# Auditing

## Audit Trail

> This endpoint returns a list of audit trail events for the authenticated user's organization.\
> \
> To obtain data from this endpoint, the authenticated user must be an \*\*organization admin\*\*\
> and the data returned is equivalent to the what an Organization admin would be able to get from\
> the Soda Cloud UI under "Organization Settings > Audit Trail".\
> \
> Usage\
> \-----\
> Use this endpoint to capture audit trail events for security and usage monitoring purposes.\
> \
> Returns\
> \-------\
> An object of type \`AuditTrailResult\` containing an array of \`AuditTrailData\`.\
> \
> Find details about the response objects in the \*\*Schemas\*\* section or by unfurling the response\
> details.

```json
{"openapi":"3.0.2","info":{"title":"Soda Cloud Reporting API","version":"1.3.1"},"servers":[{"url":"https://reporting.cloud.soda.io/v1","description":"Cloud EU"},{"url":"https://reporting.cloud.us.soda.io/v1","description":"Cloud US"}],"security":[{"HTTPBasic":[]},{"SodaBackendToken":[]},{"APIKeyCookie":[]},{"ApiKeyId[Soon Deprecated] Use XApiKeyID":[]},{"APIKeySecret[Soon Deprecated] Use XApiKeySecret":[]},{"XApiKeyId":[]},{"XApiKeySecret":[]}],"components":{"securitySchemes":{"HTTPBasic":{"type":"http","scheme":"basic"},"SodaBackendToken":{"type":"apiKey","in":"header","name":"SODA_TOKEN"},"APIKeyCookie":{"type":"apiKey","in":"cookie","name":"token"},"ApiKeyId[Soon Deprecated] Use XApiKeyID":{"type":"apiKey","in":"header","name":"API_KEY_ID"},"APIKeySecret[Soon Deprecated] Use XApiKeySecret":{"type":"apiKey","in":"header","name":"API_KEY_SECRET"},"XApiKeyId":{"type":"apiKey","in":"header","name":"X-API-KEY-ID"},"XApiKeySecret":{"type":"apiKey","in":"header","name":"X-API-KEY-SECRET"}},"schemas":{"AuditTrailResult":{"title":"AuditTrailResult","required":["data"],"type":"object","properties":{"data":{"title":"Data","type":"array","items":{"$ref":"#/components/schemas/AuditTrailData"}},"resource":{"title":"Resource","type":"string","default":"audit_trail"}},"description":"Array of `AuditTrailData`."},"AuditTrailData":{"title":"AuditTrailData","type":"object","properties":{"correlation_id":{"title":"Correlation Id","type":"string","description":"Identifier of a given audited request. Note this column cannot be used as a primary key as it can span over multiple rows."},"eventTime":{"title":"Eventtime","type":"string","description":"ISO UTC datetime at which the event happened.","format":"date-time"},"ipAddress":{"title":"Ipaddress","type":"string","description":"IP address of the user who performed the logged action."},"email":{"title":"Email","type":"string","description":"Email address of the user who performed the logged action."},"apiKey":{"title":"Apikey","type":"string","description":"Obfuscated API key of the user who performed the logged action."},"comment":{"title":"Comment","type":"string","description":"Explanation of the audited event."},"hash":{"title":"Hash","type":"string","description":"A tamper-proof security and verification hash."}},"description":"Contains audited events from the authorized user's organization."},"NoContentError":{"title":"NoContentError","type":"object","properties":{"resource":{"title":"Resource","type":"string","description":"Name of the resource. Usually the same string as the endpoint."},"data":{"title":"Data","type":"array","items":{"type":"object"},"description":"Generic data payload from the query. Should be overidden with a more specific pydandic model.","default":[]},"detail":{"title":"Detail","type":"string","default":"No results for the requested data. Since the data is pre-processed in batches it might be that the data you are looking for has not yet been processed. You can check when the last refresh took place by using the /last_etl_refresh_info endpoint. If you think this is a bug and you should be getting results, get in touch with us."}},"description":"Response Schema of a NoContent Error"},"HTTPValidationError":{"title":"HTTPValidationError","type":"object","properties":{"detail":{"title":"Detail","type":"array","items":{"$ref":"#/components/schemas/ValidationError"}}}},"ValidationError":{"title":"ValidationError","required":["loc","msg","type"],"type":"object","properties":{"loc":{"title":"Location","type":"array","items":{"anyOf":[{"type":"string"},{"type":"integer"}]}},"msg":{"title":"Message","type":"string"},"type":{"title":"Error Type","type":"string"}}}}},"paths":{"/audit_trail":{"get":{"tags":["Auditing"],"summary":"Audit Trail","description":"This endpoint returns a list of audit trail events for the authenticated user's organization.\n\nTo obtain data from this endpoint, the authenticated user must be an **organization admin**\nand the data returned is equivalent to the what an Organization admin would be able to get from\nthe Soda Cloud UI under \"Organization Settings > Audit Trail\".\n\nUsage\n-----\nUse this endpoint to capture audit trail events for security and usage monitoring purposes.\n\nReturns\n-------\nAn object of type `AuditTrailResult` containing an array of `AuditTrailData`.\n\nFind details about the response objects in the **Schemas** section or by unfurling the response\ndetails.","operationId":"audit_trail_audit_trail_get","parameters":[{"required":false,"schema":{"title":"From Datetime","type":"string","format":"date-time","default":"2023-10-09T09:18:16.610035"},"name":"from_datetime","in":"query"},{"required":false,"schema":{"title":"To Datetime","type":"string","format":"date-time","default":"2023-11-09T09:18:16.610057"},"name":"to_datetime","in":"query"}],"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/AuditTrailResult"}}}},"202":{"description":"Successful request but no data was returned","content":{"application/json":{"schema":{"$ref":"#/components/schemas/NoContentError"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}}}}
```