API Audit Log
Last updated on May 21, 2026
The audit log records every authenticated request to the REST API. Users, Stations, SDKs, and raw curl all appear, so you have one place to trace what touched your organization.
What gets logged
Each entry captures a fixed set of fields, and the table below lists every one.
| Field | Value |
|---|---|
timestamp | When the request reached TofuPilot, in UTC, millisecond precision. |
method | HTTP verb: GET, POST, PATCH, DELETE. |
endpoint | The REST path with the API version, e.g. /api/v2/runs. |
status | HTTP status code returned. |
latency_ms | Total request duration in milliseconds. |
key_id | The API key that authenticated the request. User keys carry the user's identity; station keys carry the station's identity. |
caller | The user or station that owns the key. |
source_ip | Caller IP address. |
user_agent | Client User-Agent header. |
request_id | Organization-unique ID for this request. Used in support tickets. |
Request and response bodies are not stored. The log records the fact of the call and its outcome, never the payload.
Dashboard
Open API Logs in the sidebar (Monitor group). You see requests in reverse-chronological order, and the top of the page renders a 144-bucket histogram of request volume over the selected window, stacked by status category (2xx, 3xx, 4xx, 5xx). This lets you spot waves of failures or traffic spikes at a glance.
You can filter by:
- Date range: preset or custom window. Default is the last 7 days.
- Endpoint: every call to
/api/v2/runs, every call to/api/v2/procedures, etc. - Method: only
POST, onlyDELETE, etc. - Status:
2xx,3xx,4xx,5xxcategories. - Client: Python, C#, Rust, C++, MATLAB, CLI, or raw HTTP.
- Created by: narrow to a specific user or Station.
Click any row to expand the full entry with every field above and the related primitive (the Run, Unit, or Procedure the call created or modified, when applicable).
Retention
Entries are retained for 90 days on all plans. Enterprise instances can extend retention up to 1 year in organization settings.
After retention expires, entries are permanently deleted with no recovery. For long-term records (compliance, post-incident forensics), export periodically.
Export
You can export the log as CSV from the dashboard for any filter combination. For programmatic access, the REST API exposes GET /api/v2/audit-log with the same filter parameters, returning JSON.
curl https://tofupilot.app/api/v2/audit-log?from=2026-05-18T00:00:00Z \
-H "Authorization: Bearer $TOFUPILOT_API_KEY"Calls to the audit log endpoint are recorded in the audit log. Intentional: every read of the log is itself an auditable event.
Permissions
Access to the audit log inherits the organization's role model, so a member sees what their role allows.
| Role | Sees |
|---|---|
| Owner, Admin, Developer | Every entry, every key, every endpoint. |
| Viewer, Operator | No access. |
This keeps the audit trail trustworthy, because a member cannot tamper with or hide their own calls.
How is this guide?