How to List Logs for a Vultr Account

Logs provide detailed records of user actions across your account, capturing events such as logins, web portal interactions, and API requests. These logs offer valuable insight into account usage and help monitor security, track changes, and troubleshoot issues across your infrastructure. To access the List Logs API endpoint, you must either be the root user or have the appropriate ACL permission.

Follow this guide to retrieve the activity of users for your Vultr account using the Vultr API.

1. Retrieve the API key for your Vultr account from the Vultr Customer Portal.

2. Send a GET request to the List Logs endpoint.

   console Copy

   $ curl "https://api.vultr.com/v2/logs?start_time=<START_TIME>&end_time=<END_TIME>&log_level=<LOG_LEVEL>&resource_type=<RESOURCE_TYPE>&resource_id=<RESOURCE_ID>" \
       -X GET \
       -H "Authorization: Bearer ${VULTR_API_KEY>}"
   

   • <START_TIME> – e.g., 2025-07-17T00:00:00Z
   • <END_TIME> – e.g., 2025-07-17T18:19:59Z
   • <LOG_LEVEL> – One of: info, debug, warning, error, critical
   • <RESOURCE_TYPE> – e.g., instances, load-balancers, kubernetes, etc.
   • <RESOURCE_ID> – UUID of the specific resource.
   • {VULTR_API_KEY} – Your Vultr API key.

   The response output looks similar to the one below.

   {
       "logs": [
           {
           "resource_id": "xb671a46-66ed-4dfb-b839-543f2c6c0b63",
           "resource_type": "instances",
           "log_level": "debug",
           "message": "Success",
           "timestamp": "2025-06-26T16:45:06+00:00",
           "metadata": {}
           }
       ],
       "meta": {
           "continue_time": "2025-06-26T12:24:03Z",
           "returned_count": 5000,
           "unreturned_count": 3524,
           "total_count": 8524
       }
   }

• To grant non-root users access to your account’s activity logs, enable the activity_logs ACL for them by sending a PATCH request to the Update User endpoint.

  console Copy

  $ curl "https://api.vultr.com/v2/users/{user-id}" \
      -X PATCH \
      -H "Authorization: Bearer ${VULTR_API_KEY}" \
      -H "Content-Type: application/json" \
      --data '{
          "api_enabled" : true,
          "acls" : [
          "activity_logs"
          ]
      }'
  

  Note

  As per our Terms of Service, Vultr retains customer activity logs for 30 days. Contact Customer Support if you require a retention period longer than 30 days, as additional charges may apply. When specifying start_time and end_time in your API request, ensure that the selected time range falls within this retention window. Requests outside this period may return no results. Currently, the max_query_series limit is set to 5000, meaning a maximum of 5000 log entries can be returned per request, regardless of the specified date range.