GET /data/v1/audit/securityEvents
Retrieves logged Audit Trail security events for the authenticated user’s account and its children. Logins are audited at the enterprise level.
Audit Trail stores data in the U.S. Central Standard Time (GMT-6, CST) timezone. Audit data pulled using the REST API has a CST timestamp.
| Name | Type | Description | |
|---|---|---|---|
| $page | number | Page number to return from the paged results. Start with 1 and continue until you get zero results. Typically provided along with the $pagesize parameter. The default is 1. | |
| $pagesize | number | Number of results per page to return. Typically provided along with the $page parameter. | |
| $orderBy | string | Determines which direction to sort the data by createdDate. Use asc for ascending and desc for descending order. For example: &$orderBy=createdDate desc. If you don't provide the $orderBy parameter, the results are sorted in ascending order. | |
| startdate | string | Start date of the date range to search for security events. If you don't provide a start date, the default is today minus 30 days. The startdate must be before the enddate. | |
| enddate | string | End date of the date range to search for security events.. If you don't provide an end date, the default is today. The enddate must be after the startdate. |
| Status | Name | Type | Description |
|---|---|---|---|
| 200 | OK | ||
| id | number | ID of the security event. | |
| createdDate | datetime | Creation date of the security event. | |
| memberId | number | Member ID associated with the security event. | |
| enterpriseId | number | Enterprise ID to which the member belongs. | |
| employee | object | User associated with the security event. | |
| ipAddress | string | IP address associated with the security event. | |
| sessionId | string | Session ID associated with the security event. Available only with Advanced Audit Trail. Contact your Marketing Cloud account representative. | |
| userAgent | string | User agent associated with the security event. Available only with Advanced Audit Trail. Contact your Marketing Cloud account representative. | |
| eventType | object | Type of security event. | |
| loginStatus | object | Status of the security event. | |
| eventSource | object | Source of the security event. | |
| 400 | Bad request | ||
| Message | string | Error message. | |
| ErrorCode | number | Error code for the exception. | |
| Documentation | string | Documentation for the error. | |
| 401 | Invalid access token or tenant-specific endpoint. | ||
| Message | string | Error message. | |
| ErrorCode | number | Error code for the exception. | |
| Documentation | string | Documentation for the error. |
- Permission: Audit Logging | API Access
- Scope: Data | Tracking Event | Read