# Audit logs
*This feature is available with the Enterprise plan.*
As an Enterprise admin, you can access audit logs through the [Audit logs API](https://api-docs.sonarsource.com/sonarqube-cloud/default/public-audit-logs-1-0-1). To authenticate to the Web API, see [Web API](/sonarqube-cloud/appendices/web-api.md).
{% hint style="info" %}
Audit logs are retained for 180 days.
{% endhint %}
## List of logged events
| Event type | Description | For more details |
| ------------------------------------------ | ------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
| `authentication.user_login` | An SSO user logs in to SonarQube Cloud. | |
| `authentication.user_logout` | An SSO user logs out of SonarQube Cloud. | |
| `user.create` | An SSO user account is created. | |
| `user.remove` | An SSO user account is removed. | |
| `permission_template.create` | An organization admin creates a permission template. | [Using permission templates](/sonarqube-cloud/administering-sonarcloud/managing-organization/manage-org-projects/manage-project-permissions/templates.md) |
| `permission_template.delete` | An organization admin deletes a permission template. | [Using permission templates](/sonarqube-cloud/administering-sonarcloud/managing-organization/manage-org-projects/manage-project-permissions/templates.md) |
| `org.add_user` | A user is added to an organization. | |
| `org.remove_user` | A user is removed from an organization. | |
| `org.add_group` | A group is created in the organization. | [User group concept](/sonarqube-cloud/administering-sonarcloud/about-sonarqube-cloud-solution/user-management/user-group-concept.md) |
| `org.remove_group` | A group is removed from the organization. | [User group concept](/sonarqube-cloud/administering-sonarcloud/about-sonarqube-cloud-solution/user-management/user-group-concept.md) |
| `org.add_permission` | An organization-related permission is added to a user or group. | [Managing organization permissions](/sonarqube-cloud/administering-sonarcloud/managing-organization/users-and-permissions/organization-permissions.md#permissions-related-to-organization) |
| `org.remove_permission` | An organization-related permission is removed from a user or group. | [Managing organization permissions](/sonarqube-cloud/administering-sonarcloud/managing-organization/users-and-permissions/organization-permissions.md#permissions-related-to-organization) |
| `org.membersync_enabled` | An organization admin enables the GitHub member synchronization. | [GitHub member synchronization](/sonarqube-cloud/administering-sonarcloud/about-sonarqube-cloud-solution/user-management/github-member-synchronization.md) |
| `org.membersync_disabled` | An organization admin disables the GitHub member synchronization. | [GitHub member synchronization](/sonarqube-cloud/administering-sonarcloud/about-sonarqube-cloud-solution/user-management/github-member-synchronization.md) |
| `portfolio.add_permission` | A portfolio admin adds a portfolio-related permission to a user or group. | [Administering portfolios](/sonarqube-cloud/getting-started-with-enterprise/administering-portfolios.md#permissions) |
| `portfolio.remove_permission` | A portfolio admin removes a portfolio-related permission from a user or group. | [Administering portfolios](/sonarqube-cloud/getting-started-with-enterprise/administering-portfolios.md#permissions) |
| `project.apply_permission_template` | A project admin applies a permission template to their project. | [Setting your project's permissions](/sonarqube-cloud/managing-your-projects/administering-your-projects/setting-permissions.md#updating-resetting-permissions) |
| `project.add_permission` | A project admin adds a project-related permission to a user or group. | [Setting your project's permissions](/sonarqube-cloud/managing-your-projects/administering-your-projects/setting-permissions.md#project-level-permissions) |
| `project.remove_permission` | A project admin removes a project-related permission from a user or group. | [Setting your project's permissions](/sonarqube-cloud/managing-your-projects/administering-your-projects/setting-permissions.md#project-level-permissions) |
| `group.create` | A group is created in an organization. | [User group concept](/sonarqube-cloud/administering-sonarcloud/about-sonarqube-cloud-solution/user-management/user-group-concept.md) |
| `group.remove` | A group is removed from an organization. | [User group concept](/sonarqube-cloud/administering-sonarcloud/about-sonarqube-cloud-solution/user-management/user-group-concept.md) |
| `enterprise.master_key_added` | CMK added | [Code encryption](/sonarqube-cloud/administering-sonarcloud/enterprise-security/code-encryption.md) |
| `enterprise.master_key_rotation_started` | CMK rotation started | [Code encryption](/sonarqube-cloud/administering-sonarcloud/enterprise-security/code-encryption.md) |
| `enterprise.master_key_rotation_completed` | CMK rotation completed | [Code encryption](/sonarqube-cloud/administering-sonarcloud/enterprise-security/code-encryption.md) |
| `enterprise.projects_encryption_started` | Projects encryption started | [Code encryption](/sonarqube-cloud/administering-sonarcloud/enterprise-security/code-encryption.md) |
| `enterprise.projects_encryption_completed` | Projects encryption completed | [Code encryption](/sonarqube-cloud/administering-sonarcloud/enterprise-security/code-encryption.md) |
| `enterprise.data_key_rotation_started` | Data key rotation started | [Code encryption](/sonarqube-cloud/administering-sonarcloud/enterprise-security/code-encryption.md) |
| `enterprise.data_key_rotation_completed` | Data key rotation completed | [Code encryption](/sonarqube-cloud/administering-sonarcloud/enterprise-security/code-encryption.md) |
## Related pages
[IP allow lists](/sonarqube-cloud/administering-sonarcloud/enterprise-security/ip-allow-lists.md)\
[SSO and provisioning](/sonarqube-cloud/administering-sonarcloud/enterprise-security/sso-and-provisioning.md)
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.sonarsource.com/sonarqube-cloud/administering-sonarcloud/enterprise-security/audit-logs.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.