Audit logs API - GET audit log entry

Fetches the specified entry of the audit log.

Early Adopter

This request is an Early Adopter release and may be changed in non-compatible way.

  • Managed https://{your-domain}/e/{your-environment-id}/api/v2/auditlogs/{id}
  • SaaS https://{your-environment-id}{id}
  • Environment ActiveGate https://{your-activegate-domain}/e/{your-environment-id}/api/v2/auditlogs/{id}


To execute this request, you need the Read audit logs ( permission assigned to your API token. To learn how to obtain and use it, see Tokens and authentication.


Parameter Type Description In Required
id string

The ID of the required log entry.

path required


Response codes

Code Description



Failed. Invalid ID format.


Failed. The requested resource doesn't exist.

Response body

The AuditLogEntry object

An entry of the audit log.

Element Type Description
logId string

The ID of the log entry.

eventType string

The type of the recorded operation.

category string

The category of the recorded operation.

entityId string

The ID of an entity from the category.

For example, it can be config ID for the CONFIG category or token ID for the TOKEN category.

environmentId string

The ID of the Dynatrace environment where the recorded operation occurred.

user string

The ID of the user who performed the recorded operation.

userType string

The type of the authentication of the user.

userOrigin string

The origin and the IP address of the user.

timestamp integer

The timestamp of the record creation, in UTC milliseconds.

success boolean

The recorded operation is successful (true) or failed (false).

message string

The logged message.

patch object

The patch of the recorded operation as the JSON representation.

The format is an enhanced RFC 6902. The patch also carries the previous value in the oldValue field.


In this example, the request gets the audit log entry with the ID of 157607396300050000.

This entry stores information about a change to the configuration of the dashboard with the ID of 14b3bfe7-69d8-48bf-b08a-4f9a2ff3f703. The change is a repositioning and resizing of a tile done by the Dynatrace user with user ID 643541629.

The API token is passed in the Authorization header.


curl -X GET \
  '' \  
  -H 'Authorization: Api-Token dt0c01.abc123.abcdefjhij1234567890'

Request URL

Response body

  "logId": "157607396300050000",
  "eventType": "UPDATE",
  "category": "CONFIG",
  "entityId": "DASHBOARDS_SETTINGS: 14b3bfe7-69d8-48bf-b08a-4f9a2ff3f703",
  "environmentId": "yasmuoujsw",
  "user": "Dynatrace user #643541629",
  "userType": "USER_NAME",
  "userOrigin": "webui (",
  "timestamp": 1576074315483,
  "success": true,
  "patch": [
      "op": "replace",
      "path": "/tiles/24/top",
      "value": 304,
      "oldValue": 380
      "op": "replace",
      "path": "/tiles/24/left",
      "value": 304,
      "oldValue": 798
      "op": "replace",
      "path": "/tiles/24/width",
      "value": 608,
      "oldValue": 304
      "op": "replace",
      "path": "/tiles/24/height",
      "value": 608,
      "oldValue": 304

Response code