Audit Logs

This document uses the REST API. For more details, see the Authentication for API page.

Search Organization audit logs.

get

Search audit logs for an Organization. "api.access" events are omitted from results unless explicitly requested using the events parameter. Supported event types:

api.access
org.app_bot.create
org.app.create
org.app.delete
org.app.edit
org.cloud_config.settings.edit
org.collection.create
org.collection.delete
org.collection.edit
org.create
org.delete
org.edit
org.ignore_policy.edit
org.integration.create
org.integration.delete
org.integration.edit
org.integration.settings.edit
org.language_settings.edit
org.notification_settings.edit
org.org_source.create
org.org_source.delete
org.org_source.edit
org.policy.create
org.policy.edit
org.policy.delete
org.project_filter.create
org.project_filter.delete
org.project.add
org.project.attributes.edit
org.project.delete
org.project.edit
org.project.fix_pr.auto_open
org.project.fix_pr.manual_open
org.project.ignore.create
org.project.ignore.delete
org.project.ignore.edit
org.project.monitor
org.project.pr_check.edit
org.project.remove
org.project.settings.delete
org.project.settings.edit
org.project.stop_monitor
org.project.tag.add
org.project.tag.remove
org.project.test
org.request_access_settings.edit
org.sast_settings.edit
org.service_account.create
org.service_account.delete
org.service_account.edit
org.settings.feature_flag.edit
org.target.create
org.target.delete
org.user.add
org.user.invite
org.user.invite.accept
org.user.invite.revoke
org.user.invite_link.accept
org.user.invite_link.create
org.user.invite_link.revoke
org.user.leave
org.user.provision.accept
org.user.provision.create
org.user.provision.delete
org.user.remove
org.user.role.create
org.user.role.delete
org.user.role.details.edit
org.user.role.edit
org.user.role.permissions.edit
org.webhook.add
org.webhook.delete
user.org.notification_settings.edit

Authorizations

Path parameters

org_idstring · uuidrequired

The ID of the organization.

Example: 0d3728ec-eebf-484d-9907-ba238019f10b

Query parameters

versionstringrequired

Requested API version

Example: 2021-06-04

Pattern:

^(wip|work-in-progress|experimental|beta|((([0-9]{4})-([0-1][0-9]))-((3[01])|(0[1-9])|([12][0-9]))(~(wip|work-in-progress|experimental|beta))?))$

cursorstringoptional

The ID for the next page of results.

fromstring · date-timeoptional

The start date (inclusive) of the audit logs search. If not specified, the start of yesterday is used. Dates should be formatted as RFC3339, e.g. 2024-01-02T16:30:00Z.

tostring · date-timeoptional

The end date (exclusive) of the audit logs search. Dates should be formatted as RFC3339, e.g. 2024-01-02T16:30:00Z.

sizeinteger · int32 · min: 1 · max: 100 · default: 100optional

Number of results to return per page.

Example: 10

sort_orderstring · enum · default: "DESC"optional

Order in which results are returned.

Example: ASC

Options: ASC, DESC

user_idstring · uuidoptional

Filter logs by user ID.

Example: 0d3728ec-eebf-484d-9907-ba238019f10b

project_idstring · uuidoptional

Filter logs by project ID.

Example: 0d3728ec-eebf-484d-9907-ba238019f10b

eventsstring[]optional

Filter logs by event types, cannot be used in conjunction with exclude_events parameter.

exclude_eventsstring[]optional

Exclude event types from results, cannot be used in conjunctions with events parameter.

Responses

application/vnd.api+json

cURL

JavaScript

Python

HTTP

curl -L \
  --url 'https://api.snyk.io/rest/orgs/{org_id}/audit_logs/search?version=text' \
  --header 'Authorization: Bearer YOUR_SECRET_TOKEN'

200

400

401

403

404

500

{
  "data": {
    "items": [
      {
        "content": {},
        "created": "2021-07-01T00:00:00Z",
        "event": "org.create",
        "group_id": "0d3728ec-eebf-484d-9907-ba238019f10b",
        "org_id": "0d3728ec-eebf-484d-9907-ba238019f10b",
        "project_id": "0d3728ec-eebf-484d-9907-ba238019f10b"
      }
    ],
    "type": "text"
  },
  "jsonapi": {
    "version": "1.0"
  },
  "links": {
    "first": "https://example.com/api/resource",
    "last": "https://example.com/api/resource",
    "next": "https://example.com/api/resource",
    "prev": "https://example.com/api/resource",
    "related": "https://example.com/api/resource",
    "self": "https://example.com/api/resource"
  }
}

Organization Audit Logs.

