# Bindplane Audit Logs

The Bindplane Audit Logs Source collects audit logs from a single Bindplane instance. Audit logs contain records of user authentication, resource operations, configuration management, rollout behavior, and other system activities. Audit logs are scoped to the project associated with the API key. The user that generates the API key must have admin privileges.

### Supported Platforms

| Platform | Metrics | Logs | Traces |
| -------- | ------- | ---- | ------ |
| Linux    |         | ✓    |        |
| Windows  |         | ✓    |        |
| macOS    |         | ✓    |        |

### Configuration Table

<table><thead><tr><th width="221.5">Parameter</th><th>Type</th><th>Default</th><th>Description</th></tr></thead><tbody><tr><td>host_type</td><td><code>enum</code></td><td><code>Cloud</code></td><td>Determines whether you are connecting to a Cloud or Self-Hosted Bindplane instance.</td></tr><tr><td>bindplane_api_key*</td><td><code>string</code></td><td></td><td>The API key of the Bindplane instance to collect audit logs from.</td></tr><tr><td>bindplane_host_scheme</td><td><code>enum</code></td><td><code>https</code></td><td>The protocol scheme used to connect to your Self-Hosted Bindplane instance.</td></tr><tr><td>bindplane_host_url</td><td><code>string</code></td><td></td><td>The host URL used to connect to your Self-Hosted Bindplane instance.</td></tr><tr><td>bindplane_host_port</td><td><code>string</code></td><td><code>3001</code></td><td>The port used to connect to your Self-Hosted Bindplane instance.</td></tr><tr><td>poll_interval</td><td><code>int</code></td><td><code>10s</code></td><td>The interval to poll Bindplane for audit logs. Must be at least 10 seconds.</td></tr><tr><td>enable_tls</td><td><code>bool</code></td><td><code>true</code></td><td>Whether or not to use TLS when connecting to the Bindplane instance.</td></tr><tr><td>insecure_skip_verify</td><td><code>bool</code></td><td><code>false</code></td><td>Whether or not to skip TLS certificate verification.</td></tr><tr><td>ca_file</td><td><code>string</code></td><td></td><td>Certificate authority used to validate TLS certificates.</td></tr><tr><td>tls_server_name_override</td><td><code>string</code></td><td></td><td>Optional virtual hostname. Indicates the name of the server requested by the client.</td></tr><tr><td>mutual_tls</td><td><code>bool</code></td><td><code>false</code></td><td>Whether or not to use mutual TLS authentication.</td></tr><tr><td>cert_file</td><td><code>string</code></td><td></td><td>A TLS certificate used for client authentication.</td></tr><tr><td>key_file</td><td><code>string</code></td><td></td><td>A TLS private key used for client authentication.</td></tr></tbody></table>

<mark style="color:red;">\*</mark>*<mark style="color:red;">required field</mark>*


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.bindplane.com/integrations/sources/bindplane-audit-logs.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.