Access Postman Audit Logs with the Postman API
Postman audit logs keep a record of system and user activity. They empower admins of Postman teams to track and review how members of their organization are using the Postman API Platform. For example, an admin can see when a user updated or removed a custom authorization scheme, invited someone to the Postman team, updated user roles, removed users from the team, and much more. You can view all available audit actions or events by visiting our Learning Center page on audit logs. To access your team’s audit logs, visit https://go.postman.co/audit or you can find it under Team Management in your Postman app.
With this release, audit logs are now accessible via the Postman API. Postman customers on the Professional and Enterprise plans can integrate these logs with their security information and event management (SIEM) tools.
The Audit Logs API is now available in the Postman API collection. Team admins and security folks can now fetch their team’s audit logs via this API and integrate them with their SIEM tools. Each audit log event contains the following attributes:
- id: A numeric value representing the unique identifier of an audit event.
- ip: The IP address of the actor who performed the action.
- userAgent: A string with the user-agent of the actor.
- action: A string with an action or event performed by the actor.
- timestamp: The date and time when the action or event was performed. The time is represented using the ISO 8601 date and time format.
- actor: An object with information about the actor who performed this action.
- message: A description of the audit event.
- nextCursor: A string that represents the cursor of the next page.
How to Get Started
Now that you’ve seen how it works—and what specific (and helpful) audit log information you can retrieve—try it yourself today by opening the “Get Audit Log” request in the Postman Public Workspace and executing a request.