> **Source:** https://knowledge.leegality.com/sign-station/api/search-audit-logs > **Site:** Leegality Knowledge Base — https://knowledge.leegality.com > **About:** Leegality is a document execution platform covering eSigning, stamps, NeSL, workflows, and REST API integration. > **Navigation:** Every article on this site has a plain-text version at `.txt` (this format). To get an index of all articles with their `.txt` links, read: https://knowledge.leegality.com/llms.txt > **AI Guide:** For instructions on how to navigate this knowledge base as an AI agent, read: https://knowledge.leegality.com/ai-readable.txt --- # POST /api/v1/audit-logs/search — Search audit logs Search audit logs for the current user's organization using advanced search criteria **Authentication:** `X-Auth-Token` header required on every request. ## Request URL ``` POST https://app1.leegality.com/api/api/v1/audit-logs/search ``` **Environments:** - Production: `https://app1.leegality.com/api/api/v1/audit-logs/search` - Sandbox: `https://sandbox.leegality.com/api/api/v1/audit-logs/search` --- ## Request Body **Content-Type:** `application/json` Search criteria including filters, sorting, and pagination | Field | Type | Required | Description | Example | |-------|------|----------|-------------|---------| | `filter` | Filter Request Schema | No | Filter Request Schema represents the group of parameters which filters the records. See **Filter Request Schema** below. | — | | `sort` | array\ | No | Sort Request Schema list represents the group of parameters which sorts the records. See **Sort Request Schema** below. | — | | `limit` | integer | No | Limit represents the maximum number of records to be displayed per page. | `10` | | `page` | integer | No | Page represents the current page index to display records starting from 0. | `0` | #### Filter Request Schema Filter Request Schema represents the group of parameters which filters the records. | Field | Type | Required | Description | Example | |-------|------|----------|-------------|---------| | `field` | string | No | Field represents the field on which operator would be applied. | `Audit Trail (2).pdf` | | `operator` | string | Yes | Operator represents the condition which would be applied for searching. Allowed: `EQ`, `NEQ`, `IN`, `NOT_IN`, `IS_NULL`, `NOT_NULL`, `AND`, `OR`, `GT`, `LT`, `GTE`, `LTE`, `BETWEEN`, `LIKE`. | — | | `value` | array\ | No | Value represents the value of the field which would be searched within the records. | — | | `filters` | array\ | No | List of filters represents filters to be applied if the operator used is AND or OR | — | #### Sort Request Schema Sort Request Schema list represents the group of parameters which sorts the records. | Field | Type | Required | Description | Example | |-------|------|----------|-------------|---------| | `field` | string | Yes | Field represents the field on which sorting would be applied. | `createdAt` | | `direction` | string | No | Direction represents the order in which sorting would be applied. Allowed: `ASC`, `DESC`. | — | ### Sample Request ```json { "filter": { "field": "Audit Trail (2).pdf", "operator": "EQ", "value": [ {} ], "filters": [ "value" ] }, "sort": [ { "field": "createdAt", "direction": "ASC" } ], "limit": 10, "page": 0 } ``` --- ## Responses ### 200 — Audit logs found successfully Search response for audit logs with pagination | Field | Type | Required | Description | Example | |-------|------|----------|-------------|---------| | `data` | array\ | No | See **AuditLogSearchItemVO** below. | — | | `pagination` | Pagination Response Schema | No | See **Pagination Response Schema** below. | — | #### AuditLogSearchItemVO Audit log item in search results | Field | Type | Required | Description | Example | |-------|------|----------|-------------|---------| | `id` | string | No | Audit log unique identifier | `00fdf214-83fe-4070-ba93-32c03c6dfd24` | | `details` | string | No | Detailed description of the audit log event | `Department Testing Department added successfully by TestUser` | | `action` | string | No | Type of action performed | `DEPARTMENT_ADDED` | | `userId` | string | No | User ID who performed the action | `e6823fbf-7af8-4e73-8bdb-429a11671871` | | `username` | string | No | Username of the user who performed the action | `TestUser123` | | `sourceIp` | string | No | Source IP address from where the action was performed | `10.10.4.227` | | `userAgent` | string | No | User agent string of the client | `Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/` | | `logTime` | string | No | Time when the log was created | `2025-12-09T11:26:19` | | `enabled` | boolean | No | Whether the audit log is enabled | `true` | | `createdAt` | string | No | Audit log creation date and time | `2025-12-09T11:26:19` | | `updatedAt` | string | No | Audit log last update date and time | `2025-12-09T11:26:19` | #### Pagination Response Schema | Field | Type | Required | Description | Example | |-------|------|----------|-------------|---------| | `limit` | integer | No | Limit represents the maximum number of records to be displayed per page. | `10` | | `page` | integer | No | Page represents the current page index to display records starting from 0. | `0` | | `total` | integer | No | Total represents the total number of records fetched. | `50` | ### 400 — Invalid search criteria | Field | Type | Required | Description | Example | |-------|------|----------|-------------|---------| | `code` | string | No | Top-level error code | `LE_ERR_SS_400` | | `errors` | array\ | No | List of error details See **ErrorDetailSearchAuditLogs400VO** below. | — | #### ErrorDetailSearchAuditLogs400VO | Field | Type | Required | Description | Example | |-------|------|----------|-------------|---------| | `message` | string | No | Detailed error message | `Invalid value for field [filters], must not be null` | | `path` | string | No | API path that generated the error | `/api/v1/audit-logs/search` | | `code` | string | No | Specific error code | `null` | ### 401 — Unauthorized - Invalid or expired token | Field | Type | Required | Description | Example | |-------|------|----------|-------------|---------| | `code` | string | No | Top-level error code | `LE_ERR_SS_401` | | `errors` | array\ | No | List of error details See **ErrorDetail401Unauthorized** below. | — | #### ErrorDetail401Unauthorized | Field | Type | Required | Description | Example | |-------|------|----------|-------------|---------| | `message` | string | No | Detailed error message | `Invalid or expired token` | | `path` | string | No | API path that generated the error | `/api/v1/*` | | `code` | string | No | Specific error code | `LE_ERR_SS_303` | ### 500 — Internal server error | Field | Type | Required | Description | Example | |-------|------|----------|-------------|---------| | `code` | string | No | Top-level error code | `LE_ERR_SS_500` | | `errors` | array\ | No | List of error details See **ErrorDetailToken500VO** below. | — | #### ErrorDetailToken500VO | Field | Type | Required | Description | Example | |-------|------|----------|-------------|---------| | `message` | string | No | Detailed error message | `Internal Server Error` | | `path` | string | No | API path that generated the error | `null` | | `code` | string | No | Specific error code | `null` | ### Sample Response (200) ```json { "data": [ { "id": "00fdf214-83fe-4070-ba93-32c03c6dfd24", "details": "Department Testing Department added successfully by TestUser123.", "action": "DEPARTMENT_ADDED", "userId": "e6823fbf-7af8-4e73-8bdb-429a11671871", "username": "TestUser123", "sourceIp": "10.10.4.227", "userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36", "logTime": "2025-12-09T11:26:19", "enabled": true, "createdAt": "2025-12-09T11:26:19", "updatedAt": "2025-12-09T11:26:19" } ], "pagination": { "limit": 10, "page": 0, "total": 50 } } ```