Get the list of event log entries main.eventlog.list

If you are developing integrations for Bitrix24 using AI tools (Codex, Claude Code, Cursor), connect to the MCP server so that the assistant can utilize the official REST documentation.

Scope: main

Who can execute the method: administrator

The method main.eventlog.list returns a list of event log entries based on specified conditions.

Method Parameters

Required parameters are marked with *

Name
type

Description

select
array

List of fields to return in the response.

Available fields:

  • id — log entry identifier
  • timestampX — date and time of the event
  • severity — importance level of the event
  • auditTypeId — type of event
  • moduleId — module identifier
  • itemId — object identifier
  • remoteAddr — IP address
  • userAgent — request User-Agent
  • requestUri — request URI
  • siteId — site identifier
  • userId — user identifier
  • guestId — guest identifier
  • description — event description

filter
array

Conditions for filtering entries in the format:

  • ["field", "operator", value]
  • ["field", value], default operator =

Available fields are similar to those in select.

More about filtering in REST 3.0

order
object

Sorting results in the format { "field": "value" }.

Available values:

  • ASC — ascending
  • DESC — descending

Available fields for sorting are similar to those in select.

pagination
object

Pagination parameters:

  • page — page number
  • limit — number of entries per page, default 50
  • offset — record offset. If page and limit are provided, the offset is calculated automatically

Code Examples

How to Use Examples in Documentation

The new API call differs by adding the /api/ parameter in the request:

https://{installation_address}/rest/api/{user_id}/{webhook_token}/main.eventlog.list

curl -X POST \
        -H "Content-Type: application/json" \
        -H "Accept: application/json" \
        -d '{"select":["id","timestampX","severity","auditTypeId","moduleId","itemId","userId","description"],"filter":[["timestampX",">=","2026-01-30T00:00:00+02:00"],["timestampX","<","2026-01-31T00:00:00+02:00"]],"order":{"id":"ASC"},"pagination":{"page":1,"limit":20,"offset":0}}' \
        https://**put_your_bitrix24_address**/rest/api/**put_your_user_id_here**/**put_your_webhook_here**/main.eventlog.list
        
curl -X POST \
        -H "Content-Type: application/json" \
        -H "Accept: application/json" \
        -d '{"select":["id","timestampX","severity","auditTypeId","moduleId","itemId","userId","description"],"filter":[["timestampX",">=","2026-01-30T00:00:00+02:00"],["timestampX","<","2026-01-31T00:00:00+02:00"]],"order":{"id":"ASC"},"pagination":{"page":1,"limit":20,"offset":0},"auth":"**put_access_token_here**"}' \
        https://**put_your_bitrix24_address**/rest/api/main.eventlog.list

The SDK does not yet support calls to the address /rest/api/. Use direct HTTP requests, for example, via curl or fetch.

try
        {
            const response = await $b24.callMethod(
                'main.eventlog.list',
                {
                    select: [
                        'id',
                        'timestampX',
                        'severity',
                        'auditTypeId',
                        'moduleId',
                        'itemId',
                        'userId',
                        'description'
                    ],
                    filter: [
                        ['timestampX', '>=', '2026-01-30T00:00:00+02:00'],
                        ['timestampX', '<', '2026-01-31T00:00:00+02:00']
                    ],
                    order: {
                        id: 'ASC'
                    },
                    pagination: {
                        page: 1,
                        limit: 20,
                        offset: 0
                    }
                }
            );
        
            const result = response.getData().result;
            console.log('Event log list:', result);
        }
        catch( error )
        {
            console.error('Error:', error);
        }

The SDK does not yet support calls to the address /rest/api/. Use direct HTTP requests, for example, via curl or fetch.

