Get all audit logs
curl --request GET \
--url https://api.vantage.sh/v2/audit_logs \
--header 'Authorization: Bearer <token>'import requests
url = "https://api.vantage.sh/v2/audit_logs"
headers = {"Authorization": "Bearer <token>"}
response = requests.get(url, headers=headers)
print(response.text)const options = {method: 'GET', headers: {Authorization: 'Bearer <token>'}};
fetch('https://api.vantage.sh/v2/audit_logs', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api.vantage.sh/v2/audit_logs",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "GET",
CURLOPT_HTTPHEADER => [
"Authorization: Bearer <token>"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}package main
import (
"fmt"
"net/http"
"io"
)
func main() {
url := "https://api.vantage.sh/v2/audit_logs"
req, _ := http.NewRequest("GET", url, nil)
req.Header.Add("Authorization", "Bearer <token>")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}HttpResponse<String> response = Unirest.get("https://api.vantage.sh/v2/audit_logs")
.header("Authorization", "Bearer <token>")
.asString();require 'uri'
require 'net/http'
url = URI("https://api.vantage.sh/v2/audit_logs")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Get.new(url)
request["Authorization"] = 'Bearer <token>'
response = http.request(request)
puts response.read_body{
"audit_logs": [
{
"token": "adt_lg_1234567890abcdef",
"object_token": "rpt_1234567890abcdef",
"object_type": "Report",
"object_title": "Production Cost Report",
"event": "record_updated",
"source": "api",
"user": "Example User",
"workspace_title": "Production Workspace",
"workspace_token": "wrkspc_5df510e54a48a137",
"created_at": "2025-07-01T14:30:00Z",
"object_changes": {
"title": [
"Old Production Report",
"Production Cost Report"
],
"updated_at": [
"2025-06-15T10:00:00Z",
"2025-07-01T14:30:00Z"
]
}
},
{
"token": "adt_lg_0987654321fedcba",
"object_token": "rpt_0987654321fedcba",
"object_type": "Report",
"object_title": "Development Cost Report",
"event": "record_created",
"source": "console",
"user": "Example User",
"workspace_title": "Production Workspace",
"workspace_token": "wrkspc_5df510e54a48a137",
"created_at": "2025-06-25T09:15:00Z",
"object_changes": {
"key": [
null,
"api-created-tag-1755150452"
],
"token": [
null,
"vtag_0497e0c2b571a71d"
],
"backfill_until": [
null,
"2025-08-01T00:00:00.000Z"
],
"created_by_type": [
"User",
"Team"
],
"referenced_tag_keys_by_provider": [
"{}",
"{\"aws\":[]}"
],
"account": [
null,
"Test Account"
],
"created_by": [
null,
"Example User"
]
}
},
{
"token": "adt_lg_abcdef1234567890",
"object_token": "bgt_abcdef1234567890",
"object_type": "Budget",
"object_title": "Q3 Marketing Budget",
"event": "record_destroyed",
"source": "api",
"user": "Admin User",
"workspace_title": "Production Workspace",
"workspace_token": "wrkspc_5df510e54a48a137",
"created_at": "2025-06-20T16:45:00Z",
"object_changes": {
"title": [
"test_1",
"test_1_updated"
]
}
}
],
"links": {
"self": "/v2/audit_logs?page=1",
"first": "/v2/audit_logs?page=1",
"next": "/v2/audit_logs?page=2",
"last": "/v2/audit_logs?page=3",
"prev": null
}
}{
"errors": [
"<string>"
],
"links": {
"self": "<string>",
"first": "<string>",
"next": "<string>",
"last": "<string>",
"prev": "<string>"
}
}AuditLogs
Get all audit logs
Return all AuditLogs.
