Get all audit logs of an application or user.

get/audit-log/v1beta1/logs

The audit logs can be filtered using a variety of parameters. Queries should be separated by and and can utilize eq, contains, and in operators to construct the final query. Each query should follow the format:

key eq 'value' for equality operation.
contains(key, 'value') for contains operation.
key in ('value1', 'value2') for in operation.

Filter parameter	Supported Operators	Type	Example
createdAt	lt, ge	RFC timestamp in string	createdAt ge '2024-02-16T07:54:55.0Z'
category	eq, in	string	category eq 'User Management' category in ('Device Management', 'User Activity')
description	eq, contains	string	contains(description, 'Logged in') description eq 'User test@test.com logged in via ping mode.'
additionalInfo/ipAddress	eq, contains	IP string	additionalInfo/ipAddress eq '192.168.12.12' contains(additionalInfo/ipAddress, '192.168')
user/username	eq, contains	email in string	user/username eq 'test@test.com' contains(user/username, '@gmail.com')
workspace/workspaceName	eq, contains	string	workspace/workspaceName eq 'Example workspace' contains(workspace/workspaceName, 'Example')
application/id	eq	UUID in string	application/id eq '12312-123123-123123-123121'
region	eq	region code in string	region eq 'us-west'
hasDetails	eq	boolean	hasDetails eq 'true'

SecurityBearerAuth

Request

query Parameters

all	string Provide a free-text search to perform a comprehensive search across all properties for audit logs. Examples: contains Get audit logs that contain the provided text all=logged in user
filter	string Examples: Filter with category name and description Get audit logs with category User Management and User Activity and description logged out filter=category eq 'User Management' and contains(description, 'logged out')
limit	integer <= 2000 Default: 50 How many items to return at one time (max 2000)
offset	integer Default: 0 Specifies the zero-based resource offset to start the response from.
select	string Use the `select` query parameter to restrict the number of properties included in the audit log response. The supported select parameters: additionalInfo createdAt category hasDetails workspace/workspaceName description user/username Examples: select attributes createAt, user/username, category Get audit logs with selected attributes select=createdAt, user/username, category

Responses

200

All audit logs.

400

Bad request

401

Unauthorized

403

Forbidden

500

Internal Server Error

Request samples

curl
JavaScript
Node.js
Java
Python

Response samples

application/json

{"items": [{"id": "string",
"type": "/audit-log/logs",
"application": {"id": "string"
},
"region": "string",
"user": {"username": "string"
},
"category": "string",
"description": "string",
"workspace": {"id": "string",
"workspaceName": "string"
},
"createdAt": "2019-08-24T14:15:22Z",
"updatedAt": "2019-08-24T14:15:22Z",
"generation": 0,
"additionalInfo": { },
"hasDetails": true
}
],
"count": 0,
"offset": 0,
"total": 0,
"remainingRecords": true
}