Audit Logs
Collects and ingests audit logs and security events within your Postman organization.
Sync Type: Incremental
Overview
The Postman Audit Logs input allows you to collect organization audit logs from the Postman API. This input provides visibility into security-related activities, user actions, and configuration changes within your Postman organization.
Prerequisites
Before configuring the Postman Audit Logs input, ensure you have:
- Postman Account: Access to a Postman organization with audit log capabilities
- Administrative Access: Permissions to generate API keys with audit log access
- API Key: A Postman API key with permissions to access audit logs
Setup Instructions
Step 1: Generate a Postman API Key
- Log in to your Postman account
- Navigate to Settings > API keys or visit Postman API Keys
- Click Generate API Key
- Provide a descriptive name for the key (e.g., "Monad Audit Log Connector")
- Copy the generated API key and store it securely
Important: API keys provide access to your organization's data. Store them securely and never commit them to version control.
Step 2: Verify API Key Permissions
Ensure your API key has the necessary permissions to access audit logs:
- The key must be generated by a user with administrative privileges in the organization
- The user must have permissions to view audit logs in the Postman workspace
Configuration
Settings
| Setting | Type | Required | Default | Description |
|---|---|---|---|---|
| Backfill Start Time | string | No | - | The date to start fetching data from. If not specified, no past records will be fetched. |
Secrets
| Secret | Type | Required | Description |
|---|---|---|---|
| API Key | string | Yes | The API key from your Postman team with permissions to access audit logs |
Technical Details
Collection Behavior
The input follows an incremental collection pattern:
- First run: Collects all available audit logs
- Subsequent runs: Collects only new audit logs since the last successful run
- Page size: Processes up to 100 records per API request
- State tracking: Maintains cursor position to resume from last processed event
Data Collected
The audit logs include information about:
- User authentication events (sign-in, sign-out)
- Collection management (create, update, delete, publish)
- Workspace activities (member additions, permission changes)
- API key management (generation, revocation)
- Team and organization changes
- Environment and variable modifications
- Mock server operations
- Monitor activities
Each audit log entry includes:
- Unique event ID and timestamp
- Action type and description
- Actor information (user who performed the action)
- Resource details (collections, workspaces, etc.)
- IP address and user agent information
- Additional contextual metadata
Troubleshooting
Common Issues
-
Authentication failures
- Verify the API key is correct and hasn't expired
- Ensure the API key belongs to a user with administrative privileges
- Check that the user has audit log viewing permissions
-
No events returned
- Verify that audit logging is enabled for your Postman organization
- Check that the backfill start time is within the data retention period
- Ensure there have been activities in the organization during the specified timeframe
-
Missing recent events
- There may be a slight delay between when events occur and when they appear in the audit logs
- Wait a few minutes and check if the events appear in subsequent runs
Related Articles
Sample Record
Code