auditlogs:read scope

This scope lets an app "View events from all workspaces, channels and users (Enterprise Grid only)"