GET
/
audit_logs
Get all audit logs
curl --request GET \
--url https://api.vantage.sh/v2/audit_logs \
--header 'Authorization: Bearer <token>'import requests
url = "https://api.vantage.sh/v2/audit_logs"
headers = {"Authorization": "Bearer <token>"}
response = requests.get(url, headers=headers)
print(response.text)const options = {method: 'GET', headers: {Authorization: 'Bearer <token>'}};
fetch('https://api.vantage.sh/v2/audit_logs', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api.vantage.sh/v2/audit_logs",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "GET",
CURLOPT_HTTPHEADER => [
"Authorization: Bearer <token>"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}package main
import (
"fmt"
"net/http"
"io"
)
func main() {
url := "https://api.vantage.sh/v2/audit_logs"
req, _ := http.NewRequest("GET", url, nil)
req.Header.Add("Authorization", "Bearer <token>")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}HttpResponse<String> response = Unirest.get("https://api.vantage.sh/v2/audit_logs")
.header("Authorization", "Bearer <token>")
.asString();require 'uri'
require 'net/http'
url = URI("https://api.vantage.sh/v2/audit_logs")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Get.new(url)
request["Authorization"] = 'Bearer <token>'
response = http.request(request)
puts response.read_body{
"audit_logs": [
{
"token": "adt_lg_1234567890abcdef",
"object_token": "rpt_1234567890abcdef",
"object_type": "Report",
"object_title": "Production Cost Report",
"event": "record_updated",
"source": "api",
"user": "Example User",
"workspace_title": "Production Workspace",
"workspace_token": "wrkspc_5df510e54a48a137",
"created_at": "2025-07-01T14:30:00Z",
"object_changes": {
"title": [
"Old Production Report",
"Production Cost Report"
],
"updated_at": [
"2025-06-15T10:00:00Z",
"2025-07-01T14:30:00Z"
]
}
},
{
"token": "adt_lg_0987654321fedcba",
"object_token": "rpt_0987654321fedcba",
"object_type": "Report",
"object_title": "Development Cost Report",
"event": "record_created",
"source": "console",
"user": "Example User",
"workspace_title": "Production Workspace",
"workspace_token": "wrkspc_5df510e54a48a137",
"created_at": "2025-06-25T09:15:00Z",
"object_changes": {
"key": [
null,
"api-created-tag-1755150452"
],
"token": [
null,
"vtag_0497e0c2b571a71d"
],
"backfill_until": [
null,
"2025-08-01T00:00:00.000Z"
],
"created_by_type": [
"User",
"Team"
],
"referenced_tag_keys_by_provider": [
"{}",
"{\"aws\":[]}"
],
"account": [
null,
"Test Account"
],
"created_by": [
null,
"Example User"
]
}
},
{
"token": "adt_lg_abcdef1234567890",
"object_token": "bgt_abcdef1234567890",
"object_type": "Budget",
"object_title": "Q3 Marketing Budget",
"event": "record_destroyed",
"source": "api",
"user": "Admin User",
"workspace_title": "Production Workspace",
"workspace_token": "wrkspc_5df510e54a48a137",
"created_at": "2025-06-20T16:45:00Z",
"object_changes": {
"title": [
"test_1",
"test_1_updated"
]
}
}
],
"links": {
"self": "/v2/audit_logs?page=1",
"first": "/v2/audit_logs?page=1",
"next": "/v2/audit_logs?page=2",
"last": "/v2/audit_logs?page=3",
"prev": null
}
}{
"errors": [
"<string>"
],
"links": {
"self": "<string>",
"first": "<string>",
"next": "<string>",
"last": "<string>",
"prev": "<string>"
}
}Authorizations
The access token received from the authorization server in the OAuth 2.0 flow.
Query Parameters
The page of results to return.
The amount of results to return. Defaults to 100. The maximum is 5000.
Filter by personal or service API token that performed the action.
Filter by workspace token.
Filter by action type.
Available options:
create, update, delete Filter by object name.
Filter by source.
Available options:
console, api, finops_agent Filter by object type.
Available options:
virtual_tag, cost_report, recommendation_commitment, segment Filter by audit log token.
Filter by object token (auditable_token).
Filter by start date (ISO 8601 format, e.g., 2024-06-01).
Filter by end date (ISO 8601 format, e.g., 2024-06-01).
⌘I