GET /data/v1/audit/auditEvents
Retrieve logged Audit Trail audit events for the current account and its child accounts. Logins are audited at the enterprise level.
Timestamps for Audit Trail data use the US Central Standard Time (GMT-6, CST) timezone.
To retrieve Audit Trail data, you must have the Data | Tracking Event | Read permission scope.
| Name | Type | Description |
|---|---|---|
$orderBy | string | The field and sort method to use to sort the results. You can sort based on the value of createdDate in ascending (ASC) or descending (DESC) order. The default value is createdDate DESC. |
$page | number | The page number of results to retrieve. The default value is 1. |
$pagesize | number | The number of items to return on a page of results. The default value is 50. |
enddate | string | End date of the date range to search for security events. Specify the value as an ISO 8601 timestamp. The value of enddate must occur after the value of startdate. The default value is today's date. |
startdate | string | Start date of the date range to search for security events. Specify the value as an ISO 8601 timestamp. The value of startdate must occur before the value of enddate. The default value is 30 days before today's date. |
| Status | Name | Type | Description |
|---|---|---|---|
200 | OK | ||
| id | number | ID of the audit event. | |
| createdDate | datetime | Creation date of the audit event. | |
| memberId | number | Member ID associated with the audit event. | |
| enterpriseId | number | Enterprise ID or parent to which the member belongs. | |
| employee | object | User associated with the audit event. | |
| objectType | object | Type of object used to describe the audit event. | |
| operation | object | Action taken against the objectType. | |
| object | object | Additional information about the audited object. Can contain an ID, the name of the object, or both. | |
| transactionId | guid | Unique value to identify the transaction in which the audit event was captured. | |
400 | Bad request. | ||
| Message | string | Error message. | |
| ErrorCode | number | Error code for the exception. | |
| Documentation | string | Documentation for the error. | |
401 | Invalid access token or tenant-specific endpoint. | ||
| Message | string | Error message. | |
| ErrorCode | number | Error code for the exception. | |
| Documentation | string | Documentation for the error. |
- Salesforce Help: Audit Trail