Skip to main content
GET
/
api
/
audit-logs
/
export
Error
A valid request URL is required to generate request examples
"<string>"

Authorizations

Authorization
string
header
required

Management API authentication for /api/* endpoints. Use the Authorization header with Bearer <API key>. Virtual keys, dashboard/user/session tokens, and x-api-key headers are not supported on management APIs.

Query Parameters

format
enum<string>
default:json

Export format. Defaults to json when omitted or unrecognized.

  • json: a JSON array of events
  • jsonl: JSON Lines, one event per line
  • syslog: RFC 5424 syslog format
Available options:
json,
jsonl,
syslog

Free-text search across audit event fields.

actions
string

JSON array of CADF actions to filter by (OR match).

outcomes
string

JSON array of outcomes to filter by (OR match).

event_types
string

JSON array of event types to filter by (OR match).

start_date
string

Filter events at or after this time (RFC3339 or YYYY-MM-DD).

end_date
string

Filter events at or before this time (RFC3339 or YYYY-MM-DD).

period
string

Relative time window that overrides start_date/end_date when set (e.g. 24h, 7d).

Response

A streamed export of the matching audit logs.

The response is of type string.