# Audit Logs ## Get account audit logs `client.AuditLogs.List(ctx, params) (*V4PagePaginationArray[AuditLog], error)` **get** `/accounts/{account_id}/audit_logs` Gets a list of audit logs for an account. Can be filtered by who made the change, on which zone, and the timeframe of the change. ### Parameters - `params AuditLogListParams` - `AccountID param.Field[string]` Path param: Identifier - `ID param.Field[string]` Query param: Finds a specific log by its ID. - `Action param.Field[AuditLogListParamsAction]` Query param - `Type string` Filters by the action type. - `Actor param.Field[AuditLogListParamsActor]` Query param - `Email string` Filters by the email address of the actor that made the change. - `IP string` Filters by the IP address of the request that made the change by specific IP address or valid CIDR Range. - `Before param.Field[AuditLogListParamsBeforeUnion]` Query param: Limits the returned results to logs older than the specified date. A `full-date` that conforms to RFC3339. - `UnionTime` - `UnionTime` - `Direction param.Field[AuditLogListParamsDirection]` Query param: Changes the direction of the chronological sorting. - `const AuditLogListParamsDirectionDesc AuditLogListParamsDirection = "desc"` - `const AuditLogListParamsDirectionAsc AuditLogListParamsDirection = "asc"` - `Export param.Field[bool]` Query param: Indicates that this request is an export of logs in CSV format. - `HideUserLogs param.Field[bool]` Query param: Indicates whether or not to hide user level audit logs. - `Page param.Field[float64]` Query param: Defines which page of results to return. - `PerPage param.Field[float64]` Query param: Sets the number of results to return per page. - `Since param.Field[AuditLogListParamsSinceUnion]` Query param: Limits the returned results to logs newer than the specified date. A `full-date` that conforms to RFC3339. - `UnionTime` - `UnionTime` - `Zone param.Field[AuditLogListParamsZone]` Query param - `Name string` Filters by the name of the zone associated to the change. ### Returns - `type AuditLog struct{…}` - `ID string` A string that uniquely identifies the audit log. - `Action AuditLogAction` - `Result bool` A boolean that indicates if the action attempted was successful. - `Type string` A short string that describes the action that was performed. - `Actor AuditLogActor` - `ID string` The ID of the actor that performed the action. If a user performed the action, this will be their User ID. - `Email string` The email of the user that performed the action. - `IP string` The IP address of the request that performed the action. - `Type AuditLogActorType` The type of actor, whether a User, Cloudflare Admin, or an Automated System. - `const AuditLogActorTypeUser AuditLogActorType = "user"` - `const AuditLogActorTypeAdmin AuditLogActorType = "admin"` - `const AuditLogActorTypeCloudflare AuditLogActorType = "Cloudflare"` - `Interface string` The source of the event. - `Metadata unknown` An object which can lend more context to the action being logged. This is a flexible value and varies between different actions. - `NewValue string` The new value of the resource that was modified. - `OldValue string` The value of the resource before it was modified. - `Owner AuditLogOwner` - `ID string` Identifier - `Resource AuditLogResource` - `ID string` An identifier for the resource that was affected by the action. - `Type string` A short string that describes the resource that was affected by the action. - `When Time` A UTC RFC3339 timestamp that specifies when the action being logged occured. ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/audit_logs" "github.com/cloudflare/cloudflare-go/option" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) page, err := client.AuditLogs.List(context.TODO(), audit_logs.AuditLogListParams{ AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", page) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "id": "d5b0f326-1232-4452-8858-1089bd7168ef", "action": { "result": true, "type": "change_setting" }, "actor": { "id": "f6b5de0326bb5182b8a4840ee01ec774", "email": "michelle@example.com", "ip": "198.41.129.166", "type": "user" }, "interface": "API", "metadata": { "name": "security_level", "type": "firewall", "value": "high", "zone_name": "example.com" }, "newValue": "low", "oldValue": "high", "owner": { "id": "023e105f4ecef8ad9ca31a8372d0c353" }, "resource": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "type": "zone" }, "when": "2017-04-26T17:31:07Z" } ], "success": true } ```