Get Audit Events within a Time Window

GET 
/api/statistics/details/audit_events/

Retrieve or export audit events within a specified time window.

Request

Query Parameters

limit integer

Number of results to return per page.

offset integer

The initial index from which to return the results.

start_date date-timerequired

Start of date range in format 'YYYY-MM-DDThh:mm:ss.sZ'

end_date date-timerequired

End of date range in format 'YYYY-MM-DDThh:mm:ss.sZ'

user integer[]

(optional) Filter by user id(s)

export string

Possible values: [csv]

Export the results in provided format. Supported formats are: csv

event_type stringrequired

Possible values: [WORKSPACE.CREATE, ORG.DELETE_USERS, EDITOR.EXIT, WORKSPACE.CHANGE_VISIBILITY, ENTITY.REVISE, APP.UNARCHIVE, USER.DEV_PAIRING_VERIFY, APP.CREATE, APP.ARCHIVE, USER.LOGOUT, ENTITY.COPY, ORG.INVITE_USERS, APP.UPDATE, USER.LOGIN, WORKSPACE.UNARCHIVE, ENTITY.COPY_RECURSIVE, WORKSPACE.DELETE_USERS, USER.SUBMIT_SUPPORT_TICKET, ENTITY.SAVE, APP.PUBLISH_FAIL, USER.LOCK, WORKSPACE.ENTER, EDITOR.COMPUTE, APP.PUBLISH, WORKSPACE.ARCHIVE, ENTITY.RENAME, USER.CLI_DOWNLOAD, APP.UPDATE_VARIABLES, ENTITY.DELETE, ORG.INVITE_USERS_BY_EMAIL, USER.DEV_PAIRING_RETRIEVE, USER.LOGIN_FAIL, WORKSPACE.INVITE_USERS, USER.DEV_PAIRING_ACTIVATE, ENTITY.CREATE, EDITOR.ENTER]

Type of the event. Supported types are: WORKSPACE.CREATE, ORG.DELETE_USERS, EDITOR.EXIT, WORKSPACE.CHANGE_VISIBILITY, ENTITY.REVISE, APP.UNARCHIVE, USER.DEV_PAIRING_VERIFY, APP.CREATE, APP.ARCHIVE, USER.LOGOUT, ENTITY.COPY, ORG.INVITE_USERS, APP.UPDATE, USER.LOGIN, WORKSPACE.UNARCHIVE, WORKSPACE.DELETE_USERS, ENTITY.COPY_RECURSIVE, USER.SUBMIT_SUPPORT_TICKET, ENTITY.SAVE, APP.PUBLISH_FAIL, USER.LOCK, WORKSPACE.ENTER, EDITOR.COMPUTE, APP.PUBLISH, WORKSPACE.ARCHIVE, ENTITY.RENAME, USER.CLI_DOWNLOAD, APP.UPDATE_VARIABLES, ENTITY.DELETE, ORG.INVITE_USERS_BY_EMAIL, USER.DEV_PAIRING_RETRIEVE, USER.LOGIN_FAIL, WORKSPACE.INVITE_USERS, USER.DEV_PAIRING_ACTIVATE, ENTITY.CREATE, EDITOR.ENTER

app integer[]

(optional) Filter by app(s)

workspace integer[]

(optional) Filter by workspace(s)

sort string

Possible values: [timestamp, timestamp:asc, timestamp:desc]

Sort by timestamp, allowing for :asc and :desc suffixes.

Responses

200

application/json

Schema

Schema

count integerrequired

Count of all the objects in the result set.

next string

Next url.

previous string

Previous url.

results

object[]

required

Array [

row_id string

Unique row id

context object

Event context

event_type string

Possible values: non-empty

timestamp date-time

user object

User details

]

Example (from schema)

{
  "count": 0,
  "next": "string",
  "previous": "string",
  "results": [
    {
      "row_id": "string",
      "context": {},
      "event_type": "string",
      "timestamp": "2025-11-07T16:05:09.020Z",
      "user": {}
    }
  ]
}

400

Validation error response.

It produces a validation error schema like below.

{
    "field1": ["Validation error"],
    "non_field_errors": ["Sample non field validation error"]
}

401

No authentication found or authentication is not correct.

Loading...