Skip to main content

GET /api/audit

Retrieve audit log entries with pagination and filtering support. All API requests proxied through Fishnet are logged with cryptographic integrity guarantees.

Authentication

Requires session authentication via Bearer token in the Authorization header. 
Authorization: Bearer fn_sess_...

Query Parameters

from
integer
Start timestamp in milliseconds (Unix epoch). Filters entries with timestamp >= from.
to
integer
End timestamp in milliseconds (Unix epoch). Filters entries with timestamp <= to.
service
string
Filter by service name (e.g., openai, anthropic, binance, custom.github).
decision
string
Filter by policy decision. Values: approved, denied.
page
integer
default:"1"
Page number (1-indexed). Minimum value is 1.
page_size
integer
default:"20"
Number of entries per page. Valid range: 1-200.

Response

Returns a JSON object with paginated audit entries:
entries
array
Array of audit log entries, ordered by ID descending (newest first).
total
integer
Total number of entries matching the filter criteria.
page
integer
Current page number.
pages
integer
Total number of pages available.

Examples

curl -X GET "http://localhost:3080/api/audit?page=1&page_size=10&service=openai&decision=approved" \
  -H "Authorization: Bearer fn_sess_YOUR_TOKEN"

Example Response

{
  "entries": [
    {
      "id": 42,
      "timestamp": 1709510400000,
      "intent_type": "api_call",
      "service": "openai",
      "action": "POST /v1/chat/completions",
      "decision": "approved",
      "reason": null,
      "cost_usd": 0.000123,
      "policy_version_hash": "a1b2c3d4e5f6789012345678901234567890abcdef1234567890abcdef123456",
      "intent_hash": "1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef",
      "permit_hash": null,
      "merkle_root": "fedcba0987654321fedcba0987654321fedcba0987654321fedcba0987654321"
    }
  ],
  "total": 1,
  "page": 1,
  "pages": 1
}

Error Responses

401 Unauthorized
object
{"error": "unauthorized"}
Session token is missing, invalid, or expired.
500 Internal Server Error
object
{"error": "database error: ..."}
Failed to query the audit database.

Implementation Notes

  • Entries are always returned in descending order by ID (newest first)
  • The page_size parameter is clamped to the range [1, 200]
  • The page parameter is automatically set to at least 1
  • Timestamps are stored as 64-bit integers (milliseconds since Unix epoch)
  • All hash fields are hex-encoded Keccak256 hashes (64 characters)
  • The Merkle root enables cryptographic verification that the audit log has not been tampered with

Build docs developers (and LLMs) love

Get started for freeTalk to us