# Get Audit Logs

> Gets the audit logs for an organization, based on the organization name.

Gets the audit logs for an organization, based on the organization name.

## API Endpoint

`GET` `https://{yourDomain}/{organizationName}/audit_/api/auditlogs/partitionGlobalId`

## Scopes

Requires one of the following scopes:

* PM.Audit
* PM.Audit.Read

## Request Headers

```
--header 'Authorization: Bearer {access_token}'\
--header 'Content-Type: application/json'
```

## Query Parameters

| Query param | Data type | Description |
| --- | --- | --- |
| `language`  (optional) | string | Specify the available display language, in the shorten form.  For example, `en`, `fr`, `de`, `ja` etc. |
| `top`  (optional) | int32 | Display the top N entries of the audit. |
| `skip`  (optional) | int32 | Skip the top N audit entries from displaying. |
| `sortBy`  (optional) | string | Specify the DTO property used to sort audit entries by.  For example, `createdOn`, `category`, `email`, etc. |
| `sortOrder`  (optional) | string | Specify the sorting order.  For example, ascending (`asc`) or descending (`desc`). |
| `api-version`  (optional) | string | Specify the API version you are using. |

## Responses

### 200 OK

Returns the queried audit events.

## Example Request

Let's say you gathered all the information needed to build the API call.

* Your `{baseURL}` is: `https://{yourDomain}/{organizationName}`
* Your `{access_token}` is: `1234` (for length considerations).
* You set the following query params:
  + `language` = `en`
  + `top` = 2, to display the top two entries
  + `skip` = 2, to skip the first two entries
  + `sortBy` = `createdOn`, to sort the entries by their creation time
  + `sortOrder` = `asc`, to sort the entries from the earliest entry to the latest one

The call should resemble the following example (cURL):

```
curl --location --request GET ' https://{yourDomain}/{organizationName}/audit_/api/auditlogs?language=en&top=2&skip=2&sortBy=createdOn&sortOrder=asc' \
--header 'Authorization: Bearer 1234' \
--header 'Content-Type: application/json'
```

Here's the response body for a successful audit entries retrieval:

```
{
    "totalCount": 29,
    "results": [
        {
            "createdOn": "2021-10-14T13:10:15.1964174+00:00",
            "category": "User",
            "action": "Login",
            "auditLogDetails": "{\r\n \"userName\": \"System Administrator admin\",\r\n \"email\": \"\"\r\n}", 
            "userName": "System Administrator",
            "email": "",
            "message": "User 'System Administrator admin' logged in",
            "detailsVersion": "1.0",
            "source": "Cis"
        },
....
        {
            "createdOn": "2021-10-14T12:41:00.3268964+00:00",
            "category": "User",
            "action": "Login",
            "auditLogDetails": "{\r\n \"userName\": \"System Administrator admin\",\r\n \"email\": \"\"\r\n}", 
            "userName": "System Administrator",
            "email": "",
            "message": "User 'System Administrator admin' logged in",
            "detailsVersion": "1.0",
            "source": "Cis"
        }
    ]
}
```