Search Group audit logs.

get

Search audit logs for a Group. "api.access" events are omitted from results unless explicitly requested using the events parameter. Some Organization level events are supported as well as the following Group level events:

api.access
group.cloud_config.settings.edit
group.create
group.delete
group.edit
group.notification_settings.edit
group.org.add
group.org.remove
group.policy.create
group.policy.delete
group.policy.edit
group.request_access_settings.edit
group.role.create
group.role.delete
group.role.edit
group.service_account.create
group.service_account.delete
group.service_account.edit
group.settings.edit
group.settings.feature_flag.edit
group.sso.add
group.sso.auth0_connection.create
group.sso.auth0_connection.edit
group.sso.create
group.sso.delete
group.sso.edit
group.sso.membership.sync
group.sso.remove
group.tag.create
group.tag.delete
group.user.add
group.user.remove
group.user.role.edit

Authorizations

Path parameters

group_idstring · uuidrequired

The ID of the Group.

Example: 0d3728ec-eebf-484d-9907-ba238019f10b

Query parameters

versionstringrequired

Requested API version

Example: 2021-06-04

Pattern:

^(wip|work-in-progress|experimental|beta|((([0-9]{4})-([0-1][0-9]))-((3[01])|(0[1-9])|([12][0-9]))(~(wip|work-in-progress|experimental|beta))?))$

cursorstringoptional

The ID for the next page of results.

fromstring · date-timeoptional

The start date (inclusive) of the audit logs search. If not specified, the start of yesterday is used. Dates should be formatted as RFC3339, e.g. 2024-01-02T16:30:00Z.

tostring · date-timeoptional

The end date (exclusive) of the audit logs search. Dates should be formatted as RFC3339, e.g. 2024-01-02T16:30:00Z.

sizeinteger · int32 · min: 1 · max: 100 · default: 100optional

Number of results to return per page.

Example: 10

sort_orderstring · enum · default: "DESC"optional

Order in which results are returned.

Example: ASC

Options: ASC, DESC

user_idstring · uuidoptional

Filter logs by user ID.

Example: 0d3728ec-eebf-484d-9907-ba238019f10b

project_idstring · uuidoptional

Filter logs by project ID.

Example: 0d3728ec-eebf-484d-9907-ba238019f10b

eventsstring[]optional

Filter logs by event types, cannot be used in conjunction with exclude_events parameter.

exclude_eventsstring[]optional

Exclude event types from results, cannot be used in conjunctions with events parameter.

Responses

application/vnd.api+json

cURL

JavaScript

Python

HTTP

curl -L \
  --url 'https://api.snyk.io/rest/groups/{group_id}/audit_logs/search?version=text' \
  --header 'Authorization: Bearer YOUR_SECRET_TOKEN'

200

400

401

403

404

500

{
  "data": {
    "items": [
      {
        "content": {},
        "created": "2021-07-01T00:00:00Z",
        "event": "org.create",
        "group_id": "0d3728ec-eebf-484d-9907-ba238019f10b",
        "org_id": "0d3728ec-eebf-484d-9907-ba238019f10b",
        "project_id": "0d3728ec-eebf-484d-9907-ba238019f10b"
      }
    ],
    "type": "text"
  },
  "jsonapi": {
    "version": "1.0"
  },
  "links": {
    "first": "https://example.com/api/resource",
    "last": "https://example.com/api/resource",
    "next": "https://example.com/api/resource",
    "prev": "https://example.com/api/resource",
    "related": "https://example.com/api/resource",
    "self": "https://example.com/api/resource"
  }
}

Group Audit Logs.

PreviousApps NextCollection

Last updated 8 months ago

Was this helpful?