Export Audit Logs
Available Since Version 1.7.0
This API is used to export the Audit Logs, the response will be a compressed zip archive.
Request#
When calling the API using a GET request you will send the export criteria on the URL using request parameters. In order to simplify the example URL above, not every possible parameter is shown, however using the provided pattern you may add any of the documented request parameters to the URL.
Request Parameters#
dateTimeSecondsFormatStringoptionalThe format string used to format the date and time columns in the export result.
When this parameter is omitted a default format of M/d/yyyy hh:mm:ss a z will be used. See the DateTimeFormatter patterns for additional examples.
endLongoptionalThe end instant of the date/time range to search within.
messageStringoptionalThe string to search in the Audit Log message for. This can contain wildcards using the asterisk character (*). If no wildcards are present, this parameter value will be interpreted as *value*.
startLongoptionalThe start instant of the date/time range to search within.
tenantIdUUIDoptionalAvailable since 1.65.0Restricts the results to Audit Logs belonging to the given Tenant. This parameter will be overridden if the request contains an X-FusionAuth-TenantId header, or if the supplied API key is scoped to a specific Tenant.
userStringoptionalThe string to search in the Audit Log user for. This can contain wildcards using the asterisk character (*). If no wildcards are present, this parameter value will be interpreted as *value*.
zoneIdStringoptionalThe time zone used to adjust the stored UTC time in the export result.
For example:
America/DenverorUS/Mountain
When this parameter is omitted the configured default report time zone will be used. See reportTimezone in the System Configuration API.
When calling the API using a POST request you will send the export criteria in a JSON request body.
Request Body#
criteria.endLongoptionalThe end instant of the date/time range to include in the export.
criteria.messageStringoptionalThe string to search in the Audit Log message for. This can contain wildcards using the asterisk character (*). If no wildcards are present, this parameter value will be interpreted as *value*.
criteria.startLongoptionalThe start instant of the date/time range to include in the export.
criteria.tenantIdUUIDoptionalAvailable since 1.65.0Restricts the results to Audit Logs belonging to the given Tenant. This parameter will be overridden if the request contains an X-FusionAuth-TenantId header, or if the supplied API key is scoped to a specific Tenant.
criteria.userStringoptionalThe string to search in the Audit Log user for. This can contain wildcards using the asterisk character (*). If no wildcards are present, this parameter value will be interpreted as *value*.
dateTimeSecondsFormatStringoptionalThe format string used to format the date and time columns in the export result.
When this parameter is omitted a default format of M/d/yyyy hh:mm:ss a z will be used. See the DateTimeFormatter patterns for additional examples.
zoneIdStringoptionalThe time zone used to adjust the stored UTC time in the export result.
For example:
America/DenverorUS/Mountain
When this parameter is omitted the configured default report time zone will be used. See reportTimezone in the System Configuration API.
Response#
The response for this API will contain a compressed zip of the audit logs.
Response Codes| Code | Description |
|---|---|
| 200 | The request was successful. The response will be a compressed archive byte stream with a |
| 400 | The request was invalid and/or malformed. The response will contain an Errors JSON Object with the specific errors. This status will also be returned if a paid FusionAuth license is required and is not present. |
| 401 | You did not supply a valid Authorization header. The header was omitted or your API key was not valid. The response will be empty. See Authentication. |
| 404 | The object you requested doesn't exist. The response will be empty. |
| 500 | There was an internal error. A stack trace is provided and logged in the FusionAuth log files. The response will be empty. |
| 503 | The search index is not available or encountered an exception so the request cannot be completed. The response will contain a JSON body. |