Audit Logs
Search audit logs for an Organization. "api.access" events are omitted from results unless explicitly requested using the events parameter. Supported event types:
- api.access
- org.app_bot.create
- org.app.create
- org.app.delete
- org.app.edit
- org.cloud_config.settings.edit
- org.collection.create
- org.collection.delete
- org.collection.edit
- org.create
- org.delete
- org.edit
- org.ignore_policy.edit
- org.integration.create
- org.integration.delete
- org.integration.edit
- org.integration.settings.edit
- org.language_settings.edit
- org.notification_settings.edit
- org.org_source.create
- org.org_source.delete
- org.org_source.edit
- org.policy.create
- org.policy.edit
- org.policy.delete
- org.project_filter.create
- org.project_filter.delete
- org.project.add
- org.project.attributes.edit
- org.project.delete
- org.project.edit
- org.project.fix_pr.auto_open
- org.project.fix_pr.manual_open
- org.project.ignore.create
- org.project.ignore.delete
- org.project.ignore.edit
- org.project.monitor
- org.project.pr_check.edit
- org.project.remove
- org.project.settings.delete
- org.project.settings.edit
- org.project.stop_monitor
- org.project.tag.add
- org.project.tag.remove
- org.project.test
- org.request_access_settings.edit
- org.sast_settings.edit
- org.service_account.create
- org.service_account.delete
- org.service_account.edit
- org.settings.feature_flag.edit
- org.target.create
- org.target.delete
- org.user.add
- org.user.invite
- org.user.invite.accept
- org.user.invite.revoke
- org.user.invite_link.accept
- org.user.invite_link.create
- org.user.invite_link.revoke
- org.user.leave
- org.user.provision.accept
- org.user.provision.create
- org.user.provision.delete
- org.user.remove
- org.user.role.create
- org.user.role.delete
- org.user.role.details.edit
- org.user.role.edit
- org.user.role.permissions.edit
- org.webhook.add
- org.webhook.delete
- user.org.notification_settings.edit
Required permissions
View audit logs (org.audit_log.read)
The ID of the organization.
0d3728ec-eebf-484d-9907-ba238019f10bRequested API version
2021-06-04Pattern: ^(wip|work-in-progress|experimental|beta|((([0-9]{4})-([0-1][0-9]))-((3[01])|(0[1-9])|([12][0-9]))(~(wip|work-in-progress|experimental|beta))?))$The ID for the next page of results.
The start date (inclusive) of the audit logs search. If not specified, the start of yesterday is used. Dates should be formatted as RFC3339, e.g. 2024-01-02T16:30:00Z.
The end date (exclusive) of the audit logs search. Dates should be formatted as RFC3339, e.g. 2024-01-02T16:30:00Z.
Number of results to return per page.
100Example: 10Order in which results are returned.
DESCExample: ASCPossible values: Filter logs by user ID.
0d3728ec-eebf-484d-9907-ba238019f10bFilter logs by project ID.
0d3728ec-eebf-484d-9907-ba238019f10bFilter logs by event types, cannot be used in conjunction with exclude_events parameter.
Exclude event types from results, cannot be used in conjunctions with events parameter.
Organization Audit Logs.
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Internal Server Error: An error was encountered while attempting to process the request.
GET /rest/orgs/{org_id}/audit_logs/search HTTP/1.1
Host: api.snyk.io
Authorization: YOUR_API_KEY
Accept: */*
{
"data": {
"items": [
{
"content": {},
"created": "2021-07-01T00:00:00Z",
"event": "org.create",
"group_id": "0d3728ec-eebf-484d-9907-ba238019f10b",
"org_id": "0d3728ec-eebf-484d-9907-ba238019f10b",
"project_id": "0d3728ec-eebf-484d-9907-ba238019f10b"
}
],
"type": "text"
},
"jsonapi": {
"version": "1.0"
},
"links": {
"first": "https://example.com/api/resource",
"last": "https://example.com/api/resource",
"next": "https://example.com/api/resource",
"prev": "https://example.com/api/resource",
"related": "https://example.com/api/resource",
"self": "https://example.com/api/resource"
}
}Search audit logs for a Group. "api.access" events are omitted from results unless explicitly requested using the events parameter. Some Organization level events are supported as well as the following Group level events:
- api.access
- group.cloud_config.settings.edit
- group.create
- group.delete
- group.edit
- group.notification_settings.edit
- group.org.add
- group.org.remove
- group.policy.create
- group.policy.delete
- group.policy.edit
- group.request_access_settings.edit
- group.role.create
- group.role.delete
- group.role.edit
- group.service_account.create
- group.service_account.delete
- group.service_account.edit
- group.settings.edit
- group.settings.feature_flag.edit
- group.sso.add
- group.sso.auth0_connection.create
- group.sso.auth0_connection.edit
- group.sso.create
- group.sso.delete
- group.sso.edit
- group.sso.membership.sync
- group.sso.remove
- group.tag.create
- group.tag.delete
- group.user.add
- group.user.remove
- group.user.role.edit
Required permissions
View Audit Logs (group.audit.read)
The ID of the Group.
0d3728ec-eebf-484d-9907-ba238019f10bRequested API version
2021-06-04Pattern: ^(wip|work-in-progress|experimental|beta|((([0-9]{4})-([0-1][0-9]))-((3[01])|(0[1-9])|([12][0-9]))(~(wip|work-in-progress|experimental|beta))?))$The ID for the next page of results.
The start date (inclusive) of the audit logs search. If not specified, the start of yesterday is used. Dates should be formatted as RFC3339, e.g. 2024-01-02T16:30:00Z.
The end date (exclusive) of the audit logs search. Dates should be formatted as RFC3339, e.g. 2024-01-02T16:30:00Z.
Number of results to return per page.
100Example: 10Order in which results are returned.
DESCExample: ASCPossible values: Filter logs by user ID.
0d3728ec-eebf-484d-9907-ba238019f10bFilter logs by project ID.
0d3728ec-eebf-484d-9907-ba238019f10bFilter logs by event types, cannot be used in conjunction with exclude_events parameter.
Exclude event types from results, cannot be used in conjunctions with events parameter.
Group Audit Logs.
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Internal Server Error: An error was encountered while attempting to process the request.
GET /rest/groups/{group_id}/audit_logs/search HTTP/1.1
Host: api.snyk.io
Authorization: YOUR_API_KEY
Accept: */*
{
"data": {
"items": [
{
"content": {},
"created": "2021-07-01T00:00:00Z",
"event": "org.create",
"group_id": "0d3728ec-eebf-484d-9907-ba238019f10b",
"org_id": "0d3728ec-eebf-484d-9907-ba238019f10b",
"project_id": "0d3728ec-eebf-484d-9907-ba238019f10b"
}
],
"type": "text"
},
"jsonapi": {
"version": "1.0"
},
"links": {
"first": "https://example.com/api/resource",
"last": "https://example.com/api/resource",
"next": "https://example.com/api/resource",
"prev": "https://example.com/api/resource",
"related": "https://example.com/api/resource",
"self": "https://example.com/api/resource"
}
}Last updated
Was this helpful?