> ## Documentation Index > Fetch the complete documentation index at: https://tbd-6fc993ce-hypeship-docs-website-deploy-hook.mintlify.site/llms.txt > Use this file to discover all available pages before exploring further. # List audit logs > API for searching audit logs. Limited to at most 30 day search, returns up to 100 records per page. Not recommended for bulk export. ## OpenAPI ````yaml https://app.stainless.com/api/spec/documented/kernel/openapi.documented.yml get /audit-logs openapi: 3.1.0 info: title: Kernel API description: Developer tools and cloud infrastructure for AI agents to use web browsers version: 0.1.0 servers: - url: https://api.onkernel.com description: API Server security: - bearerAuth: [] tags: - name: Browsers description: Create and manage browser sessions. - name: Browser Computer Controls description: Control mouse, keyboard, and screen on the browser instance. - name: Browser Playwright description: Execute Playwright code against the browser instance. - name: Browser Filesystem description: Read, write, and manage files on the browser instance. - name: Browser Processes description: Execute and manage processes on the browser instance. - name: Browser Replays description: Record and manage browser session video replays. - name: Browser Logs description: Stream logs from the browser instance. - name: Browser Telemetry description: Stream live telemetry events from a browser session. - name: Profiles description: Create, list, retrieve, and delete browser profiles. - name: Proxies description: Create and manage proxy configurations for routing browser traffic. - name: Extensions description: Create, list, retrieve, and delete browser extensions. - name: Browser Pools description: Create and manage browser pools for acquiring and releasing browsers. - name: Managed Auth description: >- Create and manage auth connections for automated credential capture and login. - name: Credentials description: Create and manage credentials for authentication. - name: Credential Providers description: Configure external credential providers like 1Password. - name: Apps description: List applications and versions. - name: Deployments description: Create and manage app deployments and stream deployment events. - name: Invocations description: Invoke actions and stream or query invocation status and events. - name: Organization description: Read and manage organization-level limits. - name: Projects description: Create and manage projects for resource isolation within an organization. - name: API Keys description: Create and manage API keys for organization and project-scoped access. - name: Audit Logs description: Read audit log records for the authenticated organization. paths: /audit-logs: get: tags: - Audit Logs summary: List audit logs description: >- API for searching audit logs. Limited to at most 30 day search, returns up to 100 records per page. Not recommended for bulk export. operationId: getAuditLogs parameters: - name: start in: query required: true description: Lower bound (inclusive) for the audit record timestamp. schema: type: string format: date-time example: '2026-01-01T00:00:00Z' - name: end in: query required: true description: Upper bound (exclusive) for the audit record timestamp. schema: type: string format: date-time example: '2026-01-02T00:00:00Z' - name: auth_strategy in: query required: false description: Filter by authentication strategy. schema: type: string - name: service in: query required: false description: Filter by service name. schema: type: string - name: method in: query required: false description: Filter by HTTP method. schema: type: string - name: exclude_method in: query required: false description: Filter out results by HTTP method. schema: type: string - name: search in: query required: false description: Free-text search over path, user ID, email, client IP, and status. schema: type: string - name: search_user_id in: query required: false description: Additional user IDs to OR into free-text search. style: form explode: true schema: type: array items: type: string - name: limit in: query required: false description: Maximum number of results to return. schema: type: integer minimum: 1 maximum: 100 default: 100 - name: page_token in: query required: false description: >- Opaque page token from X-Next-Page-Token for the next page of older records. schema: type: string responses: '200': description: A list of audit log records. headers: X-Limit: description: The limit applied to the returned records. schema: type: integer X-Next-Page-Token: description: >- Page token for the next page of older records, omitted when no more results. schema: type: string X-Has-More: description: Whether there are more records available beyond this page. schema: type: boolean default: false content: application/json: schema: type: array items: $ref: '#/components/schemas/AuditLogEntry' '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '500': $ref: '#/components/responses/InternalError' security: - bearerAuth: [] x-codeSamples: - lang: JavaScript source: |- import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); // Automatically fetches more pages as needed. for await (const auditLogEntry of client.auditLogs.list({ end: '2026-01-02T00:00:00Z', start: '2026-01-01T00:00:00Z', })) { console.log(auditLogEntry.user_id); } - lang: Python source: |- import os from datetime import datetime from kernel import Kernel client = Kernel( api_key=os.environ.get("KERNEL_API_KEY"), # This is the default and can be omitted ) page = client.audit_logs.list( end=datetime.fromisoformat("2026-01-02T00:00:00"), start=datetime.fromisoformat("2026-01-01T00:00:00"), ) page = page.items[0] print(page.user_id) - lang: Go source: "package main\n\nimport (\n\t\"context\"\n\t\"fmt\"\n\t\"time\"\n\n\t\"github.com/kernel/kernel-go-sdk\"\n\t\"github.com/kernel/kernel-go-sdk/option\"\n)\n\nfunc main() {\n\tclient := kernel.NewClient(\n\t\toption.WithAPIKey(\"My API Key\"),\n\t)\n\tpage, err := client.AuditLogs.List(context.TODO(), kernel.AuditLogListParams{\n\t\tEnd: time.Now(),\n\t\tStart: time.Now(),\n\t})\n\tif err != nil {\n\t\tpanic(err.Error())\n\t}\n\tfmt.Printf(\"%+v\\n\", page)\n}\n" components: schemas: AuditLogEntry: type: object required: - timestamp - auth_strategy - user_id - email - status - method - path - route - domain - duration_ms - client_ip - user_agent properties: timestamp: type: string format: date-time description: UTC time when the request was received. auth_strategy: type: string description: Authentication strategy used for the request. user_id: type: string description: ID of the authenticated user, if any. email: type: string description: Email of the authenticated user at request time, if any. status: type: integer description: HTTP response status code. method: type: string description: HTTP method. path: type: string description: Request path. route: type: string description: Matched API route pattern, if available. domain: type: string description: Request host. duration_ms: type: integer description: Request duration in milliseconds. client_ip: type: string description: Client IP address. user_agent: type: string description: User agent header. Error: type: object required: - code - message properties: code: type: string description: Application-specific error code (machine-readable) example: bad_request message: type: string description: Human-readable error description for debugging example: 'Missing required field: app_name' details: type: array description: Additional error details (for multiple errors) items: $ref: '#/components/schemas/ErrorDetail' inner_error: $ref: '#/components/schemas/ErrorDetail' ErrorDetail: type: object properties: code: type: string description: Lower-level error code providing more specific detail example: invalid_input message: type: string description: Further detail about the error example: Provided version string is not semver compliant responses: BadRequest: description: Bad Request – invalid input content: application/json: schema: $ref: '#/components/schemas/Error' Unauthorized: description: Unauthorized – missing or invalid authorization token content: application/json: schema: $ref: '#/components/schemas/Error' InternalError: description: Internal Server Error content: application/json: schema: $ref: '#/components/schemas/Error' securitySchemes: bearerAuth: type: http scheme: bearer ````