# Audit Events API > 原文:[https://docs.gitlab.com/ee/api/audit_events.html](https://docs.gitlab.com/ee/api/audit_events.html) * [Instance Audit Events](#instance-audit-events-premium-only) * [Retrieve all instance audit events](#retrieve-all-instance-audit-events) * [Retrieve single instance audit event](#retrieve-single-instance-audit-event) * [Group Audit Events](#group-audit-events-starter) * [Retrieve all group audit events](#retrieve-all-group-audit-events) * [Retrieve a specific group audit event](#retrieve-a-specific-group-audit-event) * [Project Audit Events](#project-audit-events-starter) * [Retrieve all project audit events](#retrieve-all-project-audit-events) * [Retrieve a specific project audit event](#retrieve-a-specific-project-audit-event) # Audit Events API[](#audit-events-api "Permalink") ## Instance Audit Events[](#instance-audit-events-premium-only "Permalink") Audit Events API 使您可以检索[实例审核事件](../administration/audit_events.html#instance-events-premium-only) . 要使用 API​​检索审核事件,您必须以管理员[身份进行身份验证](README.html#authentication) . ### Retrieve all instance audit events[](#retrieve-all-instance-audit-events "Permalink") ``` GET /audit_events ``` | Attribute | Type | Required | Description | | --- | --- | --- | --- | | `created_after` | string | no | 返回在给定时间或之后创建的审核事件. 格式:ISO 8601 YYYY-MM-DDTHH:MM:SSZ | | `created_before` | string | no | 返回在给定时间或之前创建的审核事件. 格式:ISO 8601 YYYY-MM-DDTHH:MM:SSZ | | `entity_type` | string | no | 返回给定实体类型的审核事件. 有效值为: `User` , `Group`或`Project` . | | `entity_id` | integer | no | 返回给定实体 ID 的审核事件. 需要`entity_type`属性存在. | 默认情况下,因为 API 结果是分页的,所以`GET`请求一次返回 20 个结果. 阅读有关[分页的](README.html#pagination)更多信息. ``` curl --header "PRIVATE-TOKEN: " "https://primary.example.com/api/v4/audit_events" ``` 响应示例: ``` [ { "id": 1, "author_id": 1, "entity_id": 6, "entity_type": "Project", "details": { "custom_message": "Project archived", "author_name": "Administrator", "target_id": "flightjs/flight", "target_type": "Project", "target_details": "flightjs/flight", "ip_address": "127.0.0.1", "entity_path": "flightjs/flight" }, "created_at": "2019-08-30T07:00:41.885Z" }, { "id": 2, "author_id": 1, "entity_id": 60, "entity_type": "Group", "details": { "add": "group", "author_name": "Administrator", "target_id": "flightjs", "target_type": "Group", "target_details": "flightjs", "ip_address": "127.0.0.1", "entity_path": "flightjs" }, "created_at": "2019-08-27T18:36:44.162Z" }, { "id": 3, "author_id": 51, "entity_id": 51, "entity_type": "User", "details": { "change": "email address", "from": "hello@flightjs.com", "to": "maintainer@flightjs.com", "author_name": "Andreas", "target_id": 51, "target_type": "User", "target_details": "Andreas", "ip_address": null, "entity_path": "Andreas" }, "created_at": "2019-08-22T16:34:25.639Z" } ] ``` ### Retrieve single instance audit event[](#retrieve-single-instance-audit-event "Permalink") ``` GET /audit_events/:id ``` | Attribute | Type | Required | Description | | --- | --- | --- | --- | | `id` | integer | yes | 审核事件的 ID | ``` curl --header "PRIVATE-TOKEN: " "https://primary.example.com/api/v4/audit_events/1" ``` 响应示例: ``` { "id": 1, "author_id": 1, "entity_id": 6, "entity_type": "Project", "details": { "custom_message": "Project archived", "author_name": "Administrator", "target_id": "flightjs/flight", "target_type": "Project", "target_details": "flightjs/flight", "ip_address": "127.0.0.1", "entity_path": "flightjs/flight" }, "created_at": "2019-08-30T07:00:41.885Z" } ``` ## Group Audit Events[](#group-audit-events-starter "Permalink") 在 GitLab 12.5 中[引入](https://gitlab.com/gitlab-org/gitlab/-/issues/34078) . 组审核事件 API 使您可以检索[组审核事件](../administration/audit_events.html#group-events-starter) . 要使用 API​​检索组审核事件,您必须通过管理员[身份](README.html#authentication)或组所有者[身份进行身份验证](README.html#authentication) . ### Retrieve all group audit events[](#retrieve-all-group-audit-events "Permalink") ``` GET /groups/:id/audit_events ``` | Attribute | Type | Required | Description | | --- | --- | --- | --- | | `id` | integer/string | yes | 组的 ID 或[URL 编码的路径](README.html#namespaced-path-encoding) | | `created_after` | string | no | 在给定时间或之后创建的返回组审核事件. 格式:ISO 8601 YYYY-MM-DDTHH:MM:SSZ | | `created_before` | string | no | 返回在给定时间或之前创建的组审核事件. 格式:ISO 8601 YYYY-MM-DDTHH:MM:SSZ | 默认情况下,因为 API 结果是分页的,所以`GET`请求一次返回 20 个结果. 