Skip to main content
GET
/
audit_logs
Get all audit logs
curl --request GET \
  --url https://api.vantage.sh/v2/audit_logs \
  --header 'Authorization: Bearer <token>'
import requests

url = "https://api.vantage.sh/v2/audit_logs"

headers = {"Authorization": "Bearer <token>"}

response = requests.get(url, headers=headers)

print(response.text)
const options = {method: 'GET', headers: {Authorization: 'Bearer <token>'}};

fetch('https://api.vantage.sh/v2/audit_logs', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));
<?php

$curl = curl_init();

curl_setopt_array($curl, [
CURLOPT_URL => "https://api.vantage.sh/v2/audit_logs",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "GET",
CURLOPT_HTTPHEADER => [
"Authorization: Bearer <token>"
],
]);

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}
package main

import (
"fmt"
"net/http"
"io"
)

func main() {

url := "https://api.vantage.sh/v2/audit_logs"

req, _ := http.NewRequest("GET", url, nil)

req.Header.Add("Authorization", "Bearer <token>")

res, _ := http.DefaultClient.Do(req)

defer res.Body.Close()
body, _ := io.ReadAll(res.Body)

fmt.Println(string(body))

}
HttpResponse<String> response = Unirest.get("https://api.vantage.sh/v2/audit_logs")
.header("Authorization", "Bearer <token>")
.asString();
require 'uri'
require 'net/http'

url = URI("https://api.vantage.sh/v2/audit_logs")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Get.new(url)
request["Authorization"] = 'Bearer <token>'

response = http.request(request)
puts response.read_body
{
  "audit_logs": [
    {
      "token": "adt_lg_1234567890abcdef",
      "object_token": "rpt_1234567890abcdef",
      "object_type": "Report",
      "object_title": "Production Cost Report",
      "event": "record_updated",
      "source": "api",
      "user": "Example User",
      "workspace_title": "Production Workspace",
      "workspace_token": "wrkspc_5df510e54a48a137",
      "created_at": "2025-07-01T14:30:00Z",
      "object_changes": {
        "title": [
          "Old Production Report",
          "Production Cost Report"
        ],
        "updated_at": [
          "2025-06-15T10:00:00Z",
          "2025-07-01T14:30:00Z"
        ]
      }
    },
    {
      "token": "adt_lg_0987654321fedcba",
      "object_token": "rpt_0987654321fedcba",
      "object_type": "Report",
      "object_title": "Development Cost Report",
      "event": "record_created",
      "source": "console",
      "user": "Example User",
      "workspace_title": "Production Workspace",
      "workspace_token": "wrkspc_5df510e54a48a137",
      "created_at": "2025-06-25T09:15:00Z",
      "object_changes": {
        "key": [
          null,
          "api-created-tag-1755150452"
        ],
        "token": [
          null,
          "vtag_0497e0c2b571a71d"
        ],
        "backfill_until": [
          null,
          "2025-08-01T00:00:00.000Z"
        ],
        "created_by_type": [
          "User",
          "Team"
        ],
        "referenced_tag_keys_by_provider": [
          "{}",
          "{\"aws\":[]}"
        ],
        "account": [
          null,
          "Test Account"
        ],
        "created_by": [
          null,
          "Example User"
        ]
      }
    },
    {
      "token": "adt_lg_abcdef1234567890",
      "object_token": "bgt_abcdef1234567890",
      "object_type": "Budget",
      "object_title": "Q3 Marketing Budget",
      "event": "record_destroyed",
      "source": "api",
      "user": "Admin User",
      "workspace_title": "Production Workspace",
      "workspace_token": "wrkspc_5df510e54a48a137",
      "created_at": "2025-06-20T16:45:00Z",
      "object_changes": {
        "title": [
          "test_1",
          "test_1_updated"
        ]
      }
    }
  ],
  "links": {
    "self": "/v2/audit_logs?page=1",
    "first": "/v2/audit_logs?page=1",
    "next": "/v2/audit_logs?page=2",
    "last": "/v2/audit_logs?page=3",
    "prev": null
  }
}
{
"errors": [
"<string>"
],
"links": {
"self": "<string>",
"first": "<string>",
"next": "<string>",
"last": "<string>",
"prev": "<string>"
}
}

Authorizations

Authorization
string
header
required

The access token received from the authorization server in the OAuth 2.0 flow.

Query Parameters

page
integer<int32>

The page of results to return.

limit
integer<int32>

The amount of results to return. Defaults to 100. The maximum is 5000.

user
integer<int32>

Filter by personal or service API token that performed the action.

workspace_token
string

Filter by workspace token.

action
enum<string>

Filter by action type.

Available options:
create,
update,
delete
object_name
string

Filter by object name.

source
enum<string>

Filter by source.

Available options:
console,
api,
finops_agent
object_type
enum<string>

Filter by object type.

Available options:
virtual_tag,
cost_report,
recommendation_commitment,
segment
token
string

Filter by audit log token.

object_token
string

Filter by object token (auditable_token).

start_date
string<date>

Filter by start date (ISO 8601 format, e.g., 2024-06-01).

end_date
string<date>

Filter by end date (ISO 8601 format, e.g., 2024-06-01).

Response

AuditLogs model

audit_logs
object[]
required