> ## Documentation Index
> Fetch the complete documentation index at: https://docs.secapi.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Audit Logs

> Export delivery events, usage, limits, and billing activity for compliance and debugging.

SEC API records API activity as traceable events. Customer-visible audit surfaces are available through delivery event listing/export, usage, limits, and billing endpoints using org-scoped authentication via API key or bearer token.

## Event export

List and export your request, webhook, and stream delivery history as JSON or NDJSON. See **[Event export](/event-export)** for filters, formats, and durable-ledger behavior.

* `GET /v1/delivery/events` — filtered event listing
* `GET /v1/delivery/events/export` — JSON or NDJSON export

## Usage Tracking

### GET /v1/usage

Returns metered usage events grouped by meter class for the current billing period.

```bash theme={null}
curl "$SECAPI_BASE_URL/v1/usage" \
  -H "x-api-key: $SECAPI_API_KEY"
```

Meter classes include: `light_reads`, `standard_reads`, `heavy_extracts`, `artifact_jobs`, `delivery_events`, `email_notifications`, `intelligence_queries`, `market_data_reads`.

### GET /v1/limits

Returns rate limits, API key limits, and throughput ceilings for the current plan.

```bash theme={null}
curl "$SECAPI_BASE_URL/v1/limits" \
  -H "x-api-key: $SECAPI_API_KEY"
```

### GET /v1/billing

Returns the full billing snapshot: plan key, billing state, spend caps, budget alerts, and Stripe subscription status.

```bash theme={null}
curl "$SECAPI_BASE_URL/v1/billing" \
  -H "x-api-key: $SECAPI_API_KEY"
```

## Compliance Integration Patterns

### SIEM export

Use the NDJSON event export to feed events into a SIEM pipeline:

```bash theme={null}
# Periodic export for Splunk / Datadog / ELK
curl "$SECAPI_BASE_URL/v1/delivery/events/export?since=2026-04-09T00:00:00Z&format=ndjson&limit=1000" \
  -H "x-api-key: $SECAPI_API_KEY" \
  >> /var/log/sec-api-events.ndjson
```

### Budget audit trail

Budget changes are recorded with the acting principal, previous values, and request ID. Query the event log for `budget.updated` events to reconstruct the change history.

### Request traceability

Every API response includes `Request-Id` and `traceparent` headers. Preserve these in your application logs to correlate downstream effects with the originating request.

## Endpoint summary

| Endpoint                     | Method | Description                   |
| ---------------------------- | ------ | ----------------------------- |
| `/v1/delivery/events`        | GET    | Filtered event listing        |
| `/v1/delivery/events/export` | GET    | JSON or NDJSON event export   |
| `/v1/usage`                  | GET    | Metered usage summary         |
| `/v1/limits`                 | GET    | Plan limits and rate ceilings |
| `/v1/billing`                | GET    | Full billing snapshot         |

## Read next

<CardGroup cols={2}>
  <Card title="Enterprise Features" icon="building-2" href="/enterprise">
    Key rotation, multi-seat organizations, and commercial licensing. OAuth/SSO roadmap noted inline.
  </Card>

  <Card title="Event Export" icon="file-export" href="/event-export">
    Filtering, JSON, and NDJSON export workflows.
  </Card>
</CardGroup>
