Administer PostmanTeam management

Audit logs

View as Markdown

Audit logs are available with Postman Enterprise plans.

Audit logs display events related to your team, team members, and billing. Admins and Super Admins can view which team member performed an action, and when they did so. Events include team members signing in to your team, creating a Postman API key, adding a team member, upgrading to a paid plan, and more.

Postman offers audit logs for 180 days.

View audit logs in the dashboard

Admins and Super Admins can view audit logs for your team in your Audit Logs dashboard. To view audit logs, open Postman and select Team > Audit Logs in the Postman header.

Each audit log event includes the following information:

  • The team member who performed the action, and their email address.
  • The event type, and a description of the event.
  • The team member’s IP address.
  • The date and time of the action, including the team member’s time zone.

Audit logs dashboard

You can use filters to view audit log events by date range, event type, and team member. Select your filters, then click Apply.

Export audit logs from the dashboard

You can filter the results of the audit logs, and export the results as a CSV file.

To export audit logs, do the following:

  1. Filter your results by selecting a date range, event type, and team member, then click Apply. If you don’t filter your results, Postman exports all data in your audit logs from the last seven days.
  2. Click Export Audit Logs
  3. Click Export to confirm. You’ll receive an email with the CSV file.
  4. In the email, click Download Audit Logs to download the CSV file. The link in the email is valid for one hour.

Access audit logs with the Postman API

You can also access audit logs with the Postman API, enabling you to integrate Postman’s audit logs with your security information and event management (SIEM) tools.

To get started with the Postman API, you must first generate a Postman API key. Learn more about the Postman API, and how to integrate it into your development toolchain.

Each audit log event has the following attributes in the response:

Name
Description
idAn integer representing the unique identifier of the audit log event.
ipA string with the IP address of the actor who performed the action.
userAgentA string with the user agent of the actor.
actionA string with the event type.
timestampA string with the date and time when the actor performed the action. The time stamp is represented using the ISO 8601 date and time format.
messageA string with the description of the audit log event.
dataAn object that holds the actor, user, team, and variables objects.
actor

An object with information about the team member who performed the action. For example, a team member is the actor when they sign in to Postman. The object includes the following properties:

  • name - A string with the actor’s name.
  • username - A string with the actor’s username.
  • email - A string with the actor’s email address.
  • id - An integer representing the unique identifier of the actor.
  • active - A Boolean of whether the actor’s account is active in the team.
userAn object with information about the team member who was affected by the action. For example, a team member is the user when their role is updated by another team member. The object includes the following properties:
  • name - A string with the user’s name.
  • username - A string with the user’s username.
  • email - A string with the user’s email address.
  • id - An integer representing the unique identifier of the user.
teamAn object with information about the actor and user’s team. The object includes the following properties:
  • name - A string with the team’s name.
  • id - An integer representing the unique identifier of the team.
variablesAn object with details about the performed action. For example, details about the created API key or updated roles for a user.
nextCursorA string that represents the cursor of the next page.