API Request Logs
API Request Logs capture the outbound HTTP requests Agent Handler makes to a third-party provider while completing a tool call — the actual POST https://slack.com/api/chat.postMessage behind a slack__post_message, with the exact request and response on the wire. Each one is correlated to the tool call it was made for, so you can go from a Tool Call Log straight to the raw provider exchange that produced it.
Where Tool Call Logs show what the agent did — arguments, result, redactions, status — API Request Logs show what Agent Handler sent to the provider and what came back: the layer underneath.
When to look at API Request Logs vs Tool Call Logs
What’s captured
Per request:
- Method and URL - the provider endpoint, like
POST https://slack.com/api/chat.postMessage. - Tool call - the
toolcall_idthis request was made for, linking back to its Tool Call Log. - Connector and tool - which Connector and tool triggered the request.
- Status code - the provider’s HTTP response status.
- Latency - time from request sent to response received.
- Request body and headers - post-redaction; credential headers (
Authorization, API keys, cookies) are scrubbed. - Response body and headers - post-redaction.
- Timestamp.
Filtering
The filter bar covers:
- Method (GET / POST / PUT / PATCH / DELETE).
- Status - success only, errors only, or a specific code.
- Connector and tool name.
- Tool call - narrow to the requests made for one tool call.
- Date range.
A common debugging shape: “all 4xx/5xx responses from the slack Connector in the last hour.”
Drilling into a request
Click any row to open the full detail. You see:
- The full request URL with query parameters.
- The request headers (
Authorizationand other credentials redacted) and the full request body. - The full response status, headers, and body.
- A link back to the parent Tool Call Log via
toolcall_id, so you can see the agent-facing arguments and result alongside the wire exchange.
Pulling them programmatically
The same records are available from the GET /api/v1/logs/api-calls/ endpoint, so you can pull them into your own systems or stream them into a SIEM. The endpoint serves the last 30 days, ordered oldest-first, with cursor pagination — see Stream logs to a SIEM for per-platform setup and the API reference for the full schema. It’s an Enterprise feature; contact your account team to enable it.
Next
Track admin actions across your organization with the Audit Trail.