阅读有关[分页的](README.html#pagination)更多信息. ``` curl --header "PRIVATE-TOKEN: " "https://primary.example.com/api/v4/groups/60/audit_events" ``` 响应示例: ``` [ { "id": 2, "author_id": 1, "entity_id": 60, "entity_type": "Group", "details": { "custom_message": "Group marked for deletion", "author_name": "Administrator", "target_id": "flightjs", "target_type": "Group", "target_details": "flightjs", "ip_address": "127.0.0.1", "entity_path": "flightjs" }, "created_at": "2019-08-28T19:36:44.162Z" }, { "id": 1, "author_id": 1, "entity_id": 60, "entity_type": "Group", "details": { "add": "group", "author_name": "Administrator", "target_id": "flightjs", "target_type": "Group", "target_details": "flightjs", "ip_address": "127.0.0.1", "entity_path": "flightjs" }, "created_at": "2019-08-27T18:36:44.162Z" } ] ``` ### Retrieve a specific group audit event[](#retrieve-a-specific-group-audit-event "Permalink") 仅对组所有者和管理员可用. ``` GET /groups/:id/audit_events/:audit_event_id ``` | Attribute | Type | Required | Description | | --- | --- | --- | --- | | `id` | integer/string | yes | 组的 ID 或[URL 编码的路径](README.html#namespaced-path-encoding) | | `audit_event_id` | integer | yes | 审核事件的 ID | ``` curl --header "PRIVATE-TOKEN: " "https://primary.example.com/api/v4/groups/60/audit_events/2" ``` 响应示例: ``` { "id": 2, "author_id": 1, "entity_id": 60, "entity_type": "Group", "details": { "custom_message": "Group marked for deletion", "author_name": "Administrator", "target_id": "flightjs", "target_type": "Group", "target_details": "flightjs", "ip_address": "127.0.0.1", "entity_path": "flightjs" }, "created_at": "2019-08-28T19:36:44.162Z" } ``` ## Project Audit Events[](#project-audit-events-starter "Permalink") 在 GitLab 13.1 中[引入](https://gitlab.com/gitlab-org/gitlab/-/issues/219238) . 通过 Project Audit Events API,您可以检索[项目审核事件](../administration/audit_events.html#project-events-starter) . To retrieve project audit events using the API, you must [authenticate yourself](README.html#authentication) as a Maintainer or an Owner of the project. ### Retrieve all project audit events[](#retrieve-all-project-audit-events "Permalink") ``` GET /projects/:id/audit_events ``` | Attribute | Type | Required | Description | | --- | --- | --- | --- | | `id` | integer/string | yes | 项目的 ID 或[URL 编码的路径](README.html#namespaced-path-encoding) | | `created_after` | string | no | 返回在给定时间或之后创建的项目审核事件. 格式:ISO 8601 YYYY-MM-DDTHH:MM:SSZ | | `created_before` | string | no | 返回在给定时间或之前创建的项目审核事件. 格式:ISO 8601 YYYY-MM-DDTHH:MM:SSZ | 默认情况下,因为 API 结果是分页的,所以`GET`请求一次返回 20 个结果. 阅读有关[分页的](README.html#pagination)更多信息. ``` curl --header "PRIVATE-TOKEN: " https://primary.example.com/api/v4/projects/7/audit_events ``` 响应示例: ``` [ { "id": 5, "author_id": 1, "entity_id": 7, "entity_type": "Project", "details": { "change": "prevent merge request approval from reviewers", "from": "", "to": "true", "author_name": "Administrator", "target_id": 7, "target_type": "Project", "target_details": "twitter/typeahead-js", "ip_address": "127.0.0.1", "entity_path": "twitter/typeahead-js" }, "created_at": "2020-05-26T22:55:04.230Z" }, { "id": 4, "author_id": 1, "entity_id": 7, "entity_type": "Project", "details": { "change": "prevent merge request approval from authors", "from": "false", "to": "true", "author_name": "Administrator", "target_id": 7, "target_type": "Project", "target_details": "twitter/typeahead-js", "ip_address": "127.0.0.1", "entity_path": "twitter/typeahead-js" }, "created_at": "2020-05-26T22:55:04.218Z" } ] ``` ### Retrieve a specific project audit event[](#retrieve-a-specific-project-audit-event "Permalink") 仅适用于项目维护者或所有者. ``` GET /projects/:id/audit_events/:audit_event_id ``` | Attribute | Type | Required | Description | | --- | --- | --- | --- | | `id` | integer/string | yes | 项目的 ID 或[URL 编码的路径](README.html#namespaced-path-encoding) | | `audit_event_id` | integer | yes | 审核事件的 ID | ``` curl --header "PRIVATE-TOKEN: " https://primary.example.com/api/v4/projects/7/audit_events/5 ``` 响应示例: ``` { "id": 5, "author_id": 1, "entity_id": 7, "entity_type": "Project", "details": { "change": "prevent merge request approval from reviewers", "from": "", "to": "true", "author_name": "Administrator", "target_id": 7, "target_type": "Project", "target_details": "twitter/typeahead-js", "ip_address": "127.0.0.1", "entity_path": "twitter/typeahead-js" }, "created_at": "2020-05-26T22:55:04.230Z" } ```