Audit logs
Audit logs display events related to your team, team members, and billing. Team Admins and Super Admins can view which team member performed an action, and when they did so. Events include team members signing in to your team, creating a Postman API key, adding a team member, upgrading to a paid plan, and more.
Postman offers audit logs for 180 days.
View audit logs in the dashboard
Team Admins and Super Admins can view audit logs for your team in your Audit Logs dashboard. To view audit logs, open Postman and select Team > Audit Logs in the Postman header.
Each audit log event includes the following information:
- The team member who performed the action, and their email address.
- The event type, and a description of the event.
- The team member's IP address.
- The date and time of the action, including the team member's time zone.
You can use filters to view audit log events by date range, event type, and team member. Select your filters, then select Apply.
Export audit logs from the dashboard
You can filter the results of the audit logs, and export the results as a CSV file.
To export audit logs, do the following:
- Filter your results by selecting a date range, event type, and team member, then select Apply. If you don't filter your results, Postman exports all data in your audit logs from the last seven days.
- Select Export Audit Logs
- Select Export to confirm. You'll receive an email with the CSV file.
- In the email, select Download Audit Logs to download the CSV file. The link in the email is valid for one hour.
Access audit logs with the Postman API
You can also access audit logs with the Postman API, enabling you to integrate Postman's audit logs with your security information and event management (SIEM) tools.
To get started with the Postman API, you must first generate a Postman API key. Learn more about the Postman API, and how to integrate it into your development toolchain.
Each audit log event has the following attributes in the response:
Name | Description |
|---|---|
id | An integer representing the unique identifier of the audit log event. |
ip | A string with the IP address of the actor who performed the action. |
userAgent | A string with the user agent of the actor. |
action | A string with the event type. |
timestamp | A string with the date and time when the actor performed the action. The time stamp is represented using the ISO 8601 date and time format. |
message | A string with the description of the audit log event. |
data | An object that holds the actor, user, team, and variables objects. |
actor | An object with information about the team member who performed the action. For example, a team member is the
|
user | An object with information about the team member who was affected by the action. For example, a team member is the user when their role is updated by another team member. The object includes the following properties:
|
team | An object with information about the actor and user's team. The object includes the following properties:
|
variables | An object with details about the performed action. For example, details about the created API key or updated roles for a user. |
nextCursor | A string that represents the cursor of the next page. |
Last modified: 2024/05/24
