Get audit log events

Retrieve the audit log events that have been captured in your domain.

This endpoint will return a list of AuditLogEvent objects, sorted by creation time in ascending order. Note that the Audit Log API captures events from October 8th, 2021 and later. Queries for events before this date will not return results.

There are a number of query parameters (below) that can be used to filter the set of AuditLogEvent objects that are returned in the response. Any combination of query parameters is valid. When no filters are provided, all of the events that have been captured in your domain will match.

The list of events will always be paginated. The default limit is 1000 events. The next set of events can be retrieved using the offset from the previous response. If there are no events that match the provided filters in your domain, the endpoint will return null for the next_page field. Querying again with the same filters may return new events if they were captured after the last request. Once a response includes a next_page with an offset, subsequent requests can be made with the latest offset to poll for new events that match the provided filters.

Note: If the filters you provided match events in your domain and next_page is present in the response, we will continue to send next_page on subsequent requests even when there are no more events that match the filters. This was put in place so that you can implement an audit log stream that will return future events that match these filters. If you are not interested in future events that match the filters you have defined, you can rely on checking empty data response for the end of current events that match your filters.

When no offset is provided, the response will begin with the oldest events that match the provided filters. It is important to note that AuditLogEvent objects will be permanently deleted from our systems after 90 days. If you wish to keep a permanent record of these events, we recommend using a SIEM tool to ingest and store these logs.

📘

Access

Note that only Service Accounts belonging to organizations on the Asana Enterprise+ tier, as well as legacy tier Legacy Enterprise, can access audit log API endpoints. Authentication with a Service Account's personal access token is required.

Path Params
string
required

Globally unique identifier for the workspace or organization.

Query Params
date-time

Filter to events created after this time (inclusive).

date-time

Filter to events created before this time (exclusive).

string

Filter to events of this type.
Refer to the supported audit log events for a full list of values.

string

Filter to events with an actor of this type.
This only needs to be included if querying for actor types without an ID. If actor_gid is included, this should be excluded.

string

Filter to events triggered by the actor with this ID.

string

Filter to events with this resource ID.

integer
1 to 100

Results per page.
The number of objects to return per page. The value must be between 1 and 100.

string

Offset token.
An offset to the next page returned by the API. A pagination request will return an offset token, which can be used as an input parameter to the next request. If an offset is not passed in, the API will return the first page of results.
Note: You can only pass in an offset that was returned to you via a previously paginated request.

Responses

Response body
object
array of objects
data
object
string

Globally unique identifier of the AuditLogEvent, as a string.

date-time

The time the event was created.

string

The type of the event.

string

The category that this event_type belongs to.

object

The entity that triggered the event. Will typically be a user.

object

The primary object that was affected by this event.

object

Event specific details. The schema will vary depending on the event_type.

Has additional fields
object

The context from which this event originated.

object | null

Conditional. This property is only present when a limit query parameter is provided in the request. When making a paginated request, the API will return a number of results as specified by the limit parameter. If more results exist, then the response will contain a next_page attribute, which will include an offset, a relative path attribute, and a full uri attribute. If there are no more pages available, next_page will be null and no offset will be provided. Note that an offset token will expire after some time, as data may have changed.

string

Pagination offset for the request.

string

A relative path containing the query parameters to fetch for next_page

uri

A full uri containing the query parameters to fetch for next_page

Language
Credentials
Request
Asana Home
Asana helps you manage projects, focus on what's important, and organize work in one place for seamless collaboration.
© 2023 Asana, Inc.