SupportSnyk LearnAPI referenceProduct updatesSign up for free

Audit Logs

This document uses the REST API. For more details, see the Authentication for API page.

Search Organization audit logs.

get

Search audit logs for an Organization. "api.access" events are omitted from results unless explicitly requested using the events parameter. Supported event types:

  • api.access
  • org.app_bot.create
  • org.app.create
  • org.app.delete
  • org.app.edit
  • org.cloud_config.settings.edit
  • org.collection.create
  • org.collection.delete
  • org.collection.edit
  • org.create
  • org.delete
  • org.edit
  • org.ignore_policy.edit
  • org.integration.create
  • org.integration.delete
  • org.integration.edit
  • org.integration.settings.edit
  • org.language_settings.edit
  • org.notification_settings.edit
  • org.org_source.create
  • org.org_source.delete
  • org.org_source.edit
  • org.policy.create
  • org.policy.edit
  • org.policy.delete
  • org.project_filter.create
  • org.project_filter.delete
  • org.project.add
  • org.project.attributes.edit
  • org.project.delete
  • org.project.edit
  • org.project.fix_pr.auto_open
  • org.project.fix_pr.manual_open
  • org.project.ignore.create
  • org.project.ignore.delete
  • org.project.ignore.edit
  • org.project.monitor
  • org.project.pr_check.edit
  • org.project.remove
  • org.project.settings.delete
  • org.project.settings.edit
  • org.project.stop_monitor
  • org.project.tag.add
  • org.project.tag.remove
  • org.project.test
  • org.request_access_settings.edit
  • org.sast_settings.edit
  • org.service_account.create
  • org.service_account.delete
  • org.service_account.edit
  • org.settings.feature_flag.edit
  • org.target.create
  • org.target.delete
  • org.user.add
  • org.user.invite
  • org.user.invite.accept
  • org.user.invite.revoke
  • org.user.invite_link.accept
  • org.user.invite_link.create
  • org.user.invite_link.revoke
  • org.user.leave
  • org.user.provision.accept
  • org.user.provision.create
  • org.user.provision.delete
  • org.user.remove
  • org.user.role.create
  • org.user.role.delete
  • org.user.role.details.edit
  • org.user.role.edit
  • org.user.role.permissions.edit
  • org.webhook.add
  • org.webhook.delete
  • user.org.notification_settings.edit

Required permissions

  • View audit logs (org.audit_log.read)
Authorizations
Path parameters
org_idstring · uuidRequired

The ID of the organization.

Example: 0d3728ec-eebf-484d-9907-ba238019f10b
Query parameters
versionstringRequired

Requested API version

Example: 2021-06-04Pattern: ^(wip|work-in-progress|experimental|beta|((([0-9]{4})-([0-1][0-9]))-((3[01])|(0[1-9])|([12][0-9]))(~(wip|work-in-progress|experimental|beta))?))$
cursorstringOptional

The ID for the next page of results.

fromstring · date-timeOptional

The start date (inclusive) of the audit logs search. If not specified, the start of yesterday is used. Dates should be formatted as RFC3339, e.g. 2024-01-02T16:30:00Z.

tostring · date-timeOptional

The end date (exclusive) of the audit logs search. Dates should be formatted as RFC3339, e.g. 2024-01-02T16:30:00Z.

sizeinteger · int32 · min: 1 · max: 100Optional

Number of results to return per page.

Default: 100Example: 10
sort_orderstring · enumOptional

Order in which results are returned.

Default: DESCExample: ASCPossible values:
user_idstring · uuidOptional

Filter logs by user ID.

Example: 0d3728ec-eebf-484d-9907-ba238019f10b
project_idstring · uuidOptional

Filter logs by project ID.

Example: 0d3728ec-eebf-484d-9907-ba238019f10b
eventsstring[]Optional

Filter logs by event types, cannot be used in conjunction with exclude_events parameter.

exclude_eventsstring[]Optional

Exclude event types from results, cannot be used in conjunctions with events parameter.

