## Get user audit logs `client.User.AuditLogs.List(ctx, query) (*V4PagePaginationArray[AuditLog], error)` **get** `/user/audit_logs` Gets a list of audit logs for a user account. Can be filtered by who made the change, on which zone, and the timeframe of the change. ### Parameters - `query AuditLogListParams` - `ID param.Field[string]` Finds a specific log by its ID. - `Action param.Field[AuditLogListParamsAction]` - `Type string` Filters by the action type. - `Actor param.Field[AuditLogListParamsActor]` - `Email string` Filters by the email address of the actor that made the change. - `IP string` Filters by the IP address of the request that made the change by specific IP address or valid CIDR Range. - `Before param.Field[AuditLogListParamsBeforeUnion]` Limits the returned results to logs older than the specified date. A `full-date` that conforms to RFC3339. - `UnionTime` - `UnionTime` - `Direction param.Field[AuditLogListParamsDirection]` Changes the direction of the chronological sorting. - `const AuditLogListParamsDirectionDesc AuditLogListParamsDirection = "desc"` - `const AuditLogListParamsDirectionAsc AuditLogListParamsDirection = "asc"` - `Export param.Field[bool]` Indicates that this request is an export of logs in CSV format. - `HideUserLogs param.Field[bool]` Indicates whether or not to hide user level audit logs. - `Page param.Field[float64]` Defines which page of results to return. - `PerPage param.Field[float64]` Sets the number of results to return per page. - `Since param.Field[AuditLogListParamsSinceUnion]` Limits the returned results to logs newer than the specified date. A `full-date` that conforms to RFC3339. - `UnionTime` - `UnionTime` - `Zone param.Field[AuditLogListParamsZone]` - `Name string` Filters by the name of the zone associated to the change. ### Returns - `type AuditLog struct{…}` - `ID string` A string that uniquely identifies the audit log. - `Action AuditLogAction` - `Result bool` A boolean that indicates if the action attempted was successful. - `Type string` A short string that describes the action that was performed. - `Actor AuditLogActor` - `ID string` The ID of the actor that performed the action. If a user performed the action, this will be their User ID. - `Email string` The email of the user that performed the action. - `IP string` The IP address of the request that performed the action. - `Type AuditLogActorType` The type of actor, whether a User, Cloudflare Admin, or an Automated System. - `const AuditLogActorTypeUser AuditLogActorType = "user"` - `const AuditLogActorTypeAdmin AuditLogActorType = "admin"` - `const AuditLogActorTypeCloudflare AuditLogActorType = "Cloudflare"` - `Interface string` The source of the event. - `Metadata unknown` An object which can lend more context to the action being logged. This is a flexible value and varies between different actions. - `NewValue string` The new value of the resource that was modified. - `OldValue string` The value of the resource before it was modified. - `Owner AuditLogOwner` - `ID string` Identifier - `Resource AuditLogResource` - `ID string` An identifier for the resource that was affected by the action. - `Type string` A short string that describes the resource that was affected by the action. - `When Time` A UTC RFC3339 timestamp that specifies when the action being logged occured. ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/option" "github.com/cloudflare/cloudflare-go/user" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) page, err := client.User.AuditLogs.List(context.TODO(), user.AuditLogListParams{ }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", page) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "id": "d5b0f326-1232-4452-8858-1089bd7168ef", "action": { "result": true, "type": "change_setting" }, "actor": { "id": "f6b5de0326bb5182b8a4840ee01ec774", "email": "michelle@example.com", "ip": "198.41.129.166", "type": "user" }, "interface": "API", "metadata": { "name": "security_level", "type": "firewall", "value": "high", "zone_name": "example.com" }, "newValue": "low", "oldValue": "high", "owner": { "id": "023e105f4ecef8ad9ca31a8372d0c353" }, "resource": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "type": "zone" }, "when": "2017-04-26T17:31:07Z" } ], "success": true } ```