> ## Documentation Index
> Fetch the complete documentation index at: https://docs.domino.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Post apiaudittrailv1search

> Search audit events using JSON filter conditions with support for complex queries including fileName searches



## OpenAPI

````yaml /api-specs/cloud/public-api.yaml post /api/audittrail/v1/search
openapi: 3.0.3
info:
  title: Domino Public API
  description: Domino Public API Endpoints
  version: cloud
servers: []
security:
  - DominoApiKey: []
  - BearerAuthentication: []
tags:
  - name: AIGateway
  - name: AppInstances
  - name: AppVersions
  - name: Apps
  - name: AsyncPredictions
  - name: AuditTrail
  - name: BillingTag
  - name: BillingTagSettings
  - name: Cost
  - name: CustomMetrics
  - name: DataSource
  - name: DatasetRw
  - name: DeploymentTargets
  - name: Environments
  - name: Extensions
  - name: GenAI
  - name: HardwareTier
  - name: Jobs
  - name: ModelAPI
  - name: ModelAPIVersion
  - name: ModelDeployment
  - name: Organizations
  - name: PPM
  - name: PersonalAccessToken
  - name: ProjectSharedDatasets
  - name: ProjectTemplates
  - name: Projects
  - name: ProjectsCommits
  - name: ProjectsFiles
  - name: RegisteredModels
  - name: ServiceAccounts
  - name: Users
  - name: Workspaces
paths:
  /api/audittrail/v1/search:
    post:
      description: >-
        Search audit events using JSON filter conditions with support for
        complex queries including fileName searches
      operationId: searchAuditEvents
      requestBody:
        content:
          application/json:
            examples:
              fileName_contains:
                summary: Search for events with fileName containing specific text
                value:
                  filter:
                    operator: AND
                    rules:
                      - field: fileName
                        operator: contains
                        type: condition
                        value: screenshot
                    type: group
                  limit: 10
              fileName_exact:
                summary: Search for events with exact fileName match
                value:
                  filter:
                    operator: AND
                    rules:
                      - field: fileName
                        operator: is
                        type: condition
                        value: document.pdf
                    type: group
                  limit: 50
            schema:
              $ref: '#/components/schemas/JsonFilterRequest'
        required: true
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AuditEventsResponse'
          description: Audit events matching the JSON filter criteria
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Error'
          description: Bad request - invalid filter structure
components:
  schemas:
    JsonFilterRequest:
      properties:
        filter:
          $ref: '#/components/schemas/FilterGroup'
        limit:
          default: 50
          maximum: 1000
          minimum: 1
          type: integer
        offset:
          default: 0
          minimum: 0
          type: integer
      required:
        - filter
      type: object
    AuditEventsResponse:
      properties:
        events:
          items:
            $ref: '#/components/schemas/AuditEvent'
          type: array
        total:
          type: integer
      required:
        - estimatedMatches
        - events
      type: object
    Error:
      allOf:
        - properties:
            errors:
              description: What caused the request to fail
              items:
                type: string
              type: array
            requestId:
              description: Id used to correlate a request with server actions.
              example: bbd78579-93c4-45ee-a983-0d5c8da6d5b1
              type: string
          required:
            - errors
    FilterGroup:
      properties:
        operator:
          enum:
            - AND
            - OR
          type: string
        rules:
          items:
            oneOf:
              - $ref: '#/components/schemas/FilterCondition'
              - $ref: '#/components/schemas/FilterGroup'
          type: array
        type:
          enum:
            - group
          type: string
      required:
        - type
        - operator
        - rules
      type: object
    AuditEvent:
      properties:
        action:
          $ref: '#/components/schemas/Action'
        actor:
          $ref: '#/components/schemas/Actor'
        affecting:
          $ref: '#/components/schemas/Affecting'
        from:
          $ref: '#/components/schemas/Entity'
        in:
          $ref: '#/components/schemas/Entity'
        metadata:
          $ref: '#/components/schemas/StringStringMap'
        targets:
          $ref: '#/components/schemas/TargetList'
        timestamp:
          format: int64
          type: integer
        to:
          $ref: '#/components/schemas/Entity'
      required:
        - timestamp
        - actor
        - action
        - targets
        - affecting
        - metadata
      type: object
    FilterCondition:
      properties:
        field:
          description: Field name to filter on (e.g., fileName, actorName, datasetName)
          type: string
        operator:
          description: Comparison operator for the filter condition
          enum:
            - is
            - contains
            - startsWith
            - endsWith
          type: string
        type:
          enum:
            - condition
          type: string
        value:
          description: Value to compare against the field
          type: string
      required:
        - type
        - field
        - operator
        - value
      type: object
    Action:
      properties:
        eventName:
          type: string
        traceId:
          type: string
        using:
          $ref: '#/components/schemas/UsingList'
      required:
        - eventName
        - using
      type: object
    Actor:
      properties:
        id:
          type: string
        idpId:
          type: string
        name:
          type: string
      required:
        - id
    Affecting:
      items:
        $ref: '#/components/schemas/Entity'
      type: array
    Entity:
      properties:
        entityType:
          type: string
        id:
          type: string
        name:
          type: string
        tags:
          items:
            type: string
          type: array
      required:
        - entityType
        - tags
      type: object
    StringStringMap:
      additionalProperties:
        type: string
      type: object
    TargetList:
      items:
        $ref: '#/components/schemas/Target'
      type: array
    UsingList:
      items:
        $ref: '#/components/schemas/Entity'
      type: array
    Target:
      properties:
        entity:
          $ref: '#/components/schemas/Entity'
        fieldChanges:
          items:
            $ref: '#/components/schemas/PolymorphicFieldStateChange'
          type: array
      required:
        - entity
        - fieldChanges
    PolymorphicFieldStateChange:
      discriminator:
        mapping:
          scalar:
            $ref: '#/components/schemas/ScalarFieldStateChange'
          sequence:
            $ref: '#/components/schemas/SequenceFieldStateChange'
        propertyName: fieldType
      oneOf:
        - $ref: '#/components/schemas/ScalarFieldStateChange'
        - $ref: '#/components/schemas/SequenceFieldStateChange'
    ScalarFieldStateChange:
      allOf:
        - $ref: '#/components/schemas/FieldStateChange'
      properties:
        after:
          type: string
        before:
          type: string
        unit:
          type: string
    SequenceFieldStateChange:
      allOf:
        - $ref: '#/components/schemas/FieldStateChange'
      properties:
        added:
          items:
            $ref: '#/components/schemas/Entity'
          type: array
        removed:
          items:
            $ref: '#/components/schemas/Entity'
          type: array
    FieldStateChange:
      properties:
        fieldName:
          type: string
        fieldType:
          $ref: '#/components/schemas/FieldType'
      type: object
    FieldType:
      enum:
        - scalar
        - sequence
      type: string
  securitySchemes:
    DominoApiKey:
      in: header
      name: X-Domino-Api-Key
      type: apiKey
    BearerAuthentication:
      in: header
      name: Authorization
      type: apiKey

````