Get logs for a specified team/org
GEThttps://slack.com/api/admin.apps.activities.list
application/x-www-form-urlencoded
token
Authentication token bearing required scopes. Tokens should be passed as an HTTP Authorization header or alternatively, as a POST parameter.
xxxx-xxxxxxxxx-xxxx
The component ID of log events to be returned. Will be FnXXXXXX
for functions, and WfXXXXXX
for worflows
Wf013SMGL4V9
The component type of log events to be returned. Acceptable values are events_api
, workflows
, functions
and tables
.
workflows
Paginate through collections of data by setting the cursor
parameter to a next_cursor
attribute returned by a previous request's response_metadata
. See pagination for more detail.
bG9nX2lkOjc5NjQ1NA==
The latest timestamp of the log to retrieve (epoch microseconds).
1646665572336299
The earliest timestamp of the log to retrieve (epoch microseconds).
1646665572336251
The minimum log level of the log events to be returned. Defaults to info
. Acceptable values (in order of relative importance from smallest to largest) are trace
, debug
, info
, warn
, error
and fatal
.
info
The direction you want the data sorted by (always by timestamp)
asc
desc
asc
The source of log events to be returned. Acceptable values are slack
and developer
.
slack
This method returns all workflow executions for an organization.
Additionally, it can be used to ingest logs and to monitor errors across an organization. This can help admins identify and fix problems with workflows and apps, and ensure that their users are having a positive experience.
Here are some specific examples of how the method can be used:
Overall, this method is a powerful tool that can be used to manage and analyze executions in an organization. It can help admins to troubleshoot problems and monitor usage.
Note that if multiple filters are used, filtering will be performed with a logical 'and' operator.
Each event type has some subtleties, which are documented here.
For example, some event types might carry a different meaning based on the log level.
The content of the payload
object for each activity
in the activities[]
array is also dependent on the event_type
.
"payload": {
"function_name": "Reverse",
"function_type": "app"
}
The log level could be info
meaning the execution was a success, or could be error
in case of failure.
"payload": {
"function_name": "Reverse",
"error": "An optional error message, this property is absent in case of success."
}
"payload": {
"log": "The raw stdout/stderr from the function execution captured at the end of the process execution."
}
The possible values for the action
property are: 'Create', 'Update', and 'Delete'.
Note: For the 'Delete' action, the property bundle_size_kb
will be absent.
"payload": {
"action": "Create",
"team_id": "T12345",
"user_id": "U12345",
"bundle_size_kb": 13
}
"payload": {
"channel_id": "C12345",
"bot_user_id": "U12345"
}
"payload": {
"workflow_name": "Reverse",
"actor": "U12345",
}
The possible values for the exec_outcome
property are: 'Pending', 'Success', and "Error'.
"payload": {
"workflow_name": "Reverse",
"exec_outcome": "Success"
}
"payload": {
"function_id": "Fn12345",
"total_steps": 1,
"current_step": 1,
"function_name": "Reverse",
"function_execution_id": "Fx12345"
}
"payload": {
"workflow_name": "Reverse"
}
"payload": {
"workflow_name": "Reverse"
}
The inputs
property will display the workflow inputs, this can be anything.
The possible values for the exec_outcome
property are: 'Pending', 'Success', and "Error'.
"payload": {
"inputs": {
"string": "Reverse"
},
"function_id": "Fn12345",
"exec_outcome": "Success",
"function_name": "Reverse",
"function_execution_id": "Fx12345"
}
"payload": {
"template_id": "SEND_KUDOS",
"date_created": 12345
}
The possible values for the type
property are: 'event', 'shortcut', 'webhook', 'scheduled', 'external' and "blockkit'.
Note: The trip_information
can be null/empty and theconfig
property will be different based on the type of trigger.
"payload": {
"trigger": {
"id": "Ft12345",
"type": "shortcut",
"config": {
"name": "Reverse",
"description": "Reverses a string"
},
"trip_information": {
"user_id": "U12345",
"channel_id": "C12345"
}
},
"function_name": "Reverse"
}
The possible values for the code
property are: 'app_not_found', 'app_not_installed', 'provider_not_found', and "external_auth_started'.
"payload": {
"code": "external_auth_started",
"team_id": "T12345",
"user_id": "U12345",
"provider_key": "secret:key:12345",
"app_id": "A12345"
}
The possible values for the code
property can be 'oauth2_callback_error' or "oauth2_exchange_success'.
