Slack

Slack Audit Logs API

The Slack Audit Logs API is designed for building security information and event management (SIEM) tools for Slack Enterprise Grid organizations. It provides a read-only view of audit events happening across an entire Enterprise organization, including user actions, admin actions, app installations, file sharing, and authentication events. The primary endpoint at /audit/v1/logs returns a list of auditable actions that have occurred, with filtering by action type, actor, entity, and date range.

GitHub

Documentation

📖
Documentation
https://docs.slack.dev/admins/audit-logs-api
📖
APIReference
https://docs.slack.dev/reference/audit-logs-api/methods-actions-reference

API entry from apis.yml

apis.yml Raw ↑ 
aid: slack:slack-audit-logs-api
name: Slack Audit Logs API
tags:
- Audit Logs
- Compliance
- Enterprise
- Security
image: https://kinlane-productions2.s3.amazonaws.com/apis-json/apis-json-logo.jpg
baseURL: https://api.slack.com/audit/v1
humanURL: https://docs.slack.dev/admins/audit-logs-api
properties:
- url: https://docs.slack.dev/admins/audit-logs-api
  type: Documentation
- url: https://docs.slack.dev/reference/audit-logs-api/methods-actions-reference
  type: APIReference
description: The Slack Audit Logs API is designed for building security information and event management
  (SIEM) tools for Slack Enterprise Grid organizations. It provides a read-only view of audit events happening
  across an entire Enterprise organization, including user actions, admin actions, app installations,
  file sharing, and authentication events. The primary endpoint at /audit/v1/logs returns a list of auditable
  actions that have occurred, with filtering by action type, actor, entity, and date range.