> ## Documentation Index
> Fetch the complete documentation index at: https://docs.projectdiscovery.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Get audit logs for team

## Filtering Audit Logs

This endpoint supports multiple filter parameters to help you narrow down audit log entries:

### Date Filters

* **`start_date`** and **`end_date`**: Filter logs by custom date range
* **`time_range`**: Use predefined time ranges for quick filtering
  * `current_month` - Logs from the current month
  * `last_month` - Logs from the previous month
  * `last_3_months` - Logs from the last 3 months
  * `last_6_months` - Logs from the last 6 months
  * `last_12_months` - Logs from the last 12 months

### Additional Filters

* **`email`**: Filter by specific user email
* **`action`**: Filter by specific action name (e.g., endpoint path)
* **`source`**: Filter by the source of the audit log entry
  * `api` - Actions performed via API
  * `platform` - Actions performed via the web platform
  * `unknown` - Actions from unknown sources

### Pagination

* **`limit`**: Number of rows to return (default: 100, max: 100)
* **`offset`**: Number of rows to skip for pagination

## Example Usage

Filter logs from the last month for a specific user:

```bash theme={null}
curl -X GET "https://api.projectdiscovery.io/v1/team/audit_log?time_range=last_month&email=user@example.com" \
  -H "X-Api-Key: YOUR_API_KEY"
```

Filter logs by source and date range:

```bash theme={null}
curl -X GET "https://api.projectdiscovery.io/v1/team/audit_log?source=api&start_date=2024-01-01&end_date=2024-01-31" \
  -H "X-Api-Key: YOUR_API_KEY"
```


## OpenAPI

````yaml get /v1/team/audit_log
openapi: 3.1.0
info:
  title: PDCP API
  version: '1.0'
  summary: ProjectDiscovery Cloud Platform
  description: >-
    For more details, checkout
    https://docs.projectdiscovery.io/api-reference/editor/scan
servers:
  - url: https://api.projectdiscovery.io
    description: Production
  - url: https://api.dev.projectdiscovery.io
    description: Development
  - url: http://localhost:8085
    description: Localhost
security:
  - X-API-Key: []
paths:
  /v1/team/audit_log:
    get:
      tags: []
      summary: Get audit logs for team
      operationId: get-v1-audit-log
      parameters:
        - schema:
            type: string
          in: query
          name: email
          description: filter by specific user
        - schema:
            type: string
          in: query
          name: action
          description: filter by specific action name
        - schema:
            type: integer
          in: query
          name: offset
          description: number of rows to skip
        - schema:
            type: integer
          in: query
          name: limit
          description: number of rows to get
        - schema:
            type: string
            format: date
          in: query
          name: start_date
          description: start date from which you want to get logs
        - schema:
            type: string
            format: date
          in: query
          name: end_date
          description: end date till which you want to get logs
        - schema:
            type: string
            enum:
              - current_month
              - last_month
              - last_3_months
              - last_6_months
              - last_12_months
          in: query
          name: time_range
          description: time range to get logs
        - schema:
            type: string
            enum:
              - api
              - platform
              - unknown
          in: query
          name: source
          description: filter by request source (api, platform, unknown)
        - schema:
            type: string
          in: header
          description: >-
            Retrieve the Team ID from:
            https://cloud.projectdiscovery.io/settings/team
          name: X-Team-Id
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                type: object
                required:
                  - message
                  - data
                properties:
                  message:
                    type: string
                  data:
                    type: array
                    items:
                      $ref: '#/components/schemas/UserAuditLogItems'
        '400':
          $ref: '#/components/responses/MessageResponse'
        '401':
          $ref: '#/components/responses/MessageResponse'
        '500':
          $ref: '#/components/responses/MessageResponse'
      security:
        - X-API-Key: []
components:
  schemas:
    UserAuditLogItems:
      title: UserAuditLogItems
      type: object
      required:
        - created_at
        - email
        - action
        - status
        - method
        - ip
        - path
      properties:
        created_at:
          type: string
        email:
          type: string
        action:
          type: string
        status:
          type: integer
        method:
          type: string
        ip:
          type: string
        path:
          type: string
        source:
          type: string
          nullable: true
          enum:
            - api
            - platform
            - unknown
          description: >-
            Request origin - "api" for x-api-key authentication, "platform" for
            JWT token, "unknown" for fallback. NULL for historical records
            (displayed as "-" in UI)
  responses:
    MessageResponse:
      description: Example response
      content:
        application/json:
          schema:
            type: object
            properties:
              message:
                type: string
            required:
              - message
  securitySchemes:
    X-API-Key:
      name: X-API-Key
      type: apiKey
      in: header

````