**Source URL:** https://general.veevavault.dev/sitevault/vault-api/api-reference/19.2/logs/audit/retrieve-audit-details.md
# Retrieve Audit Details
Retrieve all audit details for a specific audit type. This request supports optional parameters to narrow the results to a specified date and time within the past 30 days.
## Headers {#headers}
| Name | Description |
| --- | --- |
| `Accept` | `application/json` (default) |
## Query Parameters {#query-parameters}
You can modify the request by using one or more of the following parameters:
| Name | Description |
| --- | --- |
| `start_date` | Specify a start date to retrieve audit information. This date cannot be more than 30 days ago. Dates must be `YYYY-MM-DDTHH:MM:SSZ` format, for example, 7AM on January 15, 2016 would use `2016-01-15T07:00:00Z` |
| `end_date` | Specify an end date to retrieve audit information. This date cannot be more than 30 days ago. Dates must be `YYYY-MM-DDTHH:MM:SSZ` format, for example, 7AM on January 15, 2016 would use `2016-01-15T07:00:00Z` |
| `format_result` | To request a downloadable CSV file of your audit details, use `csv`. The response contains a `jobId` to retrieve the job status, which contains a link to download the CSV file. |
| `limit` | Paginate the results by specifying the maximum number of histories per page in the response. This can be any value between `1` and `1000`. If omitted, defaults to `200`. |
| `offset` | Paginate the results displayed per page by specifying the amount of offset from the entry returned. For example, if you are viewing the first 50 results (page 1) and want to see the next page, set this to `offset=51`. If omitted, defaults to `0`. |
Dates and times are in UTC. If the time is not specified, it will default to midnight (T00:00:00Z) on the specified date.
## Request {#request}
```
curl -X GET -H "Authorization: {SESSION_ID}" \
https://myvault.veevavault.com/api/v17.3/audittrail/login_audit_trail
```
## Response {#response}
```
{
"responseDetails": {
"offset": 0,
"limit": 200,
"size": 7,
"total": 7,
"object": {
"name": "login_audit_trail",
"label": "Login Audit Trail",
"url": "/api/v17.3/metadata/audittrail/login_audit_trail"
}
},
"data": [
{
"id": "152515375538",
"timestamp": "2017-09-15T16:07:25Z",
"user_name": "lgills@veepharm.com",
"full_name": "Lateef Gills",
"source_ip": "209.136.227.195",
"type": "User Login",
"status": "Success",
"browser": "Unknown",
"platform": "Unknown"
},
{
"id": "152515371157",
"timestamp": "2017-09-14T14:19:05Z",
"user_name": "c.brandon@veepharm.com",
"full_name": "Cody Brandon",
"source_ip": "162.218.77.23",
"type": "Enterprise Home Authentication",
"status": "Success",
"browser": "Chrome 60.0.3112.113",
"platform": "Intel Mac OS X 10.12.6"
}
],
"responseStatus": "SUCCESS"
}
```
## Response Details {#response-details}
On SUCCESS, the response lists all rows and fields for the specified audit trail type. Each audit type includes the following fields:
| Name | Description |
| --- | --- |
| `id` | The unique audit trail ID. |
| `timestamp` | Date and time that the action was performed. |
| `user_name` | Login name for the user who performed the action. This sometimes shows "System" to indicate the action was complete by Vault. |
| `full_name` | The full name of the user who performed the action. |
Note that Vault returns additional fields based on the specified audit type.
Requesting a CSV file generates a job to prepare the file for download. On SUCCESS, the response includes the `jobId` with a link to the CSV file.
---
**Previous:** [Retrieve Audit Metadata](/sitevault/vault-api/api-reference/19.2/logs/audit/retrieve-audit-metadata)
**Next:** [Audit History](/sitevault/vault-api/api-reference/19.2/logs/audit-history)