Avnology ID
API ReferenceAudit

Export Audit Events

Bulk export audit events as CSV or JSONL and receive a signed download URL.

Endpoint

POST /v1/audit/events:export

Base URL: https://<Domain id="api"/>

Authentication: Bearer token with audit:export scope.

Creates a background export job. The response contains a polling URL; once ready, fetch the signed download URL. Export files are retained for 7 days.

Request Body

{
  "start_time": "2026-04-01T00:00:00Z",
FieldTypeRequiredDescription
start_timeRFC 3339YesRange start (inclusive)
end_timeRFC 3339YesRange end (exclusive)
filterstringNoFilter DSL
formatenumYes"CSV" | "JSONL"
organization_idstringNoScope to one org

Example

Response (202 Accepted)

{
  "export_id": "exp_01H7X3K9Q1",
  "status": "pending",
  "status_url": "/v1/audit/exports/exp_01H7X3K9Q1",
  "expires_at": "2026-04-24T00:00:00Z"
}

Poll the status_url until status == "completed". The final response includes download_url (signed, 24h validity).

Get Audit Event

Fetch a single audit event by ID.

Get Audit Summary

Aggregated event counts grouped by action for a time range.

On this page

EndpointRequest BodyExampleResponse (202 Accepted)