List team audit-log activity
Returns audit-log activity for the authenticated team, ordered by creation time (newest first) by default. Backs the console Audit Logs page.
Pass limit (and offset) to fetch one page at a time; the
X-Total-Count response header reports the total across all pages.
The activity log grows without bound, so omitting limit returns only
the most recent page (up to the 200-row maximum) — page through older
history with limit + offset. Filter by exact category or
status, restrict to a window with start/end, and search with q
(case-insensitive substring across sandbox name, secret name, action,
and category).
Authorizations
Query Parameters
Filter by exact activity category (e.g. sandbox, template, secret, network).
Filter by exact status. Pass error to show only failed events.
Case-insensitive substring match across sandbox name, secret name, action, and category.
Only include events at or after this RFC3339 timestamp.
Only include events at or before this RFC3339 timestamp.
Column to sort by (paired with order).
created_at Sort direction applied to sort.
asc, desc Maximum rows to return (page size). The activity log is unbounded,
so omitting limit returns only the most recent page (200 rows) —
not the full history. Values above 200 are clamped to 200.
1 <= x <= 200Rows to skip before the page. Combine with limit to paginate.
x >= 0Response
Audit-log activity for the authenticated team
Set on sandbox events; null for events not tied to a sandbox.
Set on template events; null otherwise.
The team member who performed the action; null for system-initiated events (e.g. auto-pause, auto-delete).
Set on secret events; null once the secret is purged.