Skip to main content
GET
/
audit_logs
Get all audit logs
curl --request GET \
  --url https://api.vantage.sh/v2/audit_logs \
  --header 'Authorization: Bearer <token>'
{
  "audit_logs": [
    {
      "token": "adt_lg_1234567890abcdef",
      "object_token": "rpt_1234567890abcdef",
      "object_type": "Report",
      "object_title": "Production Cost Report",
      "event": "record_updated",
      "source": "api",
      "user": "Example User",
      "workspace_title": "Production Workspace",
      "workspace_token": "wrkspc_5df510e54a48a137",
      "created_at": "2025-07-01T14:30:00Z",
      "object_changes": {
        "title": [
          "Old Production Report",
          "Production Cost Report"
        ],
        "updated_at": [
          "2025-06-15T10:00:00Z",
          "2025-07-01T14:30:00Z"
        ]
      }
    },
    {
      "token": "adt_lg_0987654321fedcba",
      "object_token": "rpt_0987654321fedcba",
      "object_type": "Report",
      "object_title": "Development Cost Report",
      "event": "record_created",
      "source": "console",
      "user": "Example User",
      "workspace_title": "Production Workspace",
      "workspace_token": "wrkspc_5df510e54a48a137",
      "created_at": "2025-06-25T09:15:00Z",
      "object_changes": {
        "key": [
          null,
          "api-created-tag-1755150452"
        ],
        "token": [
          null,
          "vtag_0497e0c2b571a71d"
        ],
        "backfill_until": [
          null,
          "2025-08-01T00:00:00.000Z"
        ],
        "created_by_type": [
          "User",
          "Team"
        ],
        "referenced_tag_keys_by_provider": [
          "{}",
          "{\"aws\":[]}"
        ],
        "account": [
          null,
          "Test Account"
        ],
        "created_by": [
          null,
          "Example User"
        ]
      }
    },
    {
      "token": "adt_lg_abcdef1234567890",
      "object_token": "bgt_abcdef1234567890",
      "object_type": "Budget",
      "object_title": "Q3 Marketing Budget",
      "event": "record_destroyed",
      "source": "api",
      "user": "Admin User",
      "workspace_title": "Production Workspace",
      "workspace_token": "wrkspc_5df510e54a48a137",
      "created_at": "2025-06-20T16:45:00Z",
      "object_changes": {
        "title": [
          "test_1",
          "test_1_updated"
        ]
      }
    }
  ],
  "_links": {
    "self": "/v2/audit_logs?page=1&limit=25",
    "first": "/v2/audit_logs?page=1&limit=25",
    "next": "/v2/audit_logs?page=2&limit=25",
    "last": "/v2/audit_logs?page=10&limit=25",
    "prev": null
  },
  "_meta": {
    "total_count": 248,
    "per_page": 25,
    "page": 1
  }
}

Authorizations

Authorization
string
header
required

The access token received from the authorization server in the OAuth 2.0 flow.

Query Parameters

page
integer<int32>

The page of results to return.

limit
integer<int32>

The amount of results to return. The maximum is 1000.

user
integer<int32>

Filter by personal or service API token that performed the action.

workspace_token
string

Filter by workspace token.

action
enum<string>

Filter by action type.

Available options:
create,
update,
delete
object_name
string

Filter by object name.

source
enum<string>

Filter by source.

Available options:
console,
api,
finops_agent
object_type
enum<string>

Filter by object type.

Available options:
virtual_tag,
cost_report,
recommendation_commitment
token
string

Filter by audit log token.

object_token
string

Filter by object token (auditable_token).

start_date
string<date>

Filter by start date (ISO 8601 format, e.g., 2024-06-01).

end_date
string<date>

Filter by end date (ISO 8601 format, e.g., 2024-06-01).

Response

AuditLogs model

links
object
audit_logs
object[]