"payload": {
"code": "oauth2_exchange_success",
"team_id": "T12345",
"user_id": "U12345",
"provider_key": "secret:key:12345",
"app_id": "A12345"
}
There are multiple possible values for the code
property, it will display successful or unsuccessful codes such as: 'no_collaborator_found', 'external_token_found', 'token_not_found', etc.
"payload": {
"code": "external_token_found",
"team_id": "T12345",
"user_id": "U12345",
"provider_key": "secret:key:12345",
"app_id": "A12345"
}
The possible value for the code
property is only 'function_not_found'.
"payload": {
"code": "function_not_found",
"team_id": "T12345",
"function_id": "Fn12345",
"app_id": "A12345"
}
The possible values for the code
property can be any error encountered; for example 'missing_oauth_token_or_selected_auth'.
"payload": {
"code": "missing_oauth_token_or_selected_auth",
"team_id": "T12345",
"user_id": "U12345",
"provider_key": "secret:key:12345",
"app_id": "A12345"
}
Typical success response
{
"ok": true,
"activities": [
{
"app_id": "A123456789",
"level": "info",
"event_type": "function_execution_started",
"source": "slack",
"component_type": "functions",
"component_id": "Fn123",
"payload": {
"function_name": "Reverse",
"function_type": "app"
},
"created": 1650463798824317,
"trace_id": "Tr123"
}
],
"response_metadata": {
"next_cursor": ""
}
}
This table lists the expected errors that this method could return. However, other errors can be returned in the case where the service is down or other unexpected factors affect processing. Callers should always check the value of the ok
params in the response.
Error | Description |
---|---|
internal_error | The server could not complete your operation(s) without encountering an error, likely due to a transient issue on our end. It's possible some aspect of the operation succeeded before the error was raised. |
invalid_app_id | App ID provided is not valid. |
invalid_app | App ID provided is not valid for team and user. |
invalid_args | Required arguments either were not provided or contain invalid values. |
invalid_cursor | Value passed for |
invalid_team | Team ID provided is not valid |
access_denied | Access to a resource specified in the request is denied. |
account_inactive | Authentication token is for a deleted user or workspace when using a |
deprecated_endpoint | The endpoint has been deprecated. |
ekm_access_denied | Administrators have suspended the ability to post a message. |
enterprise_is_restricted | The method cannot be called from an Enterprise. |
invalid_auth | Some aspect of authentication cannot be validated. Either the provided token is invalid or the request originates from an IP address disallowed from making the request. |
is_bot | This method cannot be called by a legacy bot. |
method_deprecated | The method has been deprecated. |
missing_scope | The token used is not granted the specific scope permissions required to complete this request. |
not_allowed_token_type | The token type used in this request is not allowed. |
not_authed | No authentication token provided. |
no_permission | The workspace token used in this request does not have the permissions necessary to complete the request. Make sure your app is a member of the conversation it's attempting to post a message to. |
org_login_required | The workspace is undergoing an enterprise migration and will not be available until migration is complete. |
token_expired | Authentication token has expired |
token_revoked | Authentication token is for a deleted user or workspace or the app has been removed when using a |
two_factor_setup_required | Two factor setup is required. |
accesslimited | Access to this method is limited on the current network |
fatal_error | The server could not complete your operation(s) without encountering a catastrophic error. It's possible some aspect of the operation succeeded before the error was raised. |
invalid_arg_name | The method was passed an argument whose name falls outside the bounds of accepted or expected values. This includes very long names and names with non-alphanumeric characters other than |
invalid_arguments | The method was either called with invalid arguments or some detail about the arguments passed is invalid, which is more likely when using complex arguments like blocks or attachments. |
invalid_array_arg | The method was passed an array as an argument. Please only input valid strings. |
invalid_charset | The method was called via a |
invalid_form_data | The method was called via a |
invalid_post_type | The method was called via a |
missing_post_type | The method was called via a |
ratelimited | The request has been ratelimited. Refer to the |
request_timeout | The method was called via a |
service_unavailable | The service is temporarily unavailable |
team_added_to_org | The workspace associated with your request is currently undergoing migration to an Enterprise Organization. Web API and other platform operations will be intermittently unavailable until the transition is complete. |
This table lists the expected warnings that this method will return. However, other warnings can be returned in the case where the service is experiencing unexpected trouble.
Warning | Description |
---|---|
missing_charset | The method was called via a |
superfluous_charset | The method was called via a |