# Auditing ## Audit Trail > This endpoint returns a list of audit trail events for the authenticated user's organization.\ > \ > To obtain data from this endpoint, the authenticated user must be an \*\*organization admin\*\*\ > and the data returned is equivalent to the what an Organization admin would be able to get from\ > the Soda Cloud UI under "Organization Settings > Audit Trail".\ > \ > Usage\ > \-----\ > Use this endpoint to capture audit trail events for security and usage monitoring purposes.\ > \ > Returns\ > \-------\ > An object of type \`AuditTrailResult\` containing an array of \`AuditTrailData\`.\ > \ > Find details about the response objects in the \*\*Schemas\*\* section or by unfurling the response\ > details. ```json {"openapi":"3.0.2","info":{"title":"Soda Cloud Reporting API","version":"1.3.1"},"servers":[{"url":"https://reporting.cloud.soda.io/v1","description":"Cloud EU"},{"url":"https://reporting.cloud.us.soda.io/v1","description":"Cloud US"}],"security":[{"HTTPBasic":[]},{"SodaBackendToken":[]},{"APIKeyCookie":[]},{"ApiKeyId[Soon Deprecated] Use XApiKeyID":[]},{"APIKeySecret[Soon Deprecated] Use XApiKeySecret":[]},{"XApiKeyId":[]},{"XApiKeySecret":[]}],"components":{"securitySchemes":{"HTTPBasic":{"type":"http","scheme":"basic"},"SodaBackendToken":{"type":"apiKey","in":"header","name":"SODA_TOKEN"},"APIKeyCookie":{"type":"apiKey","in":"cookie","name":"token"},"ApiKeyId[Soon Deprecated] Use XApiKeyID":{"type":"apiKey","in":"header","name":"API_KEY_ID"},"APIKeySecret[Soon Deprecated] Use XApiKeySecret":{"type":"apiKey","in":"header","name":"API_KEY_SECRET"},"XApiKeyId":{"type":"apiKey","in":"header","name":"X-API-KEY-ID"},"XApiKeySecret":{"type":"apiKey","in":"header","name":"X-API-KEY-SECRET"}},"schemas":{"AuditTrailResult":{"title":"AuditTrailResult","required":["data"],"type":"object","properties":{"data":{"title":"Data","type":"array","items":{"$ref":"#/components/schemas/AuditTrailData"}},"resource":{"title":"Resource","type":"string","default":"audit_trail"}},"description":"Array of `AuditTrailData`."},"AuditTrailData":{"title":"AuditTrailData","type":"object","properties":{"correlation_id":{"title":"Correlation Id","type":"string","description":"Identifier of a given audited request. Note this column cannot be used as a primary key as it can span over multiple rows."},"eventTime":{"title":"Eventtime","type":"string","description":"ISO UTC datetime at which the event happened.","format":"date-time"},"ipAddress":{"title":"Ipaddress","type":"string","description":"IP address of the user who performed the logged action."},"email":{"title":"Email","type":"string","description":"Email address of the user who performed the logged action."},"apiKey":{"title":"Apikey","type":"string","description":"Obfuscated API key of the user who performed the logged action."},"comment":{"title":"Comment","type":"string","description":"Explanation of the audited event."},"hash":{"title":"Hash","type":"string","description":"A tamper-proof security and verification hash."}},"description":"Contains audited events from the authorized user's organization."},"NoContentError":{"title":"NoContentError","type":"object","properties":{"resource":{"title":"Resource","type":"string","description":"Name of the resource. Usually the same string as the endpoint."},"data":{"title":"Data","type":"array","items":{"type":"object"},"description":"Generic data payload from the query. Should be overidden with a more specific pydandic model.","default":[]},"detail":{"title":"Detail","type":"string","default":"No results for the requested data. Since the data is pre-processed in batches it might be that the data you are looking for has not yet been processed. You can check when the last refresh took place by using the /last_etl_refresh_info endpoint. If you think this is a bug and you should be getting results, get in touch with us."}},"description":"Response Schema of a NoContent Error"},"HTTPValidationError":{"title":"HTTPValidationError","type":"object","properties":{"detail":{"title":"Detail","type":"array","items":{"$ref":"#/components/schemas/ValidationError"}}}},"ValidationError":{"title":"ValidationError","required":["loc","msg","type"],"type":"object","properties":{"loc":{"title":"Location","type":"array","items":{"anyOf":[{"type":"string"},{"type":"integer"}]}},"msg":{"title":"Message","type":"string"},"type":{"title":"Error Type","type":"string"}}}}},"paths":{"/audit_trail":{"get":{"tags":["Auditing"],"summary":"Audit Trail","description":"This endpoint returns a list of audit trail events for the authenticated user's organization.\n\nTo obtain data from this endpoint, the authenticated user must be an **organization admin**\nand the data returned is equivalent to the what an Organization admin would be able to get from\nthe Soda Cloud UI under \"Organization Settings > Audit Trail\".\n\nUsage\n-----\nUse this endpoint to capture audit trail events for security and usage monitoring purposes.\n\nReturns\n-------\nAn object of type `AuditTrailResult` containing an array of `AuditTrailData`.\n\nFind details about the response objects in the **Schemas** section or by unfurling the response\ndetails.","operationId":"audit_trail_audit_trail_get","parameters":[{"required":false,"schema":{"title":"From Datetime","type":"string","format":"date-time","default":"2023-10-09T09:18:16.610035"},"name":"from_datetime","in":"query"},{"required":false,"schema":{"title":"To Datetime","type":"string","format":"date-time","default":"2023-11-09T09:18:16.610057"},"name":"to_datetime","in":"query"}],"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/AuditTrailResult"}}}},"202":{"description":"Successful request but no data was returned","content":{"application/json":{"schema":{"$ref":"#/components/schemas/NoContentError"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}}}} ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.soda.io/soda-documentation/soda-v3/reporting-api-v1/auditing.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.