Audit logs

Audit logs are available on Postman Professional and Enterprise plans.

Audit logs display events related to your team, users, and billing. Team Admins can review audit logs to get information about:

  • When users were added to, removed from, or invited to your team
  • Which user performed a specific action and when they did so

Postman offers audit logs for 90 days to users on Professional plans, and 180 days to users on Enterprise plans.

Audit logs are visible to all Team Admins on Postman Professional and Enterprise teams, including Super Admins on Enterprise teams.

Viewing audit logs in the dashboard

You can view audit logs in Postman by selecting Team in the header, then selecting Audit Logs.

Audit logs offer information about actions taken by members of your team. Each event includes the user, the user's email address, the event name and a description of the event, the user's IP address, and the date and time of the action, including the user's timezone.

Audit logs dashboard

You can use filters to view actions by date range, event type, and user.

Filtering the audit log results

Exporting audit logs from the dashboard

You can export audit logs as CSV files. By default, Postman will export all data in your audit logs from the last seven days. To start the export process, select Export Audit Logs.

To specify certain data to export, set the filters you want in the audit logs dashboard and Postman will generate the export using those parameters. To filter your results, select a time range, event, and user, then select Export Audit Logs.

You will receive an email with a link to the exported audit logs. The link in the email is active for one hour.

Accessing audit logs with the Postman API

You can also access audit logs with the Postman API, allowing you to integrate Postman's audit logs with your security information and event management (SIEM) tools.

Each audit log event has the following attributes:

idA numeric value representing the unique identifier of an audit event.
ipThe IP address of the actor who performed the action.
userAgentA string with the user-agent of the actor.
actionA string with an action or event performed by the actor.
timestampThe date and time when the action or event was performed. The time is represented using the ISO 8601 date and time format.
messageA description of the audit event.
dataAn object that holds the actor, user, team, and variables objects.
actorAn object with information about the actor who performed this action.
userAn object with information about the user who performed this action.
teamAn object with information about the user's or actor's team.
nextCursorA string that represents the cursor of the next page.

To get started, go to the Postman API and open the Audit Logs folder to view the GET request and example responses.

You must generate a Postman API key to access the Postman API.

Logged events

Postman logs events related to your team, users, and billing. You can find descriptions of each event in the Audit Logs dashboard. Some examples are listed here.

Team event examples

Updated Team NameUser name changed your team's name to team name.
Added Team MemberUser name joined the team.
SCIM provisioning enabledPostman Internal System enabled SCIM provisioning.

User event examples

Added Team MemberUser name joined the team.
Team Member RemovedUser name removed user User name (inactive) (id: id number, email: email address ) from the team.
Sent Team InviteUser name invited email address to the team.

Billing event examples

Upgraded to Paid PlanUser name upgraded your team's plan to Enterprise Essentials.
Updated Billing Operation Allow OveragesUser name enabled the overages for Mock Servers
Increased Team SizeUser name increased team size by 1.

Last modified: 2022/03/01