Responses
200

Organization Audit Logs.

application/vnd.api+json
get
GET /rest/orgs/{org_id}/audit_logs/search HTTP/1.1
Host: api.snyk.io
Authorization: YOUR_API_KEY
Accept: */*

{
  "data": {
    "items": [
      {
        "content": {},
        "created": "2021-07-01T00:00:00Z",
        "event": "org.create",
        "group_id": "0d3728ec-eebf-484d-9907-ba238019f10b",
        "org_id": "0d3728ec-eebf-484d-9907-ba238019f10b",
        "project_id": "0d3728ec-eebf-484d-9907-ba238019f10b"
      }
    ],
    "type": "text"
  },
  "jsonapi": {
    "version": "1.0"
  },
  "links": {
    "first": "https://example.com/api/resource",
    "last": "https://example.com/api/resource",
    "next": "https://example.com/api/resource",
    "prev": "https://example.com/api/resource",
    "related": "https://example.com/api/resource",
    "self": "https://example.com/api/resource"
  }
}

Search Group audit logs.

get

Search audit logs for a Group. "api.access" events are omitted from results unless explicitly requested using the events parameter. Some Organization level events are supported as well as the following Group level events:

  • api.access
  • group.cloud_config.settings.edit
  • group.create
  • group.delete
  • group.edit
  • group.notification_settings.edit
  • group.org.add
  • group.org.remove
  • group.policy.create
  • group.policy.delete
  • group.policy.edit
  • group.request_access_settings.edit
  • group.role.create
  • group.role.delete
  • group.role.edit
  • group.service_account.create
  • group.service_account.delete
  • group.service_account.edit
  • group.settings.edit
  • group.settings.feature_flag.edit
  • group.sso.add
  • group.sso.auth0_connection.create
  • group.sso.auth0_connection.edit
  • group.sso.create
  • group.sso.delete
  • group.sso.edit
  • group.sso.membership.sync
  • group.sso.remove
  • group.tag.create
  • group.tag.delete
  • group.user.add
  • group.user.remove
  • group.user.role.edit

Required permissions

  • View Audit Logs (group.audit.read)
Authorizations
Path parameters
group_idstring · uuidRequired

The ID of the Group.

Example: 0d3728ec-eebf-484d-9907-ba238019f10b
Query parameters
versionstringRequired

Requested API version

Example: 2021-06-04Pattern: ^(wip|work-in-progress|experimental|beta|((([0-9]{4})-([0-1][0-9]))-((3[01])|(0[1-9])|([12][0-9]))(~(wip|work-in-progress|experimental|beta))?))$
cursorstringOptional

The ID for the next page of results.

fromstring · date-timeOptional

The start date (inclusive) of the audit logs search. If not specified, the start of yesterday is used. Dates should be formatted as RFC3339, e.g. 2024-01-02T16:30:00Z.

tostring · date-timeOptional

The end date (exclusive) of the audit logs search. Dates should be formatted as RFC3339, e.g. 2024-01-02T16:30:00Z.

sizeinteger · int32 · min: 1 · max: 100Optional

Number of results to return per page.

Default: 100Example: 10
sort_orderstring · enumOptional

Order in which results are returned.

Default: DESCExample: ASCPossible values:
user_idstring · uuidOptional

Filter logs by user ID.

Example: 0d3728ec-eebf-484d-9907-ba238019f10b
project_idstring · uuidOptional

Filter logs by project ID.

Example: 0d3728ec-eebf-484d-9907-ba238019f10b
eventsstring[]Optional

Filter logs by event types, cannot be used in conjunction with exclude_events parameter.

exclude_eventsstring[]Optional

Exclude event types from results, cannot be used in conjunctions with events parameter.

Responses
200

Group Audit Logs.

application/vnd.api+json
get
GET /rest/groups/{group_id}/audit_logs/search HTTP/1.1
Host: api.snyk.io
Authorization: YOUR_API_KEY
Accept: */*

{
  "data": {
    "items": [
      {
        "content": {},
        "created": "2021-07-01T00:00:00Z",
        "event": "org.create",
        "group_id": "0d3728ec-eebf-484d-9907-ba238019f10b",
        "org_id": "0d3728ec-eebf-484d-9907-ba238019f10b",
        "project_id": "0d3728ec-eebf-484d-9907-ba238019f10b"
      }
    ],
    "type": "text"
  },
  "jsonapi": {
    "version": "1.0"
  },
  "links": {
    "first": "https://example.com/api/resource",
    "last": "https://example.com/api/resource",
    "next": "https://example.com/api/resource",
    "prev": "https://example.com/api/resource",
    "related": "https://example.com/api/resource",
    "self": "https://example.com/api/resource"
  }
}
PreviousAssetsNextCloud

Last updated

Was this helpful?