Call this API to query audit logs.
Supported editions | Enterprise Dedicated Edition |
Service endpoints and authorization information
Get the service endpoint to replace <domain> in the API request syntax with your endpoint.
Obtain the access token.
Obtain the
organizationId. Go to the Lingma console and view the organization ID on the Basic Information page under .
Product | Resource | Required permission |
Organization settings | Audit logs | Read-Only |
Request syntax
GET https://{domain}/oapi/v1/platform/organizations/{organizationId}/auditLogsRequest headers
Parameter | Type | Required | Description | Example |
| string | Yes | The access token. | pt-0fh3****0fbG_35af****0484 |
Request parameters
Parameter | Type | Position | Required | Description | Example |
| string | path | Yes | The ID of the organization to filter logs at the organizational level. | 99d1****71d4 |
| string | query | No | A comma-separated list of user IDs whose actions you want to filter in the audit logs. | 99d1****71d4 |
| string | query | No | A comma-separated list of application identities like | Example Application Name |
| string | query | Yes | The start timestamp (in RFC3339 format) of the log search range (inclusive). | 2023-09-30T00:00:00.00Z |
| string | query | No | The end timestamp (in RFC3339 format) of the log search range (exclusive). If not provided, defaults to the current time. | 2023-08-31T03:59:16.201Z |
| integer | query | No | The number of audit log entries to return per page. Default value: 100. | 20 |
| string | query | No | The pagination token. Use this token to query the next set of results after the first call. |
Sample requests
curl -X 'GET' \
'https://{domain}/oapi/v1/platform/organizations/{organizationId}/auditLogs?userIds={userIds}&apps={apps}&actionTimeStart={actionTimeStart}&actionTimeEnd={actionTimeEnd}&perPage={perPage}&nextToken={nextToken}' \
-H 'Content-Type: application/json' \
-H 'x-yunxiao-token: pt-0fh3****0fbG_35af****0484'Response parameters
Parameter | Type | Description | Example |
- | array | ||
- | object | ||
| string | The action performed by the user, like logon, create users, and delete users. | logon |
| string | The time when the action occurred. | 2023-08-31T03:59:16.201Z |
| object | The application information. | |
| string | The application identity. | base |
| string | The application name. | Example Application Name |
| string | The unique application ID. | 99d1****6124 |
| string | The details of the action. | xxx logon |
| string | The uniqe audit log ID. | 99d1****6124 |
| string | The IP address where the action was performed. | 192...1 |
| object | The organization information. | |
| string | The organization ID. | 99d1****6124 |
| string | The organization name. | Example Name |
| string | The organization ID. | 99d1****6124 |
| string | The scope of the action. | org |
| string | The ID of the object on which the operation is performed. | 99d1****6124 |
| string | The type of the object on which the operation is performed. | user |
| object | The operator information. | |
| string | The user ID. | 99d1****6124 |
| string | The username of the user. | Example Name |
| string | The nickname or alias of the user. | Example Nickname |
| string | The user ID. | 99d1****6124 |
Sample success responses
[
{
"action": "logon",
"actionTime": "2023-08-31T03:59:16.201Z",
"app": {
"identity": "base",
"name": "Example Application Name"
},
"appId": "99d1****6124",
"detail": "xxx logon",
"id": "99d1****6124",
"ip": "192.*.*.1",
"organization": {
"id": "99d1****6124",
"name": "Example Name"
},
"organizationId": "99d1****6124",
"scope": "org",
"targetId": "99d1****6124",
"targetType": "user",
"user": {
"id": "99d1****6124",
"name": "Example Name",
"nickName": "Example Nickname"
},
"userId": "99d1****6124"
}
]Response headers
Parameter | Description | Example |
| The token for the next page. |
Error codes
For more information, see Error codes.