> ## Documentation Index
> Fetch the complete documentation index at: https://docs.maia.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Query audit events in a time range

> An endpoint for retrieving audit events in a time range



## OpenAPI

````yaml /openapi/public-api-endpoint-reference.yaml get /v1/events
openapi: 3.1.0
info:
  title: Maia Public REST API
  version: '1.0'
servers:
  - description: EU1
    url: https://eu1.api.matillion.com/dpc
  - description: US1
    url: https://us1.api.matillion.com/dpc
security:
  - bearerAuth: []
tags:
  - description: Manage Schedules
    name: Schedules
  - description: Manage Connections
    name: Connections
  - description: Operations for managing Project Variables
    name: Project Variables
  - description: Manage Pipelines
    name: Pipelines
  - description: Review pipelines against quality rules
    name: Pipeline Quality Review
  - description: Execute tests within a project
    name: Test Execution
  - description: Manage your AI agent tasks
    name: AI Agent Tasks
  - description: SCIM endpoints for user/group permission management
    name: Directory Integration
  - description: Publish shared pipeline artifacts
    name: Shared Pipeline Artifacts
  - description: Manage Repositories
    name: Repositories
  - description: Report on Credit Consumption
    name: Consumption
  - description: Manage Artifacts
    name: Artifacts
  - description: Operations for data lineage and governance
    name: Data Lineage
  - description: Manage Streaming Pipelines
    name: Streaming Pipelines
  - description: Execute a pipeline
    name: Pipeline Execution
  - description: ''
    name: Environments
  - description: ''
    name: Projects
  - description: Manage Agents
    name: Agents
  - description: Operations for managing Environment-level Overrides of Project Variables
    name: Project Variable Environment Overrides
  - description: Query audit events
    name: Audit Events
  - description: Connector Profiles
    name: Connectors
paths:
  /v1/events:
    get:
      tags:
        - Audit Events
      summary: Query audit events in a time range
      description: An endpoint for retrieving audit events in a time range
      operationId: retrieve
      parameters:
        - description: >
            The earliest date and time of audit events to retrieve.

            The date time format should be in ISO 8601 format, e.g.:
            2025-02-20T07:15:15.000-01:00
          example: '2021-11-17T14:15:15.000Z'
          in: query
          name: from
          required: true
          schema:
            type: string
            format: date-time
            description: >
              The earliest date and time of audit events to retrieve.

              The date time format should be in ISO 8601 format, e.g.:
              2025-02-20T07:15:15.000-01:00
            example: '2021-11-17T14:15:15.000Z'
        - description: >
            The latest date and time of audit events to retrieve.

            The date time format should be in ISO 8601 format, e.g.:
            2025-02-21T07:15:15.000-01:00
          example: '2021-11-17T15:15:15.000Z'
          in: query
          name: to
          required: true
          schema:
            type: string
            format: date-time
            description: >
              The latest date and time of audit events to retrieve.

              The date time format should be in ISO 8601 format, e.g.:
              2025-02-21T07:15:15.000-01:00
            example: '2021-11-17T15:15:15.000Z'
        - description: Page number (0-indexed)
          example: '0'
          in: query
          name: page
          schema: {}
        - description: Number of records per page (from 1 to 100)
          example: '25'
          in: query
          name: size
          schema: {}
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: >-
                  #/components/schemas/PagedResultListAugmentedAuditEventResponse
          description: Audit logs have been retrieved
        '400':
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ProblemDetail'
          description: Wrong request parameters used
        '403':
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ProblemDetail'
          description: Unauthorized
        '500':
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ProblemDetail'
          description: Unexpected error occurred
components:
  schemas:
    PagedResultListAugmentedAuditEventResponse:
      type: object
      properties:
        page:
          type: integer
          format: int32
          description: The 0-indexed page number of the returned results.
          example: 1
        results:
          type: array
          description: Page of results or empty.
          items:
            $ref: '#/components/schemas/AugmentedAuditEventResponse'
        size:
          type: integer
          format: int32
          description: The size of each page of results.
          example: 50
        total:
          type: integer
          format: int64
          description: Total number of available results across all pages.
          example: 472
    ProblemDetail:
      type: object
      properties:
        detail:
          type: string
        instance:
          type: string
        status:
          type: integer
          format: int32
        title:
          type: string
        type:
          type: string
          format: uri
        violations:
          type: array
          items:
            type: string
    AugmentedAuditEventResponse:
      type: object
      description: Details of an audit event.
      properties:
        actorEmail:
          type: string
          description: |
            Email address of the user who performed this action. Only available
            when the action was performed by a user with a valid email address.
          example: user123@abc.com
        actorId:
          type: string
          description: Identifier of the user or machine user that performed this action.
          examples:
            - 123e4567-e89b-12d3-a456-426614174000
            - google-oauth2|432847385743548375843
        additionalInfo:
          $ref: '#/components/schemas/JsonNode'
          description: >-
            Optional additional context about this activity, such as IP address
            or other details.
          example:
            ip: 68.134.82.19
        eventDescription:
          type: string
          description: A brief description of what happened.
          example: User logged in
        eventId:
          type: string
          format: uuid
          description: |
            A unique identifier for this audit event.
          example: 123e4567-e89b-12d3-a456-426614174000
        eventName:
          type: string
          description: The specific action that was performed.
          example: hub_user_login
        eventProjectId:
          type: string
          format: uuid
          description: Project ID where this action occurred, if applicable.
          example: 4cfcf46e-5bb1-4887-8772-d1c0eeb0cfef
        eventSource:
          type: string
          description: The Matillion service where this action originated.
          example: secrets-reference
        eventSubjectId:
          type: string
          description: Unique identifier of the resource affected by this action.
          example: C67A9A1A-5A49-4EBF-8222-0C6DCC572505
        eventSubjectName:
          type: string
          description: Name of the resource affected by this action.
          example: my-first-secret
        eventSubjectType:
          type: string
          description: >-
            Type of resource affected by this action (e.g., USER, PROJECT,
            SECRET).
          example: USER
        eventTimestamp:
          type: string
          format: date-time
          description: When this activity occurred, in UTC time.
          example: '2025-01-30T00:30:12.000Z'
        eventType:
          type: string
          description: Category of the activity.
          example: LOGIN
      required:
        - eventId
    JsonNode: {}
  securitySchemes:
    bearerAuth:
      bearerFormat: JWT
      description: a valid bearer token
      scheme: bearer
      type: http

````