Audit Logs API
Query audit logs for all actions performed within an organization. Audit logs are immutable and retained according to your plan.
Endpoints
| Method | Path | Description |
|---|---|---|
| GET | /api/audit-logs | List audit logs |
Audit Log Object
json
{
"id": "aud_abc123",
"action": "source.created",
"entityType": "source",
"entityId": "src_xyz789",
"entityName": "GitHub Webhooks",
"userId": "usr_abc123",
"userEmail": "[email protected]",
"userDisplayName": "John Doe",
"metadata": {
"name": "GitHub Webhooks",
"slug": "github",
"provider": "github"
},
"ipAddress": "192.168.1.1",
"userAgent": "Mozilla/5.0...",
"createdAt": "2024-01-15T10:30:00Z"
}List Audit Logs
http
GET /api/audit-logsQuery Parameters
| Parameter | Type | Description |
|---|---|---|
| page | number | Page number (default: 1) |
| pageSize | number | Items per page (default: 50, max: 100) |
| action | string | Filter by action type (e.g., source.created) |
| entityType | string | Filter by entity type (e.g., source) |
| userId | string | Filter by user who performed the action |
| from | string | Start date (ISO 8601) |
| to | string | End date (ISO 8601) |
Example
bash
# Get all audit logs
curl https://api.hookbase.app/api/audit-logs \
-H "Authorization: Bearer whr_your_api_key"
# Filter by action
curl "https://api.hookbase.app/api/audit-logs?action=source.deleted" \
-H "Authorization: Bearer whr_your_api_key"
# Filter by entity type and date range
curl "https://api.hookbase.app/api/audit-logs?entityType=route&from=2024-01-01&to=2024-01-31" \
-H "Authorization: Bearer whr_your_api_key"javascript
// Get all audit logs
const response = await fetch('https://api.hookbase.app/api/audit-logs', {
headers: {
'Authorization': 'Bearer whr_your_api_key'
}
});
const data = await response.json();
// Filter by action
const filtered = await fetch('https://api.hookbase.app/api/audit-logs?action=source.deleted', {
headers: {
'Authorization': 'Bearer whr_your_api_key'
}
});
// Filter by entity type and date range
const rangeFiltered = await fetch(
'https://api.hookbase.app/api/audit-logs?entityType=route&from=2024-01-01&to=2024-01-31',
{
headers: {
'Authorization': 'Bearer whr_your_api_key'
}
}
);python
import requests
# Get all audit logs
response = requests.get(
'https://api.hookbase.app/api/audit-logs',
headers={'Authorization': 'Bearer whr_your_api_key'}
)
data = response.json()
# Filter by action
filtered = requests.get(
'https://api.hookbase.app/api/audit-logs?action=source.deleted',
headers={'Authorization': 'Bearer whr_your_api_key'}
)
# Filter by entity type and date range
range_filtered = requests.get(
'https://api.hookbase.app/api/audit-logs?entityType=route&from=2024-01-01&to=2024-01-31',
headers={'Authorization': 'Bearer whr_your_api_key'}
)Response
json
{
"data": [
{
"id": "aud_abc123",
"action": "source.created",
"entityType": "source",
"entityId": "src_xyz789",
"entityName": "GitHub Webhooks",
"userId": "usr_abc123",
"userEmail": "[email protected]",
"createdAt": "2024-01-15T10:30:00Z"
},
{
"id": "aud_def456",
"action": "route.updated",
"entityType": "route",
"entityId": "rte_main123",
"entityName": "GitHub to Slack",
"userId": "usr_def456",
"userEmail": "[email protected]",
"createdAt": "2024-01-15T10:25:00Z"
}
],
"pagination": {
"total": 234,
"page": 1,
"pageSize": 50
}
}Action Types
Source Actions
| Action | Description |
|---|---|
source.created | Source created |
source.updated | Source settings updated |
source.deleted | Source deleted |
source.secret_rotated | Signing secret rotated |
source.imported | Sources imported from file |
source.exported | Sources exported |
Destination Actions
| Action | Description |
|---|---|
destination.created | Destination created |
destination.updated | Destination settings updated |
destination.deleted | Destination deleted |
destination.tested | Test webhook sent |
destination.imported | Destinations imported |
destination.exported | Destinations exported |
Route Actions
| Action | Description |
|---|---|
route.created | Route created |
route.updated | Route settings updated |
route.deleted | Route deleted |
route.paused | Route paused |
route.resumed | Route resumed |
route.circuit_reset | Circuit breaker manually reset |
route.imported | Routes imported |
route.exported | Routes exported |
Organization Actions
| Action | Description |
|---|---|
organization.updated | Organization settings updated |
organization.member_added | Member added |
organization.member_removed | Member removed |
organization.member_role_changed | Member role changed |
organization.invite_created | Invite sent |
organization.invite_accepted | Invite accepted |
Security Actions
| Action | Description |
|---|---|
api_key.created | API key created |
api_key.revoked | API key revoked |
auth.login | User logged in |
auth.login_failed | Failed login attempt |
auth.2fa_enabled | Two-factor authentication enabled |
auth.2fa_disabled | Two-factor authentication disabled |
auth.password_changed | Password changed |
Other Actions
| Action | Description |
|---|---|
transform.created | Transform created |
transform.updated | Transform updated |
transform.deleted | Transform deleted |
filter.created | Filter created |
filter.updated | Filter updated |
filter.deleted | Filter deleted |
schema.created | Schema created |
schema.updated | Schema updated |
schema.deleted | Schema deleted |
custom_domain.created | Custom domain added |
custom_domain.verified | Custom domain verified |
custom_domain.deleted | Custom domain removed |
notification_channel.created | Notification channel created |
notification_channel.deleted | Notification channel deleted |
Entity Types
| Entity Type | Description |
|---|---|
source | Webhook source |
destination | Webhook destination |
route | Route |
transform | Transform |
filter | Filter |
schema | Schema |
organization | Organization |
api_key | API key |
custom_domain | Custom domain |
notification_channel | Notification channel |
cron_job | Cron job |
tunnel | Tunnel |
auth | Authentication event |
Related
- Audit Logs Guide — Compliance and querying patterns