Skip to main content
GET
List audit logs
Applies to BloodHound Enterprise and CE

Authorizations

Authorization
string
header
required

Authorization: Bearer $JWT_TOKEN

Headers

Prefer
string
default:wait=30

Prefer header, used to specify a custom timeout in seconds using the wait parameter as per RFC7240. Passing in wait=-1 bypasses all timeout limits when the feature is enabled.

Pattern: ^wait=(-1|[0-9]+)$

Query Parameters

skip
integer

This query parameter is used for determining the number of objects to skip in pagination. The number of items to skip in a paginated response.

Required range: x >= 0
limit
integer

This query parameter is used for setting an upper limit of objects returned in paginated responses. The limit of results requested by the client.

Required range: x >= 0
created_at
string

Filter results by created_at value. See filter schema details for valid predicates. Filter results by column timestamp value formatted as an RFC-3339 string. Valid filter predicates are eq, neq, gt, gte, lt, lte.

Pattern: ^((eq|neq|gt|gte|lt|lte):)?[0-9]{4}-[0-9]{2}-[0-9]{2}[Tt][0-9]{2}:[0-9]{2}:[0-9]{2}(\.[0-9]{1,9})?([Zz]|-[0-9]{2}:[0-9]{2})$
sort_by
string

Sortable columns are id, actor_id, actor_name, actor_email, action, request_id, created_at, source, and status.

Sort by column. Can be used multiple times; prepend a hyphen for descending order. See parameter description for details about which columns are sortable.

before
string<date-time>

Return logs created before the specified time. Value should be in the RFC-3339 format. If not supplied, this will default to the current time.

after
string<date-time>

Return logs created after the specified time. Value should be in the RFC-3339 format. If not supplied, this will default to 1 year before the current time.

id
string

Filter results by column string value. Valid filter predicates are eq, ~eq, neq.

Pattern: ^((eq|~eq|neq):)?[^:]+$
actor_id
string

Filter results by column string value. Valid filter predicates are eq, ~eq, neq.

Pattern: ^((eq|~eq|neq):)?[^:]+$
actor_name
string

Filter results by column string value. Valid filter predicates are eq, ~eq, neq.

Pattern: ^((eq|~eq|neq):)?[^:]+$
actor_email
string

Filter results by column string value. Valid filter predicates are eq, ~eq, neq.

Pattern: ^((eq|~eq|neq):)?[^:]+$
action
string

Filter results by column string value. Valid filter predicates are eq, ~eq, neq.

Pattern: ^((eq|~eq|neq):)?[^:]+$
request_id
string

Filter results by column string value. Valid filter predicates are eq, ~eq, neq.

Pattern: ^((eq|~eq|neq):)?[^:]+$
source
string

Filter results by column string value. Valid filter predicates are eq, ~eq, neq.

Pattern: ^((eq|~eq|neq):)?[^:]+$
status
string

Filter results by column value. Valid filter predicates are eq, neq. Valid values are success and failure. Filter results by column string value. Valid filter predicates are eq, ~eq, neq.

Pattern: ^((eq|~eq|neq):)?[^:]+$

Response

OK

data
object