Slack Audit Logs API

The Slack Audit Logs API is designed for building security information and event management (SIEM) tools for Slack Enterprise Grid organizations. It provides a read-only view of audit events happening across an entire Enterprise organization, including user actions, admin actions, app installations, file sharing, and authentication events. The primary endpoint at /audit/v1/logs returns a list of auditable actions that have occurred, with filtering by action type, actor, entity, and date range.