Get logs by filter
GetLogsByFilter¶
GetLogsByFilter
Description: Returns server audit log records in a table-oriented format, similar to GetUsersByFilter. This method does not use from and to. Time filtering is done through timestamp in where or whereBetween. If no timestamp filter is provided, the server scans the last 30 days of log files.
Access Control¶
🛡️ Access Level Required:
SESSION_ADMIN,SESSION_MANAGER, orSESSION_DEALER
Request Parameters¶
| Name | Type | Required | Description |
|---|---|---|---|
| limit | int | Yes | Maximum number of rows to return |
| offset | int | Yes | Row offset inside filtered result set |
| where | array | No | Array of conditions in format [field, operator, value] |
| whereNot | array | No | Array of negative conditions in format [field, value] |
| whereIn | array | No | Array of inclusion conditions |
| whereNotIn | array | No | Array of exclusion conditions |
| whereBetween | array | No | Array of range conditions in format [field, [from, to]] |
| whereNotBetween | array | No | Array of negative range conditions |
| orderBy | array | No | Sorting rule in format [field, direction], where direction is ASC or DESC |
Supported Fields¶
The following log fields can be used in filters and sorting:
timestampactor_typeactor_idactionstatussourcedetail
Response Structure¶
| Field | Type | Description |
|---|---|---|
| timestamp | int64 | Unix timestamp in seconds |
| actor_type | string | Actor category |
| actor_id | string | Actor identifier or - |
| action | string | Operation name |
| status | string | Operation status |
| source | string | Request origin, IP, plugin name, or module name |
| detail | string | Free-form payload or message |
Request Example¶
{
"limit": 50,
"offset": 0,
"where": [
["actor_type", "=", "MANAGER"],
["status", "=", "SUCCESS"]
],
"whereBetween": [
["timestamp", [1713744000, 1713830399]]
],
"whereNot": [
["source", "127.0.0.2"]
],
"orderBy": ["timestamp", "DESC"]
}
Response Example¶
{
"structure": [
"timestamp",
"actor_type",
"actor_id",
"action",
"status",
"source",
"detail"
],
"rows": [
[
1713787200,
"MANAGER",
"1223",
"AuthManager",
"SUCCESS",
"127.0.0.1",
"{\"id\":1223}"
]
],
"count": 1,
"total": 18425
}
Notes¶
offsetandlimitare applied after filtering and sorting.countis the number of records after filtering, before pagination.totalis the total number of raw log lines in the selected log files.- If no
timestampfilter is provided, the server scans the last 30 days of log files. GetLogsremains available for simple field-based filtering;GetLogsByFilteris intended for table-style admin views.