Skip to main content
POST
/
v2
/
enterprise.compliance.export.create
CreateExport
curl --request POST \
  --url https://api.manus.im/v2/enterprise.compliance.export.create \
  --header 'Content-Type: application/json' \
  --header 'X-API-Key: <api-key>' \
  --data '
{
  "user": "114504",
  "session_uid": "5YX76pz7Dga3yztNVw97Dh",
  "start_time": "2023-11-07T05:31:56Z",
  "end_time": "2023-11-07T05:31:56Z",
  "event_names": [],
  "include_payload": false,
  "reason": "quarterly compliance review"
}
'
{
  "ok": true,
  "request_id": "<string>",
  "uid": "<string>",
  "created_at": "2023-11-07T05:31:56Z"
}
Questions or issues? Contact us at api-support@manus.ai.
Auth: Requires a SIEM enterprise API key (X-API-Key).Async: Returns immediately with COMPLIANCE_EXPORT_STATUS_PENDING. Poll enterprise.compliance.export.detail until status is COMPLIANCE_EXPORT_STATUS_COMPLETED, then call enterprise.compliance.export.downloadUrl.Filters: user (user ID), session_uid, start_time (inclusive), end_time (exclusive), and event_names are all optional. Omit them to export every captured event across your enterprise’s teams.Payloads: Set include_payload=true to embed chat text, tool arguments, and tool results. Payloads exist only for Tier 2 data (requires a signed SIEM DPA); for Tier 1 (metadata-only) capture this flag has no effect.Concurrency: One export at a time per enterprise. Creating a new export while another is PENDING or PROCESSING returns failed_precondition.Audit: reason is logged for compliance review — supply a meaningful value.Output: The archive is a ZIP containing a single events.ndjson file. See Record format.Protocols: Also callable via Connect RPC. See Protocols.

Authorizations

X-API-Key
string
header
required

Body

application/json
user
string

Filter to a single user by user ID. Omit to include all users across your enterprise's teams.

Example:

"114504"

session_uid
string

Filter to a single session (task). Omit to include all sessions.

Example:

"5YX76pz7Dga3yztNVw97Dh"

start_time
string<date-time>

Lower time bound (RFC3339), inclusive. Only events with occurred_at on or after this time are included.

end_time
string<date-time>

Upper time bound (RFC3339), exclusive. Only events with occurred_at strictly before this time are included.

event_names
enum<string>[]

Filter by event type. Omit to include all four event types.

Type of audit event. Each maps to one step of an agent session: USER_CHAT (the user's message), AGENT_REPLY (the agent's response), TOOL_CALL (a tool invocation with its arguments), TOOL_RESULT (the result returned by a tool).

Available options:
EVENT_NAME_UNSPECIFIED,
EVENT_NAME_USER_CHAT,
EVENT_NAME_AGENT_REPLY,
EVENT_NAME_TOOL_CALL,
EVENT_NAME_TOOL_RESULT
include_payload
boolean
default:false

When true, embed each event's payload (chat text, tool arguments, tool results) in the export. Payloads are only available for events captured at Tier 2 (requires a signed SIEM DPA); for metadata-only (Tier 1) data this has no effect.

reason
string

Reason for the export. Logged for compliance auditing — supply a meaningful value.

Example:

"quarterly compliance review"

Response

Export task created successfully.

ok
boolean

Whether the request was successful.

Example:

true

request_id
string

Unique identifier for this API request, useful for debugging.

uid
string

Unique identifier of the export task. Use it with enterprise.compliance.export.detail and enterprise.compliance.export.downloadUrl.

status
enum<string>

Initial status. Always COMPLIANCE_EXPORT_STATUS_PENDING for a freshly created task.

Available options:
COMPLIANCE_EXPORT_STATUS_UNSPECIFIED,
COMPLIANCE_EXPORT_STATUS_PENDING,
COMPLIANCE_EXPORT_STATUS_PROCESSING,
COMPLIANCE_EXPORT_STATUS_COMPLETED,
COMPLIANCE_EXPORT_STATUS_FAILED
created_at
string<date-time>

Task creation time (RFC3339).