try {
            $response = $b24Service
                ->core
                ->call(
                    'main.eventlog.list',
                    [
                        'select' => [
                            'id',
                            'timestampX',
                            'severity',
                            'auditTypeId',
                            'moduleId',
                            'itemId',
                            'userId',
                            'description'
                        ],
                        'filter' => [
                            ['timestampX', '>=', '2026-01-30T00:00:00+02:00'],
                            ['timestampX', '<', '2026-01-31T00:00:00+02:00']
                        ],
                        'order' => [
                            'id' => 'ASC'
                        ],
                        'pagination' => [
                            'page' => 1,
                            'limit' => 20,
                            'offset' => 0
                        ]
                    ]
                );
        
            $result = $response
                ->getResponseData()
                ->getResult();
        
            echo 'Success: ' . print_r($result, true);
        
        } catch (Throwable $e) {
            error_log($e->getMessage());
            echo 'Error: ' . $e->getMessage();
        }

The SDK does not yet support calls to the address /rest/api/. Use direct HTTP requests, for example, via curl or fetch.

BX24.callMethod(
            'main.eventlog.list',
            {
                select: [
                    'id',
                    'timestampX',
                    'severity',
                    'auditTypeId',
                    'moduleId',
                    'itemId',
                    'userId',
                    'description'
                ],
                filter: [
                    ['timestampX', '>=', '2026-01-30T00:00:00+02:00'],
                    ['timestampX', '<', '2026-01-31T00:00:00+02:00']
                ],
                order: {
                    id: 'ASC'
                },
                pagination: {
                    page: 1,
                    limit: 20,
                    offset: 0
                }
            },
            function(result){
                console.info(result.data());
                console.log(result);
            }
        );

The SDK does not yet support calls to the address /rest/api/. Use direct HTTP requests, for example, via curl or fetch.

require_once('crest.php');
        
        $result = CRest::call(
            'main.eventlog.list',
            [
                'select' => [
                    'id',
                    'timestampX',
                    'severity',
                    'auditTypeId',
                    'moduleId',
                    'itemId',
                    'userId',
                    'description'
                ],
                'filter' => [
                    ['timestampX', '>=', '2026-01-30T00:00:00+02:00'],
                    ['timestampX', '<', '2026-01-31T00:00:00+02:00']
                ],
                'order' => [
                    'id' => 'ASC'
                ],
                'pagination' => [
                    'page' => 1,
                    'limit' => 20,
                    'offset' => 0
                ]
            ]
        );
        
        echo '<PRE>';
        print_r($result);
        echo '</PRE>';

Response Handling

HTTP Status: 200

{
            "result": {
                "items": [
                    {
                        "id": 443585,
                        "timestampX": "2026-01-22T02:52:25+02:00",
                        "severity": "SECURITY",
                        "auditTypeId": "USER_AUTHORIZE",
                        "moduleId": "main",
                        "itemId": "751",
                        "userId": 751,
                        "description": "{\u0022userId\u0022:751,\u0022requestId\u0022:\u00225636cd3e45c524c55a68a19dccb72c3b-0\u0022,\u0022method\u0022:\u0022external\u0022}"
                    },
                    // ...
                    {
                        "id": 443623,
                        "timestampX": "2026-01-22T05:21:51+02:00",
                        "severity": "SECURITY",
                        "auditTypeId": "USER_AUTHORIZE",
                        "moduleId": "main",
                        "itemId": "751",
                        "userId": 751,
                        "description": "{\u0022userId\u0022:751,\u0022requestId\u0022:\u002239aae4ca278ad75ca3dc631c7b4f8fe2-0\u0022,\u0022method\u0022:\u0022external\u0022}"
                    }
                ]
            },
            "time": {
                "start": 1769773532,
                "finish": 1769773532.960023,
                "duration": 0.9600229263305664,
                "processing": 0,
                "date_start": "2026-01-30T14:45:32+02:00",
                "date_finish": "2026-01-30T14:45:32+02:00",
                "operating_reset_at": 1769774132,
                "operating": 0
            }
        }

