Audit Logs

JSON Format

Audit Logs are represented as JSON objects with the following properties:

Name Type Read-only Mandatory Description
action string true false Values can be "create", "update", or "destroy"
action_label string true false Localized string of action field
actor_id integer true false The id of the user creating the ticket
changes_description string true false The description of the change that occurred
created_at string true false The time the audit got created
id integer true false The id automatically assigned upon creation
ip_address string true false The IP address of the user doing the audit
source_id integer true false The id of the item being audited
source_label string true false The name of the item being audited
source_type string true false The item type being audited
url string true false The URL to access the audit log
Example
{
  "action": "update",
  "action_label": "Updated",
  "actor_id": 1234,
  "changes_description": "Role changed from Administrator to End User",
  "created_at": "2012-03-05T11:32:44Z",
  "id": 498483,
  "ip_address": "209.119.38.228",
  "source_id": 3456,
  "source_label": "John Doe",
  "source_type": "user",
  "url": "https://company.zendesk.com/api/v2/audit_logs/498483.json"
}

List Audit Logs

  • GET /api/v2/audit_logs
Allowed For
  • Admins on accounts that have audit log access
Parameters
Name Type In Required Description
filter[actor_id] integer Query false Filter audit logs by the actor id
filter[created_at] string Query false Filter audit logs by the time of creation
filter[ip_address] string Query false Filter audit logs by the ip address
filter[source_id] integer Query false Filter audit logs by the source id
filter[source_type] string Query false Filter audit logs by the source type. For example, user or rule
sort_by string Query false Sort audit logs, default is sort_by=created_at
sort_order string Query false Sort audit logs, default is sort_order=desc
Using curl
curl -g 'https://helpdesk.zendesk.com/api/v2/audit_logs.json?filter[source_type]=user&filter[source_id]=123' \
  -v -u {email_address}:{password}
Example Response
Status 200 OK

{
  "audit_logs": [
    {
      "action": "update",
      "actor_id": 1234,
      "changes_description": "Role changed from Administrator to End User",
      "created_at": "2012-03-05T11:32:44Z",
      "id": 498483,
      "ip_address": "209.119.38.228",
      "source_id": 3456,
      "source_label": "John Doe",
      "source_type": "user",
      "url": "https://company.zendesk.com/api/v2/audit_logs/498483.json"
    }
  ]
}

Export Audit Logs

  • POST /api/v2/audit_logs/export
Allowed For
  • Admins on accounts that have audit log access
Parameters
Name Type In Required Description
filter[actor_id] integer Query false Filter audit logs by the actor id
filter[created_at] string Query false Filter audit logs by the time of creation
filter[ip_address] string Query false Filter audit logs by the ip address
filter[source_id] integer Query false Filter audit logs by the source id
filter[source_type] string Query false Filter audit logs by the source type. For example, user or rule
Using curl
curl https://helpdesk.zendesk.com/api/v2/audit_logs/export.json \
  -v -u {email_address}:{password}
Example Response
Status 202 Accepted

Show Audit Log

  • GET /api/v2/audit_logs/{audit_log_id}
Allowed For
  • Admins on accounts that have audit-log access
Parameters
Name Type In Required Description
audit_log_id integer Path true The ID of the audit log
Using curl
curl https://helpdesk.zendesk.com/api/v2/audit_logs/{audit_log_id}.json \
  -v -u {email_address}:{password}
Example Response
Status 200 OK

{
  "audit_log": {
    "action": "update",
    "actor_id": 1234,
    "changes_description": "Role changed from Administrator to End User",
    "created_at": "2012-03-05T11:32:44Z",
    "id": 498483,
    "ip_address": "209.119.38.228",
    "source_id": 3456,
    "source_label": "John Doe",
    "source_type": "user",
    "url": "https://company.zendesk.com/api/v2/audit_logs/498483.json"
  }
}