Get Audit Logs

curl --request GET \
  --url https://anaconda.com/api/audit-logs \
  --header 'Authorization: Bearer <token>'

{
  "items": [
    {
      "action_key": "<string>",
      "created_at": "<timestamp>",
      "id": "<uuid>",
      "message": "<string>",
      "org_id": "<uuid>",
      "action_verb": "<string>",
      "actor_email": "<string>",
      "actor_id": "<uuid>",
      "actor_type": "<string>",
      "meta": {},
      "occurred_at": "<timestamp>",
      "org_name": "<string>",
      "service_name": "<string>",
      "target_email": "<string>",
      "target_id": "<uuid>",
      "target_type": "<string>"
    }
  ],
  "total_count": 123
}

Get Audit Logs

Retrieve audit logs with support for search, sorting, pagination, and optional date filtering.

Search

Use q=column_name:search_string1,search_string2 to filter by field values.
Multiple q parameters are allowed and are combined using search_operator.

Sorting

Use sort=column_name,-column_name.
Prefix a column with - to sort in descending order.

Date filtering

from_date filters logs with occurred_at >= from_date.
to_date filters logs with occurred_at <= to_date.
These parameters are optional and can be used independently.

The response returns a paginated list of audit logs and the total count of matching records.

GET

api

audit-logs

Get Audit Logs

curl --request GET \
  --url https://anaconda.com/api/audit-logs \
  --header 'Authorization: Bearer <token>'

{
  "items": [
    {
      "action_key": "<string>",
      "created_at": "<timestamp>",
      "id": "<uuid>",
      "message": "<string>",
      "org_id": "<uuid>",
      "action_verb": "<string>",
      "actor_email": "<string>",
      "actor_id": "<uuid>",
      "actor_type": "<string>",
      "meta": {},
      "occurred_at": "<timestamp>",
      "org_name": "<string>",
      "service_name": "<string>",
      "target_email": "<string>",
      "target_id": "<uuid>",
      "target_type": "<string>"
    }
  ],
  "total_count": 123
}

Authorizations

Authorization

string

header

required

Authenticate requests using a bearer token.

Supported token types:

Access Token — short-lived token obtained from the authentication service
JWT Token — JSON Web Token containing encoded credentials

Header format

Authorization: Bearer <your_token>

Headers

X-Org-Name

string | null

Name of the organization to scope the request to. This header is required in multi-tenant deployments.

Organization name used to resolve the tenant context.

X-API-Version

string

default:v1

API version identifier (for example, v1 or v2). Defaults to v1 when not provided.

API version to target for this request.

Query Parameters

string[]

Search filters in the format column_name:search_string1,search_string2.

search_operator

string

default:or

Logical operator used to combine multiple q query parameters.

or — return logs that match any filter
and — return logs that match all filters

Operator used to combine multiple q filters (or or and).

sort

string

default:""

Sort order for the results in the format column_name,-column_name.

Prefix a column with - to sort in descending order.

Sort columns in the format column_name,-column_name where - denotes descending order.

limit

integer

default:100

Maximum number of records to return in a single page of results.

Maximum number of results to return for this request.

Required range: 1 <= x <= 1000

offset

integer

default:0

Number of records to skip before starting to return results.

Number of results to skip from the start of the result set.

Required range: x >= 0

from_date

string<date-time> | null

Filters results to logs with occurred_at >= from_date (ISO 8601).

Lower bound (inclusive) for occurred_at when filtering results.

Example:

"<timestamp>"

to_date

string<date-time> | null

Filters results to logs with occurred_at <= to_date (ISO 8601).

Upper bound (inclusive) for occurred_at when filtering results.

Example:

"<timestamp>"

Response

Request succeeded and a paginated list of audit logs is returned.

Paginated response that wraps a list of audit log entries and the total number of matching records.

items

AuditLogResponse · object[]

required

Page of audit log entries returned for the current request.

Show child attributes

items.action_key

string

required

Key that identifies the type of action recorded (for example, policy_updated).

items.created_at

string<date-time>

required

Example:

"<timestamp>"

items.id

string<uuid>

required

Example:

"<uuid>"

items.message

string

required

Human-readable message describing the audit event, derived from the structured fields in the log.

items.org_id

string<uuid>

required

Example:

"<uuid>"

items.action_verb

string | null

Short verb or phrase that summarizes the action taken (for example, created, updated, deleted).

Maximum string length: 100

items.actor_email

string | null

Email address of the actor who performed the action.

Maximum string length: 320

items.actor_id

string<uuid> | null

UUID of the user or system principal responsible for the action.

Example:

"<uuid>"

items.actor_type

string | null

Type of actor that initiated the event (for example, user or system).

Maximum string length: 100

items.meta

Meta · object

Arbitrary metadata associated with the event, represented as a JSON object.

items.occurred_at

string<date-time> | null

Time at which the event occurred, as reported by the emitting service.

Example:

"<timestamp>"

items.org_name

string | null

Name of the organization to which this audit log entry belongs.

items.service_name

string | null

Name of the service that wrote the audit log entry.

Maximum string length: 100

items.target_email

string | null

Optional email address associated with the resource or subject affected by the action.

Maximum string length: 320

items.target_id

string<uuid> | null

Identifier of the resource affected by the action.

Example:

"<uuid>"

items.target_type

string | null

Type of resource affected by the action (for example, user, group, policy).

Maximum string length: 100

total_count

integer

required

Total number of audit log entries matching the query, across all pages.

Organization history Get Audit Log

⌘I

Anaconda Platform (Cloud)

Authorizations

Headers

Query Parameters

Response