Returned Data

Name
type

Description

result
object

Object with response data

items
array

Array of log entry objects

items[]
object

Log entry object

id
integer

Log entry identifier

timestampX
datetime

Date and time of the event

severity
string

Importance level of the event

auditTypeId
string

Type of event

moduleId
string

Module identifier

itemId
string

Object identifier

remoteAddr
string

IP address

userAgent
string

Request User-Agent

requestUri
string

Request URI

siteId
string

Site identifier

userId
integer

User identifier

guestId
integer

Guest identifier

description
string

Event description

time
time

Information about the request execution time

Error Handling

HTTP Status: 400

{
            "error": {
                "code": "BITRIX_REST_V3_EXCEPTION_INVALIDPAGINATIONEXCEPTION",
                "message": "Cannot recognize pagination parameter `{\"limit\":\"abc\"}`"
            }
        }

Name
type

Description

error.code
string

String error code. Use it to identify the type of exception

error.message
string

Text description of the error

error.validation
array

Array with error details. Present only in data validation errors BITRIX_REST_V3_EXCEPTION_VALIDATION_REQUESTVALIDATIONEXCEPTION

error.validation[].field
string

Name of the field where the validation error occurred

error.validation[].message
string

Description of the error related to the specified field

Possible Error Codes

Access Errors

Error Code: BITRIX_REST_V3_EXCEPTION_ACCESSDENIEDEXCEPTION

Field

Error Description

How to Fix

-

Access denied

No administrator rights or missing scope main

Pagination Errors

Error Code: BITRIX_REST_V3_EXCEPTION_INVALIDPAGINATIONEXCEPTION

Field

Error Description

How to Fix

limit
offset
page

Cannot recognize pagination parameter #PAGE#

Provide numeric values. limit must not be equal to 0

Statuses and System Error Codes

HTTP Status: 20x, 40x, 50x

The errors described below may occur when calling any method.

Status

Code
Error Message

Description

500

INTERNAL_SERVER_ERROR
Internal server error

An internal server error has occurred. Please contact the server administrator or Bitrix24 technical support

500

ERROR_UNEXPECTED_ANSWER
Server returned an unexpected response

An internal server error has occurred. Please contact the server administrator or Bitrix24 technical support

503

QUERY_LIMIT_EXCEEDED
Too many requests

The request intensity limit has been exceeded

405

ERROR_BATCH_METHOD_NOT_ALLOWED
Method is not allowed for batch usage

The current method is not permitted for calls using batch

400

ERROR_BATCH_LENGTH_EXCEEDED
Max batch length exceeded

The maximum length of parameters passed to the batch method has been exceeded

401

NO_AUTH_FOUND
Wrong authorization data

Invalid access token or webhook code

400

INVALID_REQUEST
Https required

The HTTPS protocol is required for method calls

503

OVERLOAD_LIMIT
REST API is blocked due to overload

The REST API is blocked due to overload. This is a manual individual block; please contact Bitrix24 technical support to lift it

403

ACCESS_DENIED
REST API is available only on commercial plans

The REST API is only available on commercial plans

403

INVALID_CREDENTIALS
Invalid request credentials

The user associated with the access token or webhook used to call the method lacks the necessary permissions

404

ERROR_MANIFEST_IS_NOT_AVAILABLE
Manifest is not available

The manifest is not available

403

insufficient_scope
The request requires higher privileges than provided by the webhook token

The request requires higher privileges than those provided by the webhook token

401

expired_token
The access token provided has expired

The provided access token has expired

403

user_access_error
The user does not have access to the application

The user does not have access to the application. This means that the application is installed, but the portal administrator has restricted access to this application to specific users only

500

PORTAL_DELETED
Portal was deleted

The public part of the site is closed. To open the public part of the site on an on-premise installation, disable the "Temporary closure of the public part of the site" option. Path to the setting: Desktop > Settings > Product Settings > Module Settings > Main Module > Temporary closure of the public part of the site

Continue Learning

Previous
Overview of Methods
Next
Retrieve a Specific Event Log Entry