Skip to main content
GET
/
user
/
v1
/
audit-logs
/
cURL
curl --request GET \
  --url https://api.cekura.ai/user/v1/audit-logs/ \
  --header 'X-CEKURA-API-KEY: <api-key>'
import requests

url = "https://api.cekura.ai/user/v1/audit-logs/"

headers = {"X-CEKURA-API-KEY": "<api-key>"}

response = requests.get(url, headers=headers)

print(response.text)
const options = {method: 'GET', headers: {'X-CEKURA-API-KEY': '<api-key>'}};

fetch('https://api.cekura.ai/user/v1/audit-logs/', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));
<?php

$curl = curl_init();

curl_setopt_array($curl, [
CURLOPT_URL => "https://api.cekura.ai/user/v1/audit-logs/",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "GET",
CURLOPT_HTTPHEADER => [
"X-CEKURA-API-KEY: <api-key>"
],
]);

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}
package main

import (
"fmt"
"net/http"
"io"
)

func main() {

url := "https://api.cekura.ai/user/v1/audit-logs/"

req, _ := http.NewRequest("GET", url, nil)

req.Header.Add("X-CEKURA-API-KEY", "<api-key>")

res, _ := http.DefaultClient.Do(req)

defer res.Body.Close()
body, _ := io.ReadAll(res.Body)

fmt.Println(string(body))

}
HttpResponse<String> response = Unirest.get("https://api.cekura.ai/user/v1/audit-logs/")
.header("X-CEKURA-API-KEY", "<api-key>")
.asString();
require 'uri'
require 'net/http'

url = URI("https://api.cekura.ai/user/v1/audit-logs/")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Get.new(url)
request["X-CEKURA-API-KEY"] = '<api-key>'

response = http.request(request)
puts response.read_body
{
  "count": 123,
  "results": [
    {
      "id": 123,
      "organization": 123,
      "organization_name": "<string>",
      "project": 123,
      "project_name": "<string>",
      "user": 123,
      "user_email": "<string>",
      "api_key_name": "<string>",
      "object_type": "<string>",
      "object_id": 123,
      "timestamp": "2023-11-07T05:31:56Z"
    }
  ],
  "next": "https://api.cekura.ai/example/v1/example-external/?page=4",
  "previous": "https://api.cekura.ai/example/v1/example-external/?page=3"
}
Audit Logs provide a complete, time-stamped record of all actions performed within your organization. They help you answer key questions like:
  • Who made a change?
  • What changed?
  • When did it happen?
  • Where did it happen?

What Can Be Tracked

The audit logs API allows you to track changes across different types of objects in the platform, including:
  • Agents
  • Scenarios
  • Metrics
  • API Keys
  • Executions / Runs
  • Cron Jobs
  • Organization-level and Project-level settings
For each of these objects, you can track creation, updates, deletion, and execution or usage events (where applicable).

Streaming to a SIEM

You can continuously pull audit logs in near real-time by periodically querying the API with a moving time window and forwarding the results to your SIEM system (e.g., Splunk, Datadog, ELK). Approach:
  1. Maintain a last_fetched_timestamp
  2. Call the Audit Logs API at regular intervals (e.g., every 5 minutes)
  3. Fetch logs between last_fetched_timestamp and now
  4. Push the results to your SIEM
  5. Update last_fetched_timestamp
Either user_email or api_key_name will be present for each log entry (not both). By default, audit logs are only retained for a year.

Authorizations

X-CEKURA-API-KEY
string
header
required

API Key Authentication. It should be included in the header of each request.

Query Parameters

page
integer

A page number within the paginated result set.

page_size
integer

Number of results to return per page.

organization_id
string
required

Organization whose logs are being fetched

start_time
string

Start of the time range for logs (ISO 8601, e.g. 2025-01-01T00:00:00Z). Defaults to 1 week ago. Max duration between start_time and end_time is 30 days.

end_time
string

End of the time range for logs (ISO 8601, e.g. 2025-12-31T23:59:59Z). Defaults to now. Max duration between start_time and end_time is 30 days.

project_id
string

Filter logs for a specific project

user_email
string

Filter logs for actions performed by a specific user

object_type
string

Type of object being tracked (e.g. aiagent, metric, scenario, api_key)

object_id
string

Unique identifier of the object. Must be used together with object_type

action_type
string

Higher-level classification of the action (e.g. object, run_scenarios)

operation_type
string

Type of operation performed (create, update, delete)

Response

200 - application/json
count
integer
required
Example:

123

results
object[]
required
next
string<uri> | null
Example:

"https://api.cekura.ai/example/v1/example-external/?page=4"

previous
string<uri> | null
Example:

"https://api.cekura.ai/example/v1/example-external/?page=3"