code-security/secret-scanning/push-protection-for-repositories-and-organizations"
   },
+  {
+    "action": "org.security_center_export_code_scanning_metrics",
+    "description": "A CSV export was requested on the CodeQL pull request alerts page.",
+    "docs_reference_links": "N/A"
+  },
   {
     "action": "org.security_center_export_coverage",
     "description": "A CSV export was requested on the Coverage page.",

src/audit-logs/data/ghec/user.json

@@ -59,6 +59,16 @@
     "description": "N/A",
     "docs_reference_links": "N/A"
   },
+  {
+    "action": "business.security_center_export_code_scanning_metrics",
+    "description": "A CSV export was requested on the \"CodeQL pull request alerts\" page.",
+    "docs_reference_links": "N/A"
+  },
+  {
+    "action": "business.security_center_export_overview_dashboard",
+    "description": "A CSV export was requested on the \"Overview Dashboard\" page.",
+    "docs_reference_links": "N/A"
+  },
   {
     "action": "business.set_actions_fork_pr_approvals_policy",
     "description": "The policy for requiring approvals for workflows from public forks was changed for an enterprise.",
@@ -684,6 +694,11 @@
     "description": "A member was removed from an organization, either manually or due to a two-factor authentication requirement.",
     "docs_reference_links": "N/A"
   },
+  {
+    "action": "org.security_center_export_code_scanning_metrics",
+    "description": "A CSV export was requested on the CodeQL pull request alerts page.",
+    "docs_reference_links": "N/A"
+  },
   {
     "action": "org.security_center_export_coverage",
     "description": "A CSV export was requested on the Coverage page.",

src/audit-logs/lib/config.json

@@ -3,5 +3,5 @@
     "apiOnlyEvents": "This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.",
     "apiRequestEvent": "This event is only available via audit log streaming."
   },
-  "sha": "d5e464291d8f2559b1c5b7398c16d43c61f79548"
+  "sha": "04cd944770d148dc72b686a2f1a03894f120dbc6"
 }