A valid request URL is required to generate request examples"<string>"Export audit logs
Streams audit log events matching the supplied filters as a downloadable
file. Accepts the same filter query parameters as GET /api/audit-logs.
The response is returned as an attachment with a generated filename.
A valid request URL is required to generate request examples"<string>"Authorizations
Management API authentication for /api/* endpoints. Use the Authorization header with Bearer <API key>.
Virtual keys, dashboard/user/session tokens, and x-api-key headers are not supported on management APIs.
Query Parameters
Export format. Defaults to json when omitted or unrecognized.
json: a JSON array of eventsjsonl: JSON Lines, one event per linesyslog: RFC 5424 syslog format
json, jsonl, syslog Free-text search across audit event fields.
JSON array of CADF actions to filter by (OR match).
JSON array of outcomes to filter by (OR match).
JSON array of event types to filter by (OR match).
Filter events at or after this time (RFC3339 or YYYY-MM-DD).
Filter events at or before this time (RFC3339 or YYYY-MM-DD).
Relative time window that overrides start_date/end_date when set (e.g. 24h, 7d).
Response
A streamed export of the matching audit logs.
The response is of type string.
Was